Archived Forum Post

Index of archived forum posts


SHA256 Hash using SALT

Jul 21 '15 at 16:54


I am trying to generate a SHA256-Hash using a given Salt. Here is my Powerubiler-Code (Powerscript):

loo_Crypt.HashAlgorithm = "sha256"

loo_Crypt.EncodingMode = "hex"

loo_crypt.salt = s_salt

ls_Hash = loo_Crypt.HashStringENC(ls_hash_me)

Problem: The salt has no influence on the hash. What am I missing?



The documentation for the Salt property mentions that it's for password based encryption (PBE), so I don't think it has any effect on hashing. See:

Salt *The salt to be used with password-based encryption (PBE). Password-based encryption is defined in the PKCS5 Password-Based Cryptography Standard at*

Instead I think the common practice is to combine your salt and secret data before hashing the combined data.

Another option would be to use the HashBeginBytes/HashBeginString , HashMoreBytes/HashMoreString, HashFinal/HashFinalEnc approach as follows:

  1. HashBeginBytes/String (depending on how your salt is stored) with the salt.
  2. HashMoreBytes/String (depending on how you secret data is stored) with the secret data.
  3. Call HashFinalENC to get the final encoded hash.


The Salt property is used in encryption when the CryptAlgorithm is set to "pbes1" or "pbes2". Also note that it is not used by the Pbkdf1 or Pbkdf2 methods, as the salt is passed in an argument to those methods.

Hashing data does not involve the automatic use of salt. If one SHA256 hashes "hello world" -- the input data is "hello world" and nothing else. Hash algorithms do not have salt in the definition/specification of the hashing algorithm.


Thanks for your answers!

However I still can't figure on how to solve the following task:

Here is an example of SHA-256 hash. Make sure to add the salt first, then the value when creating the hash. The result must be in hexadecimal format.



Clear text number to be hashed:


you should receive the following hash:



I just figured it out. This code seems to work:



ls_hash = loo_crypt.hashfinalenc()

One last question: the letters of the hash I am getting by calling hashfinalenc() are uppercase, the ones in my task are lowercase. Does that make a difference?