java - SHA hash does not seem to be working correctly -


i trying build simple password authenticator passwords have been hashed using sha-256 .

i found couple calculators online (http://onlinemd5.com/) hashed "password" "5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8"

i tried couple other passwords expected results.

so tried implement straight forward set of code (or thought)

string pswd="password"; string storedpswd="5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8"; //first byte[]  arrays.equals(hashword(pswd),storedpswd.getbytes("utf-8") ); ... private byte[] hashword(string word)     {     try {         return messagedigest.getinstance("sha-256").digest(word.getbytes("utf-8"));     } catch (exception e)        {        throw new badcredentialsexception("could not hash supplied password", e);     } }

i tried without success.

return storedpswd.touppercase().equals(digestutils.sha256hex(password));

the apache codec library (v1.10) , java 1.6 gives me : 

113459eb7bb31bddee85ade5230d6ad5d8b2fb52879e00a84ff6ae1067a210d3

instead of 

5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8

what missing ??

the solution (wrong inputs):

updated test code:

string passwordsha="5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8"; string complexsha="8849fb9b221ddec0117e2796d16929179accf3a6012f738e1ed6c11af9cc2081"; @test public void testdigest() throws interruptedexception{     system.out.println("starting digest test");     string complexpassword = "a7$h1uc8";     try {         assert.asserttrue(authenticateuser(complexpassword, complexsha));         assert.asserttrue(authenticateuser("password", passwordsha));                    assert.asserttrue( hashword(complexpassword).equals(complexsha) );     } catch (exception e) {         assert.fail();     } } public boolean authenticateuser(string word, string stored) throws exception {     string apache2pswd = hashapache(word);     system.out.println(apache2pswd);                     return stored.equals(apache2pswd); } private string hashapache(string pswd){     return digestutils.sha256hex(pswd);      } public static string hashword(string word) throws exception{     byte[] digest = messagedigest.getinstance("sha-256").digest(word.getbytes("utf-8"));     stringbuilder sb = new stringbuilder();     (byte b : digest) {         sb.append(string.format("%02x", b));     }     system.out.println(sb.tostring());     return sb.tostring(); }

with results:

starting digest test 8849fb9b221ddec0117e2796d16929179accf3a6012f738e1ed6c11af9cc2081 5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8 8849fb9b221ddec0117e2796d16929179accf3a6012f738e1ed6c11af9cc2081

the hashword method posted not correct, not compile (is actual code?); it's not returning value.

with this:

byte[] digest = messagedigest.getinstance("sha-256").digest("password".getbytes("utf-8"));  (byte b : digest) {     system.out.printf("%02x", b); }

i expected output:

5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8

the output 113459eb7bb31bddee85ade5230d6ad5d8b2fb52879e00a84ff6ae1067a210d3 when calculate sha-256 hash on string 5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8 instead of original string password.

you calculating hash on hex string containing hash, instead of hash of original password.


Comments

Post a Comment

Popular posts from this blog

How to connect android app to App engine -

i'm trying connect app in android server i've opened on appengine. my server's name : dddd-daniel-2345 , website server : http://dddd-daniel-2345.appspot.com/ this how connect android app server in app engine: app.yaml: application: dddd-daniel-2345 version: 1 runtime: python27 api_version: 1 threadsafe: yes handlers: - url: .* script: main.app libraries: - name: webapp2 version: "2.5.2" main.py: #!/usr/bin/env python # # copyright 2007 google inc. google.appengine.api import users import webapp2 class userhandler(webapp2.requesthandler): def get(self): user = users.get_current_user() if user: greeting = ('%s,%s,%s' % (user.email(),user.user_id(),user.nickname())) else: greeting = ('not logged in') self.response.out.write(greeting) app = webapp2.wsgiapplication([('/', userhandler),], debug=true) my applications code : add manifast main....
Read more

gcc - MinGW's ld cannot perform PE operations on non PE output file -

i know there other similar questions out there, stackoverflow or not. i've researched lot this, , still didn't find single solution. i'm doing operative system side project. i've been doing in assembly, wanna join c code. test, made assembly code file (called test.asm): [bits 32] global _a section .text _a: jmp $ then made c file (called main.c): extern void a(void); int main(void) { a(); } to link, used file (called make.bat): "c:\mingw\bin\gcc.exe" -ffreestanding -c -o c.o main.c nasm -f coff -o asm.o test.asm "c:\mingw\bin\ld.exe" -ttext 0x100000 --oformat binary -o out.bin c.o asm.o pause i've been researching ages, , i'm still struggling find answer. hope won't flagged duplicate. acknowledge existence of similar questions, have different answers, , none work me. question: what doing wrong? old mingw versions had problem "ld" not able create non-pe files @ all. maybe current versions...
Read more

php - display validation error message next to the textbox in codeigniter -

Image
i'm newbie codeigniter.i want display error message next text box.my view file create.php contains following code. <?php echo validation_errors(); //validation echo form_open('news/create'); //create form ?> <div class="boxes"> <div class="common"> <div class="lables"> <label for="name">name</label> </div> <div class="text_boxes"> <input type="text" name="uname" /><div id="infomessage"><?php echo $message;?></br> </div> </div>` and below controller model: public function create() { $this->load->helper('form'); $this->load->library('form_validation'); $data['title'] = 'insert items'; $this->form_validation->set_rules('uname','required|min_length[6]|m...
Read more