0

I created a file and input some random string into it.

touch tesseract && echo 'TestTestTestTestTest' > tesseract

Now if I use openssl to compute base64 hash [sha256], I run this:

cat tesseract | openssl dgst -sha256 | openssl base64 -A

which returns me

KHN0ZGluKT0gMzJjYjA1MTgzNDNhZmY2N2FlMmY5YzUwNDcwNGRiNGE5Njc5MzIyZWVlNTBmMjBiNTMzNjZlYTBiMDY2MWNlZgo=

Now I process this hash stepwise, as,

cat tesseract | openssl dgst -sha256 > partialHash

which gives me

(stdin)= 32cb0518343aff67ae2f9c504704db4a9679322eee50f20b53366ea0b0661cef

Let this hash be X. Then I do this,

echo '32cb0518343aff67ae2f9c504704db4a9679322eee50f20b53366ea0b0661cef' > partialHash
cat partialHash | openssl base64 -A

I get a different result. Why is that?

My reason for asking is because I use a binary, hashdeep which gives me hashes in form of 32cb0518343aff67ae2f9c504704db4a9679322eee50f20b53366ea0b0661cef and I wish to convert them to base64 encoded format as hashdeep is not capable of producing a base64 output. So I pipe the intermediate hash to openssl base64 -A, but obtain a different result.

What am I missing? How can I convert the non-encoded hash X [which is 32cb0518343aff67ae2f9c504704db4a9679322eee50f20b53366ea0b0661cef] to proper base64 encoded format?

For simplicity purpose, we can assume that X is present in a file,
created using echo '32cb0518343aff67ae2f9c504704db4a9679322eee50f20b53366ea0b0661cef' > file

Improve this question
1

1 Answer 1

Reset to default
4

You're not base-64 encoding the hash. You're base64-encoding the string

(stdin)= 32cb0518343aff67ae2f9c504704db4a9679322eee50f20b53366ea0b0661cef

(followed by a newline). Note the (stdin)= at the beginning. That's part of the string. That's going to have a different value than the base64 encoding of the string 32cb0518343aff67ae2f9c504704db4a9679322eee50f20b53366ea0b0661cef (followed by a newline).

If your goal is to get binary hashes (rather than their string encodings), then use the -binary option to openssl dgst.

I'm not familiar with hashdeep, but when you say "non-encoded hash," that's not what it's generating. It's generating a hex-encoded hash. By the looks of it you're really looking for a hex-to-base64 converter. You can do that along these lines:

echo '32cb0518343aff67ae2f9c504704db4a9679322eee50f20b53366ea0b0661cef' | xxd -r -p  | base64

xxd -r -p converts a hex-encoded string into raw data.

(If you're using openssl dgst, just make sure that you're using options that don't inject (stdin)= on the front. My version of openssl doesn't do this, so I'm not certain what flag you'll need.)

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Apologies for improperly​ phrasing the question. Thanks for understanding what I wanted to ask. I just tried it out and it worked perfectly. I was not familiar with xxd command. Thanks again.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.