MultiROM Once Again Available for the Galaxy S4

Multiboot, or the ability to select betweenmultiple operating systems on a single device at … more

Build an Impractical But Awesome Lego Mindstorm Dock

The vast majority of what we cover here on the XDA-Developers News Portal relates to … more

MultiROM Makes its Way Over to the HTC One (M8)

While browsing our forum, you will undoubtedly find more than a few enticing ROMs available … more

Welcome to the New XDA-Developers Portal!

You may recall that a few weeks ago, we opened up the XDA-2015 forum themesto intrepid users … more
Post Reply

Simple class for encryption

1st June 2014, 08:52 PM   |  #1  
Jonny's Avatar
OP Forum Moderator
Flag Cheshire
Thanks Meter: 8,019
 
7,991 posts
Join Date:Joined: Jul 2011
Donate to Me
More
Here is a simple class for encrypting strings. As we should all know, encryption is important, especially for things like login forms, personal user data etc. Therefore it is important that if you are storing such information either locally on the device or sending it to a remote server, you encrypt such details.

This class uses the SHA-512 hashing algorithm to convert a string into its raw bit format. This is then converted into a hex string and returned.

There are ways of making this even more secure (by adding salts etc) but this is just meant to be for a starting point

Code:
public class Crypto {
    final protected static char[] hexArray = "0123456789ABCDEF".toCharArray();

    private static String convertToHex(byte[] bytes) {
        char[] hexChars = new char[bytes.length * 2];
        for (int j = 0; j < bytes.length; j++) {
            int v = bytes[j] & 0xFF;
            hexChars[j * 2] = hexArray[v >>> 4];
            hexChars[j * 2 + 1] = hexArray[v & 0x0F];
        }
        return new String(hexChars);
    }

    public static String SHA512(String text) throws NoSuchAlgorithmException, UnsupportedEncodingException {
        MessageDigest md = MessageDigest.getInstance("SHA-512");
        md.update(text.getBytes("iso-8859-1"), 0, text.length());
        byte[] sha512hash = md.digest();
        return convertToHex(sha512hash);
    }
}
Usage:

Code:
String example = "example";
try {
    example = Crypto.SHA512(example);
} catch (NoSuchAlgorithmException e) {
    e.printStackTrace();
} catch (UnsupportedEncodingException e) {
    e.printStackTrace();
}
Last edited by Jonny; 10th June 2014 at 10:43 AM.
The Following 4 Users Say Thank You to Jonny For This Useful Post: [ View ]
3rd June 2014, 09:08 PM   |  #2  
Masrepus's Avatar
Senior Member
Thanks Meter: 74
 
662 posts
Join Date:Joined: Feb 2013
More
Thanks a lot, exactly what i have been looking for yesterday, must have been reading my thoughts ;P
Just one question, how to revert the hex to the normal text version again

---------------------------------
Phone : Nexus 4
OS:
Pure KitKat 4.4.2 stock, no root, no mods
---------------------------------

4d 61 73 72 65 70 75 73 20 66 74 77

Gesendet von Tapatalk
3rd June 2014, 11:16 PM   |  #3  
SimplicityApks's Avatar
Senior Member
Flag Aachen
Thanks Meter: 330
 
331 posts
Join Date:Joined: May 2013
Quote:
Originally Posted by Masrepus

Thanks a lot, exactly what i have been looking for yesterday, must have been reading my thoughts ;P
Just one question, how to revert the hex to the normal text version again

The SHA algorithm used here is intended to and can only be used one way. So basically the user enters his password which is encrypted by the method above and the hex string is then saved. Each time the user wants to login, the password he entered is encrypted again. If the hex string matches the saved one the user gains access.

This method is very secure as there is no way to uniquely decode the password from the hex string.
The Following User Says Thank You to SimplicityApks For This Useful Post: [ View ]
4th June 2014, 02:21 AM   |  #4  
Jonny's Avatar
OP Forum Moderator
Flag Cheshire
Thanks Meter: 8,019
 
7,991 posts
Join Date:Joined: Jul 2011
Donate to Me
More
Quote:
Originally Posted by SimplicityApks

The SHA algorithm used here is intended to and can only be used one way. So basically the user enters his password which is encrypted by the method above and the hex string is then saved. Each time the user wants to login, the password he entered is encrypted again. If the hex string matches the saved one the user gains access.

This method is very secure as there is no way to uniquely decode the password from the hex string.

^ This. How I use it is for GCM notifications for the app for my school. Users register for push notifications for different year groups (eg year 7, year 8 etc) using their email (mandatory as this is used for some mysql enquiries server side) and real name (optional). Obviously I don't want these showing in plain text format if the website/database is compromised so the information needed to be encrypted before stored in the remote database.

In addition to that I didn't want the plain text information being intercepted whilst being sent to the server so I encrypted it locally using this class then send to the server - it also means that I can still use this to run mysql enquiries on the hashed email string

Sent from my HTC One using Tapatalk
4th June 2014, 05:53 AM   |  #5  
Masrepus's Avatar
Senior Member
Thanks Meter: 74
 
662 posts
Join Date:Joined: Feb 2013
More
Ah okay i understand

---------------------------------
Phone : Nexus 4
OS:
Pure KitKat 4.4.2 stock, no root, no mods
---------------------------------

4d 61 73 72 65 70 75 73 20 66 74 77

Gesendet von Tapatalk
5th June 2014, 07:59 PM   |  #6  
Jonny's Avatar
OP Forum Moderator
Flag Cheshire
Thanks Meter: 8,019
 
7,991 posts
Join Date:Joined: Jul 2011
Donate to Me
More
Code updated with a better way of converting the bytes to hex string - adapted from maybeWeCouldStealAVan's method @ stackoverflow
Last edited by Jonny; 10th June 2014 at 04:41 AM.
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools
Display Modes


Top Threads in Java for Android App Development by ThreadRank