I'm making a php login, and I'm trying to decide whether to use SHA1 or Md5, or SHA256 which I read about in another stackoverflow article. Are any of them more secure than others? For SHA1/256, do I still use a salt?
Also, is this a secure way to store the password as a hash in mysql?
function createSalt(){ $string = md5(uniqid(rand(), true)); return substr($string, 0, 3);}$salt = createSalt();$hash = sha1($salt . $hash);
How to verify the hash of the bitcoin block #123456.
from hashlib import sha256header = "010000009500c43a25c624520b5100adf82cb9f9da72fd2447a496bc600b0000000000006cd862370395dedf1da2841ccda0fc489e3039de5f1ccddef0e834991a65600ea6c8cb4db3936a1ae3143991";print sha256(sha256(header).digest()).digest().encode('hex')
output:
d59eced1ded07f84c145592f65bdf854358e009c5cd705f5215bf18697fed103
but the actual hash is:
0000000000002917ed80650c6174aac8dfc46f5fe36480aaef682ff6cd83c3ca
What is going wrong here?
I'm trying to find a way to update a hashlib object based on the digest output from a different hashlib object. This sounds confusing, but essentially:
import hashlibpart1 = b'abcdefg'part2 = b'hijklmnop'# Normal wayhasher1 = hashlib.sha256()hasher1.update(part1)hasher1.update(part2)# Way I need to do it (different hashlib objects)hasher2 = hashlib.sha256()hasher2.update(part1)hasher3 = hashlib.sha256(hasher2.digest())hasher3.update(part2)print(hasher1.digest() == hasher3.digest()) # False, but I wish it was True
I had hoped that these two would return the same digest, but that is not the case. Any thoughts on how to "continue" a hash using a new hashlib object?
EDIT:My question was unclear, sorry. I need to be able to calculate the hash on a message block on one computer, then send the resulting hash to a second computer and "continue" the hash on the second computer with a second message block. So the flow is like:
hasher2 = hashlib.sha256()hasher2.update(part1)intermediate_result = hasher2.digest()### send intermediate result over some sort of connection ###hasher3 = hashlib.sha256(intermediate_result)hasher3.update(part2)final_result = hasher3.digest()
So because of this part in the middle where it has to go between two software programs, I can't use the .copy()
method.
I am trying to integrate to another person's web API, which obviously requires authentication. They have implemented this by having me generating a HMACSHA256 hash of the concatenated URI and body of my request and including it in the header to sign the request. So far so good. This is new territory for me, but I'm always willing to learn.
My application is written in the .NET framework, a mixture of VB and C#. They provided me with a secret, as well as a code snippet to generate the signature, written in scala - which is more new territory for me. I have been attempting to replicate this code in VB.NET. I think I've got this part correct, but I'm having issues.
One thing that's giving me problems is that, according to the scala snippet, the secret should be a base64 string - but the .NET FromBase64String() call does not recognize it as a base64 string. It contains odd characters for base64 - &, %, and ^. If I try to use the secret they provide directly, using just plain UTF8 encoding, the hashes thus generated are not correct. I am not sure if I should post the full secret here?
Here's the scala snippet I was given:
def fromBase64(data: String) = { parseBase64Binary(data) } def signRequest(secret: String, uri: String, body: Option[String], algorithm:String) : String = { val strToSign = if(body.nonEmpty) uri + body.get else uri val s = new SecretKeySpec(fromBase64(secret), algorithm) val m = Mac.getInstance(algorithm) m.init(s) printBase64Binary(m.doFinal(strToSign.getBytes("UTF-8"))) }
Here's my translated code:
Dim secretBytes As Byte() = FromBase64String(secret) Dim payload As String = url & body Dim payloadBytes As Byte() = UTF8.GetBytes(payload) Dim encodedBytes As Byte() Using enc As New HMACSHA256(secretBytes) encodedBytes = enc.ComputeHash(payloadBytes) End Using Dim encodedString As String = ToBase64String(encodedBytes)
Any help on what I might be doing wrong here would be greatly appreciated.
I need a method in c# which will provide 16 chars (128 bit) random byte as like openssl_random_pseudo_bytes method in php.
PHP code:
$method = 'aes-256-cbc';$ivlen = openssl_cipher_iv_length($method);echo $iv = openssl_random_pseudo_bytes($ivlen);
Output:
��I�> 6��n�k�2�
Σπίτι - Χάρτης - Μυστικότητα - Σύνδεσμοι - Copyright © 2019 Cortex IT Ltd : Επαφή : admin @ cortexit.co.uk
Please note that by viewing our site you agree to our use of cookies (see Μυστικότητα for details). You will only see this message once.