slog2_hash()

Updated: April 19, 2023

Convert an input string into an obfuscated non-reversible hash string

Synopsis:

#include <sys/slog2.h>

int slog2_hash( slog2_hash_expiry_t expiry,
                const char *input,
                size_t output_size,
                char *output_hash );

Arguments:

expiry
The (approximate) length of time that the hash will be consistent; one of:
  • SLOG2_HASH_EXPIRY_ONE_DAY
  • SLOG2_HASH_EXPIRY_ONE_WEEK
  • SLOG2_HASH_EXPIRY_ONE_MONTH
input
A null-terminated input string to be hashed (e.g., personally identifiable information such as an email address or user ID).
output_size
The size of the output buffer.
output_hash
A location where the function can store the obfuscated identifier string, including a terminating null character.

Library:

libslog2-extra

Use the -l slog2-extra option to qcc to link against this library.

Description:

The slog2_hash() function converts an input string into an obfuscated non-reversible hash string containing only numeric literals. You could use this function to obscure information (e.g., email addresses) that might still be useful to include in logs.

The output string can be any desired length, depending on use. If there are many possible input strings, you can help ensure uniqueness of the hash by using the same length of input and hash strings. This function creates identical hash values for a given input string, even if called multiple times inside the expiry window by any process.

Because this function depends on the random number generator, make sure that /dev/random is running before you start slogger2.

Note: The rollover time isn't defined; a one-week expiry could still change in a couple of minutes, but then would be consistent for the full week after that. Restarting your system makes all hashes expire (i.e., expiry dates aren't persistent).

Returns:

0 on success, or -1 if an error occurred (errno is set).

Errors:

EINVAL
The input or output strings are NULL, or their lengths are invalid.
ENOENT
The cryptography library couldn't be opened.
ENXIO
The cryptography library couldn't be initialized.

Examples:

char loghashstr[10+1];

const char *loghash(const char *str) {
        if (slog2_hash(SLOG2_HASH_EXPIRY_ONE_MONTH,
                                   str,
                                   sizeof(loghashstr),
                                   loghashstr) == -1)
                return "<hash failed>";
                
        return loghashstr;
}

Classification:

QNX Neutrino

Safety:  
Cancellation point No
Interrupt handler Yes
Signal handler Yes
Thread Yes