📘 Premium Read: Access my best content on Medium member-only articles — deep dives into Java, Spring Boot, Microservices, backend architecture, interview preparation, career advice, and industry-standard best practices.
✅ Some premium posts are free to read — no account needed. Follow me on Medium to stay updated and support my writing.
🎓 Top 10 Udemy Courses (Huge Discount): Explore My Udemy Courses — Learn through real-time, project-based development.
▶️ Subscribe to My YouTube Channel (172K+ subscribers): Java Guides on YouTube
Java SHA-512 Hash With Salt Example
package com.avaya.smgr.tm.util;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
public class SecureUtils {
public static String getSecurePassword(String password, byte[] salt) {
String generatedPassword = null;
try {
MessageDigest md = MessageDigest.getInstance("SHA-512");
md.update(salt);
byte[] bytes = md.digest(password.getBytes(StandardCharsets.UTF_8));
StringBuilder sb = new StringBuilder();
for (int i = 0; i < bytes.length; i++) {
sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1));
}
generatedPassword = sb.toString();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return generatedPassword;
}
private static byte[] getSalt() throws NoSuchAlgorithmException {
SecureRandom random = new SecureRandom();
byte[] salt = new byte[16];
random.nextBytes(salt);
return salt;
}
public static void main(String[] args) throws NoSuchAlgorithmException {
// same salt should be passed
byte[] salt = getSalt();
String password1 = getSecurePassword("Password", salt);
String password2 = getSecurePassword("Password", salt);
System.out.println(" Password 1 -> " + password1);
System.out.println(" Password 2 -> " + password2);
if (password1.equals(password2)) {
System.out.println("passwords are equal");
}
}
}
Password 1 -> aafd533eae0bafc1537749f1e9615ae66201f62f2386853e02ca0ec83fbc33c018b4afbdce682260de47e75abdca2d2c0191b6cd6c90b3f783def8204aac6ba5
Password 2 -> aafd533eae0bafc1537749f1e9615ae66201f62f2386853e02ca0ec83fbc33c018b4afbdce682260de47e75abdca2d2c0191b6cd6c90b3f783def8204aac6ba5
passwords are equal
MessageDigest md = MessageDigest.getInstance("SHA-512");
SecureRandom random = new SecureRandom();
byte[] salt = new byte[16];
random.nextBytes(salt);
md.update(salt);
byte[] bytes = md.digest(password.getBytes(StandardCharsets.UTF_8));
byte[] bytes = md.digest(password.getBytes(StandardCharsets.UTF_8));
StringBuilder sb = new StringBuilder();
for(int i=0; i< bytes.length ;i++)
{
sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1));
}
generatedPassword = sb.toString();
Validate Password
While Storing the password
- Generate a long random salt using SecureRandom.
- Use the Hash function such as SHA256 to hash both Salt and Password together.
- Save both the Salt and the Hash separately in the database.
While Validating the password
- Retrieve the Salt and Hash from the database.
- Use the same Hash function (SHA256) which is used while generating the hash.
- Generate a new Hash with the new password provided and the Salt retrieved from the database.
- Now compare the new hash with the hash from the database. If they match, then the password provided is correct. Otherwise, the password is incorrect.
Nice one mate, really. helped me.
ReplyDelete