消息摘要算法——SHA
安全散列算法,固定長度的摘要信息。被認為是MD5的繼承者。是一個系列,包括SHA-1、SHA-2(SHA-224、SHA-256、SHA-384、SHA-512),也就是除了SHA-1,其他的4種都被稱為是SHA-2。每種算法的摘要長度和實現方如下:
SHA算法的實現和MD算法的實現大同小異,也是JDK提供了默認的幾種實現,apache的Commons Codec在JDK的基礎上進行了優化,使其更好用,而Bouncy Castle是JDK的拓展,提供了JDK和Commons Codec沒有的SHA-224的實現。
SHA算法的應用
在瀏覽器的證書管理器中證書:WEB證書一般采用SHA算法。
消息摘要算法是為了防止消息在傳輸過程中的篡改。
我們在很多網站上都可以用QQ賬號一鍵登錄,通常騰訊會給每一個接入方一個key,可能會約定一個消息傳送的格式(例如:http://**?msg=12Hsad74mj&×tamp=1309488734),其中msg=摘要信息+key+時間戳。
============================================================================SHA加解密工具類:
import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import org.apache.commons.codec.binary.Hex; import org.apache.commons.codec.digest.DigestUtils; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.digests.SHA1Digest; import org.bouncycastle.crypto.digests.SHA224Digest; import org.bouncycastle.crypto.digests.SHA256Digest; public class SecuritySHA { /** * 安全散列算法,固定長度的摘要信息。被認為是MD5的繼承者。是一個系列,包括SHA-1、SHA-2(SHA-224、SHA-256、SHA-384、SHA-512) */ /** * JDK實現sha-1 */ public static String jdkSHA1(String src) { MessageDigest md = null; try { md = MessageDigest.getInstance("sha"); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); }// sha1算法傳入參數為sha byte[] sha1Bytes = md.digest(src.getBytes()); return Hex.encodeHexString(sha1Bytes); } /** * JDK實現sha-256 */ public static String jdkSHA256(String src) { MessageDigest md = null; try { md = MessageDigest.getInstance("sha-256"); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } md.update(src.getBytes()); return new String(org.bouncycastle.util.encoders.Hex.encode(md.digest())); } /** * Commons Codec實現sha-1 */ public static String commonsCodecSAH1(String src){ // return DigestUtils.sha1Hex(src.getBytes()); return DigestUtils.sha1Hex(src); } /** * Bouncy Castle實現sha-1 * @param src * @return */ public static String bouncyCastleSHA1(String src){ Digest digest = new SHA1Digest(); digest.update(src.getBytes(), 0, src.getBytes().length); byte[]sha1Bytes = new byte[digest.getDigestSize()]; digest.doFinal(sha1Bytes, 0); return new String(org.bouncycastle.util.encoders.Hex.encode(sha1Bytes)); } /** * Bouncy Castle實現sha-224 */ public static String bouncyCastleSHA224(String src){ Digest digest = new SHA224Digest(); digest.update(src.getBytes(), 0, src.getBytes().length); byte[]sha224Bytes = new byte[digest.getDigestSize()]; digest.doFinal(sha224Bytes, 0); return new String(org.bouncycastle.util.encoders.Hex.encode(sha224Bytes)); } /** * Bouncy Castle實現sha-256 */ public static String bouncyCastleSHA256(String src) { Digest digest = new SHA256Digest(); digest.update(src.getBytes(), 0, src.getBytes().length); byte[] sha256Bytes = new byte[digest.getDigestSize()]; digest.doFinal(sha256Bytes, 0); return new String(org.bouncycastle.util.encoders.Hex.encode(sha256Bytes)); } }
============================================================================SHA加解密工具測試類:
/** * SHA加密 */ @Test public void test_SHA() { String src = "object-oriente"; // 需要加密的原始字符串 System.out.println("JDK SHA-1:\t" + SecuritySHA.jdkSHA1(src)); System.out.println("cc SHA-1:\t" + SecuritySHA.commonsCodecSAH1(src)); System.out.println("bc SHA-1:\t" + SecuritySHA.bouncyCastleSHA1(src)); System.out.println("bc SHA-224:\t" + SecuritySHA.bouncyCastleSHA224(src)); System.out.println("JDK SHA-256:\t" + SecuritySHA.jdkSHA256(src)); System.out.println("bc SHA-256:\t" + SecuritySHA.bouncyCastleSHA256(src)); // JDK SHA-1: 2e4fa19bda0ac24a161feb670ef03a3d691340af // cc SHA-1: 2e4fa19bda0ac24a161feb670ef03a3d691340af // bc SHA-1: 2e4fa19bda0ac24a161feb670ef03a3d691340af // bc SHA-224: 73c211d3903d6491e6697ab19698aa4bbb2b0091fe0b4547823c4230 // JDK SHA-256:5ec026d4ec15491ea0642ec211c8516673fdd1cff0fbe22b4fa08f6ca8f6d712 // bc SHA-256: 5ec026d4ec15491ea0642ec211c8516673fdd1cff0fbe22b4fa08f6ca8f6d712 }