OmniDev_

~/tools/hash-generator

Hash Generator

Generate MD5, SHA-1, SHA-256, SHA-384, SHA-512 hashes from text or any file. HMAC support included. Runs entirely in your browser, zero server calls.

// How to use
1. Select Text or File input mode
2. Choose output format (hex / Base64)
3. (Optional) Enable HMAC + enter key
4. Type text or drop a file
5. Copy any result or use Compare
* all hashing happens in browser
100% client-side — no data leaves your browser
hash — generator

// Input

// Output

// HMAC

// Start typing to generate hashes

What is a Cryptographic Hash Function?

A cryptographic hash function is a deterministic algorithm that maps input data of any size to a fixed-size output called a hash, digest, or checksum. The same input always produces the same output, but even a single-character change produces a completely different hash — a property known as the avalanche effect.

A good hash function is practically irreversible (preimage resistant), collision resistant (it is computationally infeasible to find two different inputs that produce the same hash), and fast to compute. These properties make hash functions the foundation of data integrity verification, digital signatures, password storage, and many cryptographic protocols.

Algorithm Reference

All five algorithms are computed simultaneously so you can compare outputs side by side. MD5 and SHA-1 are considered cryptographically broken for security purposes but remain widely used for non-security checksums and legacy compatibility.

MD5

128-bit

LEGACY

MD (Message Digest)

Designed by Ron Rivest in 1991. Widely broken since 2004 — collision attacks are practical on commodity hardware in seconds. Never use for passwords, signatures, or integrity of security-critical data. Still common for non-security checksums (e.g. package registry manifests) and legacy systems.

SHA-1

160-bit

LEGACY

SHA-1 (Secure Hash Algorithm 1)

Published by NIST in 1995. Practically broken since Google's SHAttered attack in 2017 demonstrated chosen-prefix collision attacks. Deprecated by NIST and browsers. Still used by Git for object addressing (non-security context) and older TLS certificates.

SHA-256

256-bit

SHA-2 (Secure Hash Algorithm 2)

Part of the SHA-2 family published by NIST in 2001. The most widely deployed secure hash algorithm — used in TLS/HTTPS certificates, JWT signatures, HMAC, Bitcoin proof-of-work, and virtually every modern cryptographic protocol. No known practical attacks.

SHA-384

384-bit

SHA-2 (Secure Hash Algorithm 2)

A truncated variant of SHA-512 that provides a higher security margin than SHA-256. Common in TLS 1.3, code-signing certificates, and government/compliance contexts that mandate larger output sizes. Internally uses 64-bit word operations, making it faster than SHA-256 on 64-bit hardware.

SHA-512

512-bit

SHA-2 (Secure Hash Algorithm 2)

The largest SHA-2 variant. Provides 256-bit collision resistance (birthday bound). Used in high-security applications, backup integrity, and as the internal primitive for password hashing schemes like PBKDF2-SHA-512 and Argon2. On 64-bit CPUs it is often faster than SHA-256 due to fewer rounds per block.

What is HMAC?

HMAC (Hash-based Message Authentication Code) combines a cryptographic hash function with a secret key to produce a message authentication code. Unlike a plain hash, an HMAC can only be verified by someone who knows the secret key — making it tamper-evident and authenticated.

// HMAC construction

HMAC(K, m) = H((K' XOR opad) || H((K' XOR ipad) || m))

K' = key padded or hashed to the block size. ipad = 0x36 repeated. opad = 0x5c repeated. All five algorithms including HMAC-MD5 are fully supported in this tool.

Common Use Cases

File Integrity Verification

Generate a checksum for a file before distribution so recipients can confirm the file was not corrupted or tampered with during download.

API Request Signing

Sign API requests with HMAC-SHA-256 using a shared secret so the server can verify the request originated from an authorised client.

Password Storage

Modern systems combine hashing with salting and iteration (bcrypt, Argon2). SHA-256/512 is used as the internal primitive inside these schemes.

Digital Signatures

RSA, ECDSA, and EdDSA sign the hash of a document rather than the document itself, making signatures compact regardless of input size.

Data Deduplication

Content-addressable storage systems (Git, IPFS, Docker layers) use hashes as unique identifiers to detect duplicate data and avoid redundant storage.

Cache & ETag Headers

HTTP ETags often contain a hash of the response body so browsers and CDNs can reuse cached responses without re-downloading unchanged content.