SHA 安全散列算法
散列算法:散列是信息的提炼,通常其长度要比信息小很多,且为一个固定长度,加密性强的散列一定是不可逆的,这就意味着通过散列结果,无法推出任何部分的原始信息,任何输入信息的变化,哪怕是一位,都将导致散列结果的明显变化,散列还是防冲突的,即找不出具有相同散列结果的两条信息.具有这些特性的散列结果都可以用于信息验证是否被修改
MD5:RSA数据安全公司开发的一种单项散列算法(单项散列函数一般用户与产生信息摘要,密钥加密等)
SHA:可以对任意长度的数据运算生存160位的数值
SHA1:基于MD4算法,最安全的散列算法之一
SHA1与MD5的区别:
1:对强行攻击的安全性:SAH1摘要要比MD5摘要长32位,SHA1更加安全
2:速度上:SHA1的运行速度比MD5慢
除了图上面的方式,依旧还有commons codec
关于commons codec的jar: commons-codec-1.10.jar 下载地址 参考
关于bouncy castle的jar: bcprov-ext-jdk15on-154.jar 下载地址 参考
jdk 方式SHA1
package com.example.encryption;
import org.apache.commons.codec.binary.Hex;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
/**
* @author xuanyouwu
* @email [email protected]
* @time 2016-05-14 15:27
*/
public class ShaTest {
private static String SrcData = "xuanyouwu";
public static void log(String s) {
System.out.println("------>" + s);
}
public static void main(String[] args) throws Exception {
log("jdk sha1:"+jdkSHA1(SrcData));
}
private static String jdkSHA1(String src) {
try {
MessageDigest messageDigest = MessageDigest.getInstance("SHA");
return Hex.encodeHexString(messageDigest.digest(src.getBytes()));
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return "";
}
}
------>jdk sha1:2a5c6fa5eebeef480dfc9cd911f679a4e86bc97c
commons codec方式生成sha1
package com.example.encryption;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
/**
* @author xuanyouwu
* @email [email protected]
* @time 2016-05-14 15:27
*/
public class ShaTest {
private static String SrcData = "xuanyouwu";
public static void log(String s) {
System.out.println("------>" + s);
}
public static void main(String[] args) throws Exception {
log("cc sha1:" + ccSHA1(SrcData));
}
private static String ccSHA1(String src) {
MessageDigest sha1Digest = DigestUtils.getSha1Digest();
byte[] digest = sha1Digest.digest(src.getBytes());
return Hex.encodeHexString(digest);
}
}
------>cc sha1:2a5c6fa5eebeef480dfc9cd911f679a4e86bc97c
同样commons codec 还提供简单的方式,使用DigestUtils
public static String sha1Hex(String src) {
return DigestUtils.sha1Hex(src.getBytes());
}
bouncy castle方式生存SHA1
package com.example.encryption;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;
import org.bouncycastle.crypto.digests.SHA1Digest;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
/**
* @author xuanyouwu
* @email [email protected]
* @time 2016-05-14 15:27
*/
public class ShaTest {
private static String SrcData = "xuanyouwu";
public static void log(String s) {
System.out.println("------>" + s);
}
public static void main(String[] args) throws Exception {
log("bc sha1:" + bcSHA1(SrcData));
}
private static String bcSHA1(String src)
{
SHA1Digest sha1Digest=new SHA1Digest();
sha1Digest.update(src.getBytes(),0,src.getBytes().length);
byte[] bytes=new byte[sha1Digest.getDigestSize()];
sha1Digest.doFinal(bytes, 0);
return org.bouncycastle.util.encoders.Hex.toHexString(bytes);
}
}
------>bc sha1:2a5c6fa5eebeef480dfc9cd911f679a4e86bc97c
bouncy castle对SHA1的扩展
在其jar包中 org.bouncycastle.digests包下面
分别有SHA1Digest SHA3Digest,SHA224Digest,SHA256Digest,SHA384Digest,SHA512Digest....很多实现,不一一演示,用法基本一致,只是摘要长度不一致,拿SHA224做演示:
package com.example.encryption;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.crypto.digests.SHA224Digest;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
/**
* @author xuanyouwu
* @email [email protected]
* @time 2016-05-14 15:27
*/
public class ShaTest {
private static String SrcData = "xuanyouwu";
public static void log(String s) {
System.out.println("------>" + s);
}
public static void main(String[] args) throws Exception {
log("bc sha1:" + bcSHA1(SrcData));
log("bc sha224:" + bcSHA224(SrcData));
}
private static String bcSHA1(String src) {
SHA1Digest sha1Digest = new SHA1Digest();
sha1Digest.update(src.getBytes(), 0, src.getBytes().length);
byte[] bytes = new byte[sha1Digest.getDigestSize()];
sha1Digest.doFinal(bytes, 0);
return org.bouncycastle.util.encoders.Hex.toHexString(bytes);
}
private static String bcSHA224(String src) {
SHA224Digest sha224 = new SHA224Digest();
sha224.update(src.getBytes(), 0, src.getBytes().length);
byte[] bytes = new byte[sha224.getDigestSize()];
sha224.doFinal(bytes, 0);
return org.bouncycastle.util.encoders.Hex.toHexString(bytes);
}
}
------>bc sha1:2a5c6fa5eebeef480dfc9cd911f679a4e86bc97c
------>bc sha224:2123aac1b225dd0379191e0495e7a0ebae85a464bfaebdfb47720789
可以看到SHA224比SHA1的摘要长很多
JDK 扩展SHA224
由于jdk本身并未提供SHA224的实现,但是提供扩展,而bouncy castle就很好结合起来
package com.example.encryption;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.crypto.digests.SHA224Digest;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
/**
* @author xuanyouwu
* @email [email protected]
* @time 2016-05-14 15:27
*/
public class ShaTest {
private static String SrcData = "xuanyouwu";
public static void log(String s) {
System.out.println("------>" + s);
}
public static void main(String[] args) throws Exception {
log("jdk sha224:" + jdkSHA224(SrcData));
log("jdk bc sha224:" + jdkSHA224WithBc(SrcData));
}
/**
* 将发生异常
* java.security.NoSuchAlgorithmException: SHA224 MessageDigest not available
* @param src
* @return
*/
public static String jdkSHA224(String src) {
try {
MessageDigest md = MessageDigest.getInstance("SHA224");
md.update(src.getBytes());
return Hex.encodeHexString(md.digest());
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
// 扩展jdk 实现SHA224
public static String jdkSHA224WithBc(String src) {
try {
Security.addProvider(new BouncyCastleProvider());
MessageDigest md = MessageDigest.getInstance("SHA224");
md.update(src.getBytes());
return Hex.encodeHexString(md.digest());
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
}
java.security.NoSuchAlgorithmException: SHA224 MessageDigest not available
at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
at java.security.Security.getImpl(Security.java:695)
at java.security.MessageDigest.getInstance(MessageDigest.java:167)
at com.example.encryption.ShaTest.jdkSHA224(ShaTest.java:74)
at com.example.encryption.ShaTest.main(ShaTest.java:36)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:144)
------>jdk bc sha224:2123aac1b225dd0379191e0495e7a0ebae85a464bfaebdfb47720789