SHA1 hash generator in hex

Discussion in 'Java' started by Al Murphy, Mar 2, 2004.

  1. Al Murphy

    Al Murphy Guest

    Folks,

    I've written a SHA1 hasher that outputs in hexadecimal. Only problem
    is though - it needs testing. But how can I be sure?

    INPUT OUTPUT

    password123 -3402539ff706354bf7c87b342e78b0899e72d569

    Is this correct?

    Can you have a look at the code below and let me know what you think?

    Thanks,
    Al.

    *****CODE AS FOLLOWS*******

    public void makeSHAHash()
    {

    strInput = jtfInput.getText();

    try
    {

    // Generates a MessageDigest object that implements the SHA1 digest
    algorithm
    MessageDigest md = MessageDigest.getInstance("SHA");

    // Resets the digest for further use
    md.reset();

    // copnvert the
    byte[] buffer = strInput.getBytes();

    // Updates the digest using the specified array of bytes
    md.update(buffer);

    // Completes the hash computation by performing final operations such
    as padding
    byte[] digest = md.digest();

    // Convert the byte array to hexadecimal format
    BigInteger bi = new BigInteger(digest);
    String strHex = bi.toString(16);
    jtfOutput.setText(strHex);
    repaint();

    }
    catch(NoSuchAlgorithmException nsae)
    {
    nsae.printStackTrace();
    }
    catch(NumberFormatException nfe)
    {
    nfe.printStackTrace();
    }

    }// end makeSHA1Hash
     
    Al Murphy, Mar 2, 2004
    #1
    1. Advertising

  2. Al Murphy wrote:
    > Folks,
    >
    > I've written a SHA1 hasher that outputs in hexadecimal. Only problem
    > is though - it needs testing. But how can I be sure?


    Any reason why you do not use java.security.MessageDigest?
    If you really _need_ to write this yourself, you could at least use it
    to verify your results.

    MessageDigest.getInstance("sha1")

    See also the javadoc for it.

    Daniel
     
    Daniel Schneller, Mar 2, 2004
    #2
    1. Advertising

  3. Al Murphy

    Oscar kind Guest

    Al Murphy <> wrote:
    > I've written a SHA1 hasher that outputs in hexadecimal. Only problem
    > is though - it needs testing. But how can I be sure?


    By reimplementing the SHA-1 algorithm. But why bother with that?
    Alternatively, you can read the documentation (javadoc etc) to ensure that
    the correct algorithm is specified by "SHA" (rather than "SHA1"), and then
    argument why your code works correctly (it does as fas as I can tell).

    After this, the only thing left to test is the conversion to hexadecimal.


    [...]
    > // copnvert the
    > byte[] buffer = strInput.getBytes();

    [...]

    You may want to consider using getBytes("US-ASCII") or similar to ensure
    that the hashes are the same regardless of the default character encoding
    of the platform the code is executed on. Th


    Oscar

    --
    Oscar Kind http://home.hccnet.nl/okind/
    Java/J2EE Developer email available on website
     
    Oscar kind, Mar 2, 2004
    #3
  4. ..... never mind ....
    Anyone who can read has a clear advantage... :)

    Sorry.
     
    Daniel Schneller, Mar 2, 2004
    #4
  5. Al Murphy

    Al Murphy Guest

    Oscar kind <> wrote in message news:<4044a0a5$0$3891$>...

    > [...]
    > > // copnvert the
    > > byte[] buffer = strInput.getBytes();

    > [...]
    >
    > You may want to consider using getBytes("US-ASCII") or similar to ensure
    > that the hashes are the same regardless of the default character encoding
    > of the platform the code is executed on. Th


    Thanks Oscar,

    Overlook this. Problem is though - I'm getting negative hexadecimal
    expressions. For example when I hash, say: "password123" I get:

    -3402539ff706354bf7c87b342e78b0899e72d569

    I don't like negative hex values. Isn't that wrong?

    Confused,
    Al.
     
    Al Murphy, Mar 4, 2004
    #5
  6. Al Murphy

    darkzak

    Joined:
    Jan 7, 2009
    Messages:
    1
    (I know this is a really old thread, but since it is one of the first hits I got on Google I am replying so the solution is here)

    The correct hash for "password123" is:
    cbfdac6008f9cab4083784cbd1874f76618d2a97

    You shouldn't be getting negative hex values. Here is an article on converting byte arrays to hex correctly:
    rgagnon.com/javadetails/java-0596.html

    Example code:
    Code:
    import java.security.MessageDigest;
    import java.security.NoSuchAlgorithmException
    ...
    public String makeSHA1Hash(String input)
    		throws NoSuchAlgorithmException
    	{
    		MessageDigest md = MessageDigest.getInstance("SHA1");
    		md.reset();
    		byte[] buffer = input.getBytes();
    		md.update(buffer);
    		byte[] digest = md.digest();
    		
    		String hexStr = "";
    		for (int i = 0; i < digest.length; i++) {
    			hexStr +=  Integer.toString( ( digest[i] & 0xff ) + 0x100, 16).substring( 1 );
    		}
    		return hexStr;
    	}
     
    darkzak, Jan 7, 2009
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    10
    Views:
    6,214
    Neredbojias
    Aug 19, 2005
  2. Bengt Richter
    Replies:
    6
    Views:
    471
    Juha Autero
    Aug 19, 2003
  3. LMZ
    Replies:
    5
    Views:
    533
    Martin v. Löwis
    Apr 6, 2008
  4. Adam Tauno Williams
    Replies:
    2
    Views:
    866
    Stefan Behnel
    Dec 30, 2010
  5. rp
    Replies:
    1
    Views:
    532
    red floyd
    Nov 10, 2011
Loading...

Share This Page