In various application systems, if you need to set up an account, it will involve the problem of storing user account information. In order to ensure the security of the stored account information, MD5 encryption is usually used for storage. First of all, let's briefly introduce what is MD5 encryption.
The full name of MD5 is Message-Digest Algorithm 5 (Message-Digest Algorithm), which was developed by Ronald L. Rivest of MIT Laboratory for Computer Science and RSA Data Security Inc in the early 1990s, and developed from MD2, MD3 and MD4. It is to allow bulk information to be "compressed" into a secure format (that is, to convert a byte string of arbitrary length into a large integer of a certain length) before signing the private key with digital signature software. Whether it is MD2, MD4 or MD5, they all need to obtain a random length of information and generate a 128-bit message digest. Although the structure of these algorithms is more or less similar, the design of MD2 is completely different from that of MD4 and MD5, and that is because MD2 is optimized for 8-bit machines, while MD4 and MD5 are for 32-bit computers. The descriptions of these three algorithms and the C language source code are detailed in Internet RFCs 1321, the most authoritative document submitted to the IETF by Ronald L. Rivest in August 1992.
(1) Introduction
to message digest A message digest is the digital fingerprint of a data block. That is, a data block of arbitrary length is calculated to generate a unique fingerprint (for SHA1, a 20-byte binary array is generated). Message Digest is a technique used in conjunction with message authentication codes to ensure message integrity. It mainly uses a one-way hash function algorithm, which can be used to verify the integrity of the message, and directly store the password in text form through hashing. Currently, the widely used algorithms are MD4, MD5, and SHA-1.
Message digests have two basic properties:
- It is difficult to generate the same digest for two different packets
- It is difficult to generate a message for the specified digest, but the specified digest can be deduced from the message
Representative: SHA1 of the National Institute of Standards and Technology of the United States and MD5 proposed by Ronald Rivest of the Massachusetts Institute of Technology
(2) Encrypt the string
/**Encrypt with MD5
* @param str String to be encrypted
* @return encrypted string
* @throws NoSuchAlgorithmException There is no such algorithm for generating message digests
* @throws UnsupportedEncodingException
*/
public String EncoderByMd5(String str) throws NoSuchAlgorithmException, UnsupportedEncodingException{
//Determine the calculation method
MessageDigest md5=MessageDigest.getInstance("MD5");
BASE64Encoder base64en = new BASE64Encoder();
//Encrypted string
String newstr=base64en.encode(md5.digest(str.getBytes ("utf-8")));
return newstr;
}
Call function:
String str="0123456789"
System.out.println(EncoderByMd5(str));
output: eB5eJF1ptWaXm4bijSPyxw==
(3) Verifying whether the password is correct
Because MD5 is based on the principle of message digest, the basic feature of message digest is that it is difficult to calculate the message message based on the digest. Therefore, to verify whether the password is correct, it is necessary to re-enter the password (message message). Calculate its digest and compare it with the digest stored in the database (that is, the digest stored in the database is actually the digest of the user's password). If the two digests are the same, the password is correct; if they are different, the password is wrong.
/**Determine whether the user password is correct
* @param newpasswd The password entered by the user
* @param oldpasswd The password stored in the database - a summary of the user's password
* @return
* @throws NoSuchAlgorithmException
* @throws UnsupportedEncodingException
*/
public boolean checkpassword(String newpasswd ,String oldpasswd) throws NoSuchAlgorithmException, UnsupportedEncodingException{
if(EncoderByMd5(newpasswd).equals(oldpasswd))
return true;
else
return false;
}