Online SHA512 Hash Generator

I have been working on this for a while and I just can't get a successful response from the server.All documentation for this can be found at the Bittrex Exchange Wesite

The main crux of the signature bit can be found under the heading Authentication

---

The hashing file I have been using can be found at Fundamentals on SourceForge. It is the one at the bottom called Fundamentals Hash 4.00.15

The reason I have been using this file is a very simple one, it seems to be the only one giving me a correct answer. Or should I say, it is giving me the correct answer compared to the result this Hashing Website is giving me.

I've tried using the Indy components to generate the correct hash, but it never seems to match the value from the website. Maybe I'm not using it correctly or the right libraries or something, but I will add the example for that as well that I created.(As I write this, I've just tested again, and it does seem like I am getting the right answer, go figure, maybe I am using a better OpenSSL library. Anyway, I will also put my INDY example down below as well).

---

function Test: String;const  FAPIKey = 'APIKEY';  FAPISecret = 'APISECRET';  FURL = 'https://bittrex.com/api/v1.1/account/getbalances?apikey=%s&nonce=%d';var  FPost, FSignature: String;  FNonce: Integer;  Response: TStringStream;  HTTP: TIdHTTP;  SSL:TIdSSLIOHandlerSocketOpenSSL;begin  Result := '';  FNonce := DateTimeToUnix(Now);  FPost := Format(FURL, [FAPIKey, FNonce]);  HTTP := TIdHTTP.Create;  try    SSL := TIdSSLIOHandlerSocketOpenSSL.Create(HTTP);    try      HTTP.IOHandler := SSL;      FSignature := SHA512DigestToHex(CalcHMAC_SHA512(FAPISecret, FPost));      HTTP.Request.CustomHeaders.AddValue('apisign', FSignature);      Response := TStringStream.Create;      try        HTTP.Get(FPost, Response);        Result := Response.DataString;      finally        Response := nil;      end;    finally      SSL := nil;    end;  finally    HTTP := nil;  end;end;

---

Prior to using this version for the hashing I was only ever getting '{"success":false,"message":"APISIGN_NOT_PROVIDED","result":null}'I finally moved on when I worked out the custom HTTP headers and am now getting'{"success":false,"message":"INVALID_SIGNATURE","result":null}'Could it be something simple as an invalid nonce, or one that is too old?Does everything look ok or am I missing some basic component settings for the INDY components?

---

function Test: String;const  FAPIKey = 'APIKEY';  FAPISecret = 'APISECRET';  FURL = 'https://bittrex.com/api/v1.1/account/getbalances?apikey=%s&nonce=%d';var  FPost, FSignature: String;  FNonce: Integer;  Response: TStringStream;  HTTP: TIdHTTP;  SSL:TIdSSLIOHandlerSocketOpenSSL;  FSHA512Hasher: TIdHMACSHA512;begin  Result := '';  if not LoadOpenSSLLibrary then exit;  FNonce := DateTimeToUnix(Now);  FPost := Format(FURL, [FAPIKey, FNonce]);  HTTP := TIdHTTP.Create;  try    SSL := TIdSSLIOHandlerSocketOpenSSL.Create(HTTP);    try      HTTP.IOHandler := SSL;      FSHA512Hasher := TIdHMACSHA512.Create;      try        FSHA512Hasher.Key := ToBytes(FAPISecret);        FSignature := Lowercase(ToHex(FSHA512Hasher.HashValue(ToBytes(FPost))));      finally        FSHA512Hasher := nil;      end;      HTTP.Request.CustomHeaders.AddValue('apisign', FSignature);      Response := TStringStream.Create;      try        HTTP.Get(FPost, Response);        Result := Response.DataString;      finally        Response := nil;      end;    finally      SSL := nil;    end;  finally    HTTP := nil;  end;end;

I need: password based encryption using sha512 digesting and 256 bit AES encryption with cbc and bc flags set.

Seems that algorithm should be like this: PBEWithSHA512AndAES256-CBC-BC

but in my local env I get error: org.jasypt.exceptions.EncryptionInitializationException: java.security.NoSuchAlgorithmException: no such algorithm: PBEWithSHA512AndAES256-CBC-BC for provider BC

my test code:

import java.security.Security;import org.bouncycastle.jce.provider.BouncyCastleProvider;import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;public class App {static {    Security.addProvider(new BouncyCastleProvider());}public static void main(String[] args) {    StandardPBEStringEncryptor mySecondEncryptor = new StandardPBEStringEncryptor();    mySecondEncryptor.setProviderName("BC");    // mySecondEncryptor.setAlgorithm("PBEWITHSHA256AND128BITAES-CBC-BC");    mySecondEncryptor.setAlgorithm("PBEWithSHA512AndAES256-CBC-BC");    mySecondEncryptor.setPassword("pass");    String myText = "Mindaugas";    String mySecondEncryptedText = mySecondEncryptor.encrypt(myText);    System.out.println(mySecondEncryptedText);    System.out.println(mySecondEncryptor.decrypt(mySecondEncryptedText));}}

PBEWITHSHA256AND128BITAES-CBC-BC - this algorithm works fine but I need sha512 and 256 bit AES...

I have installed extensions form: http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html

but still get this error: no such algorithm

I have a field in Mongodb that contains large amounts of user data.

I need to apply SHA256 or SHA512 to the contents of the field while keeping the original.

I need another field to be generated with the SHA values of the original field.

I would like to automate this task, does anybody have any suggestions?

From the documentation we have this:

The URL for accessing the API is as follows: https://www.ccedk.com/api/v1/api_method/api_action?api_params
where: api_method - this API method that is accessed; api_action - the action to be performed; and api_params - incoming request parameters.

It is required to send GET / POST-parameter nonce with incremental numerical value [timestamp unix], which should not be less than the current timestamp, rounded up to the third digit to the lower side and no more current timestamp unix.

Authorization is performed by sending to the server the following headings:

Key - The public key, it is necessary to take the user's profile settings

Sign - POST data (param = val ... paramN = valN), signed by the secret key HMAC-SHA512, secret key is also necessary to take in the user profile settings

And the target request criteria:

api_method/api_action:

POST balance/list

required parameter:

*nonce=<\d{10}>

Here is my code so far. My issue is that I keep getting a 405 response. I am not sure how to sign this properly. I am running this in Python 3. Any thoughts on what needs to be changed?

from time import timeimport urllib.parseimport hashlibimport hmacimport jsonAPIKey = b'ZYXABCXYZABC'secret = b'abcxyzabcxyz'payload = {'nonce': int(time() * 1000)}paybytes = urllib.parse.urlencode(payload).encode('utf8')sign = hmac.new(secret, paybytes, hashlib.sha512).hexdigest()headers = {'Key': APIKey, 'Sign': sign}r = requests.post('https://www.ccedk.com/api/v1/balance/list', headers=headers, params = payload)print(r)

I recently got in trouble with saving user data in a MySQL-Database and i looked for methods in hashing Passwords to save them in a DB.

Til Yesterday i saved them unsalted as a md5-Hash, but google told me to stop immediately with it. So i changed my Method.

I add to the User-Password his First/Last name and his Username as salts and hash them with SHA512 in PHP and save it in the MySQL-DB.

But i looked for other, more common uses for that and like many sites tole me, SHA is amde for fast-Hashing and it isnt secure enough for Passwords, i should better use things like bcrypt.

So my question is, is sha512 with salts really that bad at Password-Hashing, so they get cracked easily with Rainbow-Tables or simple brute-Force? I thought sha512 is pretty safe

And how do i use the bcrypt-hashfunction in PHP? I didnt found a solution, that worked for me. Curently on my register.php i safe them like that:

$passwordHash = hash('sha512', $password . $vName . $nName . $username);$result = mysqli_query($connect, "Insert into Accounts Values ('$username', '$passwordHash', '$email', '$vName', '$nName', $zip, '$ort', '$street', $hNr, '$telVor', '$tel')");

But how do i use bcrypt?

Thx!