0

I've downloaded a windows 10 OS and tested the sha256, compared to what they report for English international 64 bit (left hand side):

[ 06FD4A512C5F3E8D16F77CA909C4F20110329B8CDD5AD101E2AFC0D58B06D416 = 06fd4a512c5f3e8d16f77ca909c4f20110329b8cdd5ad101e2afc0d58b06d416 ] && echo "true"

after testing I noticed the capitalization is inverted. I always thought sha distinguishes capitals, but maybe I'm wrong. This SO post agrees though.

All SHA hashes are stored as capitals in the windows page.

Should I be bothered by that? I don't find any report regarding capitals in the man page for the sha256 command.

The way I evaluated the hash is using sha256sum <filename>.

sheldrake
  • 1
  • You can provide a hash to sha256sum and tell it to check for that instead of doing your own string comparison. I'd expect any sane tool to ignore capitalisation in hex numbers. – muru Apr 11 '22 at 15:55

1 Answers1

2

A SHA hash is usually given as the hexadecimal representation of the calculated hash; since it’s a hexadecimal number, case doesn’t matter.

If you store the hash in a file, followed by two spaces and the name of the file you wish to verify, you can use sha256sum -c to verify the hash, and it will ignore case in the hash itself (but not the hashed content):

$ printf "%s  %s\n" 06FD4A512C5F3E8D16F77CA909C4F20110329B8CDD5AD101E2AFC0D58B06D416 windows.iso > windows.sha
$ sha256sum -c windows.sha
Stephen Kitt
  • 434,908