Unofficial CM12.1 Available for Moto E 2014

While Motorola is yet to release a final 5.0.2 build for the Moto E 2014, XDA Senior … more

Pinsy Brings Social Sketching To Your Watch & Phone

Did you watch Apple’s VP draw on his wrist during the Apple Watch announcement … more

CyanogenMod 12.1 for Samsung Galaxy S5

Android 5.1 is slowly putting its mark in the custom ROM world. CyanogenMod 12.1 is available to … more

Nexus Player 5.1 LMY47D Rooted

We recently featured the Nexus Player, Google’s second attempt at a digital media … more
Post Reply Subscribe to Thread Email Thread

Simple class for encryption

1st June 2014, 08:52 PM   |  #1  
Jonny's Avatar
OP Forum Moderator
Flag Cheshire
Thanks Meter: 8,576
 
8,354 posts
Join Date:Joined: Jul 2011
Donate to Me
More
Here is a simple class for encrypting strings. As we should all know, encryption is important, especially for things like login forms, personal user data etc. Therefore it is important that if you are storing such information either locally on the device or sending it to a remote server, you encrypt such details.

This class uses the SHA-512 hashing algorithm to convert a string into its raw bit format. This is then converted into a hex string and returned.

There are ways of making this even more secure (by adding salts etc) but this is just meant to be for a starting point

Code:
public class Crypto {
    final protected static char[] hexArray = "0123456789ABCDEF".toCharArray();

    private static String convertToHex(byte[] bytes) {
        char[] hexChars = new char[bytes.length * 2];
        for (int j = 0; j < bytes.length; j++) {
            int v = bytes[j] & 0xFF;
            hexChars[j * 2] = hexArray[v >>> 4];
            hexChars[j * 2 + 1] = hexArray[v & 0x0F];
        }
        return new String(hexChars);
    }

    public static String SHA512(String text) throws NoSuchAlgorithmException, UnsupportedEncodingException {
        MessageDigest md = MessageDigest.getInstance("SHA-512");
        md.update(text.getBytes("iso-8859-1"), 0, text.length());
        byte[] sha512hash = md.digest();
        return convertToHex(sha512hash);
    }
}
Usage:

Code:
String example = "example";
try {
    example = Crypto.SHA512(example);
} catch (NoSuchAlgorithmException e) {
    e.printStackTrace();
} catch (UnsupportedEncodingException e) {
    e.printStackTrace();
}
Last edited by Jonny; 10th June 2014 at 10:43 AM.
The Following 4 Users Say Thank You to Jonny For This Useful Post: [ View ]
3rd June 2014, 09:08 PM   |  #2  
Masrepus's Avatar
Senior Member
Thanks Meter: 89
 
733 posts
Join Date:Joined: Feb 2013
More
Thanks a lot, exactly what i have been looking for yesterday, must have been reading my thoughts ;P
Just one question, how to revert the hex to the normal text version again

---------------------------------
Phone : Nexus 4
OS:
Pure KitKat 4.4.2 stock, no root, no mods
---------------------------------

4d 61 73 72 65 70 75 73 20 66 74 77

Gesendet von Tapatalk
3rd June 2014, 11:16 PM   |  #3  
SimplicityApks's Avatar
Senior Member
Flag Aachen
Thanks Meter: 340
 
346 posts
Join Date:Joined: May 2013
More
Quote:
Originally Posted by Masrepus

Thanks a lot, exactly what i have been looking for yesterday, must have been reading my thoughts ;P
Just one question, how to revert the hex to the normal text version again

The SHA algorithm used here is intended to and can only be used one way. So basically the user enters his password which is encrypted by the method above and the hex string is then saved. Each time the user wants to login, the password he entered is encrypted again. If the hex string matches the saved one the user gains access.

This method is very secure as there is no way to uniquely decode the password from the hex string.
The Following User Says Thank You to SimplicityApks For This Useful Post: [ View ]
4th June 2014, 02:21 AM   |  #4  
Jonny's Avatar
OP Forum Moderator
Flag Cheshire
Thanks Meter: 8,576
 
8,354 posts
Join Date:Joined: Jul 2011
Donate to Me
More
Quote:
Originally Posted by SimplicityApks

The SHA algorithm used here is intended to and can only be used one way. So basically the user enters his password which is encrypted by the method above and the hex string is then saved. Each time the user wants to login, the password he entered is encrypted again. If the hex string matches the saved one the user gains access.

This method is very secure as there is no way to uniquely decode the password from the hex string.

^ This. How I use it is for GCM notifications for the app for my school. Users register for push notifications for different year groups (eg year 7, year 8 etc) using their email (mandatory as this is used for some mysql enquiries server side) and real name (optional). Obviously I don't want these showing in plain text format if the website/database is compromised so the information needed to be encrypted before stored in the remote database.

In addition to that I didn't want the plain text information being intercepted whilst being sent to the server so I encrypted it locally using this class then send to the server - it also means that I can still use this to run mysql enquiries on the hashed email string

Sent from my HTC One using Tapatalk
4th June 2014, 05:53 AM   |  #5  
Masrepus's Avatar
Senior Member
Thanks Meter: 89
 
733 posts
Join Date:Joined: Feb 2013
More
Ah okay i understand

---------------------------------
Phone : Nexus 4
OS:
Pure KitKat 4.4.2 stock, no root, no mods
---------------------------------

4d 61 73 72 65 70 75 73 20 66 74 77

Gesendet von Tapatalk
5th June 2014, 07:59 PM   |  #6  
Jonny's Avatar
OP Forum Moderator
Flag Cheshire
Thanks Meter: 8,576
 
8,354 posts
Join Date:Joined: Jul 2011
Donate to Me
More
Code updated with a better way of converting the bytes to hex string - adapted from maybeWeCouldStealAVan's method @ stackoverflow
Last edited by Jonny; 10th June 2014 at 04:41 AM.
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes