background preloader

Java/Security & Crypto

Facebook Twitter

How to calculate MD5 and SHA hash values in Java. Details Last Updated on 06 September 2014 | Print Email In cryptography, MD5 (Message Digest version 5) and SHA (Secure Hash Algorithm) are two well-known message digest algorithms.

How to calculate MD5 and SHA hash values in Java

They are also referred as cryptographic hash functions, which take arbitrary-sized data as input (message) and produce a fixed-length hash value. One of the most important properties of hash functions is, it’s infeasible to generate a message that has a given hash (secure one-way). Hash functions are frequently used to check data integrity such as checking integrity of a downloaded file against its publicly-known hash value. The Java platform provides two implementation of hashing functions: MD5 (produces 128-bit hash value), SHA-1 (160-bit) and SHA-2 (256-bit). Here are general steps to generate a hash value from an input (message): First approach (suitable for small-sized message):Second approach (suitable for large-size message, i.e. large file): Now, let’s see some examples in details. 1.

Agence nationale de la sécurité des systèmes d’information - Séc.

JSR105 & JCE

Java.security. (Sun PKCS#11 Provider) Java Applet for Signing with a Smart Card. Using the Sun PKCS#11 Provider Without a Configuration File If you do not want to use an external configuration file, you can set the settings of the Sun PKCS#11 Provider dynamically by a stream.

(Sun PKCS#11 Provider) Java Applet for Signing with a Smart Card

This can be done in the following way: String pkcs11config = "name = SmartCardn" + "library = c:\windows\system32\pkcs201n.dll"; byte[] pkcs11configBytes = pkcs11config.getBytes(); ByteArrayInputStream configStream = newByteArrayInputStream(pkcs11configBytes); Provider pkcs11Provider = new sun.security.pkcs11.SunPKCS11(configStream); security.addProvider(pkcs11Provider); In this example, you create a stream that reads the configuration settings, not from a text file but from a string.

You first convert the string to a byte array and later create a stream from it. Unregistering the Sun PKCS#11 Provider When you no longer need the PKCS#11 security provider, you should unregister it to deallocate the resources used. Security.removeProvider("SunPKCS11-SmartCard"); java.security.KeyStore Page 2 of 8. Bouncy Castle - Dev - Spongy Castle (Bouncy Castle repackage for Android) - v1.47 release. Java Cryptography Architecture (JCA)

The Java platform strongly emphasizes security, including language safety, cryptography, public key infrastructure, authentication, secure communication, and access control.The JCA is a major piece of the platform, and contains a "provider" architecture and a set of APIs for digital signatures, message digests (hashs), certificates and certificate validation, encryption (symmetric/asymmetric block/stream ciphers), key generation and management, and secure random number generation, to name a few.

Java Cryptography Architecture (JCA)

These APIs allow developers to easily integrate security into their application code. The architecture was designed around the following principles:Implementation independenceApplications do not need to implement security algorithms. Rather, they can request security services from the Java platform. Security services are implemented in providers (see below), which are plugged into the Java platform via a standard interface. Architecture JCA Concepts Installing Providers Provider Class Methods. Java Cryptography Architecture (JCA) Reference Guide.

The Java platform strongly emphasizes security, including language safety, cryptography, public key infrastructure, authentication, secure communication, and access control.

Java Cryptography Architecture (JCA) Reference Guide

The JCA is a major piece of the platform, and contains a "provider" architecture and a set of APIs for digital signatures, message digests (hashes), certificates and certificate validation, encryption (symmetric/asymmetric block/stream ciphers), key generation and management, and secure random number generation, to name a few. These APIs allow developers to easily integrate security into their application code. The architecture was designed around the following principles: Implementation independence: Applications do not need to implement security algorithms.

Rather, they can request security services from the Java platform. Other cryptographic communication libraries available in the JDK use the JCA provider architecture, but are described elsewhere. Notes on Terminology Design Principles. Java Cryptography Extension. The Java Cryptography Extension (JCE) is an officially released Standard Extension to the Java Platform.

Java Cryptography Extension

JCE provides a framework and implementation for encryption, key generation and key agreement, and Message Authentication Code (MAC) algorithms. JCE supplements the Java platform, which already includes interfaces and implementations of message digests and digital signatures. Installation is specific to the version of the Java Platform being used, with downloads available for Java 6, Java 7, and Java 8.