Java MessageDigest result does not stay constant

Question

I've got this function for encrypting passwords in Java, but somehow when I call MessageDigest, it returns a different result every time even though I call it with the same password. I wonder if I am initializing it wrong somehow.

public String encrypt (String password) {
    MessageDigest md = MessageDigest.getInstance("SHA-1");
    md.reset();     
    md.update(password.getBytes(Charset.forName("utf-8")),0,password.length());
    String res = md.digest().toString();
}

Answer 1

This simple code produces three different results :

    MessageDigest digest = MessageDigest.getInstance("MD5");
    System.out.println("test1 ");
    System.out.println(digest.digest("test".getBytes("UTF-8")));

    Thread.sleep(10000);        
    System.out.println("test2 ");
    System.out.println(digest.digest("test".getBytes("UTF-8")));

    Thread.sleep(10000);
    System.out.println("test3 ");
    System.out.println(digest.digest("test".getBytes("UTF-8")));

Answer 2

You could change the method signature:

public byte[] encrypt (String password) {
    MessageDigest md = MessageDigest.getInstance("SHA-1");
    md.reset();
    md.update(password.getBytes(Charset.forName("utf-8")), 0, password.length());
    return md.digest();
}

... and use Arrays.equals(byte[], byte[]) to compare digests.

Answer 3

The .toString() method on the byte[] that is the return value of .digest() just gives you the representation of the array, not of its contents.

See this answer on how to convert your byte array to a hex string.

Another approach is using Arrays.toString(byte[]) although that probably does not give you the format you want.