stackoom
  简体   繁体   中英

SHA1 varies in java and javascript for same input

 原文  2016-06-16 16:07:17       javascript/ java/ base64/ sha1/ mismatch

Question

Facing an issue while creating SHA1 from javascript and java. The problem is both are different. It is used for validating the client request to web server. That means client send a based64 encoded security key to server and server regenerate the same key and equate both are same. Please find below code for generating secret keys in client and server. Server 

MessageDigest mDigest = null;
try {
    mDigest = MessageDigest.getInstance("SHA1");
} catch (NoSuchAlgorithmException e) {
    e.printStackTrace();
}

String input = value1 + value1 + server_key;
byte[] result = mDigest.digest(input.getBytes());
String secret = Base64.encodeToString(result, Base64.NO_WRAP);
...
//comparison logic goes here

...

Client (java script) 

var input = value1 + value2 + server_key;
//http://code.google.com/p/crypto-js/
var hash = CryptoJS.SHA1(input);
var encoded  = base64Encode(hash.toString());

//WEB SERVICE INVOCATION FROM JAVASCRIPT GIES HERE.

The values value1, value1, server_key will be available in both client and server. The issue we are facing is, the SHA1 generated in both client and server is not matching. I understand the issue is in java its using getBytes() and in javascript using string value for generating SHA1. The CryptoJS.SHA1 does not support bytearray as parameter. We cannot change the server code as it is used by many client applications. Any help will be much appreciated.

In Java -> 

byte[] result = mDigest.digest(input.getBytes());

and in JavaScript -> 

var hash = CryptoJS.SHA1(input);.

I belief this is the problem. In java the parameter is a bytearray and output is also a bytearray. But in javascript the parameter is var (string) and return is also var (string). I 've also compared the output of CryptoJS.SHA1 with some online SHA1 generating tools. The comparison is true. I am not an expert in this area. If you can explain more, it will be more helpful.

1 answers

solution1
 0  2016-06-16 23:20:30

I managed it to do in another way. My application is a cordova based application. So generated the sha1 and encoded it from java and objC and invoked it using cordova plugins.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Generating the same SHA1 UUID in golang and Javascript How to generate sha1 password from input string in vanilla javascript? Is it safe to use a javascript sha1? Hash sha1 in Python and JavaScript create random sha1 salt with javascript SHA1: translating javascript implementation to c# Hashing Text using sha1 in javascript Get SHA1 checksum of byte array in JavaScript? SHA1 JavaScript Implementation for large string Javascript : CryptoJS object missing SHA1 method
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM