HMAC是密钥相关的消息认证码,HMAC运算利用哈希算法,以一个密钥和一个消息为输入,生成一个消息摘要作为输出。
我们使用MD和SHA 消息摘要算法,可以保证数据的完整性。但是在网络传输场景下,消息发送者,仅发送原始数据和数据摘要信息是,黑客可以伪装原始数据和数据摘要信息,达到攻击的目的,HMAC算法通过密钥和数据共同生成 消息摘要,黑客在不知道密钥的情况下,伪造数据和消息摘要难度进一步加大。
消息发送
算法种类 摘要长度
HmacMD5 128
HmacSHA1 160
HmacSHA256 256
HmacSHA384 384
HmacSHA512 512
package lzf.cipher.jdk;
import java.nio.charset.Charset;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
/**
* @author java小工匠
*/
public class HmacUtils {
// 获取 HmacMD5 Key
public static byte[] getHmacMd5Key() {
return getHmacKey("HmacMD5");
}
// 获取 HmacSHA256
public static byte[] getHmacSha256Key() {
return getHmacKey("HmacSHA256");
}
// 获取 HmacSHA512
public static byte[] getHmacSha512Key() {
return getHmacKey("HmacSHA512");
}
// 获取 HMAC Key
public static byte[] getHmacKey(String type) {
try {
// 1、创建密钥生成器
KeyGenerator keyGenerator = KeyGenerator.getInstance(type);
// 2、产生密钥
SecretKey secretKey = keyGenerator.generateKey();
// 3、获取密钥
byte[] key = secretKey.getEncoded();
return key;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
// HMAC MD5 加密
public static String encryptHmacMD5(byte[] data, byte[] key) {
return encryptHmac(data, key, "HmacMD5");
}
// HMAC SHA256 加密
public static String encryptHmacSHA256(byte[] data, byte[] key) {
return encryptHmac(data, key, "HmacSHA256");
}
// HMAC SHA521 加密
public static String encryptHmacSHA512(byte[] data, byte[] key) {
return encryptHmac(data, key, "HmacSHA512");
}
// 基础MAC 算法
public static String encryptHmac(byte[] data, byte[] key, String type) {
try {
// 1、还原密钥
SecretKey secretKey = new SecretKeySpec(key, type);
// 2、创建MAC对象
Mac mac = Mac.getInstance(type);
// 3、设置密钥
mac.init(secretKey);
// 4、数据加密
byte[] bytes = mac.doFinal(data);
// 5、生成数据
String rs = bytesToHexStr(bytes, true);
return rs;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
// 字节数组转16 进制
public static String bytesToHexStr(byte[] bytes, boolean blow) {
if (bytes == null) {
return "";
}
StringBuilder sb = new StringBuilder();
for (byte b : bytes) {
int v = b & 0xFF;
String hv = Integer.toHexString(v);
if (hv.length() < 2) {
sb.append("0");
}
sb.append(hv);
}
String rs = sb.toString();
if (!blow) {
rs = rs.toUpperCase();
}
return rs;
}
public static void main(String[] args) {
byte[] data = "java小工匠".getBytes(Charset.forName("UTF-8"));
// MD5
byte[] hmacMd5KeyBytes = getHmacMd5Key();
String hexHamcMd5Key = bytesToHexStr(hmacMd5KeyBytes, true);
System.out.println("HMAC Md5 KEY:" + hexHamcMd5Key);
String hmacMd5Encrypt = encryptHmacMD5(data, hmacMd5KeyBytes);
System.out.println("HMAC Md5 encrypt:" + hmacMd5Encrypt);
// SHA256
byte[] hmacSha256KeyBytes = getHmacSha256Key();
String hexHamcSha256Key = bytesToHexStr(hmacSha256KeyBytes, true);
System.out.println("HMAC SHA256 KEY:" + hexHamcSha256Key);
String hmacSha256Encrypt = encryptHmacSHA256(data, hmacSha256KeyBytes);
System.out.println("HMAC SHA256 encrypt:" + hmacSha256Encrypt);
// SHA512
byte[] hmacSha512KeyBytes = getHmacSha256Key();
String hexHamcSha512Key = bytesToHexStr(hmacSha512KeyBytes, true);
System.out.println("HMAC SHA512 KEY:" + hexHamcSha512Key);
String hmacSha512Encrypt = encryptHmacSHA512(data, hmacSha512KeyBytes);
System.out.println("HMAC SHA512 encrypt:" + hmacSha512Encrypt);
}
}
-------------------------------------------