MD5哈希无法处理大字符串
[英]MD5 Hashes failing for large Strings
问题描述
I'm making a MD5 hash of a response, and then signing it with a shared secret. 
我正在对响应进行MD5哈希处理,然后使用共享机密对其进行签名。
For most calls this works, but strangely fails (Generates a MD5 hash different from the client) on the only two calls that bring a lot of content in the body. 对于大多数调用而言,这是可行的,但奇怪的是,只有两个调用在体内带来了很多内容,但失败了(生成了与客户端不同的MD5哈希)。
Can this be because of the size of the body? 这可能是因为身体大小吗? or maybe because those calls return the content chunked ? 还是因为这些调用返回了chunked的内容?
Any idea will be appreciated. 任何想法将不胜感激。 Thanks a lot. 非常感谢。
The hashing code (note that algorithm == MD5 and ENCODING == 'UTF-8' ): 哈希码(请注意, algorithm == MD5和ENCODING == 'UTF-8' ):
private static byte[] hash(String toHash, String algorithm){
try{
MessageDigest dg = MessageDigest.getInstance(algorithm);
dg.update(toHash.getBytes(ENCODING));
return dg.digest();
}catch(Exception e){
throw new ApiInternalException("Error while hashing string: " + toHash,e);
}
}
2 个解决方案
解决方案1
2 2010-02-09 21:39:31
It'd be great if you included your code. 如果包含您的代码,那就太好了。 Without that, I can only guess what the problem is. 没有那个,我只能猜测是什么问题。 Anyway, here's the correct way to create an MD5 hash in Java. 无论如何,这是在Java中创建MD5哈希的正确方法。 If your code differs from this, then you have a problem. 如果您的代码与此不同,则您有问题。
String plainString = "Hash me please";
String md5Hash = "NOTHASHED";
try {
MessageDigest md5Digest = MessageDigest.getInstance("MD5");
md5String = new String(md5Digest.digest(plainString.getBytes()));
} catch (NoSuchAlgorithmException nsae) {
// MD5 is included in all versions of Java, this can never happen
}
Of course, this will return something that looks like: ǚ ; f &fu If you want it to be human readable, it's usually suggested that you Bas64 encode it, in which case just use the line: 当然,这将返回类似如下的内容: ǚ ; f &fu如果您希望它对人类可读,通常建议您对它进行Bas64编码,在这种情况下只需使用以下行即可:
new String(Base64Encoder.encode((md5Digest.digest(DESKTOP_STRING.getBytes()))));
Which will give you something that looks like: ssea19zwO6Jm3AiF4SZmdQ== 它将为您提供类似于: ssea19zwO6Jm3AiF4SZmdQ==
Keeping in mind that you will need to unencode it later before using it as an md5 hash. 请记住,在将其用作md5哈希之前,您需要稍后对其进行解编码 。
解决方案2
0 2010-02-09 21:45:32
Either explanation is plausible. 两种解释都是合理的。 Other possible explanation include: 其他可能的解释包括:
- something (maybe a proxy server) is altering content in transit, 某些内容(可能是代理服务器)正在更改传输中的内容,
- there is a mismatch in the way that character encoding / decoding is being dealt with 处理字符编码/解码的方式不匹配
- it is actually the MD5 hashes that are being damaged. 实际上是MD5哈希被破坏了。
You need to gather more information to figure out which it is. 您需要收集更多信息以找出它是什么。 I suggest that you modify your client and server sides to capture the data being sent / received into files, move them to the same machine and do a byte-wise comparison. 我建议您修改客户端和服务器端,以将发送/接收的数据捕获到文件中,将它们移至同一台计算机上并进行逐字节比较。 Other things you could try include turning off chunking and dumping / comparing the MD5 checksums at both ends. 您可以尝试的其他操作包括关闭分块和转储/在两端比较MD5校验和。
EDIT : It would also help us help you if you posted the code that does the MD5 checksum calculation at both ends, and the code that encodes / decodes the checksums for transmission (eg using hexadecimal, base64 or whatever). 编辑 :如果您在两端发布了执行MD5校验和计算的代码,并且对要传输的校验和进行编码/解码的代码(例如,使用十六进制,base64或其他格式),也将为我们提供帮助。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.