In the development of various application systems, often need to store user information, many places have to store user passwords, and the user password directly stored in the server is obviously unsafe, this article briefly introduces the work of the commonly used MD5 encryption algorithm, hoping to be a good point.
(i) Brief introduction to the message summary
A message digest is a digital fingerprint of a block of data. That is, a data block of any length is computed to produce a unique fingerprint (for SHA1 is to produce a binary array of 20 bytes). A message digest is a technique that is used in conjunction with message authentication codes to ensure message integrity. The main use of one-way hash function algorithm, can be used to verify the integrity of the message, and through the hash password directly in the form of text preservation, and so on, the current widely used algorithms are MD4, MD5, SHA-1.
The message digest has two basic properties:
Two different messages are difficult to generate the same summary
It is difficult to generate a message for the specified digest, which can be extrapolated from the message to the specified summary
Representative: SHA1 of the American Institute of National Standards and technology and Ronald Rivest of MIT MD5
(ii) encryption of strings
/** uses MD5 to encrypt
* @param str to be encrypted string
* @return Encrypted string
* @throws NoSuchAlgorithmException does not have this algorithm for generating message digest
* @throws unsupportedencodingexception
*
/public string EncoderByMd5 (String str) throws NoSuchAlgorithmException, unsupportedencodingexception{
//Determination of calculation methods
MessageDigest md5= Messagedigest.getinstance ("MD5");
Base64encoder base64en = new Base64encoder ();
Encrypted string
Newstr=base64en.encode (Md5.digest (Str.getbytes ("Utf-8"));
return newstr;
}
Call Function:
String str= "0123456789"
SYSTEM.OUT.PRINTLN (ENCODERBYMD5 (str));
Output: eb5ejf1ptwaxm4bijspyxw==
(iii) Verify that the password is correct
Because MD5 is based on the principle of message digest, the basic feature of a message digest is that it is difficult to derive message messages from the digest, so to verify that the password is correct, you must recalculate the digest of the input password (message packet) and compare it to the summary stored in the database (that is, the database is actually a digest of the user's password), If the two summary is the same, the password is correct and different, the password is incorrect.
/** determine if the user password is correct
* @param newpasswd User entered password
* @param the password stored in the OLDPASSWD database--Summary of user's password *
@return
* @throws NoSuchAlgorithmException
* @throws unsupportedencodingexception * * Public
boolean Checkpassword (String Newpasswd,string oldpasswd) throws NoSuchAlgorithmException, unsupportedencodingexception{
if (ENCODERBYMD5 ( NEWPASSWD). Equals (OLDPASSWD)) return
true;
else return
false;
PS: About encryption technology, the site also provides the following encryption tools for your reference to use:
MD5 Online encryption Tool: Http://tools.jb51.net/password/CreateMD5Password
Escape encryption/Decryption tool: Http://tools.jb51.net/password/escapepwd
Online SHA1 encryption Tool: Http://tools.jb51.net/password/sha1encode
Short link (short URL) online generation tool: Http://tools.jb51.net/password/dwzcreate
Short link (short URL) online Restore tool: Http://tools.jb51.net/password/unshorturl
High strength password Generator: Http://tools.jb51.net/password/CreateStrongPassword
The above is the entire content of this article, I hope to help you learn, but also hope that we support the cloud habitat community.