Hash Generator

The Hash Generator is a small, focused tool for computing message digests like MD5, SHA-1, SHA-256, and SHA-512. It's useful when you need to compare content, verify integrity, or debug how different libraries produce hashes — without sending any input to a server.

• Paste or type the original text (a string, JSON, or ID).
• Select the algorithm: MD5, SHA-1, SHA-256, or SHA-512.
• Compute the hash and copy the hex output.
• Compare the result with what your application, API, or external tool produced.

For files or large payloads, you often receive a published hash (e.g. on a release page or API docs). The tool can help you verify that what you have matches what was published:

• Hash the expected content in your environment.
• Paste the known-good hash from documentation or release notes.
• Confirm they match exactly, including casing and length (hex output).

Hash functions are one-way — they're not meant for recovering the original input. This means:

• Hashing is good for checksums, signatures, and "did this change?" checks.
• Hashing is not a replacement for encryption or proper password storage.
• If you need to protect secrets, look at encryption and modern password hashing schemes (e.g. Argon2, bcrypt, scrypt) instead.

By default, the Hash Generator renders digests as lowercase hexadecimal strings, which is the most common format for hashes in logs, APIs, and documentation. For example:

• MD5 produces a 128-bit digest → 32 hex characters (e.g. 9e107d9d372bb6826bd81d3542a419d6).
• SHA-1 produces 160 bits → 40 hex characters.
• SHA-256 produces 256 bits → 64 hex characters.
• SHA-512 produces 512 bits → 128 hex characters.

The tool treats your input as UTF-8 text before hashing. This is usually what you want for:

• JSON bodies or plain text payloads.
• IDs, tokens, configuration values.
• Log lines or small snippets from your application.

If your protocol hashes raw binary data (e.g. file bytes, network packets), make sure you're feeding the same bytes into both your code and this tool — otherwise you'll get different hashes even if the text looks the same.

Hash functions are sensitive to every byte — even a single space or newline will change the digest. Common pitfalls:

• Extra newline characters when copying from terminals or logs.
• Different line endings (\n vs. \r\n).
• Leading or trailing spaces around values (especially in config files or environment variables).

If hashes don't match, check for invisible characters first — trim carefully, or compare byte-by-byte if needed.

MD5 and SHA-1 are widely considered broken for security-sensitive use cases (like signatures or password storage). They can still be acceptable for:

• Non-adversarial integrity checks (e.g. "did this file change during download?").
• Legacy systems where they're part of the protocol.

For anything that involves attackers or untrusted input, prefer SHA-256 or stronger algorithms plus proper HMAC / signing schemes.

The Hash Generator uses browser-native primitives (like the Web Crypto API) where available, and falls back to small, well-tested implementations in other environments. At a high level:

• Convert the input text to a UTF-8 byte array.
• Feed the bytes into the selected hash algorithm.
• Render the resulting digest as a hex string.

All computation happens locally in your browser. No data is sent to Birdor's servers.

Hash inputs often contain sensitive information (tokens, IDs, user data). The tool is built with that assumption:

• No server-side logging or storage of your input.
• No analytics attached to the content you hash.
• For larger inputs, operations are optimized to avoid blocking the UI where possible.

• Base64 Encoder / Decoder — often used before or after hashing when encoding binary data.
• JSON Formatter & Viewer — useful for inspecting payloads before hashing them.

When debugging protocols, it's common to use the Hash Generator alongside Base64 and JSON tools to check "encode → hash → compare" flows end to end.