消息摘要算法——SHA
安全散列算法,固定长度的摘要信息。被认为是MD5的继承者。是一个系列,包括SHA-1、SHA-2(SHA-224、SHA-256、SHA-384、SHA-512),也就是除了SHA-1,其他的4种都被称为是SHA-2。每种算法的摘要长度和实现方如下:
SHA算法的实现和MD算法的实现大同小异,也是JDK提供了默认的几种实现,apache的Commons Codec在JDK的基础上进行了优化,使其更好用,而Bouncy Castle是JDK的拓展,提供了JDK和Commons Codec没有的SHA-224的实现。
SHA算法的应用
在浏览器的证书管理器中证书:WEB证书一般采用SHA算法。
消息摘要算法是为了防止消息在传输过程中的篡改。
我们在很多网站上都可以用QQ账号一键登录,通常腾讯会给每一个接入方一个key,可能会约定一个消息传送的格式(例如:http://**?msg=12Hsad74mj&×tamp=1309488734),其中msg=摘要信息+key+时间戳。
============================================================================SHA加解密工具类:
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.crypto.digests.SHA224Digest;
import org.bouncycastle.crypto.digests.SHA256Digest;
public class SecuritySHA {
/**
* 安全散列算法,固定长度的摘要信息。被认为是MD5的继承者。是一个系列,包括SHA-1、SHA-2(SHA-224、SHA-256、SHA-384、SHA-512)
*/
/**
* JDK实现sha-1
*/
public static String jdkSHA1(String src) {
MessageDigest md = null;
try {
md = MessageDigest.getInstance("sha");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}// sha1算法传入参数为sha
byte[] sha1Bytes = md.digest(src.getBytes());
return Hex.encodeHexString(sha1Bytes);
}
/**
* JDK实现sha-256
*/
public static String jdkSHA256(String src) {
MessageDigest md = null;
try {
md = MessageDigest.getInstance("sha-256");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
md.update(src.getBytes());
return new String(org.bouncycastle.util.encoders.Hex.encode(md.digest()));
}
/**
* Commons Codec实现sha-1
*/
public static String commonsCodecSAH1(String src){
// return DigestUtils.sha1Hex(src.getBytes());
return DigestUtils.sha1Hex(src);
}
/**
* Bouncy Castle实现sha-1
* @param src
* @return
*/
public static String bouncyCastleSHA1(String src){
Digest digest = new SHA1Digest();
digest.update(src.getBytes(), 0, src.getBytes().length);
byte[]sha1Bytes = new byte[digest.getDigestSize()];
digest.doFinal(sha1Bytes, 0);
return new String(org.bouncycastle.util.encoders.Hex.encode(sha1Bytes));
}
/**
* Bouncy Castle实现sha-224
*/
public static String bouncyCastleSHA224(String src){
Digest digest = new SHA224Digest();
digest.update(src.getBytes(), 0, src.getBytes().length);
byte[]sha224Bytes = new byte[digest.getDigestSize()];
digest.doFinal(sha224Bytes, 0);
return new String(org.bouncycastle.util.encoders.Hex.encode(sha224Bytes));
}
/**
* Bouncy Castle实现sha-256
*/
public static String bouncyCastleSHA256(String src) {
Digest digest = new SHA256Digest();
digest.update(src.getBytes(), 0, src.getBytes().length);
byte[] sha256Bytes = new byte[digest.getDigestSize()];
digest.doFinal(sha256Bytes, 0);
return new String(org.bouncycastle.util.encoders.Hex.encode(sha256Bytes));
}
}
============================================================================SHA加解密工具测试类:
/**
* SHA加密
*/
@Test
public void test_SHA() {
String src = "object-oriente"; // 需要加密的原始字符串
System.out.println("JDK SHA-1:\t" + SecuritySHA.jdkSHA1(src));
System.out.println("cc SHA-1:\t" + SecuritySHA.commonsCodecSAH1(src));
System.out.println("bc SHA-1:\t" + SecuritySHA.bouncyCastleSHA1(src));
System.out.println("bc SHA-224:\t" + SecuritySHA.bouncyCastleSHA224(src));
System.out.println("JDK SHA-256:\t" + SecuritySHA.jdkSHA256(src));
System.out.println("bc SHA-256:\t" + SecuritySHA.bouncyCastleSHA256(src));
// JDK SHA-1: 2e4fa19bda0ac24a161feb670ef03a3d691340af
// cc SHA-1: 2e4fa19bda0ac24a161feb670ef03a3d691340af
// bc SHA-1: 2e4fa19bda0ac24a161feb670ef03a3d691340af
// bc SHA-224: 73c211d3903d6491e6697ab19698aa4bbb2b0091fe0b4547823c4230
// JDK SHA-256:5ec026d4ec15491ea0642ec211c8516673fdd1cff0fbe22b4fa08f6ca8f6d712
// bc SHA-256: 5ec026d4ec15491ea0642ec211c8516673fdd1cff0fbe22b4fa08f6ca8f6d712
}