I'm facing kind of a strange issue which is related MD5-Hashes in Java and php5. I figured that unter certain circumstances the following code does not generate correct MD5 hashes:
我面临着一个奇怪的问题,它与Java和php5中的MD5-Hashes有关。我认为在某些情况下,以下代码不会生成正确的MD5哈希值:
public static String getMD5Hash(String string)
{
try
{
MessageDigest md5 = MessageDigest.getInstance("MD5");
md5.update(string.getBytes());
byte[] digest = md5.digest();
string = byteArrToHexString(digest);
}
catch (NoSuchAlgorithmException e1)
{
e1.printStackTrace();
}
return string;
}
private static String byteArrToHexString(byte[] bArr)
{
StringBuffer sb = new StringBuffer();
for (int i = 0; i < bArr.length; i++)
{
int unsigned = bArr[i] & 0xff;
sb.append(Integer.toHexString((unsigned)));
}
return sb.toString();
}
I had to migrate an existing user database where the passwords where stored in php5 MD5. Now some of the users, not all, can't login because my Java code does not produce the correct MD5 hash.
我不得不迁移现有的用户数据库,其中密码存储在php5 MD5中。现在,一些用户(不是所有用户)无法登录,因为我的Java代码没有生成正确的MD5哈希。
Any ideas what's wrong with the above?
任何想法上面有什么问题?
3 个解决方案
#1
byteArrToHexString does not convert bytes <0x10 correctly, you need to pad them with zeros.
byteArrToHexString没有正确转换字节<0x10,你需要用零填充它们。
Example:
int unsigned = bArr[i] & 0xff;
if (unsigned < 0x10)
sb.append("0");
sb.append(Integer.toHexString((unsigned)));
#2
So funny... I just encountered a problem with MD5 hashed passwords myself. The problem in my case was the encoding of the original password into a byte[].
好笑......我刚刚遇到了MD5哈希密码的问题。我的问题是将原始密码编码为byte []。
I advise you to find out exactly which encoding was used to hash the passwords previously, and change line 6 of the code above to
我建议你找出以前用于散列密码的确切编码,并将上面代码的第6行更改为
md5.update(string.getBytes("UTF-8"));
(Of course, this is just an example... find out the correct Charset to use as a parameter)
(当然,这只是一个例子......找出正确的Charset用作参数)
BTW, I suppose you have your reasons, but why not have the hashing method do this?
顺便说一句,我想你有理由,但为什么不用哈希方法呢?
return new String(digest, "UTF-8");
Yuval =8-)
#3
You are missing:
你错过了:
md5.reset();
before doing an update()
在做更新之前()
Check Java md5 example with MessageDigest
使用MessageDigest检查Java md5示例
#1
byteArrToHexString does not convert bytes <0x10 correctly, you need to pad them with zeros.
byteArrToHexString没有正确转换字节<0x10,你需要用零填充它们。
Example:
int unsigned = bArr[i] & 0xff;
if (unsigned < 0x10)
sb.append("0");
sb.append(Integer.toHexString((unsigned)));
#2
So funny... I just encountered a problem with MD5 hashed passwords myself. The problem in my case was the encoding of the original password into a byte[].
好笑......我刚刚遇到了MD5哈希密码的问题。我的问题是将原始密码编码为byte []。
I advise you to find out exactly which encoding was used to hash the passwords previously, and change line 6 of the code above to
我建议你找出以前用于散列密码的确切编码,并将上面代码的第6行更改为
md5.update(string.getBytes("UTF-8"));
(Of course, this is just an example... find out the correct Charset to use as a parameter)
(当然,这只是一个例子......找出正确的Charset用作参数)
BTW, I suppose you have your reasons, but why not have the hashing method do this?
顺便说一句,我想你有理由,但为什么不用哈希方法呢?
return new String(digest, "UTF-8");
Yuval =8-)
#3
You are missing:
你错过了:
md5.reset();
before doing an update()
在做更新之前()
Check Java md5 example with MessageDigest
使用MessageDigest检查Java md5示例