43

sha1sum outputs a hex encoded format of the actual sha. I would like to see a base64 encoded variant. possibly some command that outputs the binary version that I can pipe, like so: echo -n "message" | <some command> | base64 or if it outputs it directly that's fine too.

mykhal
  • 3,061
  • 2
  • 18
  • 16
xenoterracide
  • 57,918
  • 74
  • 184
  • 250

5 Answers5

64

If you have the command line utility from OpenSSL, it can produce a digest in binary form, and it can even translate to base64 (in a separate invocation).

printf %s foo | openssl dgst -binary -sha1 | openssl base64 -A

-sha256, -sha512, etc are also supported.

Stéphane Chazelas
  • 522,931
  • 91
  • 1,010
  • 1,501
Gilles 'SO- stop being evil'
  • 807,993
  • 194
  • 1,674
  • 2,175
30

Since sha1sum doesn't provide an option for binary output you'll likely need to find an utility which does the opposite of od and pipe them. Taking suggestion by fschmitt to use xxd with 'reverse' and 'plain dump' flags it will look like this:

sha1sum | cut -f1 -d\ | xxd -r -p | base64

alex
  • 7,093
  • 6
  • 28
  • 30
  • awesome! This was hard to figure out from the documentation https://httpd.apache.org/docs/2.4/misc/password_encryptions.html which dont mention the necessarity of this step – phil294 Feb 18 '19 at 16:59
1

I'm not completely sure I understand what you want, but I think something like the following should work:

$ echo -ne "$(echo -n "message" | sha1sum | cut -f1 -d" " | sed -e 's/\(.\{2\}\)/\\x\1/g')" | base64

Basically, I take the hex output, use sed to make it a string of escaped hex values, and then use echo -en to echo the bytes into base64.

We can confirm that the final output corresponds to the same hash with the following exercise:

$ echo -n "message" | sha1sum 
6f9b9af3cd6e8b8a73c2cdced37fe9f59226e27d  -

$ echo -ne "$(echo -n "message" | sha1sum | cut -f1 -d" " | sed -e 's/\(.\{2\}\)/\\x\1/g')" | base64
b5ua881ui4pzws3O03/p9ZIm4n0=

$ echo -n "b5ua881ui4pzws3O03/p9ZIm4n0=" | base64 -d | xxd
0000000: 6f9b 9af3 cd6e 8b8a 73c2 cdce d37f e9f5  o....n..s.......
0000010: 9226 e27d                                .&.}

Visual inspection shows that our base64 value matches the original hex. Note that if you use hexdump rather than xxd you may have to play with the format settings a bit to get the output you expect.

Steven D
  • 45,310
  • 13
  • 119
  • 114
1

Perl has a base64 module (in the base distribution since 5.7.1).

echo foo | sha1sum | \
perl -MMIME::Base64 -ne '/^([[:xdigit:]]+)/ and print encode_base64(pack("H*",$1))'

If you have the Digest::SHA module (in the base distribution since 5.9.3), or the older Digest::SHA1 module, you can do the whole computation in perl. As of perl 5.10.1, b64digest doesn't pad the base64 output; if you need padding the easiest way is to use MIME::Base64.

perl -MDigest::SHA -e 'print Digest::SHA->new(1)->addfile(*STDIN)->b64digest'
perl -MMIME::Base64 -MDigest::SHA \
     -le 'print encode_base64(Digest::SHA->new(1)->addfile(*STDIN)->digest)'
Gilles 'SO- stop being evil'
  • 807,993
  • 194
  • 1,674
  • 2,175
0

Base64 encoded SHA256 hash became rather standard file checksum in OpenBSD recently.. It can be done just with adding -b option to the OpenBSD's sha256 (or sha1, sha512) command:

$ FILE=/dev/null
$ sha256 -q -b $FILE
47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=

or:

$ cksum -q -a sha256b $FILE
mykhal
  • 3,061
  • 2
  • 18
  • 16