关闭

Java加密系列之(三)消息摘要算法加密

标签: java实现md5加密java实现sha加密java实现消息摘要算法md5加密java实现sha加密java实现
764人阅读 评论(0) 收藏 举报
分类:

消息摘要算法的分类

MD(Message Digest)消息摘要

SHA(Secure Hash Algorithm)安全散列

MAC(Message Authentication Code)消息认证码


消息摘要算法的作用

消息摘要算法主要有以上3类,这3类算法的主要作用,都是来验证数据的完整性,即消息鉴别

消息鉴别是指在接收方将原始信息进行摘要,然后与接收到的摘要信息进行比对。

消息摘要算法是整个数字签名的核心算法


消息摘要算法——MD

重点介绍MD5,顺便介绍下MD家族(MD2、MD4)

MD家族生成的消息摘要都是128位的,单向加密

package com.tvm.mrz.security.md;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.digests.MD2Digest;
import org.bouncycastle.crypto.digests.MD4Digest;
import org.bouncycastle.crypto.digests.MD5Digest;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

public class MDTest {

	private static String src = "Mr.Z Security Base64";

	public static void jdkMD( String algorithm ) {
		try {
			MessageDigest md = MessageDigest.getInstance( algorithm );
			byte[] mdBytes = md.digest( src.getBytes() );
			System.out.println( md.getProvider().getName() + " " + algorithm + " " + Hex.encodeHexString( mdBytes ) );
		} catch( NoSuchAlgorithmException e ) {
			e.printStackTrace();
		}
	}

	//bcMD的第一种实现方式,基于JDK security框架
	public static void bcMD( String algorithm ) {
		try {
			MessageDigest md = MessageDigest.getInstance( algorithm, new BouncyCastleProvider() );
			byte[] mdBytes = md.digest( src.getBytes() );
			System.out.println( md.getProvider().getName() + " " + algorithm + " " + org.bouncycastle.util.encoders.Hex.toHexString( mdBytes ) );
		} catch( NoSuchAlgorithmException e ) {
			e.printStackTrace();
		}

	}
	
	//只是Provider里增加了BouncyCastleProvider,优先按Provider顺序取算法
//	public static void bcMD( String algorithm ) {
//		try {
//			Security.addProvider( new BouncyCastleProvider() );
//			MessageDigest md = MessageDigest.getInstance( algorithm );
//			byte[] mdBytes = md.digest( src.getBytes() );
//			System.out.println( md.getProvider().getName() + " " + algorithm + " " + org.bouncycastle.util.encoders.Hex.toHexString( mdBytes ) );
//		} catch( NoSuchAlgorithmException e ) {
//			e.printStackTrace();
//		}
//
//	}

	//bcMD的第二种实现方式
	public static void bcMD( Digest digest ) {
		digest.update( src.getBytes(), 0, src.getBytes().length );
		byte[] result = new byte[ digest.getDigestSize() ];
		digest.doFinal( result, 0 );
		System.out.println( "BC" + " " + digest.getAlgorithmName() + " " + org.bouncycastle.util.encoders.Hex.toHexString( result ) );
	}
	
	// Apache只是在jdk的基礎上進行了高度 的封裝,方便使用,本質是同jdk一樣的。所以cc同jdk一樣,沒有md4實現
	public static void ccMD( String algorithm ) {
		// 第一種方式使用高度封裝的
		if( algorithm == MessageDigestAlgorithms.MD5 ) {
			System.out.println( "CC" + " MD5 " + DigestUtils.md5Hex( src ) );
		}
		if( algorithm == MessageDigestAlgorithms.MD2 ) {
			System.out.println( "CC" + " MD2 " + DigestUtils.md2Hex( src ) );
		}
		// 第二種方式使用jdk框架
		MessageDigest md = DigestUtils.getDigest( algorithm );
		String result = Hex.encodeHexString( md.digest( src.getBytes() ) );
		System.out.println( md.getProvider().getName() + " " + algorithm + " " + result );
	}

	public static void main( String[] args ) {
		jdkMD( "MD5" );
		bcMD( "MD5" );
		bcMD( new MD5Digest() );

		jdkMD( "MD2" );
		bcMD( "MD2" );
		bcMD( new MD2Digest() );

		jdkMD( "MD4" );
		bcMD( "MD4" );
		bcMD( new MD4Digest() );
		
		ccMD( MessageDigestAlgorithms.MD5 );
		ccMD( MessageDigestAlgorithms.MD2 );
		
	}
}

算法应用:

密码加密:密码db中的存储使用md加密后的密文


消息摘要算法——SHA

安全散列算法的简称

固定长度摘要信息

md5的继承者,在MD4的基础上演变而来的

SHA-1、SHA-2(SHA-224、SHA-256、SHA-384、SHA-512)

package com.tvm.mrz.security.sha;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.crypto.digests.SHA256Digest;

public class SHATest {

	private static String src = "Mr.Z Security Base64";

	// jdk未實現sha224,bc有補充實現,cc基於jdk封裝
	public static void jdkSHA( String algorithm ) {
		try {
			MessageDigest md = MessageDigest.getInstance( algorithm );
			md.update( src.getBytes() );
			byte[] result = md.digest();
			System.out.println( md.getProvider().getName() + " " + algorithm + " " + Hex.encodeHexString( result ) );
		} catch( NoSuchAlgorithmException e ) {
			e.printStackTrace();
		}
	}

	public static void bcSHA( Digest digest ) {
		digest.update( src.getBytes(), 0, src.getBytes().length );
		byte[] shaBytes = new byte[ digest.getDigestSize() ];
		digest.doFinal( shaBytes, 0 );
		System.out.println( "BC" + " " + digest.getAlgorithmName() + " " + org.bouncycastle.util.encoders.Hex.toHexString( shaBytes ) );
	}

	public static void ccSHA( String algorithm ) {
		// 第一種方式使用高度封裝的
		if( algorithm == MessageDigestAlgorithms.SHA_1 ) {
			System.out.println( "CC" + " SHA-1 " + DigestUtils.sha1Hex( src ) );
		}
		// 第二種方式使用jdk框架
		MessageDigest md = DigestUtils.getDigest( algorithm );
		String result = Hex.encodeHexString( md.digest( src.getBytes() ) );
		System.out.println( md.getProvider().getName() + " " + algorithm + " " + result );
	}

	public static void main( String[] args ) {
		jdkSHA( "SHA" );// sha1的算法名就是SHA
		bcSHA( new SHA1Digest() );
		ccSHA( MessageDigestAlgorithms.SHA_1 );

		jdkSHA( "SHA-256" );
		bcSHA( new SHA256Digest() );
		ccSHA( MessageDigestAlgorithms.SHA_256 );
	}
}

算法应用:

浏览器查看证书


消息摘要常用做法:

1.加入约定key

2.增加时间戳

3.排序

http://**?msg=12Hsdvdkjghsajdlkef&timestamp=1309488765

msg:原始消息+key+时间戳


消息摘要算法——MAC

MAC(Message Authentication Code)消息认证码

通常把MAC算法也叫做HMAC算法

HMAC(keyed-Hash Message Authentication Code)含有密钥的散列函数算法

融合MD、SHA

——MD系列:HmacMD2、HmacMD4、HmacMD5

——SHA系列:HmacSHA1、HmacSHA224、HmacSHA256、HmacSHA384、HmacSHA512

应用如SecureCRT

package com.tvm.mrz.security.mac;

import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

import org.apache.commons.codec.binary.Hex;
import org.bouncycastle.crypto.digests.MD5Digest;
import org.bouncycastle.crypto.macs.HMac;
import org.bouncycastle.crypto.params.KeyParameter;

public class HmacTest {

	private static String src = "Mr.Z Security Base64";

	public static void jdkHmacMD5() {
		try {
			// 初始化KeyGenerator
			KeyGenerator keyGenerator = KeyGenerator.getInstance( "HmacMD5" );
			// 產生密鑰
			SecretKey secretKey = keyGenerator.generateKey();
			// 獲得密鑰
			// byte[] key = secretKey.getEncoded();
			byte[] key = Hex.decodeHex( "aaaaaaaaaa".toCharArray() );

			// 還原密鑰
			SecretKey restoreSecretKey = new SecretKeySpec( key, "HmacMD5" );
			// 實例化MAC
			Mac mac = Mac.getInstance( restoreSecretKey.getAlgorithm() );
			// 初始化Mac
			mac.init( restoreSecretKey );
			// 執行摘要
			byte[] hmacMD5Bytes = mac.doFinal( src.getBytes() );
			System.out.println( "JDK hmacMD5: " + Hex.encodeHexString( hmacMD5Bytes ) );
		} catch( Exception e ) {
			e.printStackTrace();
		}
	}

	public static void bcHmacMD5() {
		HMac hmac = new HMac( new MD5Digest() );
		hmac.init( new KeyParameter( org.bouncycastle.util.encoders.Hex.decode( "aaaaaaaaaa" ) ) );
		hmac.update( src.getBytes(), 0, src.getBytes().length );

		byte[] hmacMD5Bytes = new byte[ hmac.getMacSize() ];
		hmac.doFinal( hmacMD5Bytes, 0 );

		System.out.println( "BC hmacMD5: " + org.bouncycastle.util.encoders.Hex.toHexString( hmacMD5Bytes ) );
	}

	public static void main( String[] args ) {
		jdkHmacMD5();
		bcHmacMD5();
	}
}





0
0

查看评论
* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场
    个人资料
    • 访问:15911次
    • 积分:315
    • 等级:
    • 排名:千里之外
    • 原创:13篇
    • 转载:8篇
    • 译文:0篇
    • 评论:3条
    文章分类
    文章存档
    最新评论