In the development of various application systems, user information is often needed, and user passwords are stored in many places. It is obviously unsafe to store user passwords directly on the server. This article briefly introduces the commonly used MD5 encryption algorithm in work, hoping to attract attention.
(I) News Summary Introduction
A message digest is the digital fingerprint of a data block. That is, a data block of any length is calculated to produce a unique fingerprint (for SHA1 it is to produce a 20-byte binary array). Message digest is a technique used in combination with message authentication code to ensure message integrity. The one-way hash function algorithm is mainly used, which can be used to verify the integrity of messages and save them directly in text through hash passwords. Currently, the algorithms widely used include MD4, MD5, and SHA-1.
A message digest has two basic properties:
Two different messages are difficult to generate the same digest
It is difficult to generate a message for a specified digest, and the specified digest can be inferred from the message.
Representatives: SHA1 of the National Institute of Standards and Technology and MD5 by Ronald Rivest of MIT
(II) Encrypt the string
/**Use MD5 for encryption* @param str String to be encrypted* @return Encrypted string* @throws NoSuchAlgorithmException There is no such algorithm to generate message digest* @throws UnsupportedEncodingException */ public String EncoderByMd5(String str) throws NoSuchAlgorithmException, UnsupportedEncodingException{ //Determine the calculation method MessageDigest md5=MessageDigest.getInstance("MD5"); BASE64Encoder base64en = new BASE64Encoder(); // Encrypted string String newsstr=base64en.encode(md5.digest(str.getBytes("utf-8"))); return newsstr; } Calling the function:
String str="0123456789"
System.out.println(EncoderByMd5(str));
Output: eB5eJF1ptWaXm4bijSPyxw==
(III) Verify whether the password is correct
Because MD5 is based on the principle of message digest, the basic feature of message digest is that it is difficult to calculate message messages based on the digest. Therefore, to verify whether the password is correct, it is necessary to recalculate the input password (message message) and compare it with the digest stored in the database (that is, the digest stored in the database is actually the user password). If the two digests are the same, it means that the password is correct, and different, it means that the password is wrong.
/**Judge whether the user's password is correct* @param newpasswd Password entered by the user* @param oldpasswd Password stored in the database - - summary of the user's password* @return * @throws NoSuchAlgorithmException * @throws UnsupportedEncodingException */ public boolean checkpassword(String newpasswd,String oldpasswd) throws NoSuchAlgorithmException, UnsupportedEncodingException{ if(EncoderByMd5(newpasswd).equals(oldpasswd)) return true; else return false; }PS: Regarding encryption technology, this site also provides the following encryption tools for your reference:
MD5 online encryption tool: http://tools.VeVB.COM/password/CreateMD5Password
Escape encryption/decryption tool: http://tools.VeVB.COM/password/escapepwd
Online SHA1 encryption tool: http://tools.VeVB.COM/password/sha1encode
Short link (short URL) online generation tool: http://tools.VeVB.COM/password/dwzcreate
Short chain (short URL) online restore tool: http://tools.VeVB.COM/password/unshorturl
High-strength password generator: http://tools.VeVB.COM/password/CreateStrongPassword
The above is all the content of this article. I hope it will be helpful to everyone's learning and I hope everyone will support Wulin.com more.