0

I have implemented a web service(.asmx) using .NET framework that returns me a hash string

Here is the code:

     public string HashCode(string str)
        {
        string rethash = "";
        try
        {

            System.Security.Cryptography.SHA1 hash = System.Security.Cryptography.SHA1.Create();
            System.Text.ASCIIEncoding encoder = new System.Text.ASCIIEncoding();
            byte[] combined = encoder.GetBytes(str);
            hash.ComputeHash(combined);
            rethash = Convert.ToBase64String(hash.Hash);
        }
        catch (Exception ex)
        {
            string strerr = "Error in HashCode : " + ex.Message;
        }
        return rethash;
    }

In my Android app, I am taking the password from the user via EditText and again hashing it using SHA-1 algorithm. Considering the fact that I am providing the same password in both C# code and Android code will the hash strings returned by both be equal ?

Snippet of the Android code: 

  private static String bytesToHexString(byte[] bytes) 
     {

        StringBuffer sb = new StringBuffer();
        for (int i = 0; i < bytes.length; i++) {
            String hex = Integer.toHexString(0xFF & bytes[i]);
            if (hex.length() == 1) {
                sb.append('0');
            }
            sb.append(hex);
        }
        return sb.toString();
    }

// generate a hash
  public void Sha(String password)
  {
    MessageDigest digest=null;
    String hash;

    try {
        digest = MessageDigest.getInstance("SHA-1");
        digest.update(password.getBytes());

        hash = bytesToHexString(digest.digest());

        Log.i("Eamorr", "result is " + hash);
    } catch (NoSuchAlgorithmException e1) {
        // TODO Auto-generated catch block
        e1.printStackTrace();
    }

  }

My main purpose is to basically compare the hash strings in both cases and if equal display a message saying "User is valid"

Can someone help me in this?

Thanks in advance

Improve this question

1 Answer 1

Reset to default
1

The SHA-1 raw data will be the same, but it looks like your printable encoding is different: Base64 on the server, Hex(Base16) on the device. You need to use the same on both (or at least be able to decode both before you compare the bits).

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

ok i will use Base16 on server then and write this line rethash = Convert.ToBase16String(hash.Hash); ..will that be fine?
Should be. Maybe minor things like padding or upper-case/lower-case. Just try it and unless it looks completely different you should be able to work from there.
I tried but .NET doesn't contain a defination for Convert.ToBase16String().. i get an error over there..so now what how to make android code as base64?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.