0

I am working on a login frame that checks user input password against the password in a SQL database. I convert the text into an MD5 to store in the database with the following

HASHBYTES('MD5', 'JavaTest') And that produces 5E58D71FBD6D17577AAAB8711264A813.

Then in java I use the following code to attempt to convert the same password "JavaTest" into MD5 to compare against. 

MessageDigest m = MessageDigest.getInstance("MD5");
            m.update(password.getBytes());
            byte[] digest = m.digest();
            BigInteger bigInt = new BigInteger(1, digest);
            hashText = bigInt.toString();

But that produces the string 150157350912923000195076232128194914284

What am I doing wrong?

EDIT: I do not believe this is a duplicate because I have researched answers and it has gotten me this far but I can not figure out what I am doing wrong.

Ardel
  • 165
  • 3
  • 14
  • Well, you are converting the bytes to an integer. Why not just create a new String with the bytes and output that? `new String (digest);` – rmlan Aug 17 '16 at 19:53
  • Possible duplicate of [How can I generate an MD5 hash?](http://stackoverflow.com/questions/415953/how-can-i-generate-an-md5-hash) – Matt Clark Aug 17 '16 at 19:54
  • The problem isn't how to do it because I believe I have figure out generally how based off questions like that one. The problem is I can't figure out what I am doing wrong. – Ardel Aug 17 '16 at 19:59

1 Answers1

1

Just pass radix parameter to bigInt.toString. If you need hex representation pass 16 as radix like this:

hashText = bigInt.toString(16);

public String toString(int radix)

Returns the String representation of this BigInteger in the given radix. If the radix is outside the range from Character.MIN_RADIX to Character.MAX_RADIX inclusive, it will default to 10 (as is the case for Integer.toString). The digit-to-character mapping provided by Character.forDigit is used, and a minus sign is prepended if appropriate. (This representation is compatible with the (String, int) constructor.)

Parameters:

radix - radix of the String representation. Returns: String representation of this BigInteger in the given radix.

Also, you can build hex string form digest byte array without BigInteger like this:

public static String bytesToHex(byte[] bytes) {
    StringBuilder builder = new StringBuilder();
    for(byte b : bytes) {
        builder.append(String.format("%02x", b));
    }
    return builder.toString();
}
Vyacheslav Gerasimov
  • 1,334
  • 9
  • 10
  • That gave me an interesting result: 5e58d71fbd6d17577aaab8711264a813 5E58D71FBD6D17577AAAB8711264A813 First being user input and second being the sql stored password. Know why one is lower cased and second is lower cased? – Ardel Aug 17 '16 at 20:13
  • @Ardel, this is just a matter of representation, both of them are correct hexadecimal numbers. – Vyacheslav Gerasimov Aug 17 '16 at 20:20
  • Ok so when I compare them there would be no harm in string.equalsIgnoreCase(OtherString); ? – Ardel Aug 17 '16 at 20:22