The OSS SDK for Java uses MD5 verification and CRC-64 to ensure data integrity when you upload, download, and copy objects.

MD5 verification

If you configure Content-MD5 in an object upload request, OSS calculates the MD5 hash of the uploaded object. If the calculated MD5 hash is inconsistent with that configured in the uploaded request, InvalidDigest is returned. This allows OSS to ensure data integrity in the uploaded object.

The following code provides an example on how to perform MD5 verification in object uploads:

// This example uses the endpoint of the China (Hangzhou) region. Specify the actual endpoint based on your requirements.
String endpoint = "http://oss-cn-hangzhou.aliyuncs.com";
// Security risks may arise if you use the AccessKey pair of an Alibaba Cloud account to log on to OSS, because the account has permissions on all API operations. We recommend that you use your RAM user's credentials to call API operations or perform routine operations and maintenance. To create a RAM user, log on to https://ram.console.aliyun.com.
String accessKeyId = "<yourAccessKeyId>";
String accessKeySecret = "<yourAccessKeySecret>";

// Create an OSSClient instance.
OSS ossClient = new OSSClientBuilder().build(endpoint, accessKeyId, accessKeySecret);

// Upload a string.
String content = "Hello OSS";

ObjectMetadata meta = new ObjectMetadata();
// Configure MD5 verification.
String md5 = BinaryUtil.toBase64String(BinaryUtil.calculateMd5(content.getBytes()));
meta.setContentMD5(md5);

ossClient.putObject("<yourBucketName>", "<yourObjectName>", new ByteArrayInputStream(content.getBytes()), meta);

// Shut down the OSSClient instance.
ossClient.shutdown();
			
Note MD5 verification can be used for putObject, getObject, appendObject, postObject, and uploadPart operations.

CRC-64

CRC-64 is enabled by default when you upload, download, and copy an object to ensure data integrity.

Note
  • CRC-64 can be used for putObject, getObject, appendObject, and uploadPart operations. CRC-64 is enabled by default when you upload an object. If the CRC-64 checksum calculated on the client is different from the CRC-64 checksum returned by the OSS server, the InconsistentError error is returned.
  • CRC-64 cannot be used in range downloads.
  • CRC-64 consumes CPU resources and slows down uploads and downloads.
  • CRC-64 in object downloads

    The following code provides an example on how to perform CRC-64 in object downloads:

    // This example uses the endpoint of the China (Hangzhou) region. Specify the actual endpoint based on your requirements.
    String endpoint = "http://oss-cn-hangzhou.aliyuncs.com";
    // Security risks may arise if you use the AccessKey pair of an Alibaba Cloud account to log on to OSS, because the account has permissions on all API operations. We recommend that you use a RAM user to call API operations or perform routine operations and maintenance. To create a RAM user, log on to https://ram.console.aliyun.com.
    String accessKeyId = "<yourAccessKeyId>";
    String accessKeySecret = "<yourAccessKeySecret>";
    String bucketName = "<yourBucketName>";
    String objectName = "<yourObjectName>";
    
    // Create an OSSClient instance.
    OSS ossClient = new OSSClientBuilder().build(endpoint, accessKeyId, accessKeySecret);
    
    // Download the object to a stream.
    GetObjectRequest getObjectRequest = new GetObjectRequest(bucketName, objectName);
    OSSObject ossObject = ossClient.getObject(bucketName, objectName);
    
    // Read the object from the stream to obtain clientCrc.
    System.out.println("Object content:");
    BufferedReader reader = new BufferedReader(new InputStreamReader(ossObject.getObjectContent()));
    while (true) {
        String line = reader.readLine();
        if (line == null) break;
    
        System.out.println("\n" + line);
    }
    // You must close the stream obtained by using the ossClient.getObject API operation after the object is read. Otherwise, connection leaks may occur. Consequently, no connections are available and an exception occurs.
    reader.close();
    
    // Check whether CRC-64 is enabled on the client. CRC-64 is enabled on the client by default.
    Boolean isCrcCheckEnabled = ((OSSClient)ossClient).getClientConfiguration().isCrcCheckEnabled();
    // Check whether the download quest is a range download request. CRC-64 cannot be used in range downloads.
    Boolean isRangGetRequest = getObjectRequest.getHeaders().get(OSSHeaders.RANGE) ! = null;
    
    // Check whether the CRC-64 checksum in the returned result is the same as that of the downloaded object.
    if (isCrcCheckEnabled && ! isRangGetRequest) {
        Long clientCRC = IOUtils.getCRCValue(ossObject.getObjectContent());
        OSSUtils.checkChecksum(clientCRC, ossObject.getServerCRC(), ossObject.getRequestId());
    }
    
    // Shut down the OSSClient instance.
    ossClient.shutdown();
  • CRC-64 in append uploads
    // This example uses the endpoint of the China (Hangzhou) region. Specify the actual endpoint based on your requirements.
    String endpoint = "http://oss-cn-hangzhou.aliyuncs.com";
    // Security risks may arise if you use the AccessKey pair of an Alibaba Cloud account to log on to OSS, because the account has permissions on all API operations. We recommend that you use your RAM user's credentials to call API operations or perform routine operations and maintenance. To create a RAM user, log on to https://ram.console.aliyun.com.
    String accessKeyId = "<yourAccessKeyId>";
    String accessKeySecret = "<yourAccessKeySecret>";
    String bucketName = "<yourBucketName>";
    String objectName = "<yourObjectName>";
    String firstAppendContent = "<yourFirstAppendContent>";
    String secondAppendContent = "<yourSecondAppendContent>";
    
    // Create an OSSClient instance.
    OSS ossClient = new OSSClientBuilder().build(endpoint, accessKeyId, accessKeySecret);
    
    // Start the first append.
    AppendObjectRequest appendObjectRequest = new AppendObjectRequest(bucketName, objectName, new ByteArrayInputStream(firstAppendContent.getBytes()));
    appendObjectRequest.setPosition(0L);
    // Initialize CRC-64. After CRC-64 is initialized, the OSS SDK for Java performs CRC-64 on uploaded object by default.
    appendObjectRequest.setInitCRC(0L);
    AppendObjectResult appendObjectResult = ossClient.appendObject(appendObjectRequest);
    
    // Start the second append.
    appendObjectRequest = new AppendObjectRequest(bucketName, objectName, new ByteArrayInputStream(secondAppendContent.getBytes()));
    appendObjectRequest.setPosition(appendObjectResult.getNextPosition());
    // Set the CRC64 checksum to that of the uploaded object. After CRC-64 is initialized, the OSS SDK for Java performs CRC-64 on uploaded object by default.
    appendObjectRequest.setInitCRC(appendObjectResult.getClientCRC());
    ossClient.appendObject(appendObjectRequest);
    
    // Shut down the OSSClient instance.
    ossClient.shutdown();