1

These 2 variables will have the same visible content

  x_sign1="aabbccdd_and_somthing_else"

  var1="...."
  [........]
  x_sign2=$(echo -n "${var1}${var2}${var3}" | shasum -a 256)
  echo $x_sign2

  ====> 
  aabbccdd_and_somthing_else -

Note the "-" in the end.

However, their lengths will be different. Even though the x_sign2 doesn't contain a new line symbol. To ensure this:

  x_sign22=$(echo -n "${var1}${var2}${var3}" | shasum -a 256 | tr -d '\n')

But:

  echo ${#x_sign1}
  ====> 64
  And:

And:

  echo ${#x_sign2}

  ====> 67

  echo ${#x_sign22}

  ====> 67

The difference is 3 symbols. The visible content is identical.

Also, when I make a request via curl to a REST API which needs that value of a signature, x_sign1 always succeeds, whereas x_sign2 doesn't -- "wrong signature"

Why? How to fix that?

Immani
  • 11

1 Answers1

2
$ echo foo |shasum -a 256
b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c  -    
                                                                ^^

Note that there are two spaces in the output of shasum before the filename. When the input is taken from stdin, shasum prints a dash as the filename.

If you run echo foo | shasum | od -c you can check that, and see the newline at the end also. The newline, however, is removed by the command substitution, so removing it explicitly with tr doesn't do anything. (see here and here)

The two spaces and the dash are three characters that cause the difference in your counts.

To get just the hash, you could use parameter expansions to remove anything after the first space, e.g.:

$ h=$(echo foo | shasum -a 256)
$ h=${h%% *}
$ printf ">%s<\n" "$h"
>b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c<

The ${var%%pattern} expands to the value of var with the longest suffix matching pattern removed.

ilkkachu
  • 138,973