Skip navigation

Always hash keys

score 5
You have not voted. Below Review Threshold

Sometimes keys in BMC Discovery are partially or completely hashed, sometimes they are cleartext.

 

When integrating wird 3rd party tools, the BMC Discovery key is very important to uniquely identify data. Dealing with an unpredictable string length and special characters is a real problem in this case. For example the key of packages often contains special characters like copyright character and varies in terms of length.

 

This is an example where the key contains special characters:

Original KeyHashed Key

Intel(R) Chipset Device Software:10.1.18019.8144:::x86:Intel(R)_CorporationꝜ떹⠀耀CurrentVersion@Windows

70b02f36cb2547212a9c0f86bc504d85

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660:12.0.40660.0脝掸፶耀Wow6432Node:::x86:Microsoft_Corporation@Windows6e56852b9e154f720fced09f586f95ba

 

Keys should be hashed internally by the application instead of enforcing the customer to apply the hash function to every query.

Major advantages are that the key always has the same length and consists only of letters and numbers.

Comments

Vote history