The Master Class of "Learn Spring Security" is live:
1. Overview
The SHA (Secure Hash Algorithm) is one of the popular cryptographic hash functions. A cryptographic hash can be used to make a signature for a text or a data file.
The SHA-256 algorithm generates an almost-unique, fixed-size 256-bit (32-byte) hash. This is a one-way function, so the result cannot be decrypted back to the original value.
Currently, SHA-2 hashing is widely used as it is being considered as the most secure hashing algorithm in the cryptographic arena.
In this article, let’s have a look how we can perform SHA-256 hashing operations using various Java libraries.
2. MessageDigest Class in Java
Java provides inbuilt MessageDigest class for SHA-256 hashing:
MessageDigest digest = MessageDigest.getInstance("SHA-256");
byte[] encodedhash = digest.digest(
originalString.getBytes(StandardCharsets.UTF_8));
However, here we have to use a custom byte to hex converter to get the hashed value in hexadecimal:
private static String bytesToHex(byte[] hash) {
StringBuffer hexString = new StringBuffer();
for (int i = 0; i < hash.length; i++) {
String hex = Integer.toHexString(0xff & hash[i]);
if(hex.length() == 1) hexString.append('0');
hexString.append(hex);
}
return hexString.toString();
}
3. Guava Library
The Google Guava library also provides a utility class for hashing.
First, let’s define the dependency:
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<version>20.0</version>
</dependency>
Now, here’s how we can use Guava to hash a String:
String sha256hex = Hashing.sha256() .hashString(originalString, StandardCharsets.UTF_8) .toString();
4. Apache Commons Codecs
Similarly, we can also use Apache Commons Codecs as well:
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.10</version>
</dependency>
Here’s the utility class – called DigestUtils – that supports SHA-256 hashing:
String sha256hex = DigestUtils.sha256Hex(originalString);
5. Bouncy Castle Library
5.1. Maven Dependency
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.55</version>
</dependency>
5.2. Hashing using the Bouncy Castle Library
The Bouncy Castle API provides a utility class for converting hex data to bytes and back again.
However, it is required to populate a digest using the built-in Java API first:
MessageDigest digest = MessageDigest.getInstance("SHA-256");
byte[] hash = digest.digest(
originalString.getBytes(StandardCharsets.UTF_8));
String sha256hex = new String(Hex.encode(hash));
6. Conclusion
In this quick article, we had a look at few ways of implementing SHA-256 hashing in Java, using both inbuilt and third party libraries.
The source code of the examples above can be found on the GitHub project.