What is SHA1?

Secure Hash Algorithm 1 or SHA-1 hash value is typically rendered as a hexadecimal number, 40 digits long used by organizations like Google, Facebook etc uses SHA-1 hash value for secure connection between their services and clients.

Being it is an important part of establishing a secure connection between two end points and developers may need it frequently i think it is worth explaining about how to get SHA-1 hash value for a application.

In Android Application development SHA-1 hash values are being generated during the application build process. It has been created by a Gradle task called signingReport . When running this task against a particular build variant (debug, release) it will output SHA-1 has value. SHA-1 hash value will be different for each build variant. i.e, SHA-1 value of debug will be different from SHA-1 value of release build .

SHA-1 value has been generated based on the information provided through signing configuration of a build. We call it signingConfig of the build variant.

Let’s see how to get SHA-1 value of debug and release variants

SHA-1 value is generated based on signingConfigs defined in build.gradle file in the module. But for debug we don’t need to define signingConfigs information it will be auto generated during debug assembly task.

But in the case of release, it is different. You should create a signed build before generating SHA-1 hash value.

Step 1. Create Signed Build

How To Create Signed APK Or Build

The above link will show you how to create signed APK using Android Studio. We need to create keystore file and specify it in signingConfigs for creating a SHA1 key for release variant.

Step 2. Add signingConfigs To build.gradle File

Below is the content of app/build.gradle . See the signingConfigs section where we have specified keystore information for release variant. The signingConfigs is optional i.e, you can omit it if you don’t want SHA1 key for release variant.

apply plugin: 'com.android.application' android { compileSdkVersion 24 buildToolsVersion "23.0.1" defaultConfig { applicationId "app.devdeeds.com.yourapplication" minSdkVersion 17 targetSdkVersion 24 versionCode 1 versionName "1.0" } //Signing configurations for build variants "release" signingConfigs { release { storeFile file("F:/Development/release_myapp.keystore") storePassword "231232das" keyAlias "myapp_rel" keyPassword "dasd333_das" } } buildTypes { //link above defined configuration to "release" build type release { minifyEnabled false proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro' signingConfig signingConfigs.release } } } dependencies { compile fileTree(dir: 'libs', include: ['*.jar']) testCompile 'junit:junit:4.12' compile 'com.android.support:appcompat-v7:24.0.0' }

Step 3. Execute signingReport Gradle Task

signingReport is the task that performs the creation of SHA1 key. We can selectively run this task which comes under Android.

Step 4. Open Run Tab

After executing the signingReport you have to open Run tab, which is not selected by default.

Copy the long string shown against SHA1. SHA1 keys are generated and displayed under each build variant i.e, debug, release. Please go to corresponding variant section as shown in the above screenshot.

Thank you. Please comment here if you have any doubt.