What is sha256sum?
sha256sum "是一个命令行工具,用于生成或检查文件的 SHA-256 哈希值。SHA-256 算法(256 位安全散列算法)是 SHA-2 系列加密散列函数的一部分。它能从输入文件或数据生成 256 位(32 字节)的散列值(或 “摘要”)。
`sha256sum` is a command-line utility used to generate or check SHA-256 hash values for files. The SHA-256 algorithm (Secure Hash Algorithm 256-bit) is part of the SHA-2 family of cryptographic hash functions. It generates a 256-bit (32-byte) hash value (or "digest") from an input file or data.
Key Aspects of `sha256sum`:
- 目的:它通常用于验证文件的完整性和真实性。通过比较文件传输(或下载)前后的哈希值,可以确保文件未被损坏或篡改。
- 使用案例:
- 验证下载(尤其是软件、ISO 映像等)。
- 确保备份数据的完整性。
- 检测文件修改。
- Purpose: It's commonly used to verify the integrity and authenticity of files. By comparing the hash value of a file before and after transfer (or download), you can ensure the file hasn't been corrupted or tampered with.
- Use Case:
- Verifying downloads (especially for software, ISO images, etc.).
- Ensuring data integrity for backups.
- Detecting file modifications.
How `sha256sum` Works:
- 该工具读取文件并计算其 SHA-256 散列值。
- 得到的哈希值是一个唯一的固定长度字符串(64 个字符),代表文件的内容。如果文件中哪怕只有一个比特发生变化,哈希值也会完全改变。
- The tool reads a file and computes its SHA-256 hash value.
- The resulting hash value is a unique, fixed-length string (64 characters long) that represents the contents of the file. If even a single bit in the file changes, the hash value will change completely.
Example of Using `sha256sum`:
1. Generate a SHA-256 hash for a file:
sha256sum filename
这将输出一个哈希值,然后是文件名。例如
This will output a hash value followed by the file name. Example:
$ sha256sum example.txt
d6a8b73c9c7954589ac2b2a9a3fbbff94a2c1dd79f1b8941636ffed7d707aa6f example.txt
2. Check file integrity:
通常情况下,当你下载文件(例如从网站下载)时,开发人员可能会提供一个文件,其中包含可下载内容的 SHA-256 哈希值。下载后,可以通过检查生成的哈希值是否与提供的哈希值一致来验证完整性。
根据存储的哈希值检查文件的哈希值:
- 保存所提供的哈希值(通常保存在`.sha256`文件中或下载文件中)。
- 然后使用以下命令:
Typically, when you download files (e.g., from a website), the developer may provide a file containing the SHA-256 hash values for the downloadable content. After downloading, you can verify the integrity by checking if the generated hash matches the provided hash.
To check the file's hash against a stored hash value:
- Save the hash value provided (often in a `.sha256` file or alongside the download).
- Then use the following command:
sha256sum -c checksumfile.sha256
This checks whether the hash of your downloaded file matches the expected hash.
Practical Example:
比方说,你下载了一个 Linux 发行版的 ISO 映像,网站提供了以下 SHA-256 哈希值:
Let's say you've downloaded an ISO image for a Linux distribution, and the website provides the following SHA-256 hash:
5e6b304fb3e30b1dc17e93098a7a3ec5e86e98c743ad3e6e1760bbdb4b48963e linux.iso
你可以使用以下方式验证下载:
You can verify your download using:
sha256sum linux.iso
如果输出的哈希值与提供的哈希值一致,则说明文件完好无损,未被篡改。
If the output hash matches the one provided, the file is intact and hasn't been tampered with.
sha256sum` 输出的格式:
- 第一部分是 SHA-256 哈希值。
- 第二部分是文件名。
Format of `sha256sum` Output:
- The first part is the SHA-256 hash.
- The second part is the filename.
Example:
d2d2d2d2d2d2d2d2d2d2d2d2d2d2d2d2d2d2d2d2d2d2d2d2d2d2d2d2d2d2d2 example.txt
Use Cases of `sha256sum`:
1. 验证文件完整性: 如果你正在下载文件,作者可以提供一个 “sha256sum ”值,这样你就可以检查文件是否在下载过程中被改动过。
2. 数据完整性检查: 对于备份,使用 SHA-256 哈希值可确保备份数据完整无损。
3. 安全性: 它通常用于加密应用,以确保敏感文件未被篡改。
1. Verifying file integrity: If you're downloading a file, the author can provide a `sha256sum` value so you can check whether the file was altered during download.
2. Data integrity check: For backups, using SHA-256 hashes ensures that the backed-up data is complete and uncorrupted.
3. Security: It’s often used in cryptographic applications to ensure that sensitive files haven't been tampered with.
总之,“sha256sum ”是一种广泛使用的工具,用于计算 SHA-256 哈希值、确保文件完整性以及验证文件在传输或存储过程中是否被篡改。
In summary, `sha256sum` is a widely used tool for computing SHA-256 hashes, ensuring file integrity, and verifying that files have not been altered during transfer or storage.
About the read mode
sha256sum --help
Usage: sha256sum [OPTION]... [FILE]...
Print or check SHA256 (256-bit) checksums.
With no FILE, or when FILE is -, read standard input.
-b, --binary read in binary mode
-c, --check read SHA256 sums from the FILEs and check them
--tag create a BSD-style checksum
-t, --text read in text mode (default)
-z, --zero end each output line with NUL, not newline,
and disable file name escaping
The following five options are useful only when verifying checksums:
--ignore-missing don't fail or report status for missing files
--quiet don't print OK for each successfully verified file
--status don't output anything, status code shows success
--strict exit non-zero for improperly formatted checksum lines
-w, --warn warn about improperly formatted checksum lines
--help display this help and exit
--version output version information and exit
The sums are computed as described in FIPS-180-2. When checking, the input
should be a former output of this program. The default mode is to print a
line with checksum, a space, a character indicating input mode ('*' for binary,
' ' for text or where binary is insignificant), and name for each FILE.
Note: There is no difference between binary mode and text mode on GNU systems.
GNU coreutils online help: <https://www.gnu.org/software/coreutils/>
Full documentation <https://www.gnu.org/software/coreutils/sha256sum>
or available locally via: info '(coreutils) sha2 utilities'
sha256sum “命令的 ”文本模式读取 “和 ”二进制模式读取 "之间的区别与处理文件内容的方式有关,特别是处理行结束符的方式。这种区别在 Windows 等系统上尤为重要,因为这些系统使用的行结束符与 Linux 或 macOS 不同。
The difference between "read in text mode" and "read in binary mode" for the `sha256sum` command relates to how the file's content is processed, specifically in the way line endings are handled. This distinction is especially important on systems like Windows, which uses different line endings than Linux or macOS.
1. Text Mode (`--text` or default on non-Windows systems)
- 目的: 在文本模式下,“sha256sum ”命令在读取文件时将行尾规范化为 Unix 格式(“\n”,换行)。
- 行为: 在行结束符不同的系统上(例如 Windows 使用 `\r\n` 作为行结束符),`sha256sum` 会在计算哈希值之前将回车 (`\r\n`) 转换为 Unix 风格的换行 (`\n`)。
- 使用案例: 使用文本模式时,需要考虑系统间行结束符的差异,或者在处理文本文件时,行结束符的规范化非常重要。但是,这不适用于二进制文件,因为对文件字节的任何修改(如行结束符转换)都会导致哈希值错误。
- Purpose: In text mode, the `sha256sum` command normalizes line endings to the Unix format (`\n`, newline) while reading the file.
- Behavior: On systems where line endings are different (e.g., Windows uses `\r\n` for line endings), `sha256sum` will convert the carriage return (`\r\n`) to a Unix-style newline (`\n`) before calculating the hash.
- Use Case: Use text mode when you expect line ending differences between systems, or when working with text files where normalization of line endings is important. However, this is not appropriate for binary files because any modification to the file’s bytes (like line ending conversions) would result in an incorrect hash.
Example:
- 在 Windows 上以文本模式读取文件时,`\r\n` 序列会在生成哈希值之前规范化为 `\n`。这种模式通常是 Linux 系统的默认模式。
- When reading a file in text mode on Windows, the `\r\n` sequence is normalized to `\n` before generating the hash. This mode is typically the default on Linux systems.
- To explicitly use text mode: 要明确使用文本模式
sha256sum --text filename
2. Binary Mode (`--binary`)
- 目的:在二进制模式下,“sha256sum ”会原封不动地读取文件,不会更改行尾或任何其他内容。这种模式对于非文本文件(如图像、可执行文件)或需要精确的字节对字节的哈希值时至关重要。
- 行为: 不转换行尾或任何其他数据。文件的原始字节被用于计算哈希值,这意味着无论行结束符如何不同,结果在不同系统中都是一致的。
- 使用案例: 在处理二进制文件(如图像、压缩文件、可执行文件)或需要哈希值在不同平台上精确地逐字节匹配(包括行尾的任何潜在变化)时,请使用二进制模式。
- Purpose: In binary mode, `sha256sum` reads the file exactly as it is, without altering line endings or any other content. This mode is essential for non-text files (e.g., images, executables) or when you want an exact byte-for-byte hash.
- Behavior: No conversion of line endings or any other data occurs. The file’s raw bytes are used to compute the hash, which means the result will be consistent across systems, regardless of differences in line endings.
- Use Case: Use binary mode when dealing with binary files (e.g., images, compressed files, executables) or when you need the hash to match precisely byte-for-byte across platforms, including any potential variations in line endings.
Example:
- 如果在 Windows 上以二进制模式读取文件,`\r\n` 序列将被按原样处理,不会发生转换。在所有使用二进制模式的系统中,哈希值都是一致的。
- If you read a file in binary mode on Windows, the `\r\n` sequence is treated as-is, and no normalization occurs. The hash value will be consistent across all systems that use binary mode.
- To explicitly use binary mode: 要明确使用二进制模式
sha256sum --binary filename
Example: Difference in Hash Results
如果在 Windows 上计算文本文件的哈希值,使用文本模式和二进制模式可能会因处理行尾而导致哈希值不同:
If you calculate the hash of a text file on Windows, using text mode vs. binary mode may result in different hash values due to the treatment of line endings:
1. Text Mode (with line ending conversion):
sha256sum --text myfile.txt
2. Binary Mode (exact file reading):
sha256sum --binary myfile.txt
如果 `myfile.txt` 包含 Windows 风格的行结束符 (`\r\n`),文本模式会将这些行结束符转换为 Unix 风格 (`\n`),从而产生与二进制模式不同的哈希值,二进制模式处理文件时不会进行修改。
If `myfile.txt` contains Windows-style line endings (`\r\n`), the text mode will convert those line endings to Unix-style (`\n`), resulting in a different hash from the binary mode, which processes the file without modification.
Key Takeaways:
- 文本模式在散列之前转换行结束符(Windows 上为“\r\n”),因此适用于在不同行结束符约定的系统间传输的文本文件。
- 二进制模式不进行任何转换,按原样读取文件,因此适用于二进制文件或需要在不同系统间使用一致的哈希值而不修改文件内容的情况。
- Text mode converts line endings (`\r\n` to `\n` on Windows) before hashing, making it suitable for text files that may be transferred between systems with different line ending conventions.
- Binary mode reads the file exactly as-is, with no conversions, making it appropriate for binary files or when you need consistent hashes across different systems without modifying the file’s content.
在大多数情况下,尤其是二进制文件或验证软件供应商提供的校验和时,应使用二进制模式以确保跨平台的一致性。
For most cases, especially with binary files or when verifying checksums provided by software vendors, you should use binary mode to ensure consistency across platforms.
扫一扫
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
