SHA Hash Generator
Compute SHA-1, SHA-256, SHA-384, and SHA-512 digests of text, hex bytes, or a local file using the browser’s crypto.subtle.digest. Each digest is shown as lowercase hex and standard Base64, with copy buttons.
Input
Digests
What this SHA hash generator does
A cryptographic hash function maps any amount of input to a fixed-length digest that is practically impossible to reverse and, for a strong algorithm, infeasible to collide. This page computes the digest of whatever you type, paste as hex, or load from a local file, and renders it in two encodings: lowercase hexadecimal (the form printed by sha256sum and most command-line tooling) and standard Base64 (the form used in Subresource Integrity attributes, JWT thumbprints, and many certificate fingerprints).
Everything is computed with the browser’s built-in crypto.subtle.digest. There is no hand-rolled hashing JavaScript here — the bytes you see are exactly what the platform’s vetted Web Crypto implementation returns, identical to what any other application on the machine would compute. Because crypto.subtle is asynchronous, the page awaits each digest before displaying it.
When to use it
Reach for this tool when you need to verify a download against a published checksum, confirm two files are byte-identical, derive an SRI integrity value for a script tag, sanity-check a fingerprint your code produced, or learn how the four SHA-2 lengths differ. It pairs naturally with the certificate fingerprint tool when you are matching a thumbprint, and with the Base64 tool when you need to convert a digest between encodings.
Input and output
Choose how your input is interpreted. Text (UTF-8) encodes the characters you type as UTF-8 bytes before hashing. Hex bytes treats the input as raw bytes — useful when you already have a key or message in hex; separators, 0x prefixes, and whitespace are ignored, but the digit count must be even. The file button hashes the exact bytes of a local file and shows its name and size; an empty input still produces the well-known digest of the empty string.
For each selected algorithm the result panel lists the digest length in bits, the lowercase hex form, and the standard Base64 form, each with its own copy control. Choose “All four digests” to compare lengths side by side, or pick a single algorithm to focus on one value.
Supported and unsupported algorithms
Web Crypto’s SubtleCrypto.digest defines only four digests, and those are the only four offered here:
SHA-256 / 384 / 512
The SHA-2 family. SHA-256 is the modern default; SHA-384 and SHA-512 give longer digests for higher security margins.
SHA-1 (legacy)
160-bit and broken for collision resistance (SHAttered, 2017). Provided only to verify legacy values — never design new security around it.
Not available
SHA-224, SHA-512/224, SHA-512/256 and the entire SHA-3 / Keccak / SHAKE family are not in Web Crypto. We omit them rather than ship unverified crypto.
Common mistakes
- Hashing the wrong bytes. Leaving the mode on “Text” when your value is hex (or vice versa) produces a completely different digest. Pick the mode that matches your data.
- Trusting SHA-1. Matching a SHA-1 value to verify an old artifact is fine; using SHA-1 for a new signature, integrity check, or password scheme is not.
- Comparing across encodings. A hex digest and a Base64 digest of the same input look totally different but encode the same bytes — compare like with like.
- Expecting SHA-3 or SHA-224. They are intentionally absent because the browser cannot compute them; this tool will not fake them.
- Odd-length hex. Hex input must have an even number of digits, since each byte is two hex characters.
Related tools
Certificate fingerprint
Compute SHA-1/256 fingerprints of an X.509 certificate.