Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

SHA-1 login problem

843810Feb 23 2004 — edited Apr 1 2004

Hello All,

I a using a simple algorithm to encrypt the user's password before I store it in the DB:

import java.security.*;

byte[] msg = password.getBytes();
MessageDigest md = MessageDigest.getInstance("SHA-1");
md.update(msg);
byte[] digest = md.digest();
String HashedPassword = new String(digest);

I was using IBM java 2-13* and upgraded it to IBM java 2-141 in RedHat Enterprise server 3. Now, the new users since the update can log in using the same algorithm mentionned above but old registered users can no longer log in. (Got the error userName/password incorrect).

Is SHA-1 algorithm tightly coupled to the Java version? How can I work around this? Also, how can I get the old registered users to log in again.

Thank you very much.

Locked Post

New comments cannot be posted to this locked post.

Locked on Apr 29 2004

Added on Feb 23 2004

#cryptography

5 comments

132 views