以下是我的Android代码流程:
我正在使用SHA-1哈希来散列用户通过EditText输入的密码。我在这里得到一个哈希字符串作为输出。
之后我调用SOAP Web服务(使用.NET框架创建),使用ASCII编码执行相同的SHA-1哈希并返回另一个哈希字符串。
现在由于输入字符串在两种情况下都相同,因此我的哈希字符串与预期相同。 请参阅下面的logcat。但是当我比较哈希字符串时,我没有得到预期的结果
这是我的Android代码,后跟logcat:
package com.kar.encodePassword;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.SocketException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import org.ksoap2.SoapEnvelope;
import org.ksoap2.serialization.SoapObject;
import org.ksoap2.serialization.SoapPrimitive;
import org.ksoap2.serialization.SoapSerializationEnvelope;
import org.ksoap2.transport.HttpTransportSE;
import org.xmlpull.v1.XmlPullParserException;
import android.app.Activity;
import android.os.Bundle;
import android.util.Base64;
import android.util.Log;
import android.view.View;
import android.widget.Button;
import android.widget.EditText;
import android.widget.Toast;
public class PaswordencodingActivity extends Activity {
/** Called when the activity is first created. */
private static final String soap_action = "http://tempuri.org/HashCode";
private static final String method_name = "HashCode";
private static final String namespace2 = "http://tempuri.org/";
private static final String url2 = "http://10.0.2.2/checkhash/Service1.asmx";
String password="abc";
public final static int NO_OPTIONS = 0;
String hash;
String result2;
@Override
public void onCreate(Bundle savedInstanceState)
{
super.onCreate(savedInstanceState);
setContentView(R.layout.main);
final EditText pass=(EditText)findViewById(R.id.editText1);
Button encode=(Button)findViewById(R.id.button1);
encode.setOnClickListener(new View.OnClickListener() {
public void onClick(View v) {
// Perform action on click
password=pass.getText().toString();
if(password!=null){
try {
SHA1(password) ;
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
else{
Toast.makeText(PaswordencodingActivity.this, "this is a negative onClick", Toast.LENGTH_LONG).show();
}
}
});
}
private static String convertToHex(byte[] data) throws java.io.IOException
{
System.out.println("data received is" +data);
StringBuffer sb = new StringBuffer();
String hex=null;
hex=Base64.encodeToString(data, 0, data.length, NO_OPTIONS);
for (int i = 0; i < data.length; i++)
{
if (hex.length() == 1)
{
sb.append('0');
}
sb.append(hex);
}
return sb.toString();
}
public void SHA1(String text) throws IOException
{
MessageDigest mdSha1 = null;
try
{
mdSha1 = MessageDigest.getInstance("SHA-1");
} catch (NoSuchAlgorithmException e1) {
Log.e("myapp", "Error initializing SHA1 message digest");
}
mdSha1.update(text.getBytes("iso-8859-1"), 0, text.length());
byte[] data = mdSha1.digest();
hash=convertToHex(data);
System.out.println("data going is" +data);
System.out.println("hash value"+hash);
try
{
result2=call3(password);
if(result2.equalsIgnoreCase(hash.toString()))
System.out.println("success");
} catch (XmlPullParserException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public String call3(String pass) throws XmlPullParserException
{
String b="";
SoapObject request = new SoapObject(namespace2, method_name);
request.addProperty("str",pass);
SoapSerializationEnvelope envelope = new SoapSerializationEnvelope(SoapEnvelope.VER11);
envelope.dotNet = true;
envelope.setOutputSoapObject(request);
HttpTransportSE android = new HttpTransportSE(url2);
android.debug = true;
try
{
android.call(soap_action, envelope);
SoapPrimitive result = (SoapPrimitive)envelope.getResponse();
Log.i("myapp",result.toString());
System.out.println(" --- response ---- " + result);
b=result.toString();
} catch (SocketException ex) {
ex.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
return b;
}
}
基本上当我尝试比较两个哈希字符串时,我没有得到结果
为什么这样?有人可以帮忙吗?
logcat的:
11-25 17:09:50.899: INFO/System.out(275): data received is[B@44ef8eb0
11-25 17:09:50.909: INFO/System.out(275): data going is[B@44ef8eb0
11-25 17:09:50.909: INFO/System.out(275): hash valueUGGpBypVug3K+/4xONpqv9wkFd8=
11-25 17:09:50.909: INFO/System.out(275): UGGpBypVug3K+/4xONpqv9wkFd8=
11-25 17:09:50.909: INFO/System.out(275): UGGpBypVug3K+/4xONpqv9wkFd8=
11-25 17:09:50.909: INFO/System.out(275): UGGpBypVug3K+/4xONpqv9wkFd8=
11-25 17:09:50.909: INFO/System.out(275): UGGpBypVug3K+/4xONpqv9wkFd8=
11-25 17:09:50.909: INFO/System.out(275): UGGpBypVug3K+/4xONpqv9wkFd8=
11-25 17:09:50.909: INFO/System.out(275): UGGpBypVug3K+/4xONpqv9wkFd8=
11-25 17:09:50.909: INFO/System.out(275): UGGpBypVug3K+/4xONpqv9wkFd8=
11-25 17:10:01.730: INFO/myapp(275): UGGpBypVug3K+/4xONpqv9wkFd8=
11-25 17:10:01.730: INFO/System.out(275): --- response ---- UGGpBypVug3K+/4xONpqv9wkFd8=
答案 0 :(得分:1)
我认为你以错误的方式将byte[]转换为String,它应该是这样的:
hash = new String(data);
另外你做的比较错了,应该是这样的:
if(result2.equals(hash))
在我看来,您根本不应将byte[]转换为String。使用Arrays.equals(byteArray1,byteArray2);。您的数据是1和0 s的随机位。将它转换为String可以通过多种方式完成,但它没有任何意义。
答案 1 :(得分:1)
尝试
result2 = result2.trim();
hash = hash.trim();
System.out.println("result2='" + result2 + "'");
System.out.println("hash ='" + hash + "'");
if(result2.equalsIgnoreCase(hash))
System.out.println("success");
如果这没有用,请检查实际的数组:
byte[] a = result.toString().getBytes()
byte[] b = hash..getBytes();
如果数组不相等,则您有不同编码的字符串。
答案 2 :(得分:1)
如果要对从String派生的数据应用散列算法,则需要使用相同的字符编码来检索字节。
text.getBytes("iso-8859-1")
不同的字符集可以不同的方式表示字节值。