A text string containing the name of the hash algorithm to use with the GENERATE-PBE-KEY function to generate a password-based encryption key.

Data type: CHARACTER

Access: Readable/Writeable

Applies to: SECURITY-POLICY system handle

The method accepts the following values and corresponding hash algorithms in increasing order of security and decreasing order of performance:

  • "MD5" — RSA Message Digest Hash Algorithm (MD5). Provided for backward compatibility only and should not be used in new development.
  • "SHA-1" — United States Government Secure Hash Algorithm (SHA-1). Provided for backward compatibility only and should not be used in new development.
  • "SHA-256" — United States Government Secure Hash Algorithm (SHA-256)
  • "SHA-512" — United States Government Secure Hash Algorithm (SHA-512)

The default value is "SHA-1".

You are responsible for generating, storing, and transporting this value.

Note: If FIPS mode is enabled and an algorithm is specified that is not approved by the National Institute of Standards and Technology (NIST), such as "MD5", a warning message is issued.

See also

MESSAGE-DIGEST function