DES&数据指纹
一 ,MessageDigest MD5(信息-摘要算法5)和 SHA(安全哈希算法) 区别
跳转收银台,使用数据指纹
String payUrl = cashier_url + MapUtil.createLinkString(parmMap) + "&sign_type=SHA-256&sign=" + sign; sign_type=SHA-256&sign=58e102c13bc4c643ba6619a600ea6060788c522298da367ce6c70b42dc0a6634
1,SHA-1是由美国标准技术局(NIST)颁布的国家标准,是一种应用最为广泛的hash函数算法,也是目前最先进的加密技术,而SHA-1基于MD5,MD5又基于MD4
2,MD5和SHA-1是单项散列函数的典型代表,它们广泛地应用在信息安全和数字签名等各个领域。从而有效地抗击了信息的主动式攻击
两者比较:
(1)对强行攻击的安全性:最显著和最重要的区别是SHA-1摘要比MD5摘要长32位。使用强行技术,产生任何一个报文使其摘要等于给定报摘要的难度对MD5是2^128数量级的操作,而对SHA-1则是2^160数量级的操作。这样,SHA-1对强行攻击有更大的强度。
(2)对密码分析的安全性:由于MD5的设计,易受密码分析的攻击,SHA-1显得不易受这样的攻击。
(3)速度:在相同的硬件上,SHA-1的运行速度比MD5慢。
二,对称加密,加密解密秘钥相同
AES:Advanced Encrytion Standard(高级加密标准)
DES:Data Encrytion Standard(数据加密标准),对应算法是DEA
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.55</version>
</dependency>
import org.apache.commons.lang3.ArrayUtils;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.ExtendedDigest;
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.crypto.digests.ShortenedDigest;
import org.bouncycastle.crypto.macs.HMac;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.Strings;
import org.bouncycastle.util.encoders.Base64;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.security.Key;
import java.security.Security;
public class DesTest {
public static final ExtendedDigest SHA1_20 = new SHA1Digest();
public static final ExtendedDigest SHA1_08 = new ShortenedDigest(SHA1_20, 8);
static {
setup();
}
private static final void setup() {
if (Security.getProvider("BC") == null) {
try {
Security.addProvider(new BouncyCastleProvider());
} catch (Exception e) {
e.printStackTrace();
}
}
}
@org.junit.Test
public void encryt(){
String content = "123456asdfghjkqwer234er";
String password = "pajkxOrderService20180403";
byte[] decrypted = Strings.toUTF8ByteArray(content);
byte[] mark = {'d', 'c', 'p'};
byte[] input = new byte[decrypted.length + mark.length];
System.arraycopy(mark, 0, input, 0, mark.length);
System.arraycopy(decrypted, 0, input, mark.length, decrypted.length);
byte[] encrypted = encrytOrDecryt(password, input,Cipher.ENCRYPT_MODE);
String result = Strings.fromUTF8ByteArray(Base64.encode(encrypted));
System.out.println("result:" + result);
}
@org.junit.Test
public void decryt(){
String content = "123456asdfghjkqwer234er";
String password = "pajkxOrderService20180403";
byte[] mark = {'d', 'c', 'p'};
String token = "TqoaUyZ6o+qqQXLmNq0JAPUtbxNud7n+Aqq3LhW4wfA=";
byte[] encrypted = Base64.decode(Strings.toUTF8ByteArray(token));
byte[] decrypted = encrytOrDecryt( password, encrypted,Cipher.DECRYPT_MODE);
byte[] output = ArrayUtils.subarray(decrypted, mark.length, decrypted.length);
String result = Strings.fromUTF8ByteArray(output);
System.out.println("result111:" + result);
}
public static final byte[] encrytOrDecryt(String password, byte[] decrypted,int mode) {
Cipher cipher = null; //可以缓存起来
try {
cipher = Cipher.getInstance("DES", "BC");
} catch (Exception e) {
e.printStackTrace();
}
Key key = null;
Digest digest = SHA1_08;
key = new SecretKeySpec(hmac1(digest, password), "DES");//可以缓存
IvParameterSpec iv = new IvParameterSpec(hmac1(digest, password)); //可以缓存
synchronized (cipher) {
try {
cipher.init(mode, key, iv);//Cipher.DECRYPT_MODE 用于解密
} catch (Exception e) {
throw new RuntimeException(e);
}
try {
return cipher.doFinal(decrypted);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
}
private static final byte[] hmac1(Digest digest, String string) {
byte[] hmac = new byte[digest.getDigestSize()];
byte[] data = Strings.toUTF8ByteArray(string);
synchronized(digest) {
HMac h = new HMac(digest);
h.update(data, 0, data.length);
h.doFinal(hmac, 0);
digest.reset();
}
return hmac;
}
}
