Switching to SHA512 will hardly make your website more secure. You should not write your own password hashing function. Instead, use an existing implementation. SHA256 and SHA512 are message digests, they were never meant to be password-hashing (or key-derivation) functions. (Although a message digest could be used a building block for a KDF, such as … Read more
Encoding.Unicode is Microsoft’s misleading name for UTF-16 (a double-wide encoding, used in the Windows world for historical reasons but not used by anyone else). http://msdn.microsoft.com/en-us/library/system.text.encoding.unicode.aspx If you inspect your bytes array, you’ll see that every second byte is 0x00 (because of the double-wide encoding). You should be using Encoding.UTF8.GetBytes instead. But also, you will see … Read more
A sha256 is 256 bits long — as its name indicates. Since sha256 returns a hexadecimal representation, 4 bits are enough to encode each character (instead of 8, like for ASCII), so 256 bits would represent 64 hex characters, therefore you need a varchar(64), or even a char(64), as the length is always the same, … Read more
import hmac import hashlib import base64 dig = hmac.new(b’1234567890′, msg=your_bytes_string, digestmod=hashlib.sha256).digest() base64.b64encode(dig).decode() # py3k-mode ‘Nace+U3Az4OhN7tISqgs1vdLBHBEijWcBeCqL5xN9xg=’
echo will normally output a newline, which is suppressed with -n. Try this: echo -n foobar | sha256sum
MySQL has recently changed the default authentication type and, between MySQL and PHP, this change took quite a while to be supported by PHP. The old method was mysql_native_password and the new one is caching_sha2_password. PHP versions starting with 7.4 support the new method. Since this is related to PHP itself, phpMyAdmin supporting this method … Read more
Java openssl encryption / decryption key generation [duplicate]
The implementation could be like that public static String sha256_hash(String value) { StringBuilder Sb = new StringBuilder(); using (SHA256 hash = SHA256Managed.Create()) { Encoding enc = Encoding.UTF8; Byte[] result = hash.ComputeHash(enc.GetBytes(value)); foreach (Byte b in result) Sb.Append(b.ToString(“x2”)); } return Sb.ToString(); } Edit: Linq implementation is more concise, but, probably, less readable: public static String sha256_hash(String … Read more
SHA-256 isn’t an “encoding” – it’s a one-way hash. You’d basically convert the string into bytes (e.g. using text.getBytes(StandardCharsets.UTF_8)) and then hash the bytes. Note that the result of the hash would also be arbitrary binary data, and if you want to represent that in a string, you should use base64 or hex… don’t try … Read more
Technically, yes. Depending on what kind of key you have the answer gets more tricky. Edit (2019-Oct): .NET Core 3.0 has built-in support for all of these formats, in their DER-encoded (vs PEM-encoded) forms. I’m adding the .NET Core 3.0+ answers after a sub-heading within each file format. PKCS#8 PrivateKeyInfo (PEM “BEGIN PRIVATE KEY”) If … Read more