Problem understanding SHA-256 [migrated]

I’m reading the paper here: https://csrc.nist.gov/csrc/media/publications/fips/180/4/final/documents/fips180-4-draft-aug2014.pdf

I’m on paper page 23 where they have two values for SHA-256 T1 and T2. while I understand the operations done. I don’t understand the bigger picture. Why do we need T1 and T2 in this case? What do the values T1 and T2 represent?

The paper define it as “T Temporary w-bit word used in the hash computation.” But why go through so many shifts and other operations?

How can I find a SHA-256 hash with a given suffix using hashcat?

Recently we competed in the X-MAS 2019 CTF and many of the challenges included a proof of work (PoW) check to avoid Denial of Service (DoS) attacks against their servers. The most common was we were given a 6 character suffix and asked to find anything where the hash ended in that suffix:

Provide a hex string X such that sha256(X)[-6:] = abcdef 

The suffix abcdef would change every time you connected to the server. An example of a correct response:

hash = e38450c7008711d86a4d6c2039c8633a1ed637281b96888d7d9ff257aaabcdef x = 4cbab1bbb03b4a10aef586b6 

Can this be done using hashcat?

Generating the base64 of sha256 of a file for Content Security Policy of a web page


The issue

I have a small private Apache2 web server running on Debian 10 Buster with security on my top list. Right now, I’m struggling with:

How to generate in the Linux terminal the base64-encoded sha256 of my CSS style sheet file styles.less for Content Security Policy?


Getting close

The closest I got was thanks to this comment made by sideshowbarker with command:

cat styles.less | openssl dgst -sha256 -binary | base64 

So far I only know that this part is ok:

cat styles.less | openssl dgst -sha256 

because the output SHA-256 hash sum equals to ordinary sha256sum command, as proved with:

$   cat styles.less | openssl dgst -sha256 (stdin)= 0d1095db21ec5177406ed074dadd59d8298f6f4f9ae870bf8d562feeb081ecb1  $   sha256sum styles.less 0d1095db21ec5177406ed074dadd59d8298f6f4f9ae870bf8d562feeb081ecb1  styles.less 

$   openssl version OpenSSL 1.1.1d  10 Sep 2019 

Any ideas welcome. Will be back shortly, be patient with comment replies, thank you.


Getting wrong output:

DRCV2yHsUXdAbtB02t1Z2CmPb0+a6HC/jVYv7rCB7LE= 

Chrome says it shall be (I hope I’m getting the right one):

OiTUxy1L7oqoB+m4jFzA6QMKYPBRZqHn9Z33xviiEFI= 

As it might be helpful now, here’s the direct link for that style sheet. Hope we solve it soon.

Using SHA-256 in policy INF file [migrated]

I have a CA policy inf file for an offline certificate request:

[Version]   Signature="$  Windows NT$  "   [PolicyStatementExtension]   Policies=InternalPolicy   [InternalPolicy]   OID=1.2.3.4.1455.67.89.5   Notice="Legal Policy Statement"   URL=https://pki.corp.contoso.com/pki/cps.txt   [Certsrv_Server]   RenewalKeyLength=2048   RenewalValidityPeriod=Years   RenewalValidityPeriodUnits=5   CRLPeriod=weeks   CRLPeriodUnits=1   LoadDefaultTemplates=0   AlternateSignatureAlgorithm=1   [CRLDistributionPoint]   [AuthorityInformationAccess] 

The certificate request is successful. But the certificates are using an old algorithm:

Signature algorithm: sha1RSA Signature hash algorithm: sha1 

How can I update the policy file to SHA-256?

Gravity formgenerate sha256 hash from a field

for authenticating on a remote API, i need to send a sha256 hash, that will be calculated from previous data entered in fields.

ie: field 1 username field 2: variable data input by user field 3: will be a hidden field that will concatenate input rom fields 1 & 2 (i will use merge tag for that

field 4 (named authhash) : i need it to auto generate hash256 from field 3 data; it will be a read only field, hidden

Can someone help with this case? Thansk a lot

Is sha256 a good function to derive keys from a secret of sufficient length and entropy?

Assuming I have a secret key of sufficient length and entropy (I get to decide the length and have a good random source).

I would like to generate 256 length keys by hashing the root key with the name of each key, ex:

key1 = sha256(rootKey +"key1")  key2 = sha256(rootKey +"key2")  ... keyN = sha256(rootKey +"keyN")  

Is the sha256 hash a good choice ?

If yes, what length should the root secret be ? I’m thinking 256 bit is pretty good, but it wouldn’t cost much to make it bigger…

Selecionar HASH Code SHA256 NodeJS

Como eu faço pra selecionar o código pra HASH no NodeJS?

Eu tenho um sistema feito em outra linguagem com senhas encryptadas com SHA256

A função de encryptação lá é assim:

#define HASH_CODE = 'WEASDSAEWEWAEAWEAWEWA'; SHA256_PassHash(HASH_CODE, password, 64); 

Primeiro parametro é o código da HASH, o segundo é o valor a ser encryptado e o terceiro é a base64

Consegui fazer encryptação no NodeJS, mas não tenho controle do código da HASH, então os sistemas não criam a mesma HASH, como eu faço pra selecionar o código da HASH ao registrar no NodeJS para que ele possa se comunicar com esse outro sistema?

const code = 'WEASDSAEWEWAEAWEAWEWA'; const normal = 'anne'; const crypto = require('crypto'); const encryptado = crypto     .createHash('sha256')     .update(normal)     .digest('base64'); console.log(encryptado);