Java加密系列之(三)消息摘要算法加密,java摘要
分享于 点击 18352 次 点评:185
Java加密系列之(三)消息摘要算法加密,java摘要
消息摘要算法的分类
MD(Message Digest)消息摘要
SHA(Secure Hash Algorithm)安全散列
MAC(Message Authentication Code)消息认证码
消息摘要算法的作用
消息摘要算法主要有以上3类,这3类算法的主要作用,都是来验证数据的完整性,即消息鉴别
消息鉴别是指在接收方将原始信息进行摘要,然后与接收到的摘要信息进行比对。
消息摘要算法是整个数字签名的核心算法
消息摘要算法——MD
重点介绍MD5,顺便介绍下MD家族(MD2、MD4)MD家族生成的消息摘要都是128位的,单向加密
package com.tvm.mrz.security.md;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.digests.MD2Digest;
import org.bouncycastle.crypto.digests.MD4Digest;
import org.bouncycastle.crypto.digests.MD5Digest;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
public class MDTest {
private static String src = "Mr.Z Security Base64";
public static void jdkMD( String algorithm ) {
try {
MessageDigest md = MessageDigest.getInstance( algorithm );
byte[] mdBytes = md.digest( src.getBytes() );
System.out.println( md.getProvider().getName() + " " + algorithm + " " + Hex.encodeHexString( mdBytes ) );
} catch( NoSuchAlgorithmException e ) {
e.printStackTrace();
}
}
//bcMD的第一种实现方式,基于JDK security框架
public static void bcMD( String algorithm ) {
try {
MessageDigest md = MessageDigest.getInstance( algorithm, new BouncyCastleProvider() );
byte[] mdBytes = md.digest( src.getBytes() );
System.out.println( md.getProvider().getName() + " " + algorithm + " " + org.bouncycastle.util.encoders.Hex.toHexString( mdBytes ) );
} catch( NoSuchAlgorithmException e ) {
e.printStackTrace();
}
}
//只是Provider里增加了BouncyCastleProvider,优先按Provider顺序取算法
// public static void bcMD( String algorithm ) {
// try {
// Security.addProvider( new BouncyCastleProvider() );
// MessageDigest md = MessageDigest.getInstance( algorithm );
// byte[] mdBytes = md.digest( src.getBytes() );
// System.out.println( md.getProvider().getName() + " " + algorithm + " " + org.bouncycastle.util.encoders.Hex.toHexString( mdBytes ) );
// } catch( NoSuchAlgorithmException e ) {
// e.printStackTrace();
// }
//
// }
//bcMD的第二种实现方式
public static void bcMD( Digest digest ) {
digest.update( src.getBytes(), 0, src.getBytes().length );
byte[] result = new byte[ digest.getDigestSize() ];
digest.doFinal( result, 0 );
System.out.println( "BC" + " " + digest.getAlgorithmName() + " " + org.bouncycastle.util.encoders.Hex.toHexString( result ) );
}
// Apache只是在jdk的基礎上進行了高度 的封裝,方便使用,本質是同jdk一樣的。所以cc同jdk一樣,沒有md4實現
public static void ccMD( String algorithm ) {
// 第一種方式使用高度封裝的
if( algorithm == MessageDigestAlgorithms.MD5 ) {
System.out.println( "CC" + " MD5 " + DigestUtils.md5Hex( src ) );
}
if( algorithm == MessageDigestAlgorithms.MD2 ) {
System.out.println( "CC" + " MD2 " + DigestUtils.md2Hex( src ) );
}
// 第二種方式使用jdk框架
MessageDigest md = DigestUtils.getDigest( algorithm );
String result = Hex.encodeHexString( md.digest( src.getBytes() ) );
System.out.println( md.getProvider().getName() + " " + algorithm + " " + result );
}
public static void main( String[] args ) {
jdkMD( "MD5" );
bcMD( "MD5" );
bcMD( new MD5Digest() );
jdkMD( "MD2" );
bcMD( "MD2" );
bcMD( new MD2Digest() );
jdkMD( "MD4" );
bcMD( "MD4" );
bcMD( new MD4Digest() );
ccMD( MessageDigestAlgorithms.MD5 );
ccMD( MessageDigestAlgorithms.MD2 );
}
}
算法应用:
密码加密:密码db中的存储使用md加密后的密文
消息摘要算法——SHA
安全散列算法的简称固定长度摘要信息
md5的继承者,在MD4的基础上演变而来的
SHA-1、SHA-2(SHA-224、SHA-256、SHA-384、SHA-512)
package com.tvm.mrz.security.sha;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.crypto.digests.SHA256Digest;
public class SHATest {
private static String src = "Mr.Z Security Base64";
// jdk未實現sha224,bc有補充實現,cc基於jdk封裝
public static void jdkSHA( String algorithm ) {
try {
MessageDigest md = MessageDigest.getInstance( algorithm );
md.update( src.getBytes() );
byte[] result = md.digest();
System.out.println( md.getProvider().getName() + " " + algorithm + " " + Hex.encodeHexString( result ) );
} catch( NoSuchAlgorithmException e ) {
e.printStackTrace();
}
}
public static void bcSHA( Digest digest ) {
digest.update( src.getBytes(), 0, src.getBytes().length );
byte[] shaBytes = new byte[ digest.getDigestSize() ];
digest.doFinal( shaBytes, 0 );
System.out.println( "BC" + " " + digest.getAlgorithmName() + " " + org.bouncycastle.util.encoders.Hex.toHexString( shaBytes ) );
}
public static void ccSHA( String algorithm ) {
// 第一種方式使用高度封裝的
if( algorithm == MessageDigestAlgorithms.SHA_1 ) {
System.out.println( "CC" + " SHA-1 " + DigestUtils.sha1Hex( src ) );
}
// 第二種方式使用jdk框架
MessageDigest md = DigestUtils.getDigest( algorithm );
String result = Hex.encodeHexString( md.digest( src.getBytes() ) );
System.out.println( md.getProvider().getName() + " " + algorithm + " " + result );
}
public static void main( String[] args ) {
jdkSHA( "SHA" );// sha1的算法名就是SHA
bcSHA( new SHA1Digest() );
ccSHA( MessageDigestAlgorithms.SHA_1 );
jdkSHA( "SHA-256" );
bcSHA( new SHA256Digest() );
ccSHA( MessageDigestAlgorithms.SHA_256 );
}
}
算法应用:
浏览器查看证书
消息摘要常用做法:
1.加入约定key
2.增加时间戳
3.排序
http://**?msg=12Hsdvdkjghsajdlkef×tamp=1309488765
msg:原始消息+key+时间戳
消息摘要算法——MAC
MAC(Message Authentication Code)消息认证码通常把MAC算法也叫做HMAC算法
HMAC(keyed-Hash Message Authentication Code)含有密钥的散列函数算法
融合MD、SHA
——MD系列:HmacMD2、HmacMD4、HmacMD5
——SHA系列:HmacSHA1、HmacSHA224、HmacSHA256、HmacSHA384、HmacSHA512
应用如SecureCRT
package com.tvm.mrz.security.mac;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Hex;
import org.bouncycastle.crypto.digests.MD5Digest;
import org.bouncycastle.crypto.macs.HMac;
import org.bouncycastle.crypto.params.KeyParameter;
public class HmacTest {
private static String src = "Mr.Z Security Base64";
public static void jdkHmacMD5() {
try {
// 初始化KeyGenerator
KeyGenerator keyGenerator = KeyGenerator.getInstance( "HmacMD5" );
// 產生密鑰
SecretKey secretKey = keyGenerator.generateKey();
// 獲得密鑰
// byte[] key = secretKey.getEncoded();
byte[] key = Hex.decodeHex( "aaaaaaaaaa".toCharArray() );
// 還原密鑰
SecretKey restoreSecretKey = new SecretKeySpec( key, "HmacMD5" );
// 實例化MAC
Mac mac = Mac.getInstance( restoreSecretKey.getAlgorithm() );
// 初始化Mac
mac.init( restoreSecretKey );
// 執行摘要
byte[] hmacMD5Bytes = mac.doFinal( src.getBytes() );
System.out.println( "JDK hmacMD5: " + Hex.encodeHexString( hmacMD5Bytes ) );
} catch( Exception e ) {
e.printStackTrace();
}
}
public static void bcHmacMD5() {
HMac hmac = new HMac( new MD5Digest() );
hmac.init( new KeyParameter( org.bouncycastle.util.encoders.Hex.decode( "aaaaaaaaaa" ) ) );
hmac.update( src.getBytes(), 0, src.getBytes().length );
byte[] hmacMD5Bytes = new byte[ hmac.getMacSize() ];
hmac.doFinal( hmacMD5Bytes, 0 );
System.out.println( "BC hmacMD5: " + org.bouncycastle.util.encoders.Hex.toHexString( hmacMD5Bytes ) );
}
public static void main( String[] args ) {
jdkHmacMD5();
bcHmacMD5();
}
}
相关文章
- 暂无相关文章
用户点评