sha

问题 Here is an algorithm in Java: public String getHash(String password, String salt) throws Exception { String input = password + salt; MessageDigest md = MessageDigest.getInstance(SHA-512); byte[] out = md.digest(input.getBytes()); return HexEncoder.toHex(out); } Assume the salt is known. I want to know the time to brute force for when the password is a dictionary word and also when it is not a dictionary word. 回答1: In your case, breaking the hash algorithm is equivalent to finding a collision

问题 If you're going to build, say, a directory structure where a directory is named for a commit in a Git repository, and you want it to be short enough to make your eyes not bleed, but long enough that the chance of it colliding would be negligible, how much of the SHA substring is generally required? Let's say I want to uniquely identify this change: https://github.com/wycats/handlebars.js/commit/e62999f9ece7d9218b9768a908f8df9c11d7e920 I can use as little as the first four characters: https:/

问题 I'm using SHA-512 to hash my passwords (with a salt ofcourse). I don't think that what I want is possible, but let's ask anyway. Is there a way to check if a string is a SHA-512 (or another algorithm) hash already? When a user logs in, I want to do a check on his password. If it's still in plain text, it should get converted to a secure form. 回答1: Your task is extremely simple and require no strings checking. Just compare entered password with stored one first. If matched - here it is, a

问题 I have a dedicated web server which runs CentOS 6.6 I am running some script that uses Python SHA module and I think that this module is deprecated in the current Python version. I am consider downgrading my Python installation so that I can use this module. Is there a better option? If not, how should I do it? These are my Python installation details: rpm-python-4.8.0-38.el6_6.x86_64 dbus-python-0.83.0-6.1.el6.x86_64 gnome-python2-2.28.0-3.el6.x86_64 gnome-python2-canvas-2.28.0-3.el6.x86_64

问题 I am working on a VHDL implementation of the SHA-256 hash function. I have some 32-bit unsigned signals defined as such: SIGNAL a, b : UNSIGNED (31 downto 0); Within the specifications of the SHA-256 algorithm, it says addition must be performed modulo 2^32 in order to retain the 32-bit size in case of an overflow. Now, according to the answer to this question, it sounds like overflow is already handled with modular addition in VHDL: There is no overflow handling, the overflow carry is simply

问题 I am using NodeJS's bundled crypto module for SHA256 hashing on the server-side. On the client-side, I am using a javascript library called Crypto-JS. I am using SHA256 hashes for a login system that uses classical nonce-based authentication. However, my server-side and client-side hash-digests don't match up even when the hash-messages are the same (I have checked this). Even the length of the hash-digests are different. This is a snippet of my client-side implementation: var password_hash =

问题 Is there a way to change the PostgreSQL password encryption method from MD5 to SHA? If Yes, can you please tell me how? I am using PostgreSQL 9.5 回答1: Pg 10 With PostgreSQL 10, you can set password_encryption to scram-sha-256 . From the docs When a password is specified in CREATE ROLE or ALTER ROLE without writing either ENCRYPTED or UNENCRYPTED , this parameter determines whether the password is to be encrypted. The default value is md5, which stores the password as an MD5 hash. Setting this

问题 I'm using jsSHA 1.3.1 which I downloaded here and used in learning project on my localhost. It gives a slightly different result than the copy I got by referring to the remote as follows: <script src="https://raw.github.com/Caligatio/jsSHA/master/src/sha1.js"></script> The remote copy works well for me, now, thanks to this excellent answer by @Andreas here. But it leaves me with a new question: what's the rationale for including a copy vs. referring to a remote js library? Is it like

问题 I have an application that creates a serial key as follows: Take customername Sign customername using privatekey and sha/dsa algorithm Then license can be checked by decoding with public key, and checking cuastomername matches This works okay except that the generated serial is rather long. So it is not really practical for customer to type in the serial key instead they have to provide a serial with in a file, which is rather different to how mist applications and work and is confusing. Many

问题 I was downloading the Download Android Studio and SDK Tools. There was written SHA-1 Checksum and its value given f9b59d72413649d31e633207e31f456443e7ea0b . My questions are: 1) What is the use of it? 2) How to test and verify it on Window and linux? Can I also make SHA-1 Checksum of any file? 回答1: 1) What is the use of it? In essence, hashing is a one-way (irreversible) process that takes some input data and produces a string - typically in hexadecimal - of a fixed length that uniquely*