How To Create Java MessageDigest and Salted MessageDigest

Posted on November 7, 2012. Filed under: java/j2EE |


 

The following is a code example which compares salted and non-salted hash. Need to download commons-codec-1.7.jar in order to import org.apache.commons.codec.binary.Base64;

HashDemo#
HashDemo#ls
SaltedHash.java commons-codec-1.7.jar
HashDemo#cat SaltedHash.java
import java.security.*;
import org.apache.commons.codec.binary.Base64;

public class SaltedHash {
public static void main(String [] args) {
byte message[] = {‘p’,’l’,’a’,’i’,’n’,’t’,’e’,’x’,’t’};
try {
Provider[] providers = Security.getProviders();
for (int i=0; i< providers.length; i++){
System.out.println(“#version:”+providers[i].getVersion()+”#name:”
+providers[i].getName()+”#description:”+providers[i].getInfo());
}

MessageDigest md = MessageDigest.getInstance(“SHA-1”);
MessageDigest mdsalt = MessageDigest.getInstance(“SHA-1”);

md.update(message);
mdsalt.update(message);

//salt make YOUR hash unique, prevent rainbow table attack
byte[] salt = {‘I’,’l’,’i’,’k’,’e’,’I’,’T’,’!’};
mdsalt.update(salt);

byte[] hash = md.digest();
byte[] hashsalt = mdsalt.digest();

String encodeStr = new String(Base64.decodeBase64(hash));
String encodeStrsalt = new String(Base64.decodeBase64(hashsalt));

System.out.println(new String(message));
System.out.println(encodeStr);
System.out.println(encodeStrsalt);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
}

}

HashDemo#
HashDemo#javac -classpath commons-codec-1.7.jar SaltedHash.java
HashDemo#ls
SaltedHash.class SaltedHash.java commons-codec-1.7.jar
HashDemo#java -classpath ‘.:commons-codec-1.7.jar’ SaltedHash
#version:1.6#name:SunPKCS11-Darwin#description:SunPKCS11 accessing Mac OS X SmartCardServices
#version:1.6#name:SUN#description:SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores, JavaPolicy Policy; JavaLoginConfig Configuration)
#version:1.0#name:Apple#description:Apple Provider (implements DES, Triple DES, AES, Blowfish, PBE, Diffie-Hellman, HMAC/MD5, HMAC/SHA1)
#version:1.5#name:SunRsaSign#description:Sun RSA signature provider
#version:1.6#name:SunJSSE#description:Sun JSSE provider(PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
#version:1.6#name:SunJCE#description:SunJCE Provider (implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE, Diffie-Hellman, HMAC)
#version:1.0#name:SunJGSS#description:Sun (Kerberos v5, SPNEGO)
#version:1.5#name:SunSASL#description:Sun SASL provider(implements client mechanisms for: DIGEST-MD5, GSSAPI, EXTERNAL, PLAIN, CRAM-MD5; server mechanisms for: DIGEST-MD5, GSSAPI, CRAM-MD5)
#version:1.0#name:XMLDSig#description:XMLDSig (DOM XMLSignatureFactory; DOM KeyInfoFactory)
#version:1.6#name:SunPCSC#description:Sun PC/SC provider
plaintext
?r
???
HashDemo#

Advertisements

Make a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Liked it here?
Why not try sites on the blogroll...

%d bloggers like this: