java加密體系-訊息驗證碼
阿新 • • 發佈:2018-11-09
1、訊息驗證碼演算法實現支援
演算法 | 摘要長度 | 備註 |
HmacMD5 | 128 | BouncyCastle實現 |
HmacSHA1 | 160 | BouncyCastle實現 |
HmacSHA256 | 256 | BouncyCastle實現 |
HmacSHA384 | 384 | BouncyCastle實現 |
HmacSHA512 | 512 | JAVA6實現 |
HmacMD2 | 128 | BouncyCastle實現 |
HmacMD4 | 128 | BouncyCastle實現 |
HmacSHA224 | 224 | BouncyCastle實現 |
2、使用HmacSHA256演算法實現訊息驗證碼
import java.security.Security; import javax.crypto.KeyGenerator; import javax.crypto.Mac; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; import org.bouncycastle.jce.provider.BouncyCastleProvider; import org.bouncycastle.util.encoders.Hex; /** * 訊息驗證碼 * @author luke */ public class HAMC { public static byte[] initHmacSHA256Key() throws Exception{ Security.addProvider(new BouncyCastleProvider()); KeyGenerator keyGenerator = KeyGenerator.getInstance("HmacSHA256"); SecretKey secretKey = keyGenerator.generateKey(); return secretKey.getEncoded(); } public static byte[] encodeHmacSHA256(byte[] data,byte[] key) throws Exception{ Security.addProvider(new BouncyCastleProvider()); SecretKey secretKey = new SecretKeySpec(key, "HmacSHA256"); Mac mac = Mac.getInstance(secretKey.getAlgorithm()); mac.init(secretKey); return mac.doFinal(data); } public static void main(String[] args) { try { //初始化金鑰 byte[] key=HAMC.initHmacSHA256Key(); //通過金鑰和訊息獲取訊息驗證碼 String str="999999999999999999999999999999999999999";//模擬傳送的訊息 byte[] data=HAMC.encodeHmacSHA256(str.getBytes(), key); //訊息驗證碼轉16進位制字串 String dataHex=new String(Hex.encode(data)); System.out.println("傳送的訊息:"+str);//將訊息和訊息驗證碼傳送出去 System.out.println("傳送驗證碼HEX:"+dataHex); System.out.println("---------------------------------"); String str2="999999999999999999999999999999999999999";//模擬接收到的訊息 byte[] data2=HAMC.encodeHmacSHA256(str2.getBytes(), key); String data2Hex=new String(Hex.encode(data2)); System.out.println("接收到的訊息:"+str2);//當訊息被篡改,計算出的訊息驗證碼將不一致 System.out.println("計算出驗證碼HEX:"+data2Hex); System.out.println("---------------------------------"); System.out.println(dataHex.equals(data2Hex));//對比計算出的和接收到的是否一致,驗證訊息的完整性和認證性 } catch (Exception e) { e.printStackTrace(); } } }
3、測試結果
傳送的訊息:999999999999999999999999999999999999999
傳送驗證碼HEX:f6628635b8fe53277ff5b9f003b88bbe35af38f5ee91d34440e9b655efa14f59
---------------------------------
接收到的訊息:999999999999999999999999999999999999999
計算出驗證碼HEX:f6628635b8fe53277ff5b9f003b88bbe35af38f5ee91d34440e9b655efa14f59
---------------------------------
true