Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,731,757 Members 47,125 Now Online
XDA Developers Android and Mobile Development Forum

Simple class for encryption

Tip us?
 
Jonny
Old
(Last edited by Jonny; 10th June 2014 at 10:43 AM.)
#1  
Jonny's Avatar
Forum Moderator - OP
Thanks Meter 7817
Posts: 7,827
Join Date: Jul 2011
Location: Cheshire

 
DONATE TO ME
Default Simple class for encryption

Here is a simple class for encrypting strings. As we should all know, encryption is important, especially for things like login forms, personal user data etc. Therefore it is important that if you are storing such information either locally on the device or sending it to a remote server, you encrypt such details.

This class uses the SHA-512 hashing algorithm to convert a string into its raw bit format. This is then converted into a hex string and returned.

There are ways of making this even more secure (by adding salts etc) but this is just meant to be for a starting point

Code:
public class Crypto {
    final protected static char[] hexArray = "0123456789ABCDEF".toCharArray();

    private static String convertToHex(byte[] bytes) {
        char[] hexChars = new char[bytes.length * 2];
        for (int j = 0; j < bytes.length; j++) {
            int v = bytes[j] & 0xFF;
            hexChars[j * 2] = hexArray[v >>> 4];
            hexChars[j * 2 + 1] = hexArray[v & 0x0F];
        }
        return new String(hexChars);
    }

    public static String SHA512(String text) throws NoSuchAlgorithmException, UnsupportedEncodingException {
        MessageDigest md = MessageDigest.getInstance("SHA-512");
        md.update(text.getBytes("iso-8859-1"), 0, text.length());
        byte[] sha512hash = md.digest();
        return convertToHex(sha512hash);
    }
}
Usage:

Code:
String example = "example";
try {
    example = Crypto.SHA512(example);
} catch (NoSuchAlgorithmException e) {
    e.printStackTrace();
} catch (UnsupportedEncodingException e) {
    e.printStackTrace();
}
The Following 4 Users Say Thank You to Jonny For This Useful Post: [ Click to Expand ]
 
Masrepus
Old
#2  
Masrepus's Avatar
Senior Member
Thanks Meter 67
Posts: 633
Join Date: Feb 2013
Thanks a lot, exactly what i have been looking for yesterday, must have been reading my thoughts ;P
Just one question, how to revert the hex to the normal text version again

---------------------------------
Phone : Nexus 4
OS:
Pure KitKat 4.4.2 stock, no root, no mods
---------------------------------

4d 61 73 72 65 70 75 73 20 66 74 77

Gesendet von Tapatalk
 
SimplicityApks
Old
#3  
SimplicityApks's Avatar
Senior Member
Thanks Meter 307
Posts: 287
Join Date: May 2013
Location: Aachen
Quote:
Originally Posted by Masrepus View Post
Thanks a lot, exactly what i have been looking for yesterday, must have been reading my thoughts ;P
Just one question, how to revert the hex to the normal text version again
The SHA algorithm used here is intended to and can only be used one way. So basically the user enters his password which is encrypted by the method above and the hex string is then saved. Each time the user wants to login, the password he entered is encrypted again. If the hex string matches the saved one the user gains access.

This method is very secure as there is no way to uniquely decode the password from the hex string.
The Following User Says Thank You to SimplicityApks For This Useful Post: [ Click to Expand ]
 
Jonny
Old
#4  
Jonny's Avatar
Forum Moderator - OP
Thanks Meter 7817
Posts: 7,827
Join Date: Jul 2011
Location: Cheshire

 
DONATE TO ME
Quote:
Originally Posted by SimplicityApks View Post
The SHA algorithm used here is intended to and can only be used one way. So basically the user enters his password which is encrypted by the method above and the hex string is then saved. Each time the user wants to login, the password he entered is encrypted again. If the hex string matches the saved one the user gains access.

This method is very secure as there is no way to uniquely decode the password from the hex string.
^ This. How I use it is for GCM notifications for the app for my school. Users register for push notifications for different year groups (eg year 7, year 8 etc) using their email (mandatory as this is used for some mysql enquiries server side) and real name (optional). Obviously I don't want these showing in plain text format if the website/database is compromised so the information needed to be encrypted before stored in the remote database.

In addition to that I didn't want the plain text information being intercepted whilst being sent to the server so I encrypted it locally using this class then send to the server - it also means that I can still use this to run mysql enquiries on the hashed email string

Sent from my HTC One using Tapatalk
 
Masrepus
Old
#5  
Masrepus's Avatar
Senior Member
Thanks Meter 67
Posts: 633
Join Date: Feb 2013
Ah okay i understand

---------------------------------
Phone : Nexus 4
OS:
Pure KitKat 4.4.2 stock, no root, no mods
---------------------------------

4d 61 73 72 65 70 75 73 20 66 74 77

Gesendet von Tapatalk
 
Jonny
Old
(Last edited by Jonny; 10th June 2014 at 04:41 AM.)
#6  
Jonny's Avatar
Forum Moderator - OP
Thanks Meter 7817
Posts: 7,827
Join Date: Jul 2011
Location: Cheshire

 
DONATE TO ME
Code updated with a better way of converting the bytes to hex string - adapted from maybeWeCouldStealAVan's method @ stackoverflow
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes


TRENDING IN THEMER...