如何使用 MessageDigest 、 Base64 解码
我目前正在对密码进行编码.我必须解码密码.这是要编码的代码.我正在尝试获取原始密码并进行比较.我研究过 MessageDigest 说它是一种单向方法.不知道如何获取原始消息.我们有一个解码方法,但它没有给我原始密码 - Base64.decode.
I am currently encoding a password. I have to decode the password. Here is the code to encode. I am trying to get the original password compare it. I have researched about MessageDigest that says it is a one-way method. Not sure how to get the original message. We have a decode method but it isn't giving me the original password - Base64.decode.
public static synchronized String getMD5_Base64(String input) {
if (!isInited) {
isInited = true;
try {
digest = MessageDigest.getInstance("MD5");
} catch (Exception ex) {
}
}
if (digest == null)
return input;
// now everything is ok, go ahead
try {
digest.update(input.getBytes("UTF-8"));
} catch (java.io.UnsupportedEncodingException ex) {
}
byte[] rawData = digest.digest();
byte[] encoded = Base64.encode(rawData);
String retValue = new String(encoded);
return retValue;
}
}
推荐答案
无法获取原密码.请记住,摘要和 Base64 编码做了两件完全不同的事情.MD5 摘要创建提供给它的数据的加密哈希.这是不可逆的.Base64 是一种编码机制,用于将数据(可能包含不可打印的二进制数据)转换为保证仅包含可打印字符的字符串.此步骤是可逆的.
You cannot get the original password. Keep in mind that the digest and Base64 encoding do two completely different things. The MD5 digest creates a cryptographic hash of the data supplied to it. This is irreversible. Base64 is an encoding mechanism to convert data (which might contain unprintable binary data) into a string that is guaranteed to contain only printable characters. This step is reversible.
检查密码的标准方法是不解码原始密码并比较明文.您需要做的是采用您对原始密码执行的编码(MD5 哈希然后 Base64 编码)并将其应用于新提供的密码.然后将存储的编码版本与新编码的版本进行比较.如果它们相同,则密码匹配.
The standard way of checking a password is not to decode the original password and compare the plain text. What you need to do is take the encoding (MD5 hash then Base64 encode) you did on the original password and apply it to the newly supplied password. Then compare the stored encoded version with the newly encoded version. If they're the same then the passwords matched.
这种设计比存储可解码的密码更安全.这样,如果有人窃取了您的密码数据库,他们就不会自动访问您用户的所有密码.为了闯入系统,他们仍然必须找到一个编码为相同值的密码.像 MD5 这样的加密哈希的意义在于让这变得非常困难.另一方面,MD5 不再被认为是一种非常安全的散列.你最好使用 SHA1 或 SHA256 (但请记住,你不能将现有存储的密码从他们的 MD5 散列更改为没有原始密码的另一个散列,你没有原始密码,即你不能只转换你的存储密码的数据库).
This design is a more secure mechanism than storing passwords that could be decoded. This way, if someone steals your password database they don't automatically have access to all the passwords of your users. In order to break into the system they'd still have to find a password that encoded to the same value. The point of cryptographic hashes like MD5 is to make that very difficult. On the other hand, MD5 is not considered a very secure hash anymore. You'd be better off using SHA1 or SHA256 (but remember, you can't change the existing stored passwords from their MD5 hash to another hash without the original password, which you don't have, i.e. you can't just convert your database of stored passwords).
相关文章