SHA-2 名称来自于安全散列算法2(英语:Secure Hash Algorithm 2)的缩写,一种密码散列函数算法标准,由美国国家安全局研发,由美国国家标准与技术研究院(NIST)在 2001 年发布。属于 SHA 算法之一,是 SHA-1 的后继者。其下又可再分为六个不同的算法标准,包括了:SHA-224、SHA-256、SHA-384、SHA-512、SHA-512/224、SHA-512/256。
JDK 自带的 MessageDigest 类为应用程序提供信息摘要算法的功能,如 MD5 或 SHA 算法。信息摘要是安全的单向哈希函数,它接收任意大小的数据,并输出固定长度的哈希值。
实例:使用 JDK 的 MessageDigest 实现 SHA2 消息摘要。
import org.apache.commons.codec.binary.Hex;
import java.security.MessageDigest;
public class CryptSha2Demo1 {
public static void main(String[] args) {
CryptSha2Demo1 demo = new CryptSha2Demo1();
byte[] bytes = "hello world".getBytes();
demo.sha224(bytes);
demo.sha256(bytes);
demo.sha384(bytes);
demo.sha512(bytes);
demo.sha512_224(bytes);
demo.sha512_256(bytes);
}
private void sha(byte[] bytes, String name) {
try {
MessageDigest digest = MessageDigest.getInstance(name);
System.out.println(name + ":"
+ Hex.encodeHexString(digest.digest(bytes)));
} catch (Exception e) {
System.err.println(name + ":" + e.getMessage());
}
}
private void sha224(byte[] bytes) {
sha(bytes, "SHA-224");
}
private void sha256(byte[] bytes) {
sha(bytes, "SHA-256");
}
private void sha384(byte[] bytes) {
sha(bytes, "SHA-384");
}
private void sha512(byte[] bytes) {
sha(bytes, "SHA-512");
}
private void sha512_224(byte[] bytes) {
sha(bytes, "SHA-512/224");
}
private void sha512_256(byte[] bytes) {
sha(bytes, "SHA-512/256");
}
}输出结果:
SHA-224:2f05477fc24bb4faefd86517156dafdecec45b8ad3cf2522a563582b SHA-256:b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9 SHA-384:fdbd8e75a67f29f701a4e040385e2e23986303ea10239211af907fcbb83578b3e417cb71ce646efd0819dd8c088de1bd SHA-512:309ecc489c12d6eb4cc40f50c902f2b4d0ed77ee511a7c7a9bcd3ca86d4cd86f989dd35bc5ff499670da34255b45b0cfd830e81f605dcf7dc5542e93ae9cd76f SHA-512/224:SHA-512/224 MessageDigest not available SHA-512/256:SHA-512/256 MessageDigest not available
Apache Commons Codec 提供的 DigestUtils 类用于简化常见 MessageDigest(消息摘要)任务的操作。此类是不可变的并且是线程安全的。
实例1:使用 digest() 方法进行 SHA2 消息摘要算法计算。
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;
public class CryptSha2Demo2 {
public static void main(String[] args) {
byte[] bytes = "hello world".getBytes();
// SHA-224
digest(bytes, MessageDigestAlgorithms.SHA_224);
// SHA-256
digest(bytes, MessageDigestAlgorithms.SHA_256);
// SHA-384
digest(bytes, MessageDigestAlgorithms.SHA_384);
// SHA-512
digest(bytes, MessageDigestAlgorithms.SHA_512);
// SHA-512/224
digest(bytes, MessageDigestAlgorithms.SHA_512_224);
// SHA-512/256
digest(bytes, MessageDigestAlgorithms.SHA_512_256);
}
private static void digest(byte[] bytes, String algName) {
try {
DigestUtils digestUtils = new DigestUtils(algName);
System.out.println(algName + ":"
+ Hex.encodeHexString(digestUtils.digest(bytes)));
} catch (Exception e) {
System.err.println(algName + ":" + e.getMessage());
}
}
}输出结果:
SHA-224:2f05477fc24bb4faefd86517156dafdecec45b8ad3cf2522a563582b SHA-256:b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9 SHA-384:fdbd8e75a67f29f701a4e040385e2e23986303ea10239211af907fcbb83578b3e417cb71ce646efd0819dd8c088de1bd SHA-512:309ecc489c12d6eb4cc40f50c902f2b4d0ed77ee511a7c7a9bcd3ca86d4cd86f989dd35bc5ff499670da34255b45b0cfd830e81f605dcf7dc5542e93ae9cd76f SHA-512/224:java.security.NoSuchAlgorithmException: SHA-512/224 MessageDigest not available SHA-512/256:java.security.NoSuchAlgorithmException: SHA-512/256 MessageDigest not available
注意:更多关于 DigestUtils 的用法,请参考官网API:
http://commons.apache.org/proper/commons-codec/apidocs/index.html
