如何去code。与消息摘要，Base64编码 [英] How to decode with MessageDigest , Base64

问题描述

我目前编码密码。我不得不去code中的密码。这里是code到EN code。我试图得到原来的密码进行比较。我研究有关消息摘要，指出它是一个单向的方法。不知道如何获得原始邮件。我们有一个去code的方法，但它不给我原来的密码 - Base64.de code

 公共静态同步字符串getMD5_Base64（字符串输入）{
        如果（！isInited）{
            isInited = TRUE;
            尝试{
                消化= MessageDigest.getInstance（MD5）;
            }赶上（例外前）{
            }
        }
        如果（摘要== NULL）
            返回输入;        //现在一切都很好，去吧
        尝试{
            digest.update（input.getBytes（UTF-8））;
        }赶上（java.io.UnsupportedEncodingException前）{
        }
        字节[] = RAWDATA digest.digest（）;
        字节[] EN codeD = Base64.en code（RAWDATA）;
        字符串retValue =新的String（EN codeD）;
        返回retValue;
    }
}
 

解决方案

您不能得到原来的密码。请记住，摘要和Base64编码做两件完全不同的事情。 MD5摘要创建提供给它的数据的密码散列。这是不可逆转的。 Base64是一种编码机制，数据转换（其中可能包含不可打印的二进制数据）到这是保证只包含可打印字符的字符串。这个步骤是可逆的。

检查密码的标准方法是不脱code中的原始密码和比较纯文本。你需要做的就是把你的原始密码做了编码（MD5哈希然后Base64编码的连接code），并将其应用到新提供的密码。然后比较存储连接codeD的版本与新EN codeD版本。如果他们一样，那么密码匹配。

这设计是一个更安全的机制不是存储的密码，可能是去codeD。这样，如果有人偷了你的密码数据库，他们不会自动访问您的用户的所有密码。为了打破进入系统，他们仍然不得不找到一个密码，连接coded到相同的值。密码散列像MD5的一点是使非常困难。另一方面，MD5不被认为是非常安全散列了。你会更好使用SHA1或SHA256（但要记住，你不能改变他们的MD5哈希现有的存储密码哈希另一个没有原始密码，你没有，也就是说你不能只是转换您存储的密码的数据库）。

I am currently encoding a password. I have to decode the password. Here is the code to encode. I am trying to get the original password compare it. I have researched about MessageDigest that says it is a one-way method. Not sure how to get the original message. We have a decode method but it isn't giving me the original password - Base64.decode.

 public static synchronized String getMD5_Base64(String input) {
        if (!isInited) {
            isInited = true;
            try {
                digest = MessageDigest.getInstance("MD5");
            } catch (Exception ex) {
            }
        }
        if (digest == null)
            return input;

        // now everything is ok, go ahead
        try {
            digest.update(input.getBytes("UTF-8"));
        } catch (java.io.UnsupportedEncodingException ex) {
        }
        byte[] rawData = digest.digest();
        byte[] encoded = Base64.encode(rawData);
        String retValue = new String(encoded);
        return retValue;
    }
}

解决方案

You cannot get the original password. Keep in mind that the digest and Base64 encoding do two completely different things. The MD5 digest creates a cryptographic hash of the data supplied to it. This is irreversible. Base64 is an encoding mechanism to convert data (which might contain unprintable binary data) into a string that is guaranteed to contain only printable characters. This step is reversible.

The standard way of checking a password is not to decode the original password and compare the plain text. What you need to do is take the encoding (MD5 hash then Base64 encode) you did on the original password and apply it to the newly supplied password. Then compare the stored encoded version with the newly encoded version. If they're the same then the passwords matched.

This design is a more secure mechanism than storing passwords that could be decoded. This way, if someone steals your password database they don't automatically have access to all the passwords of your users. In order to break into the system they'd still have to find a password that encoded to the same value. The point of cryptographic hashes like MD5 is to make that very difficult. On the other hand, MD5 is not considered a very secure hash anymore. You'd be better off using SHA1 or SHA256 (but remember, you can't change the existing stored passwords from their MD5 hash to another hash without the original password, which you don't have, i.e. you can't just convert your database of stored passwords).

这篇关于如何去code。与消息摘要，Base64编码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！