MD5 & SHA Hash Generator — in-browser, no upload
Generate MD5, SHA-1, SHA-256, SHA-384, and SHA-512 digests of any text or file — and the HMAC variants when you supply a secret key. Algorithms follow RFC 1321, FIPS 180-4, and RFC 2104 exactly. Files and keys never leave your browser tab.
How it works
A cryptographic hash maps an input of any size to a fixed-size digest in a way that is fast to compute forward and infeasible to reverse. This page implements five standard digests plus their keyed (HMAC) variants, each one pinned to the authoritative specification it came from:
- MD5— Rivest's Message-Digest Algorithm, specified in RFC 1321. Produces a 128-bit (16-byte) digest. Browsers' SubtleCrypto deliberately omits MD5 (broken for collision-resistance since Wang & Yu 2005), so this page ships a pure-JavaScript implementation of the algorithm in Section 3.4 of the RFC, with the four 16-byte state words mixed by the 64 rounds and the T[i] = floor(2^32 × |sin(i+1)|) constant table. Verified against the Appendix A.5 test suite at startup.
- SHA-1 — RFC 3174 / FIPS 180-4 §6.1. 160-bit digest, computed by the browser's
crypto.subtle.digest("SHA-1", ...). A second, independent pure-JS implementation runs alongside it and the two outputs must agree byte-for-byte; that cross-check is wired into the green “Verified” badge above. - SHA-256 — FIPS 180-4 §6.2. 256-bit digest, 64 rounds over 32-bit words. Test vector
SHA-256("abc") = ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015adfrom Appendix B.1 must reproduce exactly. This is the workhorse — use it whenever you can. - SHA-384 / SHA-512 — FIPS 180-4 §6.4 / §6.5. 384-bit and 512-bit digests respectively, both processing 64-bit words across 80 rounds. SHA-384 is SHA-512 with different initial values and the output truncated, so on 64-bit hardware they cost essentially the same; pick SHA-384 only if your protocol mandates it (e.g. some TLS suites, certain interop targets).
- HMAC (RFC 2104) — when you flip the HMAC switch, every algorithm becomes a keyed MAC computed as
H((K ⊕ opad) ∥ H((K ⊕ ipad) ∥ message))whereipad = 0x36,opad = 0x5c, both repeated to the hash's block size (64 bytes for MD5 and SHA-256, 128 bytes for SHA-512). A key longer than the block size is replaced byH(key)first, per §2 of the RFC. HMAC-SHA-* usescrypto.subtle.sign("HMAC", ...); HMAC-MD5 is built around the pure-JS MD5 primitive on this page, because SubtleCrypto cannot do MD5 at all.
Text input is run through TextEncoder.encode (WHATWG Encoding Standard, UTF-8) before hashing, so Sinhala, Tamil, CJK, and emoji round-trip cleanly and produce the same digest as piping the same UTF-8 bytes into openssl dgst. File input is read as raw bytes — no encoding, no whitespace fix-ups — so the hash matches sha256sum / certutil -hashfile exactly.
Worked examples
Frequently asked questions
Sources & references
- IETF RFC 1321 — The MD5 Message-Digest Algorithm (Rivest, 1992)
- IETF RFC 3174 — US Secure Hash Algorithm 1 (SHA-1)
- NIST FIPS PUB 180-4 — Secure Hash Standard (SHA-1, SHA-224, SHA-256, SHA-384, SHA-512)
- IETF RFC 2104 — HMAC: Keyed-Hashing for Message Authentication
- IETF RFC 2202 — Test Cases for HMAC-MD5 and HMAC-SHA-1
- IETF RFC 4231 — Test Cases for HMAC-SHA-224 / 256 / 384 / 512
- W3C Web Cryptography API — SubtleCrypto.digest / SubtleCrypto.sign
- SHAttered — practical SHA-1 collision (Stevens, Bursztein, Karpman et al., 2017)
The hash routines on this page were last cross-checked against the RFC 1321 §A.5 / FIPS 180-4 §B.1-§B.2 / RFC 2202 §2 / RFC 4231 §4.2 test vectors on 2026-05-11. Any algorithmic change bumps that date. If your digest differs from another tool, double-check the input encoding first (trailing newline, BOM, CRLF) — then email me below if it's still off.
Related tools
Comments & feedback
Spotted a bug or want an improvement? Tell us — our team reviews every comment, and good ideas get built. Comments are public and anonymous.
Found a bug, edge case, or want to suggest an improvement?
Email me at [email protected] — most fixes ship within 24 hours.