38

I am trying to generate a SHA256 hash in android, that I then pass to an ASP.NET Web API web service and compare the hash there. As such, I need to construct a hash in Android, that given the same inputs in ASP.NET will generate an equivalent hash. I'm pulling my hair out trying to figure out what I'm doing wrong.

Here's the Android code:

public String computeHash(String input) throws NoSuchAlgorithmException{
    MessageDigest digest = MessageDigest.getInstance("SHA-256");
    digest.reset();
    try{
      digest.update(input.getBytes("UTF-8"));
    } catch (UnsupportedEncodingException e){
      e.printStackTrace();
    }
    
    byte[] byteData = digest.digest(input.getBytes());
    StringBuffer sb = new StringBuffer();

    for (int i = 0; i < byteData.length; i++){
      sb.append(Integer.toString((byteData[i] & 0xff) + 0x100, 16).substring(1));
    }
    return sb.toString();
}

Here's the C# code for the server:

    private static string ComputeHash(string input, HashAlgorithm algorithm)
    {

        Byte[] inputBytes = Encoding.UTF8.GetBytes(input);
        Byte[] hashedBytes = algorithm.ComputeHash(inputBytes);

        StringBuilder sb = new StringBuilder();

        for (int i = 0; i < hashedBytes.Length; i++)
        {
            sb.Append(String.Format("{0:x2}", hashedBytes[i]));
        }

        return sb.ToString();
    }
TylerH
  • 20,799
  • 66
  • 75
  • 101
Kevin
  • 895
  • 2
  • 10
  • 21
  • How can i convert back Hash string to original input in java. any idea thanks – Zeeshan Aug 11 '14 at 11:16
  • 1
    A crytpographic hash is one-way... please see the following article: http://en.wikipedia.org/wiki/Cryptographic_hash_function – Kevin Aug 12 '14 at 11:44

3 Answers3

21

Your Java code is wrong: you are adding the input bytes twice. If you are calculating this in one go, you need to either call only digest(bytes) or call digest() after update(bytes);

Nikolay Elenkov
  • 52,576
  • 10
  • 84
  • 84
4

I was looking for a Kotlin version for my Android app.

I could not find one; here is what I came up with:

fun String.getSha256(): String {
    val digest = MessageDigest.getInstance("SHA-256").apply { reset() }
    val byteData: ByteArray = digest.digest(this.toByteArray())
    return StringBuffer().apply {
        byteData.forEach {
            append(((it.toInt() and 0xff) + 0x100).toString(16).substring(1))
        }
    }.toString()
}
ytilliette
  • 91
  • 4
0

Migrating OP's solution from the question to an answer:

Here is the corrected Android/Java implementation (based on Nikolay Elenkov's answer):

public String computeHash(String input) throws NoSuchAlgorithmException, UnsupportedEncodingException{
    MessageDigest digest = MessageDigest.getInstance("SHA-256");
    digest.reset();
  
    byte[] byteData = digest.digest(input.getBytes("UTF-8"));
    StringBuffer sb = new StringBuffer();

    for (int i = 0; i < byteData.length; i++){
      sb.append(Integer.toString((byteData[i] & 0xff) + 0x100, 16).substring(1));
    }
    return sb.toString();
}
TylerH
  • 20,799
  • 66
  • 75
  • 101