开发者

Java MessageDigest result does not stay constant

开发者 https://www.devze.com 2022-12-31 10:01 出处:网络
I\'ve got this function for en开发者_开发技巧crypting passwords in Java, but somehow when I call

I've got this function for en开发者_开发技巧crypting passwords in Java, but somehow when I call MessageDigest, it returns a different result every time even though I call it with the same password. I wonder if I am initializing it wrong somehow.

public String encrypt (String password) {
    MessageDigest md = MessageDigest.getInstance("SHA-1");
    md.reset();     
    md.update(password.getBytes(Charset.forName("utf-8")),0,password.length());
    String res = md.digest().toString();
}


This simple code produces three different results :

    MessageDigest digest = MessageDigest.getInstance("MD5");
    System.out.println("test1 ");
    System.out.println(digest.digest("test".getBytes("UTF-8")));

    Thread.sleep(10000);        
    System.out.println("test2 ");
    System.out.println(digest.digest("test".getBytes("UTF-8")));

    Thread.sleep(10000);
    System.out.println("test3 ");
    System.out.println(digest.digest("test".getBytes("UTF-8")));


The .toString() method on the byte[] that is the return value of .digest() just gives you the representation of the array, not of its contents.

See this answer on how to convert your byte array to a hex string.

Another approach is using Arrays.toString(byte[]) although that probably does not give you the format you want.


You could change the method signature:

public byte[] encrypt (String password) {
    MessageDigest md = MessageDigest.getInstance("SHA-1");
    md.reset();
    md.update(password.getBytes(Charset.forName("utf-8")), 0, password.length());
    return md.digest();
}

... and use Arrays.equals(byte[], byte[]) to compare digests.

0

精彩评论

暂无评论...
验证码 换一张
取 消