What is the MessageDigest update method and what is the BASE64Encoder?

Question

What is the MessageDigest update method and what is the BASE64Encoder?

The following is the code that will encrypt the String user:

import java.io.UnsupportedEncodingException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import sun.misc.BASE64Encoder; import java.io.*; class Encrypter { public synchronized String encrypt(String plainText) throws Exception { MessageDigest md = null; try { md = MessageDigest.getInstance("SHA"); }catch(Exception exc) { throw new Exception(exc.getMessage()); } try { md.update(plainText.getBytes("UTF-8")); }catch(Exception exc) { throw new Exception(exc.getMessage()); } byte raw[] = md.digest(); String hash = (new BASE64Encoder()).encode(raw); return hash; } public static void main(String args[]) { try { Encrypter encrypter = new Encrypter(); BufferedReader br = new BufferedReader(new InputStreamReader(System.in)); String userInput = br.readLine(); String encryptedPassword = encrypter.encrypt(userInput); System.out.println(encryptedPassword); } catch(Exception exc) { System.out.println(exc); } } }

When I compile the code, I get the following warnings:

 Encrypter.java:4: warning: BASE64Encoder is internal proprietary API and may be removed in a future release import sun.misc.BASE64Encoder; ^ Encrypter.java:23: warning: BASE64Encoder is internal proprietary API and may be removed in a future release String hash = (new BASE64Encoder()).encode(raw); ^ 2 warnings

Is there any other way to encrypt strings in java?

What does the update method of the MessageDigest class do? ie What does the md.update(plainText.getBytes("UTF-8")); ?

What is the BASE64Encoder class? I could not find his doc

+8

java cryptography encryption

program-o-steve Feb 22 '12 at 17:01

source share

5 answers

Take a look at the Apache Commons codec: https://commons.apache.org/codec/

etc .: https://commons.apache.org/codec/api-release/org/apache/commons/codec/digest/DigestUtils.html

+2

Puce Feb 22 '12 at 17:22

source share

While the old post is an updated answer. Java 8 Base64.

Java 8 Base64 Docs

+2

Mr00Anderson Feb 10 '17 at 17:16

source share

For Base64 encryption and decryption, this warning clearly states that it does not encourage the use of Sun for Base64Encoder and gives a warning that the implementation may be removed in future releases, what we can do is switch to another Base64 encoder implementation. We can use the Commons Codec library for the Base64 encoder. The following is an example:

 1. Add Commons Codec library in classpath of your project 2. Add import statement for Base64 Class. import org.apache.commons.codec.binary.Base64; 3. Encrypt your data String testString = "Hello World"; byte[] encodedBytes = Base64.encodeBase64(testString.getBytes()); // Get encoded string String encodedString = new String(encodedBytes); // Get decoded string back String decodedString = new String(Base64.decodeBase64(encodedBytes));

After using the Commons codec library, you should no longer see the warning above.

+1

Abhendra singh Aug 14 '12 at 6:23

source share

To get an excellent answer from article 5 of Sahil Muthoo , below is a deeper look at the source code.

By default, the update method simply adds an input byte array to the current tempArray of the MessageDigestSpi abstract class.

The MessageDigest class extends the MessageDigestSpi class. Then MessageDigest.update is called the MessageDigestSpi.engineUpdate method, which can be found by examining the source code:

MessageDigest.java ( source )

 196: /** 197: * Updates the digest with the byte. ... 200: */ 201: public void update(byte input) 202: { 203: engineUpdate(input); 204: } 205: 206: /** 207: * Updates the digest with the bytes from the array starting from the 208: * specified offset and using the specified length of bytes. 209: * 210: * @param input 211: * bytes to update the digest with. 212: * @param offset 213: * the offset to start at. 214: * @param len 215: * length of the data to update with. 216: */ 217: public void update(byte[] input, int offset, int len) 218: { 219: engineUpdate(input, offset, len); 220: } ... 227: public void update(byte[] input) 228: { 229: engineUpdate(input, 0, input.length); 230: } ... 238: public void update (ByteBuffer input) 239: { 240: engineUpdate (input); 241: }

MessageDigestSpi.engineUpdate is an abstract method that must be implemented by extending classes, as shown below:

MessageDigestSpi.java ( source )

 42: /** 43: * Updates this {@code MessageDigestSpi} using the given {@code byte}. 44: * 45: * @param input 46: * the {@code byte} to update this {@code MessageDigestSpi} with. 47: * @see #engineReset() 48: */ 49: protected abstract void engineUpdate(byte input); 50: /** 51: * Updates this {@code MessageDigestSpi} using the given {@code byte[]}. 52: * 53: * @param input 54: * the {@code byte} array. 55: * @param offset 56: * the index of the first byte in {@code input} to update from. 57: * @param len 58: * the number of bytes in {@code input} to update from. 59: * @throws IllegalArgumentException 60: * if {@code offset} or {@code len} are not valid in respect to 61: * {@code input}. 62: */ 63: protected abstract void engineUpdate(byte[] input, int offset, int len); 64: /** 65: * Updates this {@code MessageDigestSpi} using the given {@code input}. 66: * 67: * @param input 68: * the {@code ByteBuffer}. 69: */ 70: protected void engineUpdate(ByteBuffer input) { 71: if (!input.hasRemaining()) { 72: return; 73: } 74: byte[] tmp; 75: if (input.hasArray()) { 76: tmp = input.array(); 77: int offset = input.arrayOffset(); 78: int position = input.position(); 79: int limit = input.limit(); 80: engineUpdate(tmp, offset+position, limit - position); 81: input.position(limit); 82: } else { 83: tmp = new byte[input.limit() - input.position()]; 84: input.get(tmp); 85: engineUpdate(tmp, 0, tmp.length); 86: } 87: }

0

NoodleOfDeath Jun 10 '19 at 16:13

source share

Sahil muthoo · Accepted Answer · 2012-02-22T17:21:13+0000

First of all, you do not perform encryption. You compute a one-way hash or digest of your input. This hash can then be used to verify message integrity. See Hashing , SHA1, and MessageDigest .
Base64 encoding is a method of representing binary data in ASCII. This is often desirable because not all storage and transfer mechanisms support the source binary. For example, if you want to transfer your calculated digest using the http request line parameter, you need to encode it as Base64. In addition, saving or printing raw binary files to the console will create a stream of funky characters that may be outside the print range and may also emit sound signals from your PC speaker!
The Base64Encoder used is used from the sun.misc package and NEVER should be used. This is Sun's internal JVM code, which may or may not be available in the future. This also explains why you could not find any javadoc.
Fortunately, there are several free and open Base64 encoders and decoders. Apache Commons Codec - A widely used and stable library containing several codecs, includes Base64 .
md.update(plainText.getBytes("UTF-8")) updates the digest input. The digest call performs a final update and computes the input digest. See Javadoc md.digest and md.update

What is the MessageDigest update method and what is the BASE64Encoder?

More articles: