Welcome!

Machine Learning Authors: Zakia Bouachraoui, Yeshim Deniz, Pat Romanski, Elizabeth White, Liz McMillan

Related Topics: Java IoT

Java IoT: Article

Frank's Java Code Stack #4 Using Message Digest Stream

Frank's Java Code Stack #4 Using Message Digest Stream

(November 12, 2002) - In Java Code Stack #1 and #3, we observed some code snippets on both Symmetric and Asymmetric Cryptography. But most of our applications, such as password authentication and logon verification, need a simpler way of creating a Digest of a given string or a message. Message Digest is a hash algorithm that takes as input a message of arbitrary length and produces as output a 128-bit fingerprint or message digest of the input. This Digest algorithm is meant for digital signature applications, where a large file/Data must be compressed in a secure manner before being encrypted with a Secret key under a public key crypto model. But instead of passing a byte array to the Digest system, we can pipe a stream to the Digest object for reading and writing Digest directly into the stream. This week, we'll build one such class, which performs a Digest for a string and writes it to a stream.

Code:

  1.        import java.io.*;
  2.        import java.security.*;

  3.        public class msgStream{
  4.        public static void main(String ar[]){

  5.        try{
  6.        /* Let us write the Digest to a
  7.        File Stream */
  8.        FileOutputStream fos=
           new FileOutputStream("MyDigest");
  9.        /* We are using SHA1 Algorithm */
  10.        MessageDigest md=
           MessageDigest.getInstance("SHA1");

  11.        /* A transparent stream that
           updates the associated message
           digest using the bits going
           through the stream. */
  12.        DigestOutputStream dos=
           new DigestOutputStream(fos, md);
  13.        ObjectOutputStream oos=
           new ObjectOutputStream(dos);

  14.        /* String to be processed */
  15.        String text="This class
           works with Digest Streams";
  16.        oos.writeObject(text);

  17.        /* Before writing the digest
           to the Stream, turn the
           Digest OFF. When it is off,
           a call to one of the write
           methods does not result
           in an update on the
           message digest. However you        can ignore this.*/
  18.        dos.on(false);
  19.        oos.writeObject(md.digest());
  20.        }catch(Exception e){}

  21.        try{
  22.        /* Read the Digest from
           the File Stream */
  23.        FileInputStream fis=
  24.        new FileInputStream("MyDigest");

  25.        MessageDigest md=
           MessageDigest.getInstance("SHA1");

  26.        DigestInputStream dis=
           new DigestInputStream(fis,md);
  27.        ObjectInputStream ois=
           new ObjectInputStream(dis);
  28.        String text=(String)ois.readObject();

  29.        /* We got the Original Text..
           Not the Digest! */
  30.        System.out.println(""+text);

  31.        dis.on(false);
  32.        byte rdigest[]=
           (byte[]) ois.readObject();

  33.        /* Comparing the Digest of the
           String with the Original Digest */
  34.        if(MessageDigest.isEqual
           (md.digest(), rdigest))
  35.        System.out.println("Valid Messg.");
  36.        else
  37.        System.out.println("Invalid Messg.");
  38.        }catch(Exception e){}

  39.        }
  40.        }

As you can see, the DigestOutputStream allows us to write Data to any Output Stream and calculate the Message Digest of that Data transparently as the Data passes through the Stream. Note that unlike usual Message Digest calculation, which involves only the Data, we are calculating the Digest over the serialized String Object, which can have additional information like Class definition along with the Data.

Assignment:
Try to build a Secure Message Digest (MAC) by using any standard Encryption Engine.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


CloudEXPO Stories
Headquartered in Plainsboro, NJ, Synametrics Technologies has provided IT professionals and computer systems developers since 1997. Based on the success of their initial product offerings (WinSQL and DeltaCopy), the company continues to create and hone innovative products that help its customers get more from their computer applications, databases and infrastructure. To date, over one million users around the world have chosen Synametrics solutions to help power their accelerated business or personal computing needs.
DXWorldEXPO LLC announced today that the upcoming DXWorldEXPO | DevOpsSUMMIT | CloudEXPO New York will feature 10 companies from Poland to participate at the "Poland Digital Transformation Pavilion" on November 12-13, 2018. Polish Digital Transformation companies which will exhibit at CloudEXPO | DevOpsSUMMIT | DXWorldEXPO include All in Mobile, dhosting, Cryptomage, Perfect Gym, Polcom, Apius Technologies, Aplisens, ELZAB SA, TELDAT, and Rebug.io.
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to advisory roles at startups. He has worked extensively on monetization, SAAS, IoT, ecosystems, partnerships and accelerating growth in new business initiatives.
Lori MacVittie is a subject matter expert on emerging technology responsible for outbound evangelism across F5's entire product suite. MacVittie has extensive development and technical architecture experience in both high-tech and enterprise organizations, in addition to network and systems administration expertise. Prior to joining F5, MacVittie was an award-winning technology editor at Network Computing Magazine where she evaluated and tested application-focused technologies including app security and encryption-related solutions. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University, and is an O'Reilly author.
Dynatrace is an application performance management software company with products for the information technology departments and digital business owners of medium and large businesses. Building the Future of Monitoring with Artificial Intelligence. Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more business becomes digital the more stakeholders are interested in this data including how it relates to business. Some of these people have never used a monitoring tool before. They have a question on their mind like "How is my application doing" but no idea how to get a proper answer.