Note: This section is mainly referred to from the art of Java Encryption and decryption (2nd Edition), Chapter 6th, "Verifying data integrity-message digest algorithm"
4.1. SHA
Rationale: The longer the Message digest length (which can be quantified as the length of the encrypted string), the higher the security
- md5:128 bit binary Digest (32 bit 16 binary string) (cracked)
- sha1:160 bit binary digest (40 bit 16 binary string) (cracked)
- SHA256: 256-bit binary digest (64-bit 16 binary string) ( common , also used in spring security)
Implementation method:
- Commons Codec ("CC", most recommended , because it encapsulates the underlying code of the JDK and provides a way to convert the binary byte array to hexadecimal)
- JDK (does not provide a binary byte array to hexadecimal conversion method, want to convert, need to use BC)
- Bouncy Castle ("BC", not recommended, more complex to implement)
Below is only the CC-based tool class code, as for the JDK-based code can refer to the "Java Encryption and Decryption Art (2nd edition)", BC-based code can refer to "MU class network"
4.1.1, CC-based SHA encryption algorithm
When we need to adopt the corresponding SHA algorithm, just choose a different function (specifically query Commons codec API).
The introduction of the jar package and the code to test their own reference to the second chapter of the first example, in the course of testing, you try to see "the same message multiple SHA encryption results are not the same";
Determine whether two byte[] are equal in the test of the Encode () method: Compare the elements in the two-byte array by index to see if they are the same (if using the Main method); If you use JUnit, use Assertarrayequals directly (Array1, Array2).
Fourth Chapter message digest algorithm--sha