What does update method of MessageDigest do and what is BASE64Encoder meant for?

java encryption cryptography

17,338

Solution 1

First of all, you're not performing any encryption. You're computing a one-way hash or digest of your input. This hash can be later used to verify the integrity of the message. See Hashing, SHA1 and MessageDigest.
Base64 encoding is a method of representing binary data in ASCII. This is often desirable because not all data storage and transmission mechanisms support raw binary. For example, if you want to transfer your computed digest via an http query string parameter, you'll want to encode it as Base64. Also, saving or printing raw binary to the console will produce a stream of funky characters which may be outside of the printable range, and may also produce beeps from your PC speaker!
The Base64Encoder you're using comes from the sun.misc package and should NEVER be used. This is internal Sun JVM code which may or may not be available in the future. That also explains why you're weren't able to find any javadoc.
Fortunately, several free and open Base64 encoders and decoders exist. Apache Commons Codec is a widely used and stable library which contains several codecs include Base64.
md.update(plainText.getBytes("UTF-8")) updates the input to the digest. Calling digest performs a final update and computes the digest of the input. See javadoc of md.digest and md.update

Solution 2

Have a look at Apache Commons Codec: https://commons.apache.org/codec/

E.g.: https://commons.apache.org/codec/api-release/org/apache/commons/codec/digest/DigestUtils.html

Solution 3

While old post here is an updated answer. Java 8's Base64.

Java 8 Base64 Documents

Solution 4

For Base64 encryption and decryption this warning clearly says that it does not encourage the use of Sun implementation of Base64Encoder and gives a warning that the implementation may be removed in future releases, what we can do is to switch to other implementation of Base64 encoder. We can use Commons Codec library for Base64 Encoder. Following is an example:

1. Add Commons Codec library in classpath of your project
2. Add import statement for Base64 Class.

import org.apache.commons.codec.binary.Base64;

3. Encrypt your data

String testString = "Hello World";
byte[] encodedBytes = Base64.encodeBase64(testString.getBytes());
// Get encoded string
String encodedString = new String(encodedBytes);
// Get decoded string back
String decodedString = new String(Base64.decodeBase64(encodedBytes));

After using Commons codec library, you should not see above warning again.

View more solutions

17,338

Author by

program-o-steve

I love to write code. When i am not writing code , i am anxious to do so ! Anyway if am anxious, typing code is anxiolytic. Learning ruby these days.

Updated on June 16, 2022

Comments

program-o-steve almost 2 years

Following is a code that will encrypts the user String :

import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import sun.misc.BASE64Encoder;
import java.io.*;

class Encrypter {
public synchronized String encrypt(String plainText) throws Exception {
    MessageDigest md = null;
    try {
        md = MessageDigest.getInstance("SHA");
    }catch(Exception exc) {
        throw new Exception(exc.getMessage());
     }

     try {
        md.update(plainText.getBytes("UTF-8"));
     }catch(Exception exc) {
        throw new Exception(exc.getMessage());
      }

      byte raw[] = md.digest();
      String hash = (new BASE64Encoder()).encode(raw);
      return hash;
}
public static void main(String args[]) {
    try {
        Encrypter encrypter = new Encrypter();
        BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
        String userInput = br.readLine();
        String encryptedPassword = encrypter.encrypt(userInput);
        System.out.println(encryptedPassword);
    } catch(Exception exc) {
        System.out.println(exc);
      }
}
}

When i compile the code i get the these warnings :

Encrypter.java:4: warning: BASE64Encoder is internal proprietary API and may be removed in a future release
import sun.misc.BASE64Encoder;
           ^
Encrypter.java:23: warning: BASE64Encoder is internal proprietary API and may be removed in a future release
              String hash = (new BASE64Encoder()).encode(raw);
                                 ^
2 warnings

Is there any other method to encrypt strings in java ?

What does the method update of class MessageDigest do ? i.e What does the statement md.update(plainText.getBytes("UTF-8")); do ?

What is a BASE64Encoder class ? I couldn't find it's DOC

program-o-steve about 12 years

so ``md.digest` returns array of binary values ?
Sahil Muthoo about 12 years

Yes, md.digest return a byte [] with the raw digest in binary.
NoodleOfDeath almost 5 years

Yes, but in your number 5, what exactly do you mean by "update the input to the digest"? Does it concat the new bytes to the current digest or raw input?