在密码学中,消息认证码(英语:Message authentication code,缩写为MAC),又译为消息鉴别码、文件消息认证码、讯息鉴别码、信息认证码,是经过特定算法后产生的一小段信息,检查某段消息的完整性,以及作身份验证。它可以用来检查在消息传递过程中,其内容是否被更改过,不管更改的原因是来自意外或是蓄意攻击。同时可以作为消息来源的身份验证,确认消息的来源。 消息认证码的算法中,通常会使用使用带密钥的散列函数,或者块密码的带认证工作模式(如CBC)。 信息鉴别码不能提供对信息的保密,若要同时实现保密认证,同时需要对信息进行加密。
在Java中支持的消息摘要算法有:HmacMD5、HmacSHA1、HmacSHA224、HmacSHA256、HmacSHA384、HmacSHA512等。
package com.jianggujin.codec; import java.security.InvalidKeyException; import javax.crypto.KeyGenerator; import javax.crypto.Mac; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; /** * 消息认证码(Message Authentication Code,MAC)算法 * * @author jianggujin * */ public class HQMac { private static HQMac mac = new HQMac(); public static HQMac getInstance() { return mac; } private HQMac() { } /** * Mac算法 * * @author jianggujin * */ public static enum HQMacAlgorithm { HmacMD5("HmacMD5"), HmacSHA1("HmacSHA1"), HmacSHA224("HmacSHA224"), HmacSHA256("HmacSHA256"), HmacSHA384( "HmacSHA384"), HmacSHA512("HmacSHA512"); private String name; private HQMacAlgorithm(String name) { this.name = name; } public String getName() { return this.name; } } private Mac getMac(String algorithm, byte[] key) throws Exception { Mac mac = Mac.getInstance(algorithm); if (key != null) { try { SecretKey secretKey = new SecretKeySpec(key, algorithm); mac.init(secretKey); } catch (InvalidKeyException e) { throw new IllegalArgumentException(e); } } return mac; } /** * 加密 * * @param algorithm * @param data * @param key * @return */ public byte[] encrypt(HQMacAlgorithm algorithm, byte[] data, byte[] key) throws Exception { return encrypt(algorithm.getName(), data, key); } /** * 加密 * * @param algorithm * @param data * @param key * @return */ public byte[] encrypt(String algorithm, byte[] data, byte[] key) throws Exception { return getMac(algorithm, key).doFinal(data); } /** * 初始化密钥 * * @param algorithm * @return */ public byte[] initKey(HQMacAlgorithm algorithm) throws Exception { return initKey(algorithm.getName()); } /** * 初始化密钥 * * @param algorithm * @return */ public byte[] initKey(String algorithm) throws Exception { KeyGenerator keyGenerator = KeyGenerator.getInstance(algorithm); SecretKey secretKey = keyGenerator.generateKey(); return secretKey.getEncoded(); } } 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120编写测试代码:
import org.junit.Test; import com.jianggujin.codec.HQHex; import com.jianggujin.codec.HQMac; import com.jianggujin.codec.HQMac.HQMacAlgorithm; public class MacTest { HQMac mac = HQMac.getInstance(); @Test public void encode() throws Exception { byte[] data = "jianggujin".getBytes(); HQMacAlgorithm[] algorithms = HQMacAlgorithm.values(); for (HQMacAlgorithm algorithm : algorithms) { byte[] key = mac.initKey(algorithm); System.err.println(algorithm + ":" + HQHex.encodeHexString(mac.encrypt(algorithm, data, key))); } } } 12345678910111213141516171819202122 12345678910111213141516171819202122运行结果如下: HmacMD5:891E44A3A4CB842AE6BDDA54178CA617 HmacSHA1:03A993483DF38ED65EC51F454C7FB1EEA6D3F61A HmacSHA224:3993CA6F537F812676F0E5F5B15E9A8CFA8C9238DF9AAFFEF5CE218F HmacSHA256:56C7F9E414DB865694C984A4B931041A8508C9E341518061E1E0690F7DE2EFC8 HmacSHA384:765CD8680BDEDA703679EE5B0619DD07C1109A8DCA6EF984A88E7EDF00C52C244E26A6A0EB2DE4BDB2B91274FE44CF22 HmacSHA512:2D4439A91C16A6BBACE449582B3FAD2DE4ACF19E9BED4E09791D3C112A4175E16F1C500B1CD01338F2E8479A7024D5FF28577E3BE0D38E3424A5DAC8F0BC0122
