Security

Hash Generator

Compute MD5, SHA-1, SHA-256, and SHA-512 digests for UTF-8 text or raw file bytes. SHA algorithms use the browser’s Web Crypto API; MD5 uses a small client-side implementation loaded from the CDN. Nothing is uploaded to DroidXP — the same local-only approach as our APK Analyzer and APK String Extractor.

Ad placement — top banner
Input source

Line endings and Unicode are encoded as UTF-8 before hashing.

Digests (hex, lowercase)

Ad placement — mid rectangle

What this hash generator does

It outputs hexadecimal digests for the same input under four common algorithms. Text mode encodes your string as UTF-8 and hashes those bytes. File mode reads the file as a raw byte array (no charset conversion). SHA-1, SHA-256, and SHA-512 use the browser’s built-in crypto.subtle.digest. MD5 is provided by the blueimp-md5 script from jsDelivr because MD5 is not exposed by Web Crypto.

When to use which algorithm

  • SHA-256 / SHA-512 are appropriate for checksums, integrity verification, and modern workflows. Prefer them for new designs.
  • SHA-1 is deprecated for signatures and TLS, but still appears in legacy tools and Git object IDs — use only when you must match an existing SHA-1.
  • MD5 is broken for collision resistance; it remains common for non-cryptographic checksums and old APIs. Do not use MD5 or SHA-1 for passwords — use slow password hashes (Argon2, bcrypt, scrypt) on the server.

Privacy

Text and files are processed with JavaScript in your browser tab. DroidXP does not receive your content for this tool. The only network request beyond the page itself is loading the MD5 script from the CDN (then cached).

How to use this tool

  1. Step 1: Choose Text or File. Paste text or drop/select a file.
  2. Step 2: Hashes update as you type (text) or after the file loads. Check byte count and timing in the stats row.
  3. Step 3: Copy individual digests or Copy all (TSV) for spreadsheets; use Clear when finished on shared machines.

Frequently Asked Questions

Does DroidXP upload my text or file?

No. Hashing runs in your browser. Your content is not sent to DroidXP servers for this tool.

Why is MD5 loaded from a CDN?

Web Crypto does not implement MD5. The page loads the small blueimp-md5 library from jsDelivr so MD5 matches what many desktop tools produce. Self-host the script if your policy forbids third-party JavaScript.

Are SHA-1 and MD5 secure?

Not for new cryptographic guarantees. MD5 collisions are practical; SHA-1 is deprecated for many uses. This tool is for checksums and compatibility, not for signing or storing secrets.

Why do my hashes differ from another tool?

Check that both sides use the same bytes: UTF-8 text vs Latin-1, Windows vs Unix line endings, and whether a file was hashed raw or interpreted as text. This page uses UTF-8 for text and raw bytes for files.

Can I hash very large files?

The whole file is read into memory. Very large files may be slow or fail on low-memory devices. For multi-gigabyte files, prefer a desktop CLI or streaming hasher.

Does this support HMAC or salted passwords?

No. It only computes plain digests. For password storage use a dedicated KDF (Argon2, bcrypt, scrypt) on your server — not raw SHA or MD5.

Is SubtleCrypto available everywhere?

It works in secure contexts (HTTPS or localhost). In older browsers or insecure HTTP pages, SHA functions may fail — try HTTPS or a modern browser.

Why is the output lowercase hex?

Lowercase hex is widely used in APIs and docs. If you need uppercase, copy and transform in your editor — the underlying value is the same.

Can I verify a download checksum?

Yes — switch to File, select the downloaded file, and compare SHA-256 (or the algorithm the publisher specifies) to the published value.

Is the clipboard safe?

Other software can read the clipboard on some systems. Clear sensitive inputs when done on shared computers.

How does this relate to the Password Generator?

The Password Generator creates random secrets. This tool fingerprints arbitrary data — different purpose; do not confuse checksums with password hashing.

Ad placement — sidebar 300×600