Hi, Habr! I present to you the translation of the third article "Java MessageDigest" by Jakob Jenkov from the series of articles for beginners who want to learn the basics of cryptography in Java.

Table of contents:

1. Cryptography
2. Cipher
3. MessageDigest
4. Mac
5. Signature
6. KeyPair
7. KeyGenerator
8. KeyPairGenerator
9. KeyStore
10. Keytool
11. Certificate
12. CertificateFactory
13. Certpath

Java MessageDigest (Message Digest)

The Java class MessageDigest represents a cryptographic hash function that can compute message digest from binary data. When you receive an encrypted data set, you cannot be sure that it was not changed during transport. Message digest helps solve this problem.

To determine whether the encrypted data has been modified during transport, the sender must calculate the digest of the message from the data and send it along with the data. The other party, receiving the encrypted data and message digest, can recalculate the message digest from the data and check whether the calculated message digest matches the message digest obtained with the data. If the two digest messages match, there is a possibility that the encrypted data was not changed during transport.

There are several conditions that must be met in order for a message digest to be useful as a mechanism for detecting changes. However, the exact conditions are part of a cryptographic theory that is not covered in this article, but only explains how to use Java to get a message digest in the MessageDigest class.

Creating an instance of MessageDigest

To create an instance of the MessageDigest class, the static getInstance () method of the MessageDigest class is called. Here is an example of creating an instance of MessageDigest:

MessageDigest messageDigest = MessageDigest.getInstance("SHA-256"); 

The string parameter passed to the getInstance () method determines the digest algorithm used for a particular message.

Message Digest Algorithms

The Java Cryptography API supports the following message digest algorithms (external cryptographic providers may support more):

• MD2
• MD5
• SHA-1
• SHA-256
• SHA-384
• SHA-512

Not all of these algorithms are equally safe. At the time of this writing, it is recommended to use SHA-256 or higher to get the highest possible level of security.

Calculate message digest

After creating an instance of MessageDigest, you can use it to compute a message digest. If you have one data block for calculating a message digest, use the digest () method. Here is the calculation of a message digest from a single data block:

 byte[] data1 = "0123456789".getBytes("UTF-8"); MessageDigest messageDigest = MessageDigest.getInstance("SHA-256"); byte[] digest = messageDigest.digest(data1); 

If there are several data blocks to include in the same message digest, call the update () method and end with digest () . Here is the calculation of a message digest from several data blocks:

 byte[] data1 = "0123456789".getBytes("UTF-8"); byte[] data2 = "abcdefghijklmnopqrstuvxyz".getBytes("UTF-8"); MessageDigest messageDigest = MessageDigest.getInstance("SHA-256"); messageDigest.update(data1); messageDigest.update(data2); byte[] digest = messageDigest.digest();