消息摘要算法
- MD(Message Digest)
- SHA(Secure Hash Algorithm)
- MAC(Message Authentication Code)
- 验证数据完整性
- 数字签名核心算法
消息摘要算法 - MD
- MD5
- MD家族(128位摘要信息)
- MD2、NMD4
- 特点
| 算法 | 摘要长度 | 实现方 |
|---|---|---|
| MD2 | 128 | JDK |
| MD4 | 128 | Bouncy Castle |
| MD5 | 128 | JDK |
import java.security.MessageDigest;
import java.security.Security;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;
import org.bouncycastle.crypto.digests.MD4Digest;
import org.bouncycastle.crypto.digests.MD5Digest;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
public class MD5Test{
public static final String src = "md5 test";
public static void main(String[] args){
jdkMD5();
jdkMD2();
bcMD4();
bcMD5();
bc2jdkMD4();
ccMD5();
ccMD2();
}
// 用jdk实现:MD5
public static void jdkMD5(){
try{
MessageDigest md = MessageDigest.getInstance("MD5");
byte[] md5Bytes = md.digest(src.getBytes());
System.out.println("JDK MD5:" + Hex.encodeHexString(md5Bytes));
} catch (Exception e) {
e.printStackTrace();
}
}
// 用jdk实现:MD2
public static void jdkMD2(){
try{
MessageDigest md = MessageDigest.getInstance("MD2");
byte[] md2Bytes = md.digest(src.getBytes());
System.out.println("JDK MD2:" + Hex.encodeHexString(md2Bytes));
} catch (Exception e) {
e.printStackTrace();
}
}
// 用bouncy castle实现:MD5
public static void bcMD5(){
MD5Digest digest = new MD5Digest();
digest.update(src.getBytes(),0,src.getBytes().length);
byte[] md5Bytes = new byte[digest.getDigestSize()];
digest.doFinal(md5Bytes, 0);
System.out.println("bouncy castle MD5:" + org.bouncycastle.util.encoders.Hex.toHexString(md5Bytes));
}
// 用bouncy castle实现:MD4
public static void bcMD4(){
MD4Digest digest = new MD4Digest();
digest.update(src.getBytes(),0,src.getBytes().length);
byte[] md4Bytes = new byte[digest.getDigestSize()];
digest.doFinal(md4Bytes, 0);
System.out.println("bouncy castle MD4:" + org.bouncycastle.util.encoders.Hex.toHexString(md4Bytes));
}
// 用bouncy castle与jdk结合实现:MD4
public static void bc2jdkMD4(){
try{
Security.addProvider(new BouncyCastleProvider());
MessageDigest md = MessageDigest.getInstance("MD4");
byte[] md4Bytes = md.digest(src.getBytes());
System.out.println("bc and JDK MD4:" + Hex.encodeHexString(md4Bytes));
} catch (Exception e) {
e.printStackTrace();
}
}
// 用common codes实现实现:MD5
public static void ccMD5(){
System.out.println("common codes MD5:" + DigestUtils.md5Hex(src.getBytes()));
}
// 用common codes实现实现:MD2
public static void ccMD2(){
System.out.println("common codes MD2:" + DigestUtils.md2Hex(src.getBytes()));
}
}
消息摘要算法 - MD
消息摘要算法 - SHA
- 安全散列算法
- 固定长度摘要信息
- SHA-1、SHA-2(SHA-224、SHA-256、SHA-384、SHA-512)
| 算法 | 摘要长度 | 实现方 |
|---|---|---|
| SHA-1 | 160 | JDK |
| SHA-2 | 224 | Bouncy Castle |
| SHA-256 | 256 | JDK |
| SHA-384 | 384 | JDK |
| SHA-512 | 512 | JDK |
消息摘要算法 - SHA
import java.security.MessageDigest;
import java.security.Security;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.crypto.digests.SHA224Digest;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import java.math.BigInteger;
public class SHATest {
public static final String src = "sha test";
public static void main(String[] args){
jdkSHA1();
bcSHA1();
bcSHA224();
bcSHA224b();
generateSha256();
ccSHA1();
}
// 用jdk实现:SHA1
public static void jdkSHA1() {
try{
MessageDigest md = MessageDigest.getInstance("SHA");
md.update(src.getBytes());
System.out.println("jdk sha-1:" + Hex.encodeHexString(md.digest()));
} catch (Exception e) {
e.printStackTrace();
}
}
// 用bouncy castle实现:SHA1
public static void bcSHA1(){
Digest digest = new SHA1Digest();
digest.update(src.getBytes(), 0, src.getBytes().length );
byte[] sha1Bytes = new byte[digest.getDigestSize()];
digest.doFinal(sha1Bytes, 0);
System.out.println("bc sha-1:" + org.bouncycastle.util.encoders.Hex.toHexString(sha1Bytes));
}
// 用bouncy castle实现:SHA224
public static void bcSHA224(){
Digest digest = new SHA224Digest();
digest.update(src.getBytes(), 0, src.getBytes().length );
byte[] sha224Bytes = new byte[digest.getDigestSize()];
digest.doFinal(sha224Bytes, 0);
System.out.println("bc sha-224:" + org.bouncycastle.util.encoders.Hex.toHexString(sha224Bytes));
}
// 用bouncy castle与jdk结合实现:SHA224
public static void bcSHA224b(){
try{
Security.addProvider(new BouncyCastleProvider());
MessageDigest md = MessageDigest.getInstance("SHA224");
md.update(src.getBytes());
System.out.println("bc and JDK sha-224:" + Hex.encodeHexString(md.digest()));
} catch (Exception e) {
e.printStackTrace();
}
}
public static void generateSha256() {
MessageDigest md = MessageDigest.getInstance("SHA-256");
md.update(src.getBytes("UTF-8")); // Change this to "UTF-16" if needed
byte[] digest = md.digest();
BigInteger bigInt = new BigInteger(1, digest);
System.out.println("Sha256 hash: " + bigInt.toString(16));
}
// 用common codes实现实现:SHA1
public static void ccSHA1(){
System.out.println("common codes SHA1 - 1 :" + DigestUtils.sha1Hex(src.getBytes()));
System.out.println("common codes SHA1 - 2 :" + DigestUtils.sha1Hex(src));
}
}
应用
- 1、加入约定key
- 2、增加时间戳
- 3、排序
- http://**?msg=12Hsad74mj×tamp=1309488734
- msg:原始消息 + key + 时间戳
消息摘要算法 - MAC
- MAC(Message Authentication Code)
- HMAC(keyed-Hash Message Authentication Code),含有密钥的散列函数算法。
- 融合MD、SHA
- MD系列:HmacMD2、HmacMD4、HmacMD5
- SHA系列:HmacSHA1、HmacSHA224、HmacSHA256、HmacSHA384、HmacSHA512
- 应用如SecureCRT
| 算法 | 摘要长度 | 实现方 |
|---|---|---|
| HmacMD2 | 128 | Bouncy Castle |
| HmacMD4 | 128 | Bouncy Castle |
| HmacMD5 | 128 | JDK |
| HmacSHA1 | 160 | JDK |
| HmacSHA224 | 224 | Bouncy Castle |
| HmacSHA256 | 256 | JDK |
| HmacSHA384 | 384 | JDK |
| HmacSHA512 | 512 | JDK |
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Hex;
import org.bouncycastle.crypto.digests.MD5Digest;
import org.bouncycastle.crypto.macs.HMac;
import org.bouncycastle.crypto.params.KeyParameter;
public class HMACTest{
public static final String src = "hmac test";
public static void main(String[] args) {
jdkHmacMD5();
bcHmacMD5();
}
// 用jdk实现:
public static void jdkHmacMD5(){
try {
// 初始化KeyGenerator
KeyGenerator keyGenerator = KeyGenerator.getInstance("HmacMD5");
// 产生密钥
SecretKey secretKey = keyGenerator.generateKey();
// 获取密钥
// byte[] key = secretKey.getEncoded();
byte[] key = Hex.decodeHex(new char[]{'1','2','3','4','5','6','7','8','9','a','b','c','d','e' });
// 还原密钥
SecretKey restoreSecretKey = new SecretKeySpec(key, "HmacMD5");
// 实例化MAC
Mac mac = Mac.getInstance(restoreSecretKey.getAlgorithm());
// 初始化MAC
mac.init(restoreSecretKey);
// 执行摘要
byte[] hmacMD5Bytes = mac.doFinal(src.getBytes());
System.out.println("jdk hmacMD5:" + Hex.encodeHexString(hmacMD5Bytes));
} catch (Exception e) {
e.printStackTrace();
}
}
// 用bouncy castle实现:
public static void bcHmacMD5() {
HMac hmac = new HMac(new MD5Digest());
// 必须是16进制的字符,长度必须是2的倍数
hmac.init(new KeyParameter(org.bouncycastle.util.encoders.Hex.decode("123456789abcde")));
hmac.update(src.getBytes(), 0, src.getBytes().length);
// 执行摘要
byte[] hmacMD5Bytes = new byte[hmac.getMacSize()];
hmac.doFinal(hmacMD5Bytes, 0);
System.out.println("bc hmacMD5:" + org.bouncycastle.util.encoders.Hex.toHexString(hmacMD5Bytes));
}
}
消息摘要算法 - MAC
消息摘要算法 - 其他
- RipeMD(128、156、320)
- Tiger
- Whirlpool
- GOST3411
- Bouncy Castle 实现
