Link Details

Link 1070833 thumbnail
User 246822 avatar

By kafrlust
via java-only.com
Published: Nov 26 2013 / 10:42

In general message digest is an algorithm that take as input a string -or in other words a message- and produces a hash for the given input.Message digests are mainly used for verifying the integrity of message since any changes in the message string will have as a result different hash. In this tutorial we will see how to use MessageDigest class to produce SHA1 and Base64 encoded message digest.
  • 6
  • 2
  • 819
  • 1193

Comments

Add your comment
User 776377 avatar

lburnham123 replied ago:

0 votes Vote down Vote up Reply

You should not advocate obsolete crypto. SHA-1 is vulnerable, and SHA-2 has been available as part of the JRE for many years - there's no reason to use (or teach) anything less secure.

User 246822 avatar

kafrlust replied ago:

0 votes Vote down Vote up Reply

I know what you are talking about and I agree with you.But trust me:SHA1 I know a LOT of cases where SHA1 is still used.So,since I used it for projects why not to write about it and someone who has to work with SHA1 read about it?

User 776377 avatar

lburnham123 replied ago:

0 votes Vote down Vote up Reply

It is still used a lot, and that's a problem. So you should talk about that, instead of just giving some code sample that might lead people who don't know any better to believe it's still OK to use.

User 246822 avatar

kafrlust replied ago:

0 votes Vote down Vote up Reply

Maybe you are right.But the purpose of this tutorial was to be a reference.Nothing more,nothing less.I had to work with SHA1 that's how I did it and I wanted to share it with the world.I didn't want to say if SHA1 is good or not.Btw, I'm working on a tut for Base64 encoding these days..hope you want blame me! :)

User 776377 avatar

lburnham123 replied ago:

0 votes Vote down Vote up Reply

I'm not blaming anyone, people are free to publish anything they want, but if they do so publicly they should be prepared for feedback. And I for one don't like to see obsolete stuff to get published without a mention that it is no longer recommended practice in the industry. Plus, there must be dozens of write-ups out there already that show precisely this, so it's not like it is something new (same for base-64 encoding, by the way :-) )

User 246822 avatar

kafrlust replied ago:

0 votes Vote down Vote up Reply

Please don't get me wrong,I truly appreciate your feedback.I know it's obsolete stuff.And although it may be stupidity to use it I found it as requirement in several -proprietary most of the time - APIs.And since I needed to create Message Digest with SHA1 might someone else will need it to.And that's how this write up occued! :). In the Base64 tutorial I will declare that is obsolete and bad practise though! :D I Liked this conversation

User 776377 avatar

lburnham123 replied ago:

0 votes Vote down Vote up Reply

Base-64 is neither obsolete nor bad practice. It's just that there are already umpteen write-ups about it out there.

Add your comment


Html tags not supported. Reply is editable for 5 minutes. Use [code lang="java|ruby|sql|css|xml"][/code] to post code snippets.

Voters For This Link (6)



Voters Against This Link (2)



Java Performance Optimization
Written by: Pierre-Hugues Charbonneau
Featured Refcardz: Top Refcardz:
  1. Design Patterns
  2. OO JS
  3. Cont. Delivery
  4. Java EE7
  5. HTML5 Mobile
  1. Node.js
  2. Debugging JavaScript
  3. OO JS
  4. JSON
  5. Ajax