Saturday, June 1, 2013

10:55 AM

Password MD5 and SHA1 in Android

Rocky    No comments
In this tutorial, I will demonstrate how to go about hashing a password using SHA1 and MD5 hashing techniques!

Security plays an important role especially in applications where in you need to connect to the Internet. Hashes are useful in such cases since they help to ensure that the transmitted messages are not altered by any means. In general, a hash value or a hash, also known as message digest is a number generated from a string of text. Android provides us with the MessageDigest class that enables developers to create and use hashes while comparing user credentials.

MessageDigest class
As mentioned in the Android docs, the class uses a one-way hash function to turn an arbitrary number of bytes into a fixed-length byte sequence. The original arbitrary-length sequence is the message, and the fixed-length byte sequence is the digest or message digest.

1. SHA1
 
SHA stands for secure hashing algorithm. SHA-1 produces a 160-bit message digest and is considered to be more secure than MD5. However, when compared to SHA256 it is not that secure.

2. MD5
 
It is widely used cryptographic hash function that produces a 128 bit (16 byte) hash value. It is represented in the form of a 32 digit hexadecimal number and cannot not decrypted. The downside of the algorithm is the fact that it has been broken as mentioned over here.

Now, let�s create an Android application project to implement SHA-1 and MD5.

activity_main.xml

strings.xml


 
    AndroidHashDemo
    Settings
    Android Hash Demo!
    enter your username!
    enter your password!

MainActivity.java

package com.sunil.password;

import java.io.IOException;
import android.util.Base64;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

import com.example.R;

import android.os.Bundle;
import android.app.Activity;
import android.util.Log;
import android.view.Menu;
import android.view.View;
import android.widget.Button;
import android.widget.EditText;
import android.widget.TextView;
import android.widget.Toast;

public class MainActivity extends Activity {

 private TextView result;
 private Button computeSha,computeMD5;
 private EditText userName, passWord;
 private String username,passwd;
 private String SHAHash;
 public static int NO_OPTIONS=0;
 
 @Override
 protected void onCreate(Bundle savedInstanceState) 
 {
  super.onCreate(savedInstanceState);
  setContentView(R.layout.activity_main);
  
  userName=(EditText)findViewById(R.id.userName);
  passWord=(EditText)findViewById(R.id.passWord);
  
  computeSha=(Button)findViewById(R.id.btn1);
  computeMD5=(Button)findViewById(R.id.btn2);
  
  result= (TextView)findViewById(R.id.textView2);
  
  //get username and password entered
  username= userName.getText().toString();
  passwd= passWord.getText().toString(); 
 
  //check if username or passwd is not null
  
  if( (username != null && username.equals("") ) || (passwd !=null && passwd.equals("")) )
  {
   computeSha.setOnClickListener(new View.OnClickListener() {
    @Override
    public void onClick(View v) 
    {
     // TODO Auto-generated method stub
     //call method to compute SHA hash
     computeSHAHash(passwd);
    }
   });
   
   computeMD5.setOnClickListener(new View.OnClickListener() {
    @Override
    public void onClick(View v) 
    {
     // TODO Auto-generated method stub
     //call method to compute SHA hash
     computeMD5Hash(passwd);
    }
   });
  
  }
  else
  {
   Toast.makeText(getApplicationContext(), "Enter your credentials..", Toast.LENGTH_LONG).show();
  }
  
 } //end onCreate()

  private static String convertToHex(byte[] data) throws java.io.IOException 
  {
         StringBuffer sb = new StringBuffer();
         String hex=null;
         hex=Base64.encodeToString(data, 0, data.length, NO_OPTIONS);
         sb.append(hex);         
         return sb.toString();
     }
 
 
 public void computeSHAHash(String password)
   {
    MessageDigest mdSha1 = null;
         try 
         {
           mdSha1 = MessageDigest.getInstance("SHA-1");
         } catch (NoSuchAlgorithmException e1) {
           Log.e("myapp", "Error initializing SHA1 message digest");
         }
         try {
    mdSha1.update(password.getBytes("ASCII"));
   } catch (UnsupportedEncodingException e) {
    // TODO Auto-generated catch block
    e.printStackTrace();
   }
         byte[] data = mdSha1.digest();
         try {
    SHAHash=convertToHex(data);
   } catch (IOException e) {
    // TODO Auto-generated catch block
    e.printStackTrace();
   }
         
   result.setText("SHA-1 hash generated is: " + " " + SHAHash);
     }
 
 
 public void computeMD5Hash(String password)
 {

  try {
         // Create MD5 Hash
         MessageDigest digest = java.security.MessageDigest.getInstance("MD5");
         digest.update(password.getBytes());
         byte messageDigest[] = digest.digest();
  
         StringBuffer MD5Hash = new StringBuffer();
         for (int i = 0; i < messageDigest.length; i++)
         {
             String h = Integer.toHexString(0xFF & messageDigest[i]);
             while (h.length() < 2)
                 h = "0" + h;
             MD5Hash.append(h);
         }
              
       result.setText("MD5 hash generated is: " + " " + MD5Hash);
   
      } 
   catch (NoSuchAlgorithmException e) 
      {
         e.printStackTrace();
      }
    
 }
}



Cheers guys!
MR: EDITOR

Rocky

Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation.
Related Posts

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

 

Copyright @ 2013 Android Developers Tipss.

Designed by Templateism | MyBloggerLab