O'Reilly logo

Java Security, 2nd Edition by Scott Oaks

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 11. Message Digests

In this chapter, we’re going to look at the API that implements the ability to create and verify message digests. The ability to create a message digest is one of the standard engines provided by the Sun default security provider, and there are engines that manipulate digests in the Java Cryptography Extension as well. You can therefore reasonably expect every Java implementation to create message digests.

Message digests are the simplest of the standard engines that compose the security provider architecture. They provide the first link in creating and verifying a digital signature -- one of the most important goals of the provider architecture. However, message digests are useful entities in their own right since a message digest can verify that data has not been tampered with -- up to a point. As we’ll see, there are certain limitations on the security of a message digest that is transmitted along with the data it represents.

We’ll examine how developers can use the message digest in this chapter and also explore how a security provider can implement her own message digest algorithm.

Using the Message Digest Class

Message digests are implemented using the MessageDigest class (java.security.MessageDigest):

public abstract class MessageDigest extends MessageDigestSpi

Implement operations to create and verify a message digest.

Like all engine classes, instances of the message digest are obtained through one of these methods:

public static MessageDigest getInstance(String ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required