PassLok-Privacy icon indicating copy to clipboard operation
PassLok-Privacy copied to clipboard
Published 8 months ago verified publisher icon fruiz500

sha confirmation

Open RickCogley opened this issue 10 years ago • 2 comments

Hi - thank you for passlok, @fruiz500. Reading through the docs, I am trying to check the sha 256, but, it simply does not work. I tried the websites mentioned in the doc, and, copying the source to a file called passlok.html on my local drive and doing:

me@mine:~|⇒  shasum passlok.html
c37cc4b71900312d592a9c71677f41a19c1fb63b  passlok.html
me@mine:~|⇒  shasum -a 256 passlok.html
73502b5538af98213e653b7fa28c6b34ab05c1bc423f3c8e2a35d28880fe0417  passlok.html

How can I confirm the sha?

RickCogley avatar Feb 26 '16 06:02 RickCogley

Yes, I've found this to be finicky, too. Using the clipboard with the source is liable to introduce artifacts, especially in Chrome, which will lead to a changed hash. Locally hashing a true source file, obtained by ctrl-u, followed by save, rather than a "save as", which saves the code after the browser's interpretation of it, is the safest way, but some OSs (Windows) don't have built-in functions for it, hence the referral to web-based tools. And then, again, web-based hashes may have their own problems. Do you have a suggestion for the most reliable way to obtain a hash of the source code?

fruiz500 avatar Jun 21 '16 15:06 fruiz500

I haven't looked into it, as I didn't know that Chrome might produce artifacts. I'll put it in the queue to look at. --Rick

On June 22, 2016 at 00:50:37, fruiz500 ([email protected]) wrote:

Yes, I've found this to be finicky, too. Using the clipboard with the source is liable to introduce artifacts, especially in Chrome, which will lead to a changed hash. Locally hashing a true source file, obtained by ctrl-u, followed by save, rather than a "save as", which saves the code after the browser's interpretation of it, is the safest way, but some OSs (Windows) don't have built-in functions for it, hence the referral to web-based tools. And then, again, web-based hashes may have their own problems. Do you have a suggestion for the most reliable way to obtain a hash of the source code?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/fruiz500/passlok/issues/17#issuecomment-227483914, or mute the thread https://github.com/notifications/unsubscribe/AAfRSGDjlUYWX1jjeA3PMgwtbOirgTNMks5qOAhMgaJpZM4Hjhci .

This email message and any attachments are confidential, and are meant to be read by the intended recipient only. If you are not the intended recipient, we would request you delete this message or any attachments without reading or distributing, and kindly advise eSolia Inc. (contacts: esolia.com/about http://esolia.com/about). Thank you in advance.

RickCogley avatar Jun 21 '16 20:06 RickCogley