1

Here is the flow of my Android code:

I am using SHA-1 hashing to hash a password entered by the user via EditText. I get a hash string as output over here.

After that I am calling a SOAP web service (created using .NET framework) that performs the same SHA-1 hashing using ASCII encoding and returns me another hash string.

Now since the input string is same in both the cases, my hash strings are same as expected. See logcat below. But when I am comparing the hash strings, I am not getting the result as expected

Here is my Android code followed by logcat:

           package com.kar.encodePassword;
           import java.io.IOException;
           import java.io.UnsupportedEncodingException;
           import java.net.SocketException;
           import java.security.MessageDigest;
           import java.security.NoSuchAlgorithmException;
           import org.ksoap2.SoapEnvelope;
           import org.ksoap2.serialization.SoapObject;
           import org.ksoap2.serialization.SoapPrimitive;
           import org.ksoap2.serialization.SoapSerializationEnvelope;
           import org.ksoap2.transport.HttpTransportSE;
           import org.xmlpull.v1.XmlPullParserException;
           import android.app.Activity;
           import android.os.Bundle;
           import android.util.Base64;
           import android.util.Log;
           import android.view.View;
           import android.widget.Button;
           import android.widget.EditText;
           import android.widget.Toast;

   public class PaswordencodingActivity extends Activity {
       /** Called when the activity is first created. */

 private static final String soap_action = "http://tempuri.org/HashCode";
 private static final String method_name = "HashCode";
 private static final String namespace2 = "http://tempuri.org/";
 private static final String url2 = "http://10.0.2.2/checkhash/Service1.asmx"; 

String password="abc";
public final static int NO_OPTIONS = 0;
String hash;
    String result2;


@Override
public void onCreate(Bundle savedInstanceState) 
{
    super.onCreate(savedInstanceState);
    setContentView(R.layout.main);

    final EditText pass=(EditText)findViewById(R.id.editText1);
    Button encode=(Button)findViewById(R.id.button1);            
    encode.setOnClickListener(new View.OnClickListener() {
        public void onClick(View v)  {
            // Perform action on click
            password=pass.getText().toString();
            if(password!=null){
                try { 
        SHA1(password) ;
        } catch (UnsupportedEncodingException e) {                                          
                      e.printStackTrace();
        } catch (IOException e) {   
            e.printStackTrace();                    
                      }
            }
            else{
       Toast.makeText(PaswordencodingActivity.this, "this is a negative onClick", Toast.LENGTH_LONG).show();
            }

           }

          });


        }


private static String convertToHex(byte[] data) throws java.io.IOException 
 {
        System.out.println("data received is"  +data);

        StringBuffer sb = new StringBuffer();
        String hex=null;

        hex=Base64.encodeToString(data, 0, data.length, NO_OPTIONS);

        for (int i = 0; i < data.length; i++) 
        {            
            if (hex.length() == 1) 
            {
                sb.append('0');
            }
            sb.append(hex);
        }

       return sb.toString();
    }

public void SHA1(String text) throws IOException
{
    MessageDigest mdSha1 = null;
    try 
    {
      mdSha1 = MessageDigest.getInstance("SHA-1");
    } catch (NoSuchAlgorithmException e1) {
      Log.e("myapp", "Error initializing SHA1 message digest");
    }
    mdSha1.update(text.getBytes("iso-8859-1"), 0, text.length());
    byte[] data = mdSha1.digest();
    hash=convertToHex(data);

    System.out.println("data going is"  +data);
    System.out.println("hash value"+hash);

    try
    {
        result2=call3(password);
        if(result2.equalsIgnoreCase(hash.toString()))
        System.out.println("success");


    } catch (XmlPullParserException e)
    {
        // TODO Auto-generated catch block
        e.printStackTrace();
    }   

        }

public String call3(String pass) throws XmlPullParserException
{
        String b=""; 

        SoapObject request = new SoapObject(namespace2, method_name);      
        request.addProperty("str",pass);

        SoapSerializationEnvelope envelope = new SoapSerializationEnvelope(SoapEnvelope.VER11); 
        envelope.dotNet = true; 
        envelope.setOutputSoapObject(request);

        HttpTransportSE  android = new HttpTransportSE(url2);

        android.debug = true; 
 try 
 {

        android.call(soap_action, envelope);

        SoapPrimitive result = (SoapPrimitive)envelope.getResponse();
        Log.i("myapp",result.toString());
        System.out.println(" --- response ---- " + result); 
        b=result.toString();


        } catch (SocketException ex) { 
            ex.printStackTrace(); 
        } catch (Exception e) { 
            e.printStackTrace(); 
        } 

        return b;   

}
}

Basically when I am trying to compare the two hash strings I am not getting the result

Why so ? can anyone help?

Logcat:

        11-25 17:09:50.899: INFO/System.out(275): data received is[B@44ef8eb0
        11-25 17:09:50.909: INFO/System.out(275): data going is[B@44ef8eb0
        11-25 17:09:50.909: INFO/System.out(275): hash valueUGGpBypVug3K+/4xONpqv9wkFd8=
        11-25 17:09:50.909: INFO/System.out(275): UGGpBypVug3K+/4xONpqv9wkFd8=
        11-25 17:09:50.909: INFO/System.out(275): UGGpBypVug3K+/4xONpqv9wkFd8=
        11-25 17:09:50.909: INFO/System.out(275): UGGpBypVug3K+/4xONpqv9wkFd8=
        11-25 17:09:50.909: INFO/System.out(275): UGGpBypVug3K+/4xONpqv9wkFd8=
        11-25 17:09:50.909: INFO/System.out(275): UGGpBypVug3K+/4xONpqv9wkFd8=
        11-25 17:09:50.909: INFO/System.out(275): UGGpBypVug3K+/4xONpqv9wkFd8=
        11-25 17:09:50.909: INFO/System.out(275): UGGpBypVug3K+/4xONpqv9wkFd8=
        11-25 17:10:01.730: INFO/myapp(275): UGGpBypVug3K+/4xONpqv9wkFd8=
        11-25 17:10:01.730: INFO/System.out(275):  --- response ---- UGGpBypVug3K+/4xONpqv9wkFd8=
Improve this question

3 Answers 3

Reset to default
1

Try 

result2 = result2.trim();
hash = hash.trim();

System.out.println("result2='" + result2 + "'");
System.out.println("hash ='" + hash + "'");

if(result2.equalsIgnoreCase(hash))
   System.out.println("success");

If this does not help, check the actual arrays:

byte[] a = result.toString().getBytes() 
byte[] b = hash..getBytes();

If the arrays are not equal, you have strings in different encodings.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

fine both are not working tried them..now tell me how to change encoding on android side code..my .net web service is ASCII btw
I tried using both ASCII in my android app and server side code..still no proper result :(
1

I think you convert byte[] to String in wrong way, it should be like this:

hash = new String(data);

Also you are doing the comparison wrong, should be like this:

if(result2.equals(hash))

In my opinion you should not convert byte[] to String at all. Use Arrays.equals(byteArray1,byteArray2);. Your data is random bits of 1 and 0s. Converting it to String can be done in many ways, but it doesn't make any sense.

Improve this answer

1 Comment

Sorry I didn't get ur first point of converting hash=new String(data); can u explain that ? Also, I tried using equals, equalsIgnoreCase and all possible methods for String comparison but still I don't get result as "success"
1

If you are applying the hashing algorithm on data derived from a String, you need to use the same character encoding to retrieve the bytes.

text.getBytes("iso-8859-1")

Different character sets can represent byte values differently.

Improve this answer

5 Comments

ok fine so in my server side i m using ASCII so in android side can i write text.getBytes("ASCII")
ok after doing that how do I compare? Should i compare using equalsIgnoreCase as @peceps has mentioned or compare byte arrays?
please see this : pastie.org/2919436 . Is this correct ? and will I get my output if I use String.equals now ?
but it's not working dude !! that's the problem..please help !!
let us continue this discussion in chat

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.