一、消息摘要算法
消息摘要算法 MD(Message Digest)
安全散列算法 SHA(Secure Hash Algorithm)
消息验证码算法 MAC(Message Authentication Code)
验证数据完整性 数字签名核心算法
二、消息摘要算法—MD
1、理论知识
MD家族(128位摘要信息)
- MD2、MD4、MD5
| 算法 | 摘要长度 | 实现方 |
|---|---|---|
| MD2 | 128 | JDK |
| MD4 | 128 | Bouncy Castle |
| MD5 | 128 | JDK |
适用场景举例:对用户密码多重消息摘要后再进行数据库的存储,防止数据库信息泄露后导致用户的密码信息泄露(如CSND数据库泄露事件)。
2、JDK 实现:
public static void jdkMD2() throws NoSuchAlgorithmException {
String src = "test source";
MessageDigest md = MessageDigest.getInstance("MD2");
byte[] md2bytes = md.digest(src.getBytes());
String md2Str = Hex.encodeHexString(md2bytes);
System.out.println("md2Str:" + md2Str);
}
public static void jdkMD5() throws NoSuchAlgorithmException {
String src = "test source";
MessageDigest md = MessageDigest.getInstance("MD5");
byte[] md5bytes = md.digest(src.getBytes());
String md5Str = Hex.encodeHexString(md5bytes);
System.out.println("md5Str:" + md5Str);
}
3、Commons Codec 实现:
public static void ccMD2() {
String src = "test source";
String md2Str = DigestUtils.md2Hex(src);
System.out.println("md2Str:" + md2Str);
}
public static void ccMD5() {
String src = "test source";
String md5Str = DigestUtils.md5Hex(src);
System.out.println("md5Str:" + md5Str);
}
4、Bouncy Castle 实现:
public static void bcMD2() {
String src = "test source";
Digest digest = new MD2Digest();
digest.update(src.getBytes(), 0, src.getBytes().length);
byte[] md2Bytes = new byte[digest.getDigestSize()];
digest.doFinal(md2Bytes,0);
String md2Str = org.bouncycastle.util.encoders.Hex.toHexString(md2Bytes);
System.out.println("md2Str:" + md2Str);
}
public static void bcMD5() {
String src = "test source";
Digest digest = new MD5Digest();
digest.update(src.getBytes(), 0, src.getBytes().length);
byte[] md5Bytes = new byte[digest.getDigestSize()];
digest.doFinal(md5Bytes,0);
String md5Str = org.bouncycastle.util.encoders.Hex.toHexString(md5Bytes);
System.out.println("md5Str:" + md5Str);
}
public static void bcMD4() {
String src = "test source";
Digest digest = new MD4Digest();
digest.update(src.getBytes(), 0, src.getBytes().length);
byte[] md4Bytes = new byte[digest.getDigestSize()];
digest.doFinal(md4Bytes,0);
String md4Str = org.bouncycastle.util.encoders.Hex.toHexString(md4Bytes);
System.out.println("md4Str:" + md4Str);
}
public static void bcMD4s() throws NoSuchAlgorithmException {
String src = "test source";
Security.addProvider(new BouncyCastleProvider());
MessageDigest md = MessageDigest.getInstance("MD4");
byte[] md4bytes = md.digest(src.getBytes());
String md4Str = Hex.encodeHexString(md4bytes);
System.out.println("md4Str:" + md4Str);
}
三、消息摘要算法-SHA
1、理论知识
安全散列算法 固定长度摘要信息 SHA-1、SHA-2(SHA-224、SHA-256、SHA-384、SHA-512)
| 算法 | 摘要长度 | 实现方 |
|---|---|---|
| SHA-1 | 160 | JDK |
| SHA-224 | 224 | Bouncy Castle |
| SHA-256 | 256 | JDK |
| SHA-384 | 384 | JDK |
| SHA-512 | 512 | JDK |
适用场景举例:证书; 1、加入约定Key 2、增加时间戳 3、排序 http://**?msg=324ghjg234987ufasd×tamp=1309476876; msg:原始消息+key+时间戳。
2、JDK 实现:
public static void jskSHA1() throws NoSuchAlgorithmException {
String src = "test source";
MessageDigest md = MessageDigest.getInstance("SHA-1");
byte[] sha1Bytes = md.digest(src.getBytes());
String sha1Str = Hex.encodeHexString(sha1Bytes);
System.out.println("sha1Str:" + sha1Str);
}
3、Commons Codec 实现:
public static void ccSHA1() {
String src = "test source";
String sha1Str = DigestUtils.sha1Hex(src);
System.out.println("sha1Str:" + sha1Str);
}
4、Bouncy Castle 实现:
public static void bcSHA1() {
String src = "test source";
Digest digest = new SHA1Digest();
digest.update(src.getBytes(), 0, src.getBytes().length);
byte[] sha1Bytes = new byte[digest.getDigestSize()];
digest.doFinal(sha1Bytes, 0);
String sha1Str = org.bouncycastle.util.encoders.Hex.toHexString(sha1Bytes);
System.out.println("sha1Str:" + sha1Str);
}
public static void bcSHA1s() throws NoSuchAlgorithmException {
String src = "test source";
Security.addProvider(new BouncyCastleProvider());
MessageDigest md = MessageDigest.getInstance("SHA-224");
byte[] sha1Bytes = md.digest(src.getBytes());
String sha1Str = Hex.encodeHexString(sha1Bytes);
System.out.println("sha1Str:" + sha1Str);
}
四、消息摘要算法—MAC
1、理论知识
MAC(Message Authentication Code)
HMAC(keyed-Hash Message Authentication Code),含有密钥的散列函数算法
融合MD、SHA
MD系列:HmacMD2、HmacMD4、HmacMD5
SHA系列:HmacSHA1、HmacSHA224、HmacSHA256、HmacSHA384、HmacSHA512
| 算法 | 摘要长度 | 实现方 |
|---|---|---|
| HmacMD2 | 128 | Bouncy Castle |
| HmacMD4 | 128 | Bouncy Castle |
| HmacMD5 | 128 | JDK |
| HmacSHA1 | 160 | JDK |
| HmacSHA224 | 224 | Bouncy Castle |
| HmacSHA256 | 256 | JDK |
| HmacSHA384 | 384 | JDK |
| HmacSHA512 | 512 | JDK |
应用场景如:SecureCRT 。
2、JDK 实现:
public static void jdkHmacMD5() throws NoSuchAlgorithmException, InvalidKeyException {
String src = "test source";
// 产生密钥
KeyGenerator keyGenerator = KeyGenerator.getInstance("HmacMD5");
Key secretKey = keyGenerator.generateKey();
byte[] key = secretKey.getEncoded();
String keyStr = Hex.encodeHexString(key);
System.out.println("keyStr:" + keyStr);
// byte[] key = "mykey0759".getBytes();
// String keyStr = Hex.encodeHexString(key);
// System.out.println("keyStr:" + keyStr);
// 还原密钥
Key restoreKey = new SecretKeySpec(key, "HmacMD5");
Mac mac = Mac.getInstance(restoreKey.getAlgorithm());
mac.init(restoreKey);
byte[] hmacMD5Bytes = mac.doFinal(src.getBytes());
String hmacMD5Str = Hex.encodeHexString(hmacMD5Bytes);
System.out.println("hamcMD5Str:" + hmacMD5Str);
}
3、Bouncy Castle 实现:
public static void bcHmacMD5() throws DecoderException, NoSuchAlgorithmException {
String src = "test source";
// 产生密钥
KeyGenerator keyGenerator = KeyGenerator.getInstance("HmacMD5");
Key secretKey = keyGenerator.generateKey();
byte[] key = secretKey.getEncoded();
String keyStr = org.bouncycastle.util.encoders.Hex.toHexString(key);
System.out.println("keyStr:" + keyStr);
// byte[] key = "mykey0759".getBytes();
// String keyStr = org.bouncycastle.util.encoders.Hex.toHexString(key);
// System.out.println("keyStr:" + keyStr);
// 还原密钥
KeyParameter restoreKey = new KeyParameter(key);
HMac hMac = new HMac(new MD5Digest());
hMac.init(restoreKey);
hMac.update(src.getBytes(), 0, src.getBytes().length);
byte[] hmacMD5Bytes = new byte[hMac.getMacSize()];
hMac.doFinal(hmacMD5Bytes, 0);
String hmacMD5Str = Hex.encodeHexString(hmacMD5Bytes);
System.out.println("hamcMD5Str:" + hmacMD5Str);
}
五、消息摘要算法-其它
RipeMD
Tiger
Whirlpool
GOST3411
Bouncy Castle实现
主要知识点来源于慕课慕课网上 moocer老师 提供的 java 加密系列教程。 原创不易,如需转载,请标明出处!
最后修改:2019-09-08 04:09:34
© 著作权归作者所有
如果觉得我的文章对你有用,请随意赞赏
扫一扫支付
发表评论