I am working on an application that uploads a file to amazon s3(part of the application). But when I generate the URL of the files, it shows the authentication key, file name and etc. I need to encrypt the URL. Also I am using tiny url to shorten the URL but when I put the curser on the link it shows the real URL. I looked for md5 but I couldn't make it work. Is there any suggestion?
2
-
You are already deep in a solution attempt, lets go back a few steps, what is the root problem you try to solve? Why should nobody see the real URL?Henry– Henry2013-11-01 08:48:15 +00:00Commented Nov 1, 2013 at 8:48
-
Never mind, just saw the post is more than 2 years old.Henry– Henry2013-11-01 08:51:16 +00:00Commented Nov 1, 2013 at 8:51
Add a comment
|
1 Answer
I will try to explain how MD5 works
import java.math.*;
import java.security.*;
public class testMain {
/**
* @param args
*/
public static void main(String[] args) {
String stringThatNeedsToBeEncrpyted = "yourURL"; // Value to encrypt
MessageDigest mdEnc = null;
try {
mdEnc = MessageDigest.getInstance("MD5");
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} // Encryption algorithm
mdEnc.update(stringThatNeedsToBeEncrpyted.getBytes(), 0, stringThatNeedsToBeEncrpyted.length());
String md5 = new BigInteger(1, mdEnc.digest()).toString(16); //Make the Encrypted string
System.out.println(md5); //print the string in the console
}
}
The output is : 7f5976785d03c60f9fd4b08fb78e72ce
This is your message digest.
EDIT
Hashing a username and password should always be done with an appropriate hashing algorithm like PBKDF2, bcrypt or scrypt. Furthermore always use SSL to transfer confidential data.
2 Comments
Emre Canbazoğlu
but how can I use this output as URL?
Lucas Kauffman
well what you can do is instead of completely hashing your algorithm, just hash the password and username (preferably salt it) and add to a GET in your url ?