消息摘要算法
MD(Message Digest)
SHA(Secure Hash Algorithm)
MAC(Message Authentication Code)
验证数据完整性
数字签名核心算法
消息摘要算法 - MD
MD5
MD家族(128位摘要信息)
MD2、NMD4
特点
算法
摘要长度
实现方
MD2
128
JDK
MD4
128
Bouncy Castle
MD5
128
JDK
import java.security.MessageDigest;
import java.security.Security;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;
import org.bouncycastle.crypto.digests.MD4Digest;
import org.bouncycastle.crypto.digests.MD5Digest;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
public class MD5Test{
public static final String src = "md5 test";
public static void main(String[] args){
jdkMD5();
jdkMD2();
bcMD4();
bcMD5();
bc2jdkMD4();
ccMD5();
ccMD2();
}
// 用jdk实现:MD5
public static void jdkMD5(){
try{
MessageDigest md = MessageDigest.getInstance("MD5");
byte[] md5Bytes = md.digest(src.getBytes());
System.out.println("JDK MD5:" + Hex.encodeHexString(md5Bytes));
} catch (Exception e) {
e.printStackTrace();
}
}
// 用jdk实现:MD2
public static void jdkMD2(){
try{
MessageDigest md = MessageDigest.getInstance("MD2");
byte[] md2Bytes = md.digest(src.getBytes());
System.out.println("JDK MD2:" + Hex.encodeHexString(md2Bytes));
} catch (Exception e) {
e.printStackTrace();
}
}
// 用bouncy castle实现:MD5
public static void bcMD5(){
MD5Digest digest = new MD5Digest();
digest.update(src.getBytes(),0,src.getBytes().length);
byte[] md5Bytes = new byte[digest.getDigestSize()];
digest.doFinal(md5Bytes, 0);
System.out.println("bouncy castle MD5:" + org.bouncycastle.util.encoders.Hex.toHexString(md5Bytes));
}
// 用bouncy castle实现:MD4
public static void bcMD4(){
MD4Digest digest = new MD4Digest();
digest.update(src.getBytes(),0,src.getBytes().length);
byte[] md4Bytes = new byte[digest.getDigestSize()];
digest.doFinal(md4Bytes, 0);
System.out.println("bouncy castle MD4:" + org.bouncycastle.util.encoders.Hex.toHexString(md4Bytes));
}
// 用bouncy castle与jdk结合实现:MD4
public static void bc2jdkMD4(){
try{
Security.addProvider(new BouncyCastleProvider());
MessageDigest md = MessageDigest.getInstance("MD4");
byte[] md4Bytes = md.digest(src.getBytes());
System.out.println("bc and JDK MD4:" + Hex.encodeHexString(md4Bytes));
} catch (Exception e) {
e.printStackTrace();
}
}
// 用common codes实现实现:MD5
public static void ccMD5(){
System.out.println("common codes MD5:" + DigestUtils.md5Hex(src.getBytes()));
}
// 用common codes实现实现:MD2
public static void ccMD2(){
System.out.println("common codes MD2:" + DigestUtils.md2Hex(src.getBytes()));
}
}
消息摘要算法 - MD
消息摘要算法 - SHA
安全散列算法
固定长度摘要信息
SHA-1、SHA-2(SHA-224、SHA-256、SHA-384、SHA-512)
算法
摘要长度
实现方
SHA-1
160
JDK
SHA-2
224
Bouncy Castle
SHA-256
256
JDK
SHA-384
384
JDK
SHA-512
512
JDK
消息摘要算法 - SHA
import java.security.MessageDigest;
import java.security.Security;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.crypto.digests.SHA224Digest;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import java.math.BigInteger;
public class SHATest {
public static final String src = "sha test";
public static void main(String[] args){
jdkSHA1();
bcSHA1();
bcSHA224();
bcSHA224b();
generateSha256();
ccSHA1();
}
// 用jdk实现:SHA1
public static void jdkSHA1() {
try{
MessageDigest md = MessageDigest.getInstance("SHA");
md.update(src.getBytes());
System.out.println("jdk sha-1:" + Hex.encodeHexString(md.digest()));
} catch (Exception e) {
e.printStackTrace();
}
}
// 用bouncy castle实现:SHA1
public static void bcSHA1(){
Digest digest = new SHA1Digest();
digest.update(src.getBytes(), 0, src.getBytes().length );
byte[] sha1Bytes = new byte[digest.getDigestSize()];
digest.doFinal(sha1Bytes, 0);
System.out.println("bc sha-1:" + org.bouncycastle.util.encoders.Hex.toHexString(sha1Bytes));
}
// 用bouncy castle实现:SHA224
public static void bcSHA224(){
Digest digest = new SHA224Digest();
digest.update(src.getBytes(), 0, src.getBytes().length );
byte[] sha224Bytes = new byte[digest.getDigestSize()];
digest.doFinal(sha224Bytes, 0);
System.out.println("bc sha-224:" + org.bouncycastle.util.encoders.Hex.toHexString(sha224Bytes));
}
// 用bouncy castle与jdk结合实现:SHA224
public static void bcSHA224b(){
try{
Security.addProvider(new BouncyCastleProvider());
MessageDigest md = MessageDigest.getInstance("SHA224");
md.update(src.getBytes());
System.out.println("bc and JDK sha-224:" + Hex.encodeHexString(md.digest()));
} catch (Exception e) {
e.printStackTrace();
}
}
public static void generateSha256() {
MessageDigest md = MessageDigest.getInstance("SHA-256");
md.update(src.getBytes("UTF-8")); // Change this to "UTF-16" if needed
byte[] digest = md.digest();
BigInteger bigInt = new BigInteger(1, digest);
System.out.println("Sha256 hash: " + bigInt.toString(16));
}
// 用common codes实现实现:SHA1
public static void ccSHA1(){
System.out.println("common codes SHA1 - 1 :" + DigestUtils.sha1Hex(src.getBytes()));
System.out.println("common codes SHA1 - 2 :" + DigestUtils.sha1Hex(src));
}
}
应用
1、加入约定key
2、增加时间戳
3、排序
http://**?msg=12Hsad74mj×tamp=1309488734
msg:原始消息 + key + 时间戳
消息摘要算法 - MAC
MAC(Message Authentication Code)
HMAC(keyed-Hash Message Authentication Code),含有密钥的散列函数算法。
融合MD、SHA
MD系列:HmacMD2、HmacMD4、HmacMD5
SHA系列:HmacSHA1、HmacSHA224、HmacSHA256、HmacSHA384、HmacSHA512
应用如SecureCRT
算法
摘要长度
实现方
HmacMD2
128
Bouncy Castle
HmacMD4
128
Bouncy Castle
HmacMD5
128
JDK
HmacSHA1
160
JDK
HmacSHA224
224
Bouncy Castle
HmacSHA256
256
JDK
HmacSHA384
384
JDK
HmacSHA512
512
JDK
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Hex;
import org.bouncycastle.crypto.digests.MD5Digest;
import org.bouncycastle.crypto.macs.HMac;
import org.bouncycastle.crypto.params.KeyParameter;
public class HMACTest{
public static final String src = "hmac test";
public static void main(String[] args) {
jdkHmacMD5();
bcHmacMD5();
}
// 用jdk实现:
public static void jdkHmacMD5(){
try {
// 初始化KeyGenerator
KeyGenerator keyGenerator = KeyGenerator.getInstance("HmacMD5");
// 产生密钥
SecretKey secretKey = keyGenerator.generateKey();
// 获取密钥
// byte[] key = secretKey.getEncoded();
byte[] key = Hex.decodeHex(new char[]{'1','2','3','4','5','6','7','8','9','a','b','c','d','e' });
// 还原密钥
SecretKey restoreSecretKey = new SecretKeySpec(key, "HmacMD5");
// 实例化MAC
Mac mac = Mac.getInstance(restoreSecretKey.getAlgorithm());
// 初始化MAC
mac.init(restoreSecretKey);
// 执行摘要
byte[] hmacMD5Bytes = mac.doFinal(src.getBytes());
System.out.println("jdk hmacMD5:" + Hex.encodeHexString(hmacMD5Bytes));
} catch (Exception e) {
e.printStackTrace();
}
}
// 用bouncy castle实现:
public static void bcHmacMD5() {
HMac hmac = new HMac(new MD5Digest());
// 必须是16进制的字符,长度必须是2的倍数
hmac.init(new KeyParameter(org.bouncycastle.util.encoders.Hex.decode("123456789abcde")));
hmac.update(src.getBytes(), 0, src.getBytes().length);
// 执行摘要
byte[] hmacMD5Bytes = new byte[hmac.getMacSize()];
hmac.doFinal(hmacMD5Bytes, 0);
System.out.println("bc hmacMD5:" + org.bouncycastle.util.encoders.Hex.toHexString(hmacMD5Bytes));
}
}
消息摘要算法 - MAC
消息摘要算法 - 其他
RipeMD(128、156、320)
Tiger
Whirlpool
GOST3411
Bouncy Castle 实现