SHA256() doesn't match sha256sum

Alan Partis

unread,

Apr 21, 2012, 1:19:18 PM4/21/12

to cryptop...@googlegroups.com

Should I expect that the output from CryptPP::SHA256().CalculateDigest()
for a given string match the output I get from the Linux sha256sum
program for the same string?

It seems to me that they should, but my simple program to implement
.CalculateDigest() does not provide the same digest result.

Can anyone help me understand why that is?

Thanks.

_______________________________________________________
Alan Partis
thundernet development group

Vadym Fedyukovych

unread,

Apr 21, 2012, 2:11:24 PM4/21/12

to Alan Partis, cryptop...@googlegroups.com

Is it anything like proverbial
echo "string" | sha256sum_prog
echo -n "string" | sha256sum_prog

> --
> You received this message because you are subscribed to the "Crypto++ Users" Google Group.
> To unsubscribe, send an email to cryptopp-user...@googlegroups.com.
> More information about Crypto++ and this group is available at http://www.cryptopp.com.

Alan Partis

unread,

Apr 21, 2012, 2:29:20 PM4/21/12

to Vadym Fedyukovych, cryptop...@googlegroups.com

On Sat, 21 Apr 2012, Vadym Fedyukovych wrote:

> Is it anything like proverbial
> echo "string" | sha256sum_prog
> echo -n "string" | sha256sum_prog

from the command line:

$ echo this |sha256sum

produces a 32-byte hex string "c18d ..."

On the other hand, when I pass a 32-byte message buffer containing "this"
followed by 28 nulls as follows:

CryptoPP::SHA256().CalculateDigest(digest, msg, 4)

I get an output digest containing a 32-byte hex string "1e87 ..."

I frankly have been expecting to see the same hex string come from both.
I'm still trying to track down the source for sah256_stream used by the
GNU coreutils to produce the sha256sum program, but no luck yet. I'm
guessing I may find my answer there, unless someone here can shed some
light.

My expectation is that the SHA256 hash algorithm is a deterministic
standard i.e. no matter who does it, the SHA256 hash for the string "this"
should always produce the same digest by definition. I'm just trying to
validate my simple little SHA256 hash program by comparing its resulting
digest with the output from sha256sum. Given that they differ, one of the
following MUST be true:

1. they SHOULDN'T match for some reason (I'm hoping someone here can
explain)

2. my simple program is an incorrect implementation of
SHA256.CalculateDigest()

-ap

Geoff Beier

unread,

Apr 21, 2012, 2:39:56 PM4/21/12

to Alan Partis, cryptop...@googlegroups.com

On Sat, Apr 21, 2012 at 14:29, Alan Partis <alpa...@thundernet.com> wrote:
> $ echo this |sha256sum
>
> produces a 32-byte hex string "c18d ..."
>
> On the other hand, when I pass a 32-byte message buffer containing "this"
> followed by 28 nulls as follows:
>
> CryptoPP::SHA256().CalculateDigest(digest, msg, 4)
>
> I get an output digest containing a 32-byte hex string "1e87 ..."

You mean like this?

$ echo this |openssl dgst -sha256
c18d547cafb43e30a993439599bd08321bea17bfedbe28b13bce8a7f298b63a2
$ echo -n this |openssl dgst -sha256
1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408

As the last reply pointed out, pay attention to the -n.

On my system, the first is hashing 5 bytes:
0x74, 0x68, 0x69, 0x73, 0x0A
while the second is hashing the 4 bytes
0x74, 0x68, 0x69, 0x73

HTH,

Geoff

Alan Partis

unread,

Apr 22, 2012, 12:58:56 AM4/22/12

to Geoff Beier, cryptop...@googlegroups.com

OK, I see. There's a line feed in the string I'm hashing with sha256sum
and, of course, there isn't one in my simple sample. Drat! I'm not sure
when I would have seen that on my own.

At least that answers my question: there should NOT be any difference
between the output of sha256sum and the Cryptopp::SHA256().CalculateDigest
function. Sanity has been restored.

-ap

Reply all

Reply to author

Forward