import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
public class SaltedSHA256Password {
public static void main(String[] args) throws NoSuchAlgorithmException, NoSuchProviderException {
String passwordToHash = "password";
byte[] salt = getSalt();
System.out.println(byte2hex(salt));
System.out.println(byte2hex(salt).toString());
System.out.println(byte2hex(salt).toString().length());
System.out.println(byte2hex(hex2byte(byte2hex(salt))));
System.out.println(salt);
String securePassword = getSecurePassword(passwordToHash, salt);
System.out.println(securePassword); // Prints 83ee5baeea20b6c21635e4ea67847f66
String regeneratedPassowrdToVerify = getSecurePassword(passwordToHash, salt);
System.out.println(regeneratedPassowrdToVerify); // Prints 83ee5baeea20b6c21635e4ea67847f66
String regeneratedPassowrdToVerify2 = getSecurePassword(passwordToHash, hex2byte(byte2hex(salt)));
System.out.println(regeneratedPassowrdToVerify2); // Prints 83ee5baeea20b6c21635e4ea67847f66
System.out.println((regeneratedPassowrdToVerify2).toString().length());
}
private static String getSecurePassword(String passwordToHash, byte[] salt) {
String generatedPassword = null;
try {
// Create MessageDigest instance for MD5
MessageDigest md = MessageDigest.getInstance("SHA-256");
// Add password bytes to digest
md.update(salt);
// Get the hash's bytes
byte[] bytes = md.digest(passwordToHash.getBytes());
// This bytes[] has bytes in decimal format;
// Convert it to hexadecimal format
StringBuilder sb = new StringBuilder();
for (int i = 0; i < bytes.length; i++) {
sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1));
}
// Get complete hashed password in hex format
generatedPassword = sb.toString();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return generatedPassword;
}
// Add salt
private static byte[] getSalt() throws NoSuchAlgorithmException, NoSuchProviderException {
// Always use a SecureRandom generator
SecureRandom sr = SecureRandom.getInstance("SHA1PRNG", "SUN");
// Create array for salt
byte[] salt = new byte[16];
// Get a random salt
sr.nextBytes(salt);
// return salt
return salt;
}
// Convert Hex String to Byte Array
public static byte[] hex2byte(String str) {
byte[] bytes = new byte[str.length() / 2];
for (int i = 0; i < bytes.length; i++) {
bytes[i] = (byte) Integer.parseInt(str.substring(2 * i, 2 * i + 2), 16);
}
return bytes;
}
// Convert Byte Arrary to Hex String
public static String byte2hex(byte[] b) {
// String Buffer can be used instead
String hs = "";
String stmp = "";
for (int n = 0; n < b.length; n++) {
stmp = (java.lang.Integer.toHexString(b[n] & 0XFF));
if (stmp.length() == 1) {
hs = hs + "0" + stmp;
} else {
hs = hs + stmp;
}
if (n < b.length - 1) {
hs = hs + "";
}
}
return hs;
}
}