dcsimg
Login | Register   
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX

By submitting your information, you agree that devx.com may send you DevX offers via email, phone and text message, as well as email offers about other products and services that DevX believes may be of interest to you. DevX will process your information in accordance with the Quinstreet Privacy Policy.


Tip of the Day
Language: Java
Expertise: Intermediate
Oct 24, 2001

WEBINAR:

On-Demand

Application Security Testing: An Integral Part of DevOps


Security101: MessageDigest Class


In Java, message digest is represented by "java.security.MessageDigest class".

All main classes in java.security package are instantiated using the factory method "getInstance()".

This method takes the String parameter, which is the name of the algorithm used to calculate message digest. There are three algorithms supported by the default JDK security provider:
  • "SHA"
  • "MD2"
  • "MD5"

Here's the sample code for calculating the message digest of the password (assuming that the variable pwd contains password text):
 
MessageDigest md5 = MessageDigest.getInstance("MD5");
byte[] pwdBytes = pwd.getBytes("latin1");
md5.update(pwdBytes);
byte[] msgDigestBytes = md5.digest();

You can store this in the database, and the next time a user logs in, you can calculate the message digest of that password and compare it to bytes in the database. Plus, the password text is not exposed in the database table.
Slavik Dimitrovich
 
Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap
×
We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.
Thanks for your registration, follow us on our social networks to keep up-to-date