What does update method of MessageDigest do and what is BASE64Encoder meant for?
Solution 1
First of all, you're not performing any encryption. You're computing a one-way hash or digest of your input. This hash can be later used to verify the integrity of the message. See Hashing, SHA1 and MessageDigest.
Base64 encoding is a method of representing binary data in ASCII. This is often desirable because not all data storage and transmission mechanisms support raw binary. For example, if you want to transfer your computed digest via an http query string parameter, you'll want to encode it as Base64. Also, saving or printing raw binary to the console will produce a stream of funky characters which may be outside of the printable range, and may also produce beeps from your PC speaker!
The
Base64Encoder
you're using comes from thesun.misc
package and should NEVER be used. This is internal Sun JVM code which may or may not be available in the future. That also explains why you're weren't able to find any javadoc.Fortunately, several free and open Base64 encoders and decoders exist. Apache Commons Codec is a widely used and stable library which contains several codecs include Base64.
md.update(plainText.getBytes("UTF-8"))
updates the input to the digest. Callingdigest
performs a final update and computes the digest of the input. See javadoc ofmd.digest
andmd.update
Solution 2
Have a look at Apache Commons Codec: https://commons.apache.org/codec/
E.g.: https://commons.apache.org/codec/api-release/org/apache/commons/codec/digest/DigestUtils.html
Solution 3
While old post here is an updated answer. Java 8's Base64.
Solution 4
For Base64 encryption and decryption this warning clearly says that it does not encourage the use of Sun implementation of Base64Encoder and gives a warning that the implementation may be removed in future releases, what we can do is to switch to other implementation of Base64 encoder. We can use Commons Codec library for Base64 Encoder. Following is an example:
1. Add Commons Codec library in classpath of your project
2. Add import statement for Base64 Class.
import org.apache.commons.codec.binary.Base64;
3. Encrypt your data
String testString = "Hello World";
byte[] encodedBytes = Base64.encodeBase64(testString.getBytes());
// Get encoded string
String encodedString = new String(encodedBytes);
// Get decoded string back
String decodedString = new String(Base64.decodeBase64(encodedBytes));
After using Commons codec library, you should not see above warning again.
program-o-steve
I love to write code. When i am not writing code , i am anxious to do so ! Anyway if am anxious, typing code is anxiolytic. Learning ruby these days.
Updated on June 16, 2022Comments
-
program-o-steve almost 2 years
Following is a code that will encrypts the user String :
import java.io.UnsupportedEncodingException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import sun.misc.BASE64Encoder; import java.io.*; class Encrypter { public synchronized String encrypt(String plainText) throws Exception { MessageDigest md = null; try { md = MessageDigest.getInstance("SHA"); }catch(Exception exc) { throw new Exception(exc.getMessage()); } try { md.update(plainText.getBytes("UTF-8")); }catch(Exception exc) { throw new Exception(exc.getMessage()); } byte raw[] = md.digest(); String hash = (new BASE64Encoder()).encode(raw); return hash; } public static void main(String args[]) { try { Encrypter encrypter = new Encrypter(); BufferedReader br = new BufferedReader(new InputStreamReader(System.in)); String userInput = br.readLine(); String encryptedPassword = encrypter.encrypt(userInput); System.out.println(encryptedPassword); } catch(Exception exc) { System.out.println(exc); } } }
When i compile the code i get the these warnings :
Encrypter.java:4: warning: BASE64Encoder is internal proprietary API and may be removed in a future release import sun.misc.BASE64Encoder; ^ Encrypter.java:23: warning: BASE64Encoder is internal proprietary API and may be removed in a future release String hash = (new BASE64Encoder()).encode(raw); ^ 2 warnings
Is there any other method to encrypt strings in java ?
What does the method
update
of classMessageDigest
do ? i.e What does the statementmd.update(plainText.getBytes("UTF-8"));
do ?What is a
BASE64Encoder
class ? I couldn't find it's DOC -
program-o-steve about 12 yearsso ``md.digest` returns array of binary values ?
-
Sahil Muthoo about 12 yearsYes,
md.digest
return abyte []
with the raw digest in binary. -
NoodleOfDeath almost 5 yearsYes, but in your number 5, what exactly do you mean by "update the input to the digest"? Does it concat the new bytes to the current digest or raw input?