# SHA256.SHA256Digest A fixed-size SHA-256 digest produced by [`hash(data:)`](/documentation/OpenSSL/SHA256/hash(data:)) or [`hash(string:)`](/documentation/OpenSSL/SHA256/hash(string:)). ``` struct SHA256Digest ``` ## Overview A `SHA256Digest` wraps exactly 32 raw bytes (256 bits) — the output length fixed by [FIPS PUB 180-4](https://csrc.nist.gov/publications/detail/fips/180/4/final) and carried verbatim from `SHA256_Final`’s `md` buffer. The byte order matches the C routine: index 0 holds the most significant output byte, index 31 the least, matching every published test vector (RFC 6234, NIST CAVP). Instances are typically produced by the `static` `hash(_:)` family on [`SHA256`](/documentation/OpenSSL/SHA256). Callers rarely need [`init(rawValue:)`](/documentation/OpenSSL/SHA256/SHA256Digest/init(rawValue:)) directly, but it exists for round-tripping a stored digest (e.g. one that was base64-decoded from a Nostr event ID) back into a typed value. Digests are value types: equality is bytewise, and `Sendable` conformance allows safe sharing across concurrency domains. > Note: `Equatable` on this type defers to `Data`’s built-in > equality, which is **not** constant-time. Do not compare > secret-derived digests with `==` on a side-channel-sensitive > path; use a constant-time comparison primitive from your HMAC or > AEAD layer instead. See . > SeeAlso: ``doc://OpenSSL/documentation/OpenSSL/SHA256/hash(data:)``, ``doc://OpenSSL/documentation/OpenSSL/SHA256/hash(string:)``, > ``doc://OpenSSL/documentation/OpenSSL/SHA256/SHA256Digest/hexString``