public class SHA extends AbstractMessageDigest
A message digest algorithm represents the functionality of an one-way hash function for computing a fixed sized data value (message digest, hash) from input data of arbitrary size. The length of the resulting hash value usually is shorter than the length of the input data. Using a one-way hash function will make it easy to compute the hash from the given data, but hard to go the reverse way for calculating the input data when only the hash is known. Furthermore, a proper hash function should avoid any collision, meaning that it has to be hard to find two different messages producing the same hash value.
The Secure Hash Algorithm (SHA) produces a 160-Bit hash value.
Like MD5, the SHA algorithm processes the data in blocks of 512-Bit length. First the input data is properly padded and subsequently extended by a 64-Bit representation of the data's original length to become a multiple of 512 Bit. The resulting text is divided into 512-Bit blocks, each of it again divided into sixteen 32-Bit sub-blocks. Each of the 512-Bit blocks is processed in a main loop. Input of the main loop are five 32-Bit variables, which are properly initialized with constant values for the first main loop run processing the first 512-Bit block. Each main loop run is featured with a new 512-Bit block as long as there blocks available. Each main loop run produces an output of five 32-Bit variables which are added to the initial five 32-bit variables to be fed into the next main loop run for processing the next 512-Bit block. When no further 512-Bit block is available, the algorithm leaves the main loop and calculates the final 160-Bit hash output by concatenating the five 32-Bit variables resulting from the last main loop run. The main loop consists of four rounds based on a certain nonlinear function (see "Applied Cryptography", Bruce Schneier, ISBN 0-471-59756-2).
For digital signature processing, the SHA algorithm is recommended by FIPS to be used together with the Digital Signature Algorithm (DSA) for computing a 160-Bit hash value of data input of any length shorter than 264 Bits, which subsequently is processed using the DSA algorithm to produce the signature.
This class extends the
java.security.MessageDigest class and
applications should use one of the
getInstance methods presented
there to create a MessageDigest-SHA object. Generally, an application wishing
to compute the message digest of some data has to perform three steps:
MessageDigest sha = MessageDigest.getInstance("SHA");
sha.update(m1); sha.update(m2); ...
byte hash_value = sha.digest();
There are several ways for combining
methods for computing a message digest. Since this class implements the
Cloneable interface, SHA MessageDigest objects may be used for
compute intermediate hashes through cloning (see
When the hash value successfully has been computed, the SHA MessageDigest object automatically resets for being able to be supplied with new data to be hashed.
The SHA algorithm may be combined with the RSA public-key algorithm to be
used as digital signature algorithm
|Constructor and Description|
Creates a new SHA message digest object.
|Modifier and Type||Method and Description|
Returns a clone of this SHA Object.
SPI: Resets this SHA message digest object for being supplied with new data.
engineDigest, engineGetDigestLength, engineUpdate, engineUpdate
digest, digest, digest, getAlgorithm, getDigestLength, getInstance, getInstance, getInstance, getProvider, isEqual, reset, toString, update, update, update, update
for creating a messageDigest object.MessageDigest.getInstance("SHA");
public java.lang.Object clone()
public void engineReset()
This method is called by
after the actual hash computation has been finished to automatically reset the
message digest object for being supplied with new data for starting a new hash