With SHA1 algorithm being deprecated in 2021 2 do we have an NetSuite Professionals #suitescript

With SHA1 algorithm being deprecated in 2021.2, do...

Santosh

07/30/2021, 1:29 PM

With SHA1 algorithm being deprecated in 2021.2, do we have any third party crypto libraries which returns same digest as nlapiEncrypt does? Have gone through couple of modules. All of them are returning consistent results and the result is different from the NS digest. We have major impact due to SHA1 deprecation and we are looking for like to like match logic which returns same result as NS SHA1 does.

battk

07/30/2021, 1:49 PM

nlapiCheckPasswordField

scottvonduhn

07/30/2021, 1:51 PM

Why do you need to keep using SHA1, in particular Netsuite’s deprecated version? Do you have pre-calculated hashes that you are comparing against?

Santosh

07/30/2021, 2:00 PM

@*scottvonduhn* Yes, we have pre-calculated hashes and we use it as external id to identify records from other system. Now if sha1 is deprecated, will be difficult to match the record.

scottvonduhn

07/30/2021, 2:01 PM

Is the other system a different Netsuite account, or something else? Can the hashes be re-computed?

Santosh

07/30/2021, 2:07 PM

@scottvonduhn yes not NetSuite, it is Salesforce. We need an script to match the NetSuite nlapiEncrypt - SHA1 functionality

scottvonduhn

07/30/2021, 2:10 PM

Okay, but just curious, did you compute the hashes in netsuite then set the external id field in Salesforce from that? Usually you want to use hashes to validate things, not as a method of mapping multiple inputs to a unique value. Salesforce sObjects also have their own unique 18 character internal Ids, why not store and use those instead?

scottvonduhn

07/30/2021, 2:12 PM

If you really just want a mapping function, you should create your own so no one can deprecate it on you. Base it on a publicly available library/module as you can’t control what NetSuite does.

Santosh

08/02/2021, 4:48 PM

@scottvonduhn It was implemented long back in our integration. When NetSuite mentioned that sha1 will be deprecated, we noticed it and looking for backward compatible solution. Obv we should use any other algorithm or other library, but given we already have hashes with sha1 is there any way to get exact result as what nlapiEncrypt gives?

scottvonduhn

08/02/2021, 4:56 PM

I think you may need to reach out to Netsuite support. Their API’s are not open source, so they are really the only ones who know how the

nlapiEncrypt

function works. It could be using Java / JVM libraries, as all SuiteScript code is transpiled and run in a JVM. It could even be completely custom code. Netsuite might be willing to tell you how it is implemented, but then again maybe not, as they might see that as compromising security.

3 Views

Open in Slack

Previous Next