There is no such thing as ''sha2''. The title is intended to cover the family of hashing algorithms ''beyond [sha1]''. The [sha1] secure hash algorithm produces a digest of 160 bits. This provides 80 bits of security against collisions given the birthday attack (ref). An updated document from NIST [http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf] specifies a new family of secure hashing algorithms with longer digest lengths, specifically SHA-256, SHA-384, and SHA-512. An additional update also specifies SHA-224 [http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf]. [tcllib] now includes a pure-tcl implementation of SHA-224 and SHA-256. For comparison, here are some timing data for the pure-Tcl implementation of all the digests in [tcllib] md4 time: 248 microseconds per iteration using tcl md5 time: 275 microseconds per iteration using tcl sha1 time: 409 microseconds per iteration using tcl rmd128 time: 410 microseconds per iteration using tcl rmd160 time: 679 microseconds per iteration using tcl sha224 time: 880 microseconds per iteration using tcl sha256 time: 894 microseconds per iteration using tcl ---- [RLH] - I have the latest ActiveTcl 8.4.9 and I do not see anything about SHA-256/384/512 in the docs. Were those added after the 8.4.9 release? addendum: I installed 8.5 and no sign in the docs about the other SHA stuff. [PT] 22-Feb-2005: When I say 'now' above I actually mean today - 22 Feb 2005. You can grab the CVS sources from cvs -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/tcllib co tcllib/modules/sha1 until we create a new release. ---- [LV] 2007 Jan 31 In the latest tcllib, I see a file called tcllib/modules/sha2/sha256.tcl . The top of the page talks about sha1, and the code appears to implement the 224 and 256 bit algorithms. The longer codes don't appear to be there yet. I also don't see anything in the doc pages. Of course, right now, a competition for sha3 is in the works, so perhaps someone stopped because the older stuff have been challenged. ---- See also [sha1], [md4], [md5], [ripemd], [cryptkit] ---- See http://code.wikia.com/wiki/SHA_checksum for a place where a Tcl enthusist might consider adding an example of the use of the tcllib module to calculate a sha checksum. Documentation: https://core.tcl.tk/tcllib/doc/trunk/embedded/www/tcllib/files/modules/sha1/sha256.html ---- '''[EL] - 2017-08-08 18:53:04''' Missing parts of sha and crypto in general can easily be added in with https://github.com/prs-de/ffidl%|%ffidl%|% and https://www.openssl.org/%|%openssl%|% (or any other C based crypto library). I did this for HMAC-SHA512, with the following lines: file: openssl_mac-0.1.tm ====== # # ffidl wrapper for openssl sha algorithms # package require Tcl 8.6 package require Ffidl 0.7 package require Ffidlrt 0.2 namespace eval openssl { # # library hooks and definitions # namespace eval dll { variable CRYPTODLL [if {$::tcl_platform(platform) eq "windows"} { subst libeay32.dll } else { subst libcrypto[info sharedlibext] }] ffidl::callout evp_sha512 {} pointer [ffidl::symbol $CRYPTODLL EVP_sha512] ffidl::callout hmac \ {pointer pointer-byte int pointer-byte int pointer-var pointer-var} {unsigned char} \ [ffidl::symbol $CRYPTODLL HMAC] } ;# namespace openssl::dll # # procedures # ## computes the hmac512 of given data with given key proc hmac512 {key data args} { set mdPtr [binary format x64] set mdlenPtr [binary format x[ffidl::info sizeof int]] set key [binary format a* $key] set data [binary format a* $data] set r [dll::hmac [dll::evp_sha512] $key [string len $key] $data [string len $data] mdPtr mdlenPtr] binary scan $r [ffidl::info format {unsigned char}] ret if {$ret == 0} { throw {OPENSSL HMAC} "hmac512 returned NULL" } binary scan $mdlenPtr [ffidl::info format unsigned] mdlen binary scan $mdPtr a[set mdlen] md if {[lsearch $args -b64] < 0} { return $md } binary encode base64 $md } } ;# namespace openssl ====== Usage: ====== package require openssl_sha 0.1 set base64_encoded_hmac_hash [openssl::hmac512 key data -b64] ====== Of course there is much more that can be done, i.e. other sha algorithms, certificates, ... <> Package | Tcllib | Cryptography