Message digest algorithm-MAC algorithm series

Last Update:2016-12-04 Source: Internet

Author: User

Tags hmac rfc knowledge base

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

First, brief

MAC (message authentication code, messaging authentication Code algorithm) is a key hash function algorithm that is compatible with the features of the MD and SHA algorithms, and adds a key on this basis. So Mac algorithms are often called HMAC algorithms. The details of the HMAC algorithm can be found in RFC 2104 (Http://www.ietf.org/rfc/rfc2104.txt), which contains the C language implementation of the HMACMD5 algorithm.

What needs to be explained here is that the digest value obtained by the MAC algorithm can also be expressed in hexadecimal notation, and its digest is worth the same length as the digest value of the implementation algorithm. For example, the Hmacsha algorithm obtains the digest length is the SHA1 algorithm obtains the digest length, all is the 160-bit binary number, translates into the 16 binary encoding to be 40 bits.

Second, model analysis

The data exchange between the two parties can take the following process to complete

1, party A to party B to publish the digest algorithm (that is, specify the name of the digest algorithm to use)

2, the two parties in accordance with the agreement to construct the key, the two sides have the same key (usually one party constructs the key to notify the other party, this process does not need to be implemented by the program, that is, the two sides agreed to a string, but this string is not arbitrarily set, but also through the relevant algorithm obtained)

3, party a use the key to digest the message, and then send the message and generated summary message sent to party B together

4, Party B received the message, the use of party A has been published by the Digest algorithm + agreed key to the received message digest processing. Then the summary message is compared to your own and the summary message sent by party A. Whether the screening message was sent by party A.

Third, MAC Series algorithm support table

Algorithm	Summary length	Note
HmacMD5	128	JAVA6 implementation
HmacSHA1	160	JAVA6 implementation
HmacSHA256	256	JAVA6 implementation
HmacSHA384	384	JAVA6 implementation
HmacSHA512	512	JAVA6 implementation
HmacMD2	128	Bouncycastle implementation
HmacMD4	128	Bouncycastle implementation
HmacSHA224	224	Bouncycastle implementation

Implementation of the HMAC algorithm for Sun and Bouncycastle

Package Com.ca.test;import <a href= "Http://lib.csdn.net/base/java" class= ' Replace_word ' title= "Java Knowledge Base" Target= ' _ Blank ' style= ' color: #df3434; Font-weight:bold; ' >java</a>.security. Security;import Javax.crypto.keygenerator;import Javax.crypto.mac;import Javax.crypto.secretkey;import Javax.crypto.spec.secretkeyspec;import Org.bouncycastle.jce.provider.bouncycastleprovider;import org.bouncycastle.util.encoders.hex;/** * Mac message Digest component * @author KONGQZ * */public class Maccoder {///////////////////////// hmacmd5////////////////////////////////** * Initialize HmacMD5 key * @return byte[] Key * * */public static byte[] Inithmacmd5key () throws exception{//initialize Keygeneratorkeygenerator keygenerator=keygenerator.getinstance ("HmacMD5");// Generate key Secretkey Secretkey=keygenerator.generatekey ();//Get Key return secretkey.getencoded ();} /** * HMACMD5 Message Summary * @param data to be processed by digest * @param key key * @return byte[] Message digest * */public static byte[] EncodeHmacMD5 (by Te[] data,byte[] key) throws exception{//restore key because the key is in bytThe e-form is owned by the messaging algorithm Secretkey secretkey=new secretkeyspec (Key, "HmacMD5");//Instantiate Macmac mac=mac.getinstance ( Secretkey.getalgorithm ());//Initialize Macmac.init (Secretkey);//execute message digest to process return mac.dofinal (data);} hmacsha1///////////////////////////////////** * Initialize HmacSHA1 key * @return byte[] Key * * * /public Static byte[] Inithmacshakey () throws exception{//initialize Keygeneratorkeygenerator keygenerator= Keygenerator.getinstance ("HmacSHA1");//Generate Key Secretkey Secretkey=keygenerator.generatekey ();//Get Key return Secretkey.getencoded ();} /** * HMACSHA1 Message Summary * @param data to be processed by digest * @param key key * @return byte[] Message digest * */public static byte[] Encodehmacsha (b Yte[] data,byte[] key) throws exception{//restore the key because the key is in byte form for the message passing algorithm to have Secretkey secretkey=new Secretkeyspec (Key, " HmacSHA1 ");//Instantiate Macmac Mac=mac.getinstance (Secretkey.getalgorithm ());//Initialize Macmac.init (Secretkey);// Executes message digest processing return mac.dofinal (data);} hmacsha256///////////////////////////////////** * Initialize the HmacSHA256 key * @return byte[] Key * * */public static byte[] Inithmacsha256key () throws exception{//initialize Keygeneratorkeygenerator Keygener Ator=keygenerator.getinstance ("HmacSHA256");//Generate Key Secretkey Secretkey=keygenerator.generatekey ();//Get Key return Secretkey.getencoded ();} /** * HMACSHA256 Message Summary * @param data to be processed by digest * @param key key * @return byte[] Message digest * */public static byte[] Encodehmacsha (byte[] data,byte[] key) throws exception{//restore the key, because the key is in byte form the message passing algorithm has secretkey secretkey=new secretkeyspec (Key, "HmacSHA256");//Instantiate Macmac Mac=mac.getinstance (Secretkey.getalgorithm ());//Initialize Macmac.init (Secretkey);// Executes message digest processing return mac.dofinal (data);} hmacsha384///////////////////////////////////** * Initialize the HmacSHA384 key * @return byte[] Key * * */public static byte[] Inithmacsha384key () throws exception{//initialize Keygeneratorkeygenerator keygenerator= Keygenerator.getinstance ("HmacSHA384");//Generate Key Secretkey Secretkey=keygenerator.generatekey ();//Get Key return Secretkey.getencoded ();} /** * HmacSHA384 Message Summary * @param data to be processed by digest * @param key key * @return byte[] Message digest * */public static byte[] encodeHmacSHA384 (byte[] Data , byte[] key) throws exception{//restore key because the key is owned by the message-passing algorithm in byte form Secretkey secretkey=new Secretkeyspec (Key, "HmacSHA384") ;//Instantiate Macmac Mac=mac.getinstance (Secretkey.getalgorithm ());//Initialize Macmac.init (Secretkey);//execute message digest to process return Mac.dofinal (data);} hmacsha512///////////////////////////////////** * Initialize the HmacSHA512 key * @return byte[] Key * * */public static byte[] Inithmacsha512key () throws exception{//initialize Keygeneratorkeygenerator keygenerator= Keygenerator.getinstance ("HmacSHA512");//Generate Key Secretkey Secretkey=keygenerator.generatekey ();//Get Key return Secretkey.getencoded ();} /** * HMACSHA512 Message Summary * @param data to be processed by digest * @param key key * @return byte[] Message digest * */public static byte[] Encodehmacsha (byte[] data,byte[] key) throws exception{//restore the key, because the key is in byte form the message passing algorithm has secretkey secretkey=new secretkeyspec (Key, "HmacSHA512");//instantiation of Macmac mac=mac.getinstance (SECretkey.getalgorithm ());//Initialize Macmac.init (Secretkey);//execute message digest to process return mac.dofinal (data);} Hmacmd2-bouncycastle Supported Implementation///////////////////////////////////** * Initialize the HmacMD2 key * @ return byte[] key * */public static byte[] Inithmacmd2key () throws exception{// Added support for Bouncycastleprovider Security.addprovider (New Bouncycastleprovider ());//Initialize Keygeneratorkeygenerator Keygenerator=keygenerator.getinstance ("HmacMD2");//Generate Key Secretkey Secretkey=keygenerator.generatekey ();// Get the key return secretkey.getencoded ();} /** * HMACMD2 Message Summary * @param data to be processed by digest * @param key key * @return byte[] Message digest * */public static byte[] EncodeHmacMD2 (by Te[] data,byte[] key) throws exception{//add Bouncycastleprovider support Security.addprovider (new Bouncycastleprovider ()) ;//Restore the key because the key is owned by the Secretkey Secretkey=new Secretkeyspec (Key, "HmacMD2") in byte form for the message passing algorithm;//Instantiate Macmac mac= Mac.getinstance (Secretkey.getalgorithm ());//Initialize Macmac.init (Secretkey);//execute message digest to process return mac.dofinal (data);} /** * Hmacmd2hex Message Summary * @param dataDo message digest processing data * @param String key * @return byte[] Message digest * */public static String Encodehmacmd2hex (byte[] data,byte[] key) thro WS exception{//performs message digest processing byte[] B=ENCODEHMACMD2 (Data,key);//make 16 binary convert return new String (Hex.encode (b));} Hmacmd4-bouncycastle Supported Implementation///////////////////////////////////** * Initialize the HmacMD2 key * @ return byte[] key * */public static byte[] Inithmacmd4key () throws exception{// Added support for Bouncycastleprovider Security.addprovider (New Bouncycastleprovider ());//Initialize Keygeneratorkeygenerator Keygenerator=keygenerator.getinstance ("HmacMD4");//Generate Key Secretkey Secretkey=keygenerator.generatekey ();// Get the key return secretkey.getencoded ();} /** * HMACMD4 Message Summary * @param data to be processed by digest * @param key key * @return byte[] Message digest * */public static byte[] EncodeHmacMD4 (by Te[] data,byte[] key) throws exception{//add Bouncycastleprovider support Security.addprovider (new Bouncycastleprovider ()) ;//Restore the key because the key is owned by the Secretkey Secretkey=new Secretkeyspec (Key, "HmacMD4") in byte form for the message passing algorithm;//Instantiate Macmac Mac=mac.getinStance (Secretkey.getalgorithm ());//Initialize Macmac.init (Secretkey);//execute message digest to process return mac.dofinal (data);} /** * Hmacmd4hex Message digest * @param data to be processed by message Digest * @param String key * @return byte[] Message digest * */public static String Encodehma Cmd4hex (byte[] data,byte[] key) throws exception{//perform message digest processing byte[] B=ENCODEHMACMD4 (Data,key);//do 16 binary conversion return new String (Hex.encode (b)); Hmacsha224-bouncycastle only supported implementations///////////////////////////////////** * Initialize HmacSHA224 key * @return byte[] key * */public static byte[] Inithmacsha224key () throws exception{//join Bouncycastleprovid ER support Security.addprovider (new Bouncycastleprovider ());//Initialize Keygeneratorkeygenerator keygenerator= Keygenerator.getinstance ("HmacSHA224");//Generate Key Secretkey Secretkey=keygenerator.generatekey ();//Get Key return Secretkey.getencoded ();} /** * HmacSHA224 Message Summary * @param data to be processed by digest * @param key key * @return byte[] Message digest * */public static byte[] Encodehmacsha 224 (byte[] data,byte[] key) throws exception{//add Bouncycastleprovider support securIty.addprovider (New Bouncycastleprovider ());//Restore the key because the key is the Secretkey secretkey=new secretkeyspec that the message-passing algorithm has in the form of byte ( Key, "HmacSHA224");//instantiation of Macmac Mac=mac.getinstance (Secretkey.getalgorithm ());//Initialize Macmac.init (Secretkey);// Executes message digest processing return mac.dofinal (data);} /** * Hmacsha224hex Message digest * @param data to be processed by message Digest * @param String key * @return byte[] Message digest * */public static String encode Hmacsha224hex (byte[] data,byte[] key) throws exception{//perform message digest processing byte[] b=encodehmacsha224 (Data,key);// Do 16 binary conversion return new String (Hex.encode (b));} /** * Processing of related digest algorithms show * @throws Exception * **/public static void Main (string[] args) throws Exception {String str= "Hmacmd 5 Message digest ";//Initialize key byte[] Key1=maccoder.inithmacmd5key ();//Get summary information byte[] DATA1=MACCODER.ENCODEHMACMD5 (Str.getbytes (), Key1); System.out.println ("Original:" +str); System.out.println (); System.out.println ("HmacMD5 Key:" +key1.tostring ()); System.out.println ("HmacMD5 Algorithm Summary:" +data1.tostring ()); System.out.println ();//Initialize key byte[] Key2=maccoder.inithmacsha256key ();//Get summary information byte[] Data2=maccoder.encodehmacsha256 (Str.getbytes (), key2); System.out.println ("HmacSHA256 Key:" +key2.tostring ()); System.out.println ("HmacSHA256 Algorithm Summary:" +data2.tostring ()); System.out.println ();//Initialize key byte[] Key3=maccoder.inithmacshakey ();//Get summary information byte[] Data3=maccoder.encodehmacsha ( Str.getbytes (), Key3); System.out.println ("HmacSHA1 Key:" +key3.tostring ()); System.out.println ("HmacSHA1 Algorithm Summary:" +data3.tostring ()); System.out.println ();//Initialize key byte[] Key4=maccoder.inithmacsha384key ();//Get summary information byte[] Data4= maccoder.encodehmacsha384 (Str.getbytes (), Key4); System.out.println ("HmacSHA384 Key:" +key4.tostring ()); System.out.println ("HmacSHA384 Algorithm Summary:" +data4.tostring ()); System.out.println ();//Initialize key byte[] Key5=maccoder.inithmacsha512key ();//Get summary information byte[] Data5= maccoder.encodehmacsha512 (Str.getbytes (), key5); System.out.println ("HmacSHA512 Key:" +key5.tostring ()); System.out.println ("HmacSHA512 Algorithm Summary:" +data5.tostring ()); System.out.println (); System.out.println ("================ below the algorithm support is bouncycastle supported algorithm, Sun JAVA6 does not support ====================== = ");//Initialize key byte[] Key6=maccoder.inithmacmd2key ();//Get summary information byte[] DATA6=MACCODER.ENCODEHMACMD2 (Str.getbytes (), KEY6); String Datahex6=maccoder.encodehmacmd2hex (Str.getbytes (), key6); System.out.println ("Bouncycastle HmacMD2 Key:" +key6.tostring ()); System.out.println ("Bouncycastle HmacMD2 Algorithm Summary:" +data6.tostring ()); System.out.println ("Bouncycastle Hmacmd2hex Algorithm Summary:" +datahex6.tostring ()); System.out.println ();//Initialize key byte[] Key7=maccoder.inithmacmd4key ();//Get summary information byte[] DATA7=MACCODER.ENCODEHMACMD4 ( Str.getbytes (), key7); String Datahex7=maccoder.encodehmacmd4hex (Str.getbytes (), key7); System.out.println ("Bouncycastle HmacMD4 Key:" +key7.tostring ()); System.out.println ("Bouncycastle HmacMD4 Algorithm Summary:" +data7.tostring ()); System.out.println ("Bouncycastle Hmacmd4hex Algorithm Summary:" +datahex7.tostring ()); System.out.println ();//Initialize key byte[] Key8=maccoder.inithmacsha224key ();//Get summary information byte[] Data8= maccoder.encodehmacsha224 (Str.getbytes (), key8); String Datahex8=maccoder.encodehmacsha224hex (Str.getbytes (), key8); System.out.println ("BOuncycastle HmacSHA224 Key: "+key8.tostring ()); System.out.println ("Bouncycastle HmacSHA224 Algorithm Summary:" +data8.tostring ()); System.out.println ("Bouncycastle HmacSHA224 Algorithm Summary:" +datahex8.tostring ()); System.out.println ();}} The console output is as follows: Original: HmacMD5 message digest HmacMD5 key: [[EMAIL&NBSP;PROTECTED]HMACMD5 Algorithm summary: [[email protected]hmacsha256 Key: [[ EMAIL&NBSP;PROTECTED]HMACSHA256 algorithm Summary: [[EMAIL&NBSP;PROTECTED]HMACSHA1 key: [[[EMAIL&NBSP;PROTECTED]HMACSHA1] Algorithm summary: [[ email protected]hmacsha384 key: [[email protected]hmacsha384 Algorithm summary: [[email protected]hmacsha512 Key: [[EMAIL&NBSP;PROTECTED]HMACSHA512 Algorithm summary: [[email protected]================] algorithm support is bouncycastle supported by the algorithm, Sun JAVA6 does not support =======================bouncycastle HmacMD2 key: [[Email protected]bouncycastle HmacMD2 algorithm Summary: [email  protected]bouncycastle Hmacmd2hex Algorithm Summary: 0fbabb3bb1a2be81fbc823013f6920febouncycastle HmacMD4 key: [Email  protected]bouncycastle HmacMD4 Algorithm Summary: [[Email protected]bouncycastle Hmacmd4hex Algorithm Summary: A3fa5935ca554f83c8987efd2bcfe605bouncycastle HMACSHA224 key: [[Email protected]bouncycastle HmacSHA224 algorithm Summary: [[Email protected]bouncycastle HmacSHA224 Algorithm Summary: 542d47250e5ff9f8bb3a7607799b1685a8accd65580410ea1d4dd578

V. Summary

1, Sun supports the 5 algorithm, but does not support the conversion to 16, but can be used Commons codec or bouncycastle of the 16 binary conversion assistance to convert

2. Bouncycastle supports three additional algorithms and supports 16 binary conversions

Message digest algorithm-MAC algorithm series

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More