15

I've started using AWS Glacier, and noticed that it hashes the files using an algorithm called SHA-256 Tree Hash.

To my surprise, this algorithm is different from SHA-256, so I can't use the tools I'm used to, to compare hashes and verify file integrity.

Do you know a Windows tool, if possible integrated in the context menu, to compute the SHA-256 Tree Hash of a file?

I'd also accept a Linux command-line tool, as a second choice :-)

EEAA
  • 108,414
  • 18
  • 172
  • 242
BenMorel
  • 4,215
  • 10
  • 53
  • 81
  • http://stackoverflow.com/questions/12058011/reverse-tree-building-with-an-odd-number-of-children explains what the SHA-256 Tree Hash is, but I don't know of any ready-made programs to do it. – DerfK Sep 29 '12 at 20:35
  • 1
    Questions that are effectively requests for product recommendations are off-topic for ServerFault. Please see: http://blog.stackoverflow.com/2010/11/qa-is-hard-lets-go-shopping/ – Magellan Oct 08 '12 at 05:56
  • @Adrian Thanks. But I've read that link, and can't see how it relates to my question. I'm not asking for the *best tool* to do the job, but instead if such a tool *exists*, and where to find it. I've found the answer to my question anyway, so no worries. – BenMorel Oct 08 '12 at 18:35
  • The 'if exists and where to find it' part is what makes it a 'Shopping' question. If you have any questions about how that works, I definitely encourage you to visit Meta.Serverfault and inquire there. – Magellan Oct 08 '12 at 18:58
  • If a question distills to "I'm looking for $PRODUCT with $FEATURES" then it's a shopping Question. This one is "I'm looking for *a utility* with *SHA-256 Tree Hash capabilities*." – Chris S Oct 08 '12 at 19:03
  • Say I got your point, how/where should I have asked this question, then? – BenMorel Oct 08 '12 at 19:11
  • Years later... I am proposing a place for this type of question, and referencing this question as a good question without a home... http://area51.stackexchange.com/proposals/82757/cloud-computing-platforms?referrer=I67NTAGkhSwgCqb_Ka-8vA2 – Dan Ciborowski - MSFT Feb 04 '15 at 04:36

1 Answers1

13

After a bit more research, it looks like the concept of SHA-256 Tree Hash is something specific to Amazon Glacier, hence the difficulty to find any tool that supports it.

However, the Glacier documentation provides sample code to compute the hash, in Java and C#. Both compile into a command-line tool that computes the hash of the file given as an argument.

I just copied and pasted the C# code in the free Visual C# 2010 Express, compiled it, and I now have the command line tool I was looking for!

BenMorel
  • 4,215
  • 10
  • 53
  • 81
  • 2
    Just for future reference. There's also a Ruby gem that can be installed and used to calculate the SHA2-256 treehash sum: https://github.com/erichmenge/treehash – obaqueiro Oct 18 '14 at 17:07
  • 1
    Isn't the AWS tree hash just a [Merkle tree](https://en.wikipedia.org/wiki/Merkle_tree) with SHA-256? – David Ehrmann Jan 28 '15 at 06:05
  • 3
    I've created a Docker image to run this sample code: https://hub.docker.com/r/ggarnier/glacier-sha256-tree-hash/ – Guilherme Garnier Jun 26 '17 at 22:25
  • Here's a java repo that implements the example code from the AWS documentation: https://github.com/davesque/treehash. Just clone the repo, make sure you have the Java SDK installed, and do `make` on the command line. Then run `treehash ...`. – David Sanders Feb 07 '18 at 21:09
  • 2
    Here a pure bash implementation using openssl: https://github.com/tkb-/glaciertools – user1587520 Jul 13 '18 at 19:34
  • This question is a duplicate of: https://serverfault.com/questions/643222/how-to-generate-amazon-glacier-sha-256-tree-hash-for-a-file-locally Follow the above link for more detailed and up-to-date answers – Jason Sep 21 '18 at 02:08
  • @Jason The linked question is actually a duplicate of this one, coming 2 years later. It's actually funny that it has not been closed as well as a "*product recommendation*" as they like to call it. – BenMorel Sep 21 '18 at 09:30