Hashing in Java - MD5 ,SHA-1, SHA-256, SHA-384,SHA-512 and PBKDF2

What does Hashing mean?

A secure password hash is an encrypted sequence of characters obtained after applying certain algorithms and manipulations on user-provided password, which are generally very weak and easy to guess.
Please remember that once this password hash is generated and stored in the database, you can not convert it back to the original password.



MD5 hash in Java

The MD5 message-digest algorithm is a widely used hash function producing a 128-bit hash value. Although MD5 was initially designed to be used as a cryptographic hash function, it has been found to suffer from extensive vulnerabilities. It can still be used as a checksum to verify data integrity, but only against unintentional corruption. It remains suitable for other non-cryptographic purposes, for example for determining the partition for a particular key in a partitioned database.

Example: Java-MD5 to hash a String
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

public class KnowledgeFactoryMD5 {

    public static void main(String[] args) throws NoSuchAlgorithmException {

        String password = "www.knowledgefactory.net";

        MessageDigest md = MessageDigest.getInstance("MD5");
        byte[] hashInBytes = md.digest(password.
                               getBytes(StandardCharsets.UTF_8));

        StringBuilder sb = new StringBuilder();
        for (byte b : hashInBytes) {
            sb.append(String.format("%02x", b));
        }
        System.out.println(sb.toString());

    }
}


Output: 25d1f28032d7f41c2b0337740261bc64

SHA-1 hash in Java

In cryptography, SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function that takes an input and produces a 160-bit (20-byte) hash value known as a message digest – typically rendered as a hexadecimal number, 40 digits long. It was designed by the United States National Security Agency and is a U.S. Federal Information Processing Standard.

Example: Java-SHA-1 to hash a String
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
 
public class KnowledgeFactorySHA1 {

    public static String encryptThisString(String input) {

        try {

            MessageDigest md = MessageDigest.getInstance("SHA-1");
            byte[] messageDigest = md.digest(input.getBytes());
            BigInteger no = new BigInteger(1, messageDigest);
            String hashtext = no.toString(16);
            while (hashtext.length() < 32) {
                hashtext = "0" + hashtext;
            }

            return hashtext;
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    public static void main(String args[]) throws NoSuchAlgorithmException {

        System.out.println("HashCode Generated by SHA-1 for: ");
        String s1 = "www.knowledgefactory.net";
        System.out.println("\n" + s1 + " : " + encryptThisString(s1));

    }
}

Output:

HashCode Generated by SHA-1 for: 
www.knowledgefactory.net : 3a6846af08452b2244b4b105ea12cf24761cf8ed

SHA-256 hash in Java

The SHA (Secure Hash Algorithm) is one of a number of cryptographic hash functions. A cryptographic hash is like a signature for a text or a data file. SHA-256 algorithm generates an almost-unique, fixed-size 256-bit (32-byte) hash. Hash is a one-way function – it cannot be decrypted back.

Example: Java-SHA-256 to hash a String
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

public class KnowledgeFactorySHA256 {

    public static String encryptThisString(String input) {

        try {

            MessageDigest md = MessageDigest.getInstance("SHA-256");
            byte[] messageDigest = md.digest(input.getBytes());
            BigInteger no = new BigInteger(1, messageDigest);
            String hashtext = no.toString(16);
            while (hashtext.length() < 32) {
                hashtext = "0" + hashtext;
            }

            return hashtext;
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    public static void main(String args[]) throws NoSuchAlgorithmException {

        System.out.println("HashCode Generated by SHA-256 for: ");
        String s1 = "www.knowledgefactory.net";
        System.out.println("\n" + s1 + " : " + encryptThisString(s1));

    }
}

Output:

HashCode Generated by SHA-256 for: 
www.knowledgefactory.net : e7d1a94a4df129131ac8f3de6367ff6b522397924bf504d7506e615fc7e73153


SHA-384 hash in Java

Sha-384 is a function of the cryptographic algorithm Sha-2, the evolution of Sha-1. It's the same encryption as Sha-512, except that the output is truncated at 384 bits. There are also differences in the initialization process. This function is part of the U.S Federal Information Processing Standard. 

Example: Java-SHA-384 to hash a String
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

public class KnowledgeFactorySHA384 {
    public static String encryptThisString(String input) {
        try {

            MessageDigest md = MessageDigest.getInstance("SHA-384");
            byte[] messageDigest = md.digest(input.getBytes());
            BigInteger no = new BigInteger(1, messageDigest);
            String hashtext = no.toString(16);
            while (hashtext.length() < 32) {
                hashtext = "0" + hashtext;
            }

            return hashtext;
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    public static void main(String args[]) throws NoSuchAlgorithmException {

        System.out.println("HashCode Generated by SHA-384 for: ");
        String s1 = "www.knowledgefactory.net";
        System.out.println("\n" + s1 + " : " + encryptThisString(s1));

    }
}

Output:

HashCode Generated by SHA-384 for: 
www.knowledgefactory.net : 2643e129044af3888ba30d8b781fb1990a487a750a5110e41f505d5fb40097cff88b402342251e2209f6d8e3dec78778

SHA-512 hash in Java

SHA-512 is a function of the cryptographic algorithm SHA-2, which is an evolution of the famous SHA-1.
SHA-512 is very close to Sha-256 except that it used 1024 bits "blocks", and accepts as input a 2^128 bits maximum length string. SHA-512 also has other algorithmic modifications in comparison with Sha-256.

Example: Java - SHA-512 to hash a String
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

public class KnowledgeFactorySHA512 {
    public static String encryptThisString(String input) {
        try {

            MessageDigest md = MessageDigest.getInstance("SHA-512");
            byte[] messageDigest = md.digest(input.getBytes());
            BigInteger no = new BigInteger(1, messageDigest);
            String hashtext = no.toString(16);
            while (hashtext.length() < 32) {
                hashtext = "0" + hashtext;
            }

            return hashtext;
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    public static void main(String args[]) throws NoSuchAlgorithmException {

        System.out.println("HashCode Generated by SHA-512 for: ");
        String s1 = "www.knowledgefactory.net";
        System.out.println("\n" + s1 + " : " + encryptThisString(s1));

    }
}

Output:

HashCode Generated by SHA-512 for: 
www.knowledgefactory.net : 505c217e8123f856ae88cd06d1753f1562ee44c1f1e91f6d90ccf4ff11b52c880197cf4fb008788fa8bd184c4d7171265328577735d4229015f4be26776fc725

PBKDF2WithHmacSHA1 hash in Java

Java has implementation of “PBKDF2” algorithm as “PBKDF2WithHmacSHA1“.
In cryptography, PBKDF1 and PBKDF2 (Password-Based Key Derivation Function 2) are key derivation functions with a sliding computational cost, used to reduce vulnerabilities to brute force attacks.

Example: Java - PBKDF2WithHmacSHA1 to hash a String
import java.math.BigInteger;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;

public class KnowledgeFactoryPBKDF2 {
    public static void main(String[] args) throws NoSuchAlgorithmException
                                       InvalidKeySpecException {
        String originalPassword = "www.knowledgefactory.net";
        String generatedSecuredPasswordHash = generateStorngPasswordHash
                                       (originalPassword);
        System.out.println(generatedSecuredPasswordHash);
    }

    private static String generateStorngPasswordHash(String password)
            throws NoSuchAlgorithmException, InvalidKeySpecException {
        int iterations = 500;
        char[] chars = password.toCharArray();
        byte[] salt = getSalt();

        PBEKeySpec spec = new PBEKeySpec(chars, salt, iterations, 64 * 8);
        SecretKeyFactory skf = SecretKeyFactory.
                                getInstance("PBKDF2WithHmacSHA1");
        byte[] hash = skf.generateSecret(spec).getEncoded();
        return "Total iteration: " + iterations + "\n" + "Salt: "
                           toHex(salt) + "\n" + "Hash: " + toHex(hash);
    }

    private static byte[] getSalt() throws NoSuchAlgorithmException {
        SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
        byte[] salt = new byte[16];
        sr.nextBytes(salt);
        return salt;
    }

    private static String toHex(byte[] array) throws NoSuchAlgorithmException {
        BigInteger bi = new BigInteger(1, array);
        String hex = bi.toString(16);
        int paddingLength = (array.length * 2) - hex.length();
        if (paddingLength > 0) {
            return String.format("%0" + paddingLength + "d", 0) + hex;
        } else {
            return hex;
        }
    }

}


Output:

Total iteration: 500
Salt: 7b37492c931fe4c00f19a4622a7cda4e
Hash: 4604be8f314c1089db874f35fc6b9ee7f72ec124b92cc7b24aa83f239365b228b3ffa16f55433426c15ff3b09c142d7d7f621a7bc7eb8cf1eb8b913e4aaabdef

Popular posts from this blog

Learn Java 8 streams with an example - print odd/even numbers from Array and List

Example 1: Java 8 program to print odd numbers from a List   import java.util.Arrays; import java.util.List; import java.util.stream.Collectors; /*Java 8 Program to find Odd Numbers from a List*/ public class DriverClass { public static void main( String [] args) { List < Integer > numbers = Arrays. asList( 1 , 4 , 8 , 40 , 11 , 22 , 33 , 99 ); List < Integer > oddNumbers = numbers.stream(). filter(o -> o % 2 != 0 ). collect(Collectors.toList()); System.out.println(oddNumbers); } } 1. Initialize List using Arrays.asList() method. Java's built-in Arrays.asList() method converts an array into a list. This method takes an array as an argument and returns a List object. 2.  Java List interface provides stream() method which returns a sequential Stream with list of Integer as its source. 3. The Java stream filter() method allow
Read more

Java Stream API - How to convert List of objects to another List of objects using Java streams?

Image
In this section, we will show you how to convert a List of objects to another List of objects in Java using the Java streams map(). The ‘map’ method maps each element to its corresponding result. Java Stream API   The Java Stream API provides a functional programming approach over the object oriented capabilities of Java. It is used for processing collections of objects. The Stream in Java can be defined as a sequence of elements from a source List, Set or Array. Most of the stream operations return a Stream. This avails engender a chain of stream operations(stream pipe-lining). The streams withal support the aggregate or terminal operations on the elements. for example, finding the sum or maximum element or finding the average etc...Stream operations can either be executed sequentially or parallel. when performed parallelly, it is called a parallel stream.   Stream map() Method   The Java 8 Stream map() is an intermediate operation. It converts Stream<obj1> to Stream<obj2>
Read more

Registration and Login with Spring Boot + Spring Security + Thymeleaf

Image
In this section, we will learn how to create user registration and login using Spring boot, Spring security, Thymeleaf, JPA, and H2DB. The GitHub repository link is provided at the end of this tutorial. You can download the source code. Technologies used: Spring Boot 2.5.5  Spring Data JPA  Spring Security  Thymeleaf  Maven 3+  Java 17  H2 Database   User Interface User Registration Authentication Failed Authentication success Sign out Final Project Structure: Complete pom.xml: <? xml version ="1.0" encoding ="UTF-8" ?> < project xmlns ="http://maven.apache.org/POM/4.0.0" xmlns: xsi ="http://www.w3.org/2001/XMLSchema-instance" xsi :schemaLocation ="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd" > < modelVersion >4.0.0</ modelVersion > < parent > < groupId >org.springframework.boot</ groupId > < artifactId >spring-boot-starter-pare
Read more

Java, Spring Boot Mini Project - Library Management System - Download

Image
Hello everyone, Hope you are doing well. Here, we provide a Library Management System mini-project for beginners, it's free for download. Maybe you can build more on top of this project and create your own product, that's all about you. The source code download link is provided at the end of this post. 1. Benefit of this project You could cover the following technologies and features by learning and debugging this mini project. Java 17 Java Stream Java Lamda Expressions Java Records Functional programming Object-oriented programming var Keyword in Java Generics in Java Java Switch Spring boot 2.6.4 Spring Security Thymeleaf template engine OpenCSV Spring Data JPA Server Side Pagination H2 Database  Bootstrap HTML CSS and more... 2. Objective Of Spring Boot On Library Management System The main objective of this project is to manage the details of the books, author, category, and publisher. Only Admin/Librarian will manage all these activities. Also, they can export the data in
Read more

ReactJS, Spring Boot JWT Authentication Example

Image
In this tutorial, we’ll create a user registration & login example using ReactJS, Spring Boot, Spring Security, and JWT authentication. You could download the source code from our Github repository, the download link is provided at the end of this tutorial. Technologies used Backend Technologies: Java 17 Spring Boot 2.7.0 Spring Security Spring Data JPA JWT H2 Database Frontend Technologies: React 17.0.1 Axios 0.27.2 Redux 4.0.5 Bootstrap 4.5.2 ReactJS - SpringBoot - JWT - Flow Backend Project Directory: Frontend Project Directory: Following is the screenshot of our application - User Registration: User Signin: Profile View: Access Resource: We will build two projects:  1. Backend:   spring-boot-security-jwt 2. Frontend: react-redux-jwt Project 1: spring-boot-security-jwt Pom.xml <?xml version = "1.0" encoding = "UTF-8" ?> <project xmlns = "http://maven.apache.org/POM/4.0.0" xmlns:xsi = "http://www.w3.org/2001/XMLSchema-instance"
Read more

Spring Boot + Mockito simple application with 100% code coverage

Image
In this article, we will show you a simple  Spring Boot example to demonstrate test methods for Controllers, Service, and Repository, And code coverage analysis using the EclEmma plugin. Technologies used: Spring Boot 2.6.4 Mockito 3.11.2 Maven 3+ EclEmma plugin Junit 5 Java 17 A quick overview of  Spring Boot, Mockito, and EclEmma plugin Spring boot: Spring boot to develop REST web services and microservices. Spring Boot has taken the Spring framework to the next level. It has drastically reduced the configuration and setup time required for spring projects. We can set up a project with almost zero configuration and start building the things that actually matter to your application. Mockito: Mockito is a mocking framework, a JAVA-predicated library that is utilized for efficacious unit testing of JAVA applications. Mockito is utilized to mock interfaces so that a dummy functionality can be integrated into a mock interface that can be utilized in unit testing. EclEmma : E
Read more

Top 5 Java ORM tools - 2024

Image
  The term ORM refers to object-relational mapping, which uses objects to adapt programming languages to database systems while allowing them to function with SQL and object-oriented programming ideas. Any kind of database management system that can accomplish object mapping to the table in the virtual system is suitable for the implementation of ORM. Java has a wide variety of ORM tools, some of which are mentioned below: 1. Hibernate Hibernate is a lightweight, open-source, non-invasive Java ORM (Object-Relational Mapping) framework that allows developers to create objects that function independently of database software and create persistence logic in any Java or JavaEE application. It offers an abstraction layer, so developers don't have to bother about implementations; Hibernate handles these tasks internally, such as connecting to databases and creating queries to carry out CRUD operations, among other things. Persistence logic development is done with it. Persistence logic r
Read more

Java - Blowfish Encryption and decryption Example

Image
Blowfish is an encryption method developed by Bruce Schneier in 1993 as an alternative to the DES encryption method. It is significantly faster than DES and provides good encryption speed, although no effective cryptanalysis technique has been found to date. It is one of the first secure block ciphers that is not protected by any patents and is therefore freely available for anyone to use. This is a symmetric block cipher algorithm. Block size: 64 bits Key size: variable size from 32 to 448 bits number of subsections: 18 [P-array] number of rounds: 16 number of substitution blocks: 4 [each with 512 records of 32 bits each] develop  Example 1: Encryption and decryption using Blowfish import java.io.UnsupportedEncodingException; import java.nio.charset.Charset; import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.util.Base64; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeExc
Read more

Spring boot video streaming example-HTML5

Image
Hello everyone, Today we will learn how to stream MP4 video using Spring Boot and Spring Web Flux.  The Source code download link is provided at the end of this post. New, Quarkus Practice User Interface   Project Structure: G radle(build.gradle) plugins { id 'org.springframework.boot' version '2.5.4' id 'io.spring.dependency-management' version '1.0.11.RELEASE' id 'java' } group = 'com.knf.demo' version = '0.0.1-SNAPSHOT' sourceCompatibility = '11' repositories { mavenCentral() } dependencies { implementation 'org.springframework.boot:spring-boot-starter-webflux' testImplementation 'org.springframework.boot:spring-boot-starter-test' testImplementation 'io.projectreactor:reactor-test' } test { useJUnitPlatform() } Service (VideoStreamingService.java) package  com.knf.demo.service ; import org.springframework.beans.factory.annotation. Autowired ; import org.springframew
Read more

Google Cloud Storage + Spring Boot - File Upload, Download, and Delete

Image
In this section, we will learn  how to  create a simple spring boot application to perform different file operations such as upload, download, list, and delete files from the Google Cloud Storage. 1.  A little bit of Background Google Cloud Storage Cloud Storage is a managed service for storing unstructured data. Store any amount of data and retrieve it as often as you like. More Info - click here! Spring Boot Spring Boot makes it easy to create stand-alone, production-grade Spring-based Applications that you can "just run".  More Info - click here! 2. Create a GCP Project First, Sign into the Google console at  https://console.cloud.google.com . You can create a new project by first selecting the project dropdown in the top left and selecting " New Project ". Next, specify your GCP  Project name  and  Project ID . Then  Click on the " CREATE " button. Copy " Project ID " and keep it for future purposes. 3. Create a Google Cloud Storage bucket Fr
Read more