hash only returning 8 or 9 characters

Question

The link provided doesn't answer the question. In the MessageDiggest it says:

toString()
Returns a string representation of this message digest object.

I'm unclear why this would always be only 8 or 9 characters.

I have the following method creating a hashed password. It only returns 8 or 9 characters and I'm wondering if there is a problem with it:

import java.security.MessageDigest;
import java.security.SecureRandom;
import java.security.NoSuchAlgorithmException;
import java.io.UnsupportedEncodingException;

public class Password {
   public static void main(String[] args) {

      String[] saltPassword = createPassword("password");

      System.out.println("Salt = " + saltPassword[0]);
      System.out.println("Password = " + saltPassword[1]);
   }

   private static String[] createPassword(String password) {
       String [] saltPassword = new String[2];
      try{  
         SecureRandom random = new SecureRandom();
         byte[] salt = new byte[32];
         random.nextBytes(salt);

         MessageDigest md = MessageDigest.getInstance("SHA-256");
         md.update(salt);
         md.update(password.getBytes("UTF8"));
         byte[] digest = md.digest();

         saltPassword[0] = salt.toString();
         saltPassword[1] = digest.toString();    

         System.out.println(digest);


        }catch(NoSuchAlgorithmException e1){
            System.out.println("FATAL ERROR: " + e1);
            System.exit(0);
        }catch(UnsupportedEncodingException e2){
            System.out.println("FATAL ERROR: " + e2);
            System.exit(0);
        }

      return(saltPassword);
   }

}

BackSlash, I don't see how that reference answers my question. Can you provide more guidance? see updated question — DCR, Nov 21 '18 at 15:54
`saltPassword[0] = salt.toString(); saltPassword[1] = digest.toString(); System.out.println(digest);` These lines don't do what you think. The duplicate question tells you why and how to print those arrays/convert them to string correctly. — BackSlash, Nov 21 '18 at 16:00
compare the answer below which is very helpful to your link which is NOT helpful. — DCR, Nov 21 '18 at 16:20

flopcoder · Accepted Answer · 2018-11-21T16:04:51.110

Try to this. Your code has no problem you are printing object reference. SHA-256 generate 64 length hex data equal to 32 byte. You can convert this byte data to another format using DatatypeConverter Class but below code may be serve your problem.

 private static String[] createPassword(String password) {
    String [] saltPassword = new String[2];
    try{
        SecureRandom random = new SecureRandom();
        byte[] salt = new byte[32];
        random.nextBytes(salt);

        MessageDigest md = MessageDigest.getInstance("SHA-256");
        md.update(salt);
        md.update(password.getBytes("UTF8"));
        byte[] digest = md.digest();

        saltPassword[0] = DatatypeConverter.printHexBinary(salt);
        saltPassword[1] = DatatypeConverter.printHexBinary(digest);

        System.out.println(DatatypeConverter.printHexBinary(digest));


    }catch(NoSuchAlgorithmException e1){
        System.out.println("FATAL ERROR: " + e1);
        System.exit(0);
    }catch(UnsupportedEncodingException e2){
        System.out.println("FATAL ERROR: " + e2);
        System.exit(0);
    }

    return(saltPassword);
}

DatatypeConverter is no longer supplied with the JDK in Java 11. You can use it if you're still using Java 8. — DodgyCodeException, Nov 23 '18 at 17:19
Don't worry, the vast majority of Java developers are currently still using Java 8. I wrote the comment for the sake of developers in 3-4 years' time. — DodgyCodeException, Nov 23 '18 at 17:24

hash only returning 8 or 9 characters

1 Answers1