gist JS

Thursday, August 17, 2006

java MD5 password hash

So you want to hash a password, store in the DB and go on your merry way. Not being wise in the way of hashing you might think that a simple google for "java MD5 hash" will do you right, but you'd be wrong. In fact it has a good shot of leading you to something like the following (at least 2 examples that I found), which has a cute little bug lurking beneath the surface.

private String hashPassword(String password) {
String hashword = null;
try {
MessageDigest md5 = MessageDigest.getInstance("MD5");
BigInteger hash = new BigInteger(1, md5.digest());
hashword = hash.toString(16);

} catch (NoSuchAlgorithmException nsae) {

return hashword;


but the right answer is:
(note the '0')

The trick of course is that the integer 045 == 45, even in bigInteger land.

A simple

return pad(hashword,32,'0');
private String pad(String s, int length, char pad) {
StringBuffer buffer = new StringBuffer(s);
while (buffer.length() < length) {
buffer.insert(0, pad);
return buffer.toString();

will sort you.

Glad I chose "test" as a test password or I might have found this at a more unfortunate juncture as the other 3 test users I created worked without a hitch. Amazing to think that in this day and age, blindly copying code from the Internet into you app is still an imperfect method of application development.

Of course if you copy & paste this code, well, that's totally different. It's been tested.. er.. well visually inspected for at least.. um.. a minute.

OMG there's a new Neal Stephenson book.


map said...

Hmmm. This is an old article. But it is generally a bad idea to store a MD5 password. There are other better ways to do that (google for bCrypt or SRP).

canistel said...

Thanks for that tip... had that exact same problem myself, right down to the 31 char "md5" result for "test" :)

reyt said...
This comment has been removed by a blog administrator.
A. Kevin Baynes said...

Why would it be 'generally a bad idea' to store an MD5 password? I spent a little time looking this up and it appears that MD5 hashes are prone to collisions.

Jeff Dwyer said...

@Kevin Yes, MD5 is a vulnerable algorithm. Just as important is to salt your passswords. See http://www.codinghorror.com/blog/archives/000953.html for a fun discussion of the topic.

A. Kevin Baynes said...

Nice article.

My favorite quote from it is "Cryptography is really a euphemism for competitive paranoia."

It's been a fun day of reading... as a result, the password hashing code I wrote today uses jBCrypt. :-)

Anonymous said...

you have nice site. thanks for sharing this site. various kinds of ebooks are available here


Van'S Zone said...

what about Java MD5 Checksum file?

Do you know how the program?

Please give me the tutorial because I'm newbie and want to learn java.

Send to my email please: jayaivan@gmail.com


Adam said...

You can always use my online md5 cracker to crack your md5 hashes - its working at around 20% success and cracks hashes in under 3 seconds.

Great blog - Keep up the good work

Add Font in Menuba said...

Thank you, very helpful. Do you also have knowledge in building “clusters” with JtR? If so and if you know a good URL/Doc/Book/whatever, I’d appreciate it.

Anonymous said...

Hey if you want you can also use GrandCentral. It includes the SimpleCrypto class which can generate hashes and checksums using MD5, SHA1, SHA-256, SHA-384 and SHA-512. Just a suggestion. http://code.google.com/p/grandcentral/

Cncweb World said...

Thanks for sharing this kind of post. I am looking for such a informative post. Very useful. Keep sharing. java institutes in pune

Girish Desai said...

Thanks for sharing this and its very useful post, it was so interesting to read & appreciate your work for blog post which is very useful.

Girish Desai said...

Thanks for sharing this and its very useful to the back end developers. The explanation given is really comprehensive and informative .