Base64 Encoding safe for filenames?

Question

Is Base64 encoding safe to use for filenames on windows and linux systems? From my research I have found replacing all "/" characters of the output string with "-" or "_" should resolve any issues.

Can anyone provide more details on this?

Currently in Java I am using the following peice of code:

    MessageDigest md5Digest = MessageDigest.getInstance("MD5");
    md5Digest.reset();
    md5Digest.update(plainText.getBytes());

    byte[] digest = md5Digest.digest();

    BASE64Encoder encoder = new BASE64Encoder();
    hash = encoder.encode(digest);
    hash.replace('/','_');

Answer 1

Usually MD5 hashes (hashes in general) are represented as hexadecimal strings instead of Base64, which then only contain [a-f0-9]. Those names would be supported by all filesystems.

If you really want to use Base64, your solution (replacing slashes) will not work correctly as Windows filesystems don't make a difference between 'A' and 'a'. Maybe you want to use Base32 instead? But mind that Base32 makes 8 bits out of 4, so it will be easier to just take the hexadecimal representation.

In general, the following characters are not allowed in Windows and/or Linux: \ / : * ? " < > |

Answer 2

A filename created by Base64 is only safe if you use a different character from /, which you do, as NTFS does not allow that character to be used in file names. As long as you do that, pretty much all commonly used file systems in common use will be OK.

However, if the filesystem is case-insensitive, as is the case on Windows, you can get collisions because the Base64 alphabet contains both upper and lower-case.

You might want to consider using the hexadecimal representation of your MD5 hash instead, since this is a fairly standard way of representing those as a string.

Answer 3

I would use Base32 in this case - you'll get names a bit longer, but Base32 encoded values are safe for case insensetive environment (FAT/Win32 NTFS access) as well for using as Uri.

Unfortunately there is usually no built-in support for this encoding in frameworks. On other hand code is realitvely simple to write yourself or find online.

http://en.wikipedia.org/wiki/Base32.

Answer 4

RFC 3548 suggests not only to replace the / character. The URL and Filename safe Alphabet replaces:

• the 63:nd / character with the underscore _
• the 62:nd + character with the minus -.

But maybe you better use a HEX-String. It is been a while, when i stored a hash value in a filename. I started with using Base64 String but switched to a Hex-String. I don't remember why i switched, maybe because Windows makes no difference between 'a' and 'A' as AndiDog said.

Answer 5

I'm not sure what you are using the encoding for, but consider percent encoding file names.

• It works in every file system
• It keeps file names human readable as long as they're within the ASCII range