1. Overview
As we know, ensuring data integrity and security is vital in software engineering. An easy way to achieve this is by using cryptographic hash functions, such as Secure Hash Algorithm 1 (SHA-1), which is widely used for checksum and data integrity verification.
In this tutorial, we’ll explore how to generate a hexadecimal (hex) representation of the SHA-1 hash of a string in Java using three methods.
2. Example Setup
In this tutorial, we’ll generate the hex representation of the SHA-1 digest of an example input and compare it to an expected hex output:
String input = "Hello, World";
String expectedHexValue= "907d14fb3af2b0d4f18c2d46abe8aedce17367bd";
3. Using MessageDigest
MessageDigest is a built-in Java class. It’s part of the java.security package and provides an easy way to generate the SHA-1 digest of a string.
Here’s some example code that uses MessageDigest to generate the hex representation of SHA-1 digest:
@Test
void givenMessageDigest_whenUpdatingWithData_thenDigestShouldMatchExpectedValue() throws NoSuchAlgorithmException {
MessageDigest md = MessageDigest.getInstance("SHA-1");
md.update(input.getBytes(StandardCharsets.UTF_8));
byte[] digest = md.digest();
StringBuilder hexString = new StringBuilder();
for (byte b : digest) {
hexString.append(String.format("%02x", b));
}
assertEquals(expectedHexValue, hexString.toString());
}
First, we create a new instance of MessageDigest and initialize it with the SHA-1 algorithm. Then, we invoke the update() method on MessageDigest with the input and convert the input to byte. Next, we create a new variable digest of byte[] type. This variable holds the cryptographic hash of the data added to the MessageDigest object.
Furthermore, we loop through the bytes in the digest array and append each byte to hexString. The String.format() method helps to format the byte values as a hexadecimal string.
Finally, we assert that the input is equal to the expected hex value.
4. Using Apache Commons Codec
The Apache Commons Codec library provides a class called DigestUtils that simplifies the process of generating the hex representation of a SHA-1 digest.
To use this library, we need to add its dependency to the pom.xml:
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.15</version>
</dependency>
Next, let’s see how to use the DigestUtils class:
@Test
void givenDigestUtils_whenCalculatingSHA1Hex_thenDigestShouldMatchExpectedValue() {
assertEquals(expectedHexValue, DigestUtils.sha1Hex(input));
}
Here, we invoke the sha1Hex() method on the DigestUtils class. The method helps to calculate the SHA-1 hash of a string and returns the result as hexadecimal. Also, we check if the input is equal to the expected hex value.
5. Using Google Guava
Guava is a library developed by Google. It offers a hashing class that can be used to generate the hex representation of a SHA-1 digest.
To make use of this library, we need to add its dependency to the pom.xml:
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<version>33.0.0-jre</version>
</dependency>
Let’s see how to use the Guava library:
@Test
void givenHashingLibrary_whenCalculatingSHA1Hash_thenDigestShouldMatchExpectedValue() {
assertEquals(expectedHexValue, Hashing.sha1().hashString(input, StandardCharsets.UTF_8).toString());
}
In the sample code above, we invoke the sha1() method on the Hashing class to compute the SHA-1 hash using the UTF-8 character encoding. Then, we assert that the output is equal to the expected result.
6. Conclusion
In this article, we learned three different ways to generate the hex representation of a SHA-1 digest of a string in Java. The built-in MessageDigest class doesn’t require additional dependencies. Additionally, the Apache Commons Codec library and the Guava library are more convenient to use.
As always, the complete source code for the examples is available over on GitHub.
