How to generate a document digest using SHA-256

Owned by Antonio Filho
Last updated: Nov 15, 2023
2 min read

This section describes how to request a set of documents to be digitally signed using binary format. The base64-encoded SHA256 digest for each attached multipart file must be included in the body of the request in order for the service to validate that the document content in attachment hasn’t been spoofed.

Generate the digest of the document

The following procedure requires a Unix-based system.

You can achieve the same on Windows systems by installing the WSL.

For this example, we'll use the OpenSSL project.

  1. First, you must run the function responsible for calculating the sha256 of the document you want to sign.

    1. For this example, we put the contents of the command to calculate in a dummyWithSha256.txt file (in the attachment below the command):

openssl sha256 -binary dummy.pdf > dummyWithSha256.txt

Attachment:

 

 

 

2. After that, you must generate the base64 of the sha256 hash generated by the previous command.

a. For this example, we convert the dummyWithSha256.txt file generated with the sha256 hash into a dummyWithBase64.txt file with the base64 code to insert in the request (in the attachment below the command):

base64 -w 0 dummyWithSha256.txt > dummyWithBase64.txt

Attachment:

 

4. Finally, the base64 generated by these steps is the digest that must be inserted into the request.

 

Â