Java – What does update method of MessageDigest do and what is BASE64Encoder meant for

cryptographyencryptionjava

Following is a code that will encrypts the user String :

import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import sun.misc.BASE64Encoder;
import java.io.*;

class Encrypter {
public synchronized String encrypt(String plainText) throws Exception {
    MessageDigest md = null;
    try {
        md = MessageDigest.getInstance("SHA");
    }catch(Exception exc) {
        throw new Exception(exc.getMessage());
     }

     try {
        md.update(plainText.getBytes("UTF-8"));
     }catch(Exception exc) {
        throw new Exception(exc.getMessage());
      }

      byte raw[] = md.digest();
      String hash = (new BASE64Encoder()).encode(raw);
      return hash;
}
public static void main(String args[]) {
    try {
        Encrypter encrypter = new Encrypter();
        BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
        String userInput = br.readLine();
        String encryptedPassword = encrypter.encrypt(userInput);
        System.out.println(encryptedPassword);
    } catch(Exception exc) {
        System.out.println(exc);
      }
}
}

When i compile the code i get the these warnings :

Encrypter.java:4: warning: BASE64Encoder is internal proprietary API and may be removed in a future release
import sun.misc.BASE64Encoder;
           ^
Encrypter.java:23: warning: BASE64Encoder is internal proprietary API and may be removed in a future release
              String hash = (new BASE64Encoder()).encode(raw);
                                 ^
2 warnings

Is there any other method to encrypt strings in java ?

What does the method update of class MessageDigest do ? i.e What does the statement md.update(plainText.getBytes("UTF-8")); do ?

What is a BASE64Encoder class ? I couldn't find it's DOC

Best Answer

First of all, you're not performing any encryption. You're computing a one-way hash or digest of your input. This hash can be later used to verify the integrity of the message. See Hashing, SHA1 and MessageDigest.
Base64 encoding is a method of representing binary data in ASCII. This is often desirable because not all data storage and transmission mechanisms support raw binary. For example, if you want to transfer your computed digest via an http query string parameter, you'll want to encode it as Base64. Also, saving or printing raw binary to the console will produce a stream of funky characters which may be outside of the printable range, and may also produce beeps from your PC speaker!
The Base64Encoder you're using comes from the sun.misc package and should NEVER be used. This is internal Sun JVM code which may or may not be available in the future. That also explains why you're weren't able to find any javadoc.
Fortunately, several free and open Base64 encoders and decoders exist. Apache Commons Codec is a widely used and stable library which contains several codecs include Base64.
md.update(plainText.getBytes("UTF-8")) updates the input to the digest. Calling digest performs a final update and computes the digest of the input. See javadoc of md.digest and md.update

Related Solutions

Java – reflection and why is it useful

The name reflection is used to describe code which is able to inspect other code in the same system (or itself).

For example, say you have an object of an unknown type in Java, and you would like to call a 'doSomething' method on it if one exists. Java's static typing system isn't really designed to support this unless the object conforms to a known interface, but using reflection, your code can look at the object and find out if it has a method called 'doSomething' and then call it if you want to.

So, to give you a code example of this in Java (imagine the object in question is foo) :

Method method = foo.getClass().getMethod("doSomething", null);
method.invoke(foo, null);

One very common use case in Java is the usage with annotations. JUnit 4, for example, will use reflection to look through your classes for methods tagged with the @Test annotation, and will then call them when running the unit test.

There are some good reflection examples to get you started at http://docs.oracle.com/javase/tutorial/reflect/index.html

And finally, yes, the concepts are pretty much similar in other statically typed languages which support reflection (like C#). In dynamically typed languages, the use case described above is less necessary (since the compiler will allow any method to be called on any object, failing at runtime if it does not exist), but the second case of looking for methods which are marked or work in a certain way is still common.

Update from a comment:

The ability to inspect the code in the system and see object types is not reflection, but rather Type Introspection. Reflection is then the ability to make modifications at runtime by making use of introspection. The distinction is necessary here as some languages support introspection, but do not support reflection. One such example is C++

Java – What are the differences between a HashMap and a Hashtable in Java

There are several differences between HashMap and Hashtable in Java:

Hashtable is synchronized, whereas HashMap is not. This makes HashMap better for non-threaded applications, as unsynchronized Objects typically perform better than synchronized ones.
Hashtable does not allow null keys or values. HashMap allows one null key and any number of null values.
One of HashMap's subclasses is LinkedHashMap, so in the event that you'd want predictable iteration order (which is insertion order by default), you could easily swap out the HashMap for a LinkedHashMap. This wouldn't be as easy if you were using Hashtable.

Since synchronization is not an issue for you, I'd recommend HashMap. If synchronization becomes an issue, you may also look at ConcurrentHashMap.

Best Answer

Related Solutions

Java – reflection and why is it useful

Java – What are the differences between a HashMap and a Hashtable in Java

Related Topic