0

I try to Hash this password hoang1@H 3 times with 3 accounts by using SHA256. But when i write this password to file by using FileWriter and BufferedWriter, there are 3 different strings. Why ? Here are my code for SHA256 hashing:

 public byte[] getSHA(String input) throws NoSuchAlgorithmException { // Static getInstance method is called with hashing SHA MessageDigest md = MessageDigest.getInstance("SHA-256"); // digest() method called // to calculate message digest of an input // and return array of byte return md.digest(input.getBytes(StandardCharsets.UTF_8)); } public String toHexString(byte[] hash) { // Convert byte array into signum representation BigInteger number = new BigInteger(1, hash); // Convert message digest into hex value StringBuilder hexString = new StringBuilder(number.toString(16)); // Pad with leading zeros while (hexString.length() < 32) { hexString.insert(0, '0'); } return hexString.toString(); }
Improve this question
2
  • 2
    Hashing is not encryption, and simple hashing of a password is not secure; you should at minimum salt and iterate the hash, and much better use an algorithm designed for password hashing like scrypt or argon2. Also SHA256 in hex is 64 digits not 32. But your posted code is not runnable and does not reproduce the problem. Commented Jan 9, 2022 at 5:31
  • Thanks, i don't know about this and just a newbie. So thanks for your advance! Commented Jan 9, 2022 at 7:25

2 Answers 2

Reset to default
1

Code

You can test/run this code on ▶▶▶▶▶ https://replit.com/@JomaCorpFX/JavaHashes

HashAlgorithm.java

public enum HashAlgorithm { SHA512("SHA-512"), SHA256("SHA-256"), SHA384("SHA-384"), SHA1("SHA-1"), MD5("MD5"); private String Value = ""; HashAlgorithm(String Value) { this.Value = Value; } @Override public String toString() { return Value; } }

HexEncoder.java

import java.util.Formatter; public class HexEncoder{ public static String toHex(byte[] data) { StringBuilder sb = new StringBuilder(data.length * 2); try (Formatter formatter = new Formatter(sb)) { for (byte b : data) { formatter.format("%02x", b); } } return sb.toString(); } }

HashManager.java

import java.security.MessageDigest; import java.nio.charset.StandardCharsets; public class HashManager { public static byte[] toRawHash(byte[] data, HashAlgorithm algorithm) throws Exception { byte[] buffer = data; MessageDigest messageDigest = MessageDigest.getInstance(algorithm.toString()); messageDigest.reset(); messageDigest.update(buffer); return messageDigest.digest(); } public static String toHexHash(byte[] data, HashAlgorithm algorithm) throws Exception { return HexEncoder.toHex(toRawHash(data, algorithm)); } public static String toHexHash(String data, HashAlgorithm algorithm) throws Exception { return toHexHash(data.getBytes(StandardCharsets.UTF_8), algorithm); } }

Main.java

public class Main { public static void main(String[] args) throws Exception { String data = "grape"; System.out.println(HashManager.toHexHash(data, HashAlgorithm.SHA256)); System.out.println(HashManager.toHexHash(data, HashAlgorithm.SHA256)); System.out.println(HashManager.toHexHash(data, HashAlgorithm.SHA256)); System.out.println(HashManager.toHexHash(data, HashAlgorithm.SHA256)); } }

Output

output1

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

you should call md.reset() before reuse the MessageDigest instance.Just add it before md.digest(....).

Improve this answer

7 Comments

It's seem that nothing change.
change the way that you convert your input to bytes to be like this: md.digest(Base64.getDecoder().decode(input));
and use a known code to convert to Hex string. you can find one here: stackoverflow.com/questions/9655181/…
The MessageDigest instance is not being reused, and I see no reason to think the input is base64.
whatever, It is recommended for this purpose using Base64 instead of UTF-8. You could add random byte array salt to your password. check this: stackoverflow.com/questions/3866316/…
|

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.