java实现md5加密
java实现md5加密
MD5的全称是Message-Digest Algorithm 5(信息-摘要算法),在90年代初由MIT Laboratory for Computer Science和RSA Data Security Inc的Ronald L. Rivest开发出来,经MD2、MD3和MD4发展而来。
一.使用md5加密密码
我们先用java去实现md5加密密码,再去研究一下md5的原理以及他的优缺点。
1.新建MD5.java文件
package com.creditease.bixin.common.util; import sun.misc.BASE64Encoder; import java.io.UnsupportedEncodingException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; /** * Created by hengyang4 on 2018/6/15. */ public class MD5 { /* * 使用md5进行加密 * * */ public String EncodeByMd5(String str) throws NoSuchAlgorithmException,UnsupportedEncodingException{ //确定计算方法 MessageDigest md5 = MessageDigest.getInstance("MD5"); BASE64Encoder base64Encoder = new BASE64Encoder(); //加密后的字符串 String newstr = base64Encoder.encode(md5.digest(str.getBytes("utf-8"))); return newstr; } /** * 判断用户密码是否正确 * 用户输入的密码 @param newpwd * 数据库中保存的密码 @param oldpwd * * **/ public boolean checkPassword(String newpwd,String oldpwd) throws NoSuchAlgorithmException,UnsupportedEncodingException{ if(EncodeByMd5(newpwd).equals(oldpwd)) return true; else return false; } }
2.新建测试类测试该代码
package com.creditease.bixin.common.util; import com.creditease.bixin.Application; import org.junit.Test; import org.junit.runner.RunWith; import org.springframework.boot.test.context.SpringBootTest; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import java.io.UnsupportedEncodingException; import java.security.NoSuchAlgorithmException; /** * Created by hengyang4 on 2018/6/15. */ @RunWith(SpringJUnit4ClassRunner.class) @SpringBootTest(classes = Application.class) public class MD5Test { @Test public void md5Test()throws Exception{ String str = "dog"; try { MD5 md5 = new MD5(); String newstr = md5.EncodeByMd5(str); System.out.println(newstr); System.out.println(md5.checkPassword("dog",newstr)); }catch (NoSuchAlgorithmException e){ e.printStackTrace(); } catch (UnsupportedEncodingException e){ e.printStackTrace(); } } }
运行结果:
使用的时候发现md5使用起来很简单也很便利,那么md5原理是什么呢
二.md5原理
FF(a ,b ,c ,d ,M0 ,7 ,0xd76aa478 ) FF(d ,a ,b ,c ,M1 ,12 ,0xe8c7b756 ) FF(c ,d ,a ,b ,M2 ,17 ,0x242070db ) FF(b ,c ,d ,a ,M3 ,22 ,0xc1bdceee ) FF(a ,b ,c ,d ,M4 ,7 ,0xf57c0faf ) FF(d ,a ,b ,c ,M5 ,12 ,0x4787c62a ) FF(c ,d ,a ,b ,M6 ,17 ,0xa8304613 ) FF(b ,c ,d ,a ,M7 ,22 ,0xfd469501) FF(a ,b ,c ,d ,M8 ,7 ,0x698098d8 ) FF(d ,a ,b ,c ,M9 ,12 ,0x8b44f7af ) FF(c ,d ,a ,b ,M10 ,17 ,0xffff5bb1 ) FF(b ,c ,d ,a ,M11 ,22 ,0x895cd7be ) FF(a ,b ,c ,d ,M12 ,7 ,0x6b901122 ) FF(d ,a ,b ,c ,M13 ,12 ,0xfd987193 ) FF(c ,d ,a ,b ,M14 ,17 ,0xa679438e ) FF(b ,c ,d ,a ,M15 ,22 ,0x49b40821 )
GG(a ,b ,c ,d ,M1 ,5 ,0xf61e2562 ) GG(d ,a ,b ,c ,M6 ,9 ,0xc040b340 ) GG(c ,d ,a ,b ,M11 ,14 ,0x265e5a51 ) GG(b ,c ,d ,a ,M0 ,20 ,0xe9b6c7aa ) GG(a ,b ,c ,d ,M5 ,5 ,0xd62f105d ) GG(d ,a ,b ,c ,M10 ,9 ,0x02441453 ) GG(c ,d ,a ,b ,M15 ,14 ,0xd8a1e681 ) GG(b ,c ,d ,a ,M4 ,20 ,0xe7d3fbc8 ) GG(a ,b ,c ,d ,M9 ,5 ,0x21e1cde6 ) GG(d ,a ,b ,c ,M14 ,9 ,0xc33707d6 ) GG(c ,d ,a ,b ,M3 ,14 ,0xf4d50d87 ) GG(b ,c ,d ,a ,M8 ,20 ,0x455a14ed ) GG(a ,b ,c ,d ,M13 ,5 ,0xa9e3e905 ) GG(d ,a ,b ,c ,M2 ,9 ,0xfcefa3f8 ) GG(c ,d ,a ,b ,M7 ,14 ,0x676f02d9 ) GG(b ,c ,d ,a ,M12 ,20 ,0x8d2a4c8a )
HH(a ,b ,c ,d ,M5 ,4 ,0xfffa3942 ) HH(d ,a ,b ,c ,M8 ,11 ,0x8771f681 ) HH(c ,d ,a ,b ,M11 ,16 ,0x6d9d6122 ) HH(b ,c ,d ,a ,M14 ,23 ,0xfde5380c ) HH(a ,b ,c ,d ,M1 ,4 ,0xa4beea44 ) HH(d ,a ,b ,c ,M4 ,11 ,0x4bdecfa9 ) HH(c ,d ,a ,b ,M7 ,16 ,0xf6bb4b60 ) HH(b ,c ,d ,a ,M10 ,23 ,0xbebfbc70 ) HH(a ,b ,c ,d ,M13 ,4 ,0x289b7ec6 ) HH(d ,a ,b ,c ,M0 ,11 ,0xeaa127fa ) HH(c ,d ,a ,b ,M3 ,16 ,0xd4ef3085 ) HH(b ,c ,d ,a ,M6 ,23 ,0x04881d05 ) HH(a ,b ,c ,d ,M9 ,4 ,0xd9d4d039 ) HH(d ,a ,b ,c ,M12 ,11 ,0xe6db99e5 ) HH(c ,d ,a ,b ,M15 ,16 ,0x1fa27cf8 ) HH(b ,c ,d ,a ,M2 ,23 ,0xc4ac5665 )
II(a ,b ,c ,d ,M0 ,6 ,0xf4292244 ) II(d ,a ,b ,c ,M7 ,10 ,0x432aff97 ) II(c ,d ,a ,b ,M14 ,15 ,0xab9423a7 ) II(b ,c ,d ,a ,M5 ,21 ,0xfc93a039 ) II(a ,b ,c ,d ,M12 ,6 ,0x655b59c3 ) II(d ,a ,b ,c ,M3 ,10 ,0x8f0ccc92 ) II(c ,d ,a ,b ,M10 ,15 ,0xffeff47d ) II(b ,c ,d ,a ,M1 ,21 ,0x85845dd1 ) II(a ,b ,c ,d ,M8 ,6 ,0x6fa87e4f ) II(d ,a ,b ,c ,M15 ,10 ,0xfe2ce6e0 ) II(c ,d ,a ,b ,M6 ,15 ,0xa3014314 ) II(b ,c ,d ,a ,M13 ,21 ,0x4e0811a1 ) II(a ,b ,c ,d ,M4 ,6 ,0xf7537e82 ) II(d ,a ,b ,c ,M11 ,10 ,0xbd3af235 ) II(c ,d ,a ,b ,M2 ,15 ,0x2ad7d2bb ) II(b ,c ,d ,a ,M9 ,21 ,0xeb86d391 )
MD5 ("") = d41d8cd98f00b204e9800998ecf8427e MD5 ("a") = 0cc175b9c0f1b6a831c399e269772661 MD5 ("abc") = 900150983cd24fb0d6963f7d28e17f72 MD5 ("message digest") = f96b697d7cb7938d525a2f31aaf161d0 MD5 ("abcdefghijklmnopqrstuvwxyz") = c3fcd3d76192e4007dfb496cca67e13b MD5 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz") = f29939a25efabaef3b87e2cbfe641315 MD5 ("8a683566bcc7801226b3d8b0cf35fd97") =cf2cb5c89c5e5eeebef4a76becddfcfd
三.JAVA实现md5原理
public class MD5{ /* *四个链接变量 */ private final int A=0x67452301; private final int B=0xefcdab89; private final int C=0x98badcfe; private final int D=0x10325476; /* *ABCD的临时变量 */ private int Atemp,Btemp,Ctemp,Dtemp; /* *常量ti *公式:floor(abs(sin(i+1))×(2pow32) */ private final int K[]={ 0xd76aa478,0xe8c7b756,0x242070db,0xc1bdceee, 0xf57c0faf,0x4787c62a,0xa8304613,0xfd469501,0x698098d8, 0x8b44f7af,0xffff5bb1,0x895cd7be,0x6b901122,0xfd987193, 0xa679438e,0x49b40821,0xf61e2562,0xc040b340,0x265e5a51, 0xe9b6c7aa,0xd62f105d,0x02441453,0xd8a1e681,0xe7d3fbc8, 0x21e1cde6,0xc33707d6,0xf4d50d87,0x455a14ed,0xa9e3e905, 0xfcefa3f8,0x676f02d9,0x8d2a4c8a,0xfffa3942,0x8771f681, 0x6d9d6122,0xfde5380c,0xa4beea44,0x4bdecfa9,0xf6bb4b60, 0xbebfbc70,0x289b7ec6,0xeaa127fa,0xd4ef3085,0x04881d05, 0xd9d4d039,0xe6db99e5,0x1fa27cf8,0xc4ac5665,0xf4292244, 0x432aff97,0xab9423a7,0xfc93a039,0x655b59c3,0x8f0ccc92, 0xffeff47d,0x85845dd1,0x6fa87e4f,0xfe2ce6e0,0xa3014314, 0x4e0811a1,0xf7537e82,0xbd3af235,0x2ad7d2bb,0xeb86d391}; /* *向左位移数,计算方法未知 */ private final int s[]={7,12,17,22,7,12,17,22,7,12,17,22,7, 12,17,22,5,9,14,20,5,9,14,20,5,9,14,20,5,9,14,20, 4,11,16,23,4,11,16,23,4,11,16,23,4,11,16,23,6,10, 15,21,6,10,15,21,6,10,15,21,6,10,15,21}; /* *初始化函数 */ private void init(){ Atemp=A; Btemp=B; Ctemp=C; Dtemp=D; } /* *移动一定位数 */ private int shift(int a,int s){ return(a<<s)|(a>>>(32-s));//右移的时候,高位一定要补零,而不是补充符号位 } /* *主循环 */ private void MainLoop(int M[]){ int F,g; int a=Atemp; int b=Btemp; int c=Ctemp; int d=Dtemp; for(int i = 0; i < 64; i ++){ if(i<16){ F=(b&c)|((~b)&d); g=i; }else if(i<32){ F=(d&b)|((~d)&c); g=(5*i+1)%16; }else if(i<48){ F=b^c^d; g=(3*i+5)%16; }else{ F=c^(b|(~d)); g=(7*i)%16; } int tmp=d; d=c; c=b; b=b+shift(a+F+K[i]+M[g],s[i]); a=tmp; } Atemp=a+Atemp; Btemp=b+Btemp; Ctemp=c+Ctemp; Dtemp=d+Dtemp; } /* *填充函数 *处理后应满足bits≡448(mod512),字节就是bytes≡56(mode64) *填充方式为先加一个0,其它位补零 *最后加上64位的原来长度 */ private int[] add(String str){ int num=((str.length()+8)/64)+1;//以512位,64个字节为一组 int strByte[]=new int[num*16];//64/4=16,所以有16个整数 for(int i=0;i<num*16;i++){//全部初始化0 strByte[i]=0; } int i; for(i=0;i<str.length();i++){ strByte[i>>2]|=str.charAt(i)<<((i%4)*8);//一个整数存储四个字节,小端序 } strByte[i>>2]|=0x80<<((i%4)*8);//尾部添加1 /* *添加原长度,长度指位的长度,所以要乘8,然后是小端序,所以放在倒数第二个,这里长度只用了32位 */ strByte[num*16-2]=str.length()*8; return strByte; } /* *调用函数 */ public String getMD5(String source){ init(); int strByte[]=add(source); for(int i=0;i<strByte.length/16;i++){ int num[]=new int[16]; for(int j=0;j<16;j++){ num[j]=strByte[i*16+j]; } MainLoop(num); } return changeHex(Atemp)+changeHex(Btemp)+changeHex(Ctemp)+changeHex(Dtemp); } /* *整数变成16进制字符串 */ private String changeHex(int a){ String str=""; for(int i=0;i<4;i++){ str+=String.format("%2s", Integer.toHexString(((a>>i*8)%(1<<8))&0xff)).replace(\' \', \'0\'); } return str; } /* *单例 */ private static MD5 instance; public static MD5 getInstance(){ if(instance==null){ instance=new MD5(); } return instance; } private MD5(){}; public static void main(String[] args){ String str=MD5.getInstance().getMD5(""); System.out.println(str); } }
四.MD5优势与不足
MD5破解工程权威网站是为了公开征集专门针对MD5的攻击而设立的,网站于2004年8月17日宣布:“中国研究人员发现了完整MD5算法的碰撞;Wang,Feng,Lai,Yu公布了MD5、MD4、HAVAL-128、RIPEMD-128几个 Hash函数的碰撞。这是近年来密码学领域最具实质性的研究进展。使用他们的技术,在数个小时内就可以找到MD5碰撞。……由于这个里程碑式的发现,MD5CRK项目将在随后48小时内结束”。