Generate SHA-256 Hash and Salt in Java Example

In this example, we take a look at how to generate a SHA-256 hash with a salt for a given input password.

The steps we follow in the code are as follows,

Step 1: We generate a random salt using generateSalt() method. The salt is a random sequence of bytes used to add uniqueness to the hashing process.

Step 2: Next, We combine the user's password with the salt to create a salted password.

Step 3: Finally, we calculate the SHA-256 hash of the salted password using the calculateSHA256() method.

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;

public class JavaSHA256HashWithSaltExample {

    public static final String SHA256_ALGO = "SHA-256";

    public static void main(String[] args) throws NoSuchAlgorithmException {

        String password = "Pa$$w*rd@$2_E";
        byte[] randomSalt = generateSalt();
        String saltedPassword = password + bytesToHex(randomSalt);
        String sha256HashedPassword = calculateSHA256(saltedPassword);

        System.out.println("Salt: " + bytesToHex(randomSalt));
        System.out.println("Hashed Password: " + sha256HashedPassword);
    }

    public static byte[] generateSalt() {
        SecureRandom random = new SecureRandom();
        byte[] salt = new byte[64];
        random.nextBytes(salt);
        return salt;
    }

    public static String calculateSHA256(String input) throws NoSuchAlgorithmException {
        MessageDigest sha256 = MessageDigest.getInstance(SHA256_ALGO);
        byte[] hashBytes = sha256.digest(input.getBytes());
        return bytesToHex(hashBytes);
    }

    public static String bytesToHex(byte[] bytes) {
        StringBuilder stringBuilder = new StringBuilder();
        for (byte b : bytes) {
            stringBuilder.append(String.format("%02x", b));
        }
        return stringBuilder.toString();
    }
}

Output: