So reading this post: How can I calculate the SHA-256 hash of a string in Android?
and the docs: http://developer.android.com/reference/java/security/MessageDigest.html
I'm curious; which phones will support SHA-256? In the docs, the line about the 'NoSuchAlgorithmException' makes me think that some phones don't support all algorithms. Before I go implementing this for an app and expecting it to work the same on all phones I want to know if anyone knows anything about this...?
I find it strange that the MessageDigest class doesn't have some constants to pick the algorithm you want to use.
SHA-256 is one of the most secure hashing functions on the market. The US government requires its agencies to protect certain sensitive information using SHA-256.
By making a guess at a password, the attacker can compare the output of his SHA-256 against the SHA-256 that he finds in the database. And because passwords are so short, testing many password guesses this way is easy for a computer.
Since it produces only 2256 numbers simply if you try more than so many inputs that produce a different result you will certainly get the same SHA256. This makes it non unique. If it were truly unique you would be able to reverse it even by trial and error. This would make it a compression algorithm.
Cracking a SHA-256 Hash But hashes can be reversed using methods such as dictionary attacks which compares the given hash to the hashes of common words from a dictionary or brute-force which computes the hash of many different combinations of characters until it finds one that matches the given hash.
All Android devices support SHA-256. The NoSuchAlgorithmException
indicates that a requested algorithm could not be found and is necessary because the method takes a String
argument for the algorithm name. If you passed in "foo-256", the method's only recourse is to throw a NoSuchAlgorithmException
because, for reasons beyond my understanding, there's no algorithm called "foo-256". Assuming you're passing in a name you're sure is an algorithm that Android can use, you'll never see that exception.
Add NoSuchAlgorithmException as below:
public static String SHA256 (String text) throws NoSuchAlgorithmException { MessageDigest md = MessageDigest.getInstance("SHA-256"); md.update(text.getBytes()); byte[] digest = md.digest(); return Base64.encodeToString(digest, Base64.DEFAULT); }
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With