将java messagedigest在不同的jdk版本上生成不同的MD5哈希?
[英]will java messagedigest generated different MD5 hash on different jdk version?
问题描述
I am using java message digest to create MD5 hash, which is used for authentication. 
我正在使用java消息摘要来创建MD5哈希,用于身份验证。 The MD5 hash is stored in the database as varchar2. MD5哈希作为varchar2存储在数据库中。 I did a test to create a user on my tomcat server on my local laptop. 我做了一个测试,在我的本地笔记本电脑上的tomcat服务器上创建用户。 When I deployed the war to the test tomcat server on linux redhat, the authentication failed due to hash unmatched. 当我将战争部署到linux redhat上的测试tomcat服务器时,由于哈希不匹配,身份验证失败。 I checked the user name and password: they are all correct. 我检查了用户名和密码:它们都是正确的。 Both web server points to the same database. 两个Web服务器都指向同一个数据库。
I suspect the hash generated on my local laptop is different from the one generated by the test server. 我怀疑在我的本地笔记本电脑上生成的哈希值与测试服务器生成的哈希值不同。 Am I right? 我对吗?
Below is the code with which I generated the hash. 下面是我生成哈希的代码。
public static String getMD5Hash(String str) throws Exception
{
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(str.getBytes());
return new String(md.digest());
}
The String returned will be saved in the database table, which is defined below 返回的String将保存在数据库表中,该表定义如下
create table authen(
passport varchar2(50),
constraint pk_au primary key (passport) USING INDEX TABLESPACE xxxxxxx
);
Here is the java version output on my laptop 这是我笔记本电脑上的java版本输出
C:\Users\XXXX>java -version
java version "1.6.0_25"
Java(TM) SE Runtime Environment (build 1.6.0_25-b06)
Java HotSpot(TM) Client VM (build 20.0-b11, mixed mode, sharing)
Here is the java version output on the redhat server 这是redhat服务器上的java版本输出
[xxxxxx@xxxxxxxxx ~]$ java -version
java version "1.6.0_20"
Java(TM) SE Runtime Environment (build 1.6.0_20-b02)
Java HotSpot(TM) Client VM (build 16.3-b01, mixed mode, sharing)
3 个解决方案
解决方案1
6 已采纳 2011-08-03 15:13:46
Its possible that you are using the default character set to generate the bytes you are passing into the MD5.digest() method and that character set is different between your laptop and server. 您可能正在使用默认字符集来生成要传递到MD5.digest()方法的字节,并且该笔记本和服务器之间的字符集不同。
That could be a reason why you are seeing different results. 这可能是您看到不同结果的原因。 Otherwise, its not possible for it to generate different results. 否则,它不可能产生不同的结果。
For example -- 例如 -
byte[] bytesOfMessage = tempStr.getBytes("UTF-8"); // Maybe you're not using a charset here
MessageDigest md5 = MessageDigest.getInstance("MD5");
byte[] theDigest = md5.digest(bytesOfMessage);
解决方案2
3 2011-08-03 15:11:12
Only if you feed different data into the MD5 digest. 仅当您将不同的数据输入MD5摘要时。 Once way to do that by accident would be to feed in hashCode values. 一旦意外地做到这一点将是提供hashCode值。
There is only one MD5 algorithm, and it will produce the same result everywhere on the same input. 只有一个MD5算法,它会在同一输入上的每个地方产生相同的结果。
解决方案3
0 2011-08-03 15:12:01
Check whether your hash is salted . 检查您的哈希是否已被腌制 。 Salting means that the password is concatenated to another string, to increase hashing security (to undo the effect of rainbow tables ) . Salting意味着密码与另一个字符串连接,以增加散列安全性(撤消彩虹表的效果) 。
It may be the case that your database hashes are salted: hence the difference between your (unsalted or wrong salted) MD5 hashes. 可能是您的数据库哈希值已被腌制:因此您的(未加盐的或错误的盐渍)MD5哈希值之间存在差异。
Every same input to the MD5 algorithm results in the same hash. MD5算法的每个相同输入都会产生相同的哈希值。 That's the point of any hashing algorithm. 这就是任何哈希算法的重点。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.