message-digest

问题 I want to know if the MD5 digest algorithm is guaranteed to be available in all Android devices before I bluntly ignore the checked exception that MessageDigest.getInstance("MD5") can throw. 回答1: The Android JCE (Java Cryptography Extension) is based off the bouncycastle implementation but stripped down. bouncycastle provides a ton of different MessageDigests which can be found here. There's no guarantee that every Android device supports MD5 but it's extremely common and is likely to be on

问题 If I generate a message digest (for a security feature in my app) using this Java code: java.security.MessageDigest saltDigest = MessageDigest.getInstance("SHA-256"); saltDigest.update(UUID.randomUUID().toString().getBytes("UTF-8")); String digest = String.valueOf(Hex.encode(saltDigest.digest())); I end up with a really long string like the following: 29bcf49cbd57bbc41e601b399a93218ef99c6e36bae3598b5a5a64ac66d9c254 Not the nicest thing to pass on a URL! Is there a way to shorten this? 回答1:

问题 Following is the code which is part of the DigitalSigning Handler final String NAMESPACEURI_WSSECURITY_WSU= "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; final String NAMESPACEURI_WSSECURITY_WSSE = "http://docs.oasisopen.org/wss/2004/01/oasis-200401-wss-wssecurity-secext- 1.0.xsd"; final String NAMESPACEURI_XMLSIGNATURE_DS = "http://www.w3.org/2000/09/xmldsig#"; final String ATTRIBUTENAME_X509TOKEN = "http://docs.oasis-open.org/wss/2004/01/oasis-200401

问题 I have some problems with verifying S/Mime signed message with x509 certificate. This is my code: public class verifyMsg { private static void verify(SMIMESignedParser s) throws Exception { Security.addProvider(new BouncyCastleProvider()); System.out.println("wbilem"); CertStore certs = s.getCertificatesAndCRLs("Collection", "BC"); SignerInformationStore signers = s.getSignerInfos(); Collection c = signers.getSigners(); Iterator it = c.iterator(); while (it.hasNext()) { File f = new File(

问题 I know very little about encryption/hashing. I have to hash an encryption key. The example in Java is like this... String encryptionKey = "test"; MessageDigest messageDigest = MessageDigest.getInstance("MD5"); messageDigest.update(encryptionKey.getBytes("UTF-8"), 0, encryptionKey.length()); byte[] encryptionKeyBytes = messageDigest.digest(); Now correct me if I'm wrong, but the above code hashes the string with the MD5 algorithm. And I want the same result when I hash the same string in C#.

问题 Hash functions always produce a fixed length output regardless of the input (i.e. MD5 >> 128 bits, SHA-256 >> 256 bits), but why? I know that it is how the designer designed them to be, but why they designed the output to have the same length? So that it can be stored in a consistent fashion? easier to be compared? less complicated? 回答1: Because that is what the definition of a hash is. Refer to wikipedia A hash function is any function that can be used to map digital data of arbitrary size

问题 I've read a couple times that MD5 is not an encryption, e.g. on MD5 ... Encryption? or Command Line Message Digest Utility. Well, I get that it's a hash/message digest, and the explanation in the links above says an encryption has to have a key, while hash/md is a cryptographic hash function that produces just a signature. I don't really understand the difference. Couldn't you see the cryptographic hash function / algorithm as a key? Also, what is the difference between something that's

问题 I have an application that needs to transfer files to a service like S3. I have an InputStream of that incoming file (not necessarily a FileInputStream ), and I write this InputStream to a multipart request body that is represented by an OutputStream , and then I need to write the hash of the file at the end (also through the request body). Thanks to the DigestInputStream , I'm able to compute the hash live, so after the file body has been sent to the OutputStream , the hash becomes available

问题 So reading this post: How can I calculate the SHA-256 hash of a string in Android? and the docs: http://developer.android.com/reference/java/security/MessageDigest.html I'm curious; which phones will support SHA-256? In the docs, the line about the 'NoSuchAlgorithmException' makes me think that some phones don't support all algorithms. Before I go implementing this for an app and expecting it to work the same on all phones I want to know if anyone knows anything about this...? I find it

问题 The MessageDigest class implements the SHA-1 algorithm (among many others). The SHA-1 algorithm allows one to use different "seeds" or initial digests. See SHA-1 Psuedocode The algorithm initializes variables, or the seed: Initialize variables: h0 = 0x67452301 h1 = 0xEFCDAB89 h2 = 0x98BADCFE h3 = 0x10325476 h4 = 0xC3D2E1F0 However the MessageDigest class, as described in the Online Java Manual, provides no API for setting these initial variables. In fact, it doesn't state the value of the