Developing Hash Filter

release/20240425
English

Developing Hash Filter

Article Summary

Share feedback

Thanks for sharing your feedback!

Available in Classic and VPC

It describes how to use the Hash Filter REST API to write Hash Filter codes.

Note

Before developing Hash Filter, you need to subscribe to File Safer, subscribe to the API Gateway, and create an API Key. For more information, see Getting started with File Safer.

Hash Filter implementation scenario

The following describes the scenario for applying Hash Filter to files uploaded/downloaded by users:
filesafer-programming-hash_scenario_ko

1. Identify files suspected of being malware
2. Extract hash values from identified files
3. Create an authentication value
4. Add a request parameter
5. Request the API
6. Check the response value and determine whether to block

Write Hash Filter codes

Write codes according to the Hash Filter implementation scenario.

1. Identify files suspected of being malware

Among uploaded/downloaded files, identify those files which require a malware scan.

2. Extract hash values from identified files

Extract the hash value from the file. The following is an example JAVA code that extracts the hash value.

Note

The format of the hash value for each hash type is as follows:

SHA-1: displayed as a hexadecimal 40-bytes string
<Example> 3ec625cb2277d7334406ab712b69c4ceaf38bd82
MD5: displayed as a hexadecimal 32-bytes string
<Example> 8072fd6da170738c905cf362f787442b

public static String getHash(String filename, String algorithm) throws Exception
{
	MessageDigest md = MessageDigest.getInstance(algorithm);

	// file hashing with DigestInputStream
	DigestInputStream dis = new DigestInputStream(new FileInputStream(new File(filename)), md);

	// empty loop to clear the data
	while(dis.read() != -1);
	dis.close();

	// Get the hash's bytes
	byte[] hashBytes = md.digest();

	// bytes to hex
	StringBuffer sb = new StringBuffer();
	for(byte h : hashBytes) {
		sb.append(String.format("%02x", h));
	}

	return sb.toString();
}

public static void main(String[] args)
{
    try {
        // Get hash value of a file with SHA-1 Algorithm
        String sha1 = getHash("./test.exe", "sha-1");
        // Get hash value of a file MD5 Algorithm
        String md5 = getHash("./test.exe", "md5");
    } catch (Exception e) {
        e.printStackTrace();
    }
}

3. Create authentication value

Create an IAM authentication value required for the NAVER Cloud Platform API use authentication. The headers required for authentication are as follows:

x-ncp-iam-access-key: get the access key issued in the My page> Manage API authentication key menu of the NAVER Cloud Platform portal
x-ncp-apigw-signature-v2: create a signature value by HmacSHA256-encrypting the Secret Key mapped with the Access Key (Use \n for the newline character)
x-ncp-apigw-api-key: get the API Key issued through the API Gateway
x-ncp-apigw-timestamp: it is not an authentication value, but it is included in the request header. See API specifications.

Note

For information on how to create a signature value and example codes, see NAVER Cloud Platform API guide > API overview > Default API > Ncloud API > 2. Create headers.

4. Add a request parameter

Add the Hash Filter API request parameter value. The request parameters are as follows:

hashCode: add a hash value as a string
hashType: indicate the algorithm of the hash value (MD5 or SHA-1)

The following is an example of a created parameter.

hashCode=00010efc49b7174d18400710eed1642a7d4b12db&hashType=sha1

Note

For information on the Hash Filter REST API specifications, see checkHash (Hash Filter).

5. Request API

Use the header and parameter created in procedures 3 and 4 above to request it with the Hash Filter URI. The following is an example code for requesting the Hash Filter API.

public static void main(String[] args) throws Exception
{
	String accessKey = "ACCESS_KEY"; // access key (from portal or sub account)
    String apikey = API_GATEWAY_KEY;
	String apiDomain = "https://filesafer.apigw.ntruss.com";
	String method = "GET";
	long timestamp = System.currentTimeMillis();   
 
	// step 2, 3: Extract hash vlaue of a identified file then add parameter value including hash value and hash type
	String param = "hashCode=" + getHash("./test.exe") + "&hashType=sha1";
	// The apiURL is the value obtained by appending parameter to the end of URI string provided by Hash Filter.
	String apiURL = "/hashfilter/v1/checkHash?" + param;

	// step 4: Create authentication value
	String signature = makeSignature(method, apiURL, timestamp);

	// step 5: Request API
	URL url = new URL(apiDomain + apiURL);
	HttpURLConnection con = (HttpURLConnection)url.openConnection();
	con.setRequestMethod(method);
	con.setRequestProperty("x-ncp-apigw-timestamp", Long.toString(timestamp));
	con.setRequestProperty("x-ncp-iam-access-key", accessKey);
	con.setRequestProperty("x-ncp-apigw-signature-v2", signature);
    con.setRequestProperty("x-ncp-apigw-api-key", apikey);
	con.setRequestProperty("accept", "application/json");

	// step 6: Check the response value and determine whether to block
	int httpResponseCode = con.getResponseCode();
	BufferedReader br = null;
	if (httpResponseCode == 200) {
		br = new BufferedReader(new InputStreamReader(con.getInputStream()));

		String readLine;
		StringBuffer httpResponse = new StringBuffer();

		while((readLine = br.readLine())! = null) {
			httpResponse.append(readLine);
		}

		// Do next step (ex, determine whether to block)
		...

		br.close();
	}
}

Note

When using jdk20 or higher, you can use the URI method instead of the URL method.

6. Check the response value and determine whether to block

Process the file after looking at the object value of hashCheckResultList of the API call response value and determining the presence of malware.
If object is in hashCheckResultList, malware is detected, and otherwise there is no malware.

Was this article helpful?

What's Next

Develop File Filter

Table of contents

Hash Filter implementation scenario
Write Hash Filter codes