1 Reply Latest reply on Dec 20, 2011 2:16 PM by Humberto Ferreira da Luz Jr.

    SHA-256 + Base64 encoding

    Humberto Ferreira da Luz Jr. Novice

      I configured my standalone.xml like that:


      <security-domain name="portalRealm">
      <module-option name="hashAlgorithm" value="SHA-256"/>
      <module-option name="hashEncoding" value="base64"/>


      I updated the password in the database using the value that I got from http://insidepro.com/hashes.php?lang=eng#2.


      It worked perfectly, I authenticated correctly with JAAS, but now I need to update the password with SHA-256+Base64 through my application.


      I tried using the seam security Base64 class:


      MessageDigest md = MessageDigest.getInstance("SHA-256");
       String shaValue = stringHexa(md.digest()); //here I get the correct SHA-256 value (46070d4bf934fb0d4b06d9e2c46e346944e322444900a435d7d9a95e6d7435f5).
       org.jboss.seam.security.util.Base64.encodeBytes(shaValue); //here I get the wrong value (
      ZDc0MzVmNQ==) instead of (RgcNS/k0+w1LBtnixG40aUTjIkRJAKQ119mpXm10NfU=)


      My stringHexa method:

      private  String stringHexa(byte[] bytes) {
       StringBuilder s = new StringBuilder();
       for (int i = 0; i < bytes.length; i++) {
       int parteAlta = ((bytes[i] >> 4) & 0xf) << 4;
       int parteBaixa = bytes[i] & 0xf;
       if (parteAlta == 0) {
       s.append(Integer.toHexString(parteAlta | parteBaixa));
       return s.toString();


      Does somebody know why I'm getting the incorrect Base64 value? Does JBoss AS come with its own libraries to deal with encoding and decoding?