堆栈内存溢出
  简体   繁体   English

Base64编码加密的密码哈希

[英]Base64 Encoding encrypted password hashes

 原文  2013-11-07 04:24:22       java/ security/ hash/ base64

问题描述

I'm Currently creating a web application that requires passwords to be encrypted and stored in a database. 我当前正在创建一个Web应用程序,该应用程序要求对密码进行加密并将其存储在数据库中。 I found the following Guide that encrypts passwords using PBKDF2WithHmacSHA1. 我找到了以下使用PBKDF2WithHmacSHA1加密密码的指南 In the example provided the getEncryptedPassword method returns a byte array. 在提供的示例中,getEncryptedPassword方法返回一个字节数组。

Are there any advantages in doing Base64 encoding the result? 使用Base64编码结果是否有任何优势? Any Disadvantages? 有什么缺点吗?

2 个解决方案

解决方案1
 1 已采纳  2013-11-07 04:37:02

The byte[] array is the smallest mechanism for storing the value (storage space wise). byte []数组是用于存储值的最小机制(明智的存储空间)。 If you have lots of these values it may make sense to store them as bytes. 如果您有很多这些值,将它们存储为字节可能很有意义。 Depending on where you store the result, the format may make a difference too. 根据结果​​存储的位置,格式也可能会有所不同。 Most databases will accomodate byte[] values fairly well, but it can be cumbersome (depending on the database). 大多数数据库都可以很好地适应byte []值,但可能很麻烦(取决于数据库)。 Stores like text files and XML documents, etc. obviously will struggle with the byte[] array. 像文本文件和XML文档之类的存储,显然会与byte []数组打交道。

In most circumstances I feel there are two formats that make sense, Hexadecimal representation, or byte[]. 在大多数情况下,我觉得有两种格式有意义,即十六进制表示形式或byte []。 I seldom think that the advantages of Base64 for short values (less than 32 characters) are worth it (for larger items then sure, use base64, and there's a fantastic library for it too ). 我很少认为Base64对于短值(少于32个字符)的优点值得(对于较大的项目,请确保使用base64,并且还有一个很棒的库 )。

This is obviously all subjective..... 这显然是主观的.....

Converting values to Hexadecimal are quite easy: see How to convert a byte array to a hex string in Java? 将值转换为十六进制非常容易:请参见如何在Java中将字节数组转换为十六进制字符串?

Hex output is convenient, and easier to manage than Base64 which has a more complicated algorithm to build, and is thus slightly slower..... 十六进制输出比Base64方便且易于管理,后者具有更复杂的算法,因此速度稍慢。

解决方案2
 0  2015-12-11 18:09:03

Assuming a reasonable database there is no advantage, since it's just an encoding scheme. 假设一个合理的数据库没有优势,因为它只是一种编码方案。 There is a size increase as a consequence of base 64 encoding, which is a disadvantage. base 64编码的结果是大小增加,这是一个缺点。 If your database reliably stores 8-bit bytes, just store the hash in the database. 如果您的数据库可靠地存储8位字节,则只需将哈希存储在数据库中即可。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 加密(base64)密码未存储在数据库 hsql 中 - Encrypted (base64) password not storing in database hsql Base64 编码不起作用 - Base64 encoding not working JavaMail base64编码 - JavaMail base64 encoding Android Base64编码 - Android Base64 encoding Base64编码的差异 - Difference in Base64 encoding Base64编码btoa - Base64 encoding btoa 在 Java 中编码为 Base64 - Encoding as Base64 in Java 使用Java的Base64图像编码 - Base64 image encoding using java 在JRuby(Java)中将BufferedImage编码为Base64 - Encoding BufferedImage to Base64 in JRuby (Java) 扩展ascii的base64编码 - base64 encoding of extended ascii
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM