OSS SDK for Java uses MD5 verification and CRC-64 to ensure data integrity when you upload, download, and copy objects.

MD5 verification

If you configure Content-MD5 in an object upload request, OSS calculates the MD5 hash of the uploaded object. If the calculated MD5 hash is different from the MD5 hash configured in the upload request, InvalidDigest is returned. This allows OSS to ensure data integrity for object upload. If InvalidDigest is returned, you must upload the object again.

The following code provides an example on how to perform MD5 verification in object upload:

// The endpoint of the China (Hangzhou) region is used in this example. Specify the actual endpoint.
String endpoint = "http://oss-cn-hangzhou.aliyuncs.com";
// Security risks may arise if you use the AccessKey pair of an Alibaba Cloud account to log on to OSS because the account has permissions on all API operations. We recommend that you use your RAM user's credentials to call API operations or perform routine operations and maintenance. To create a RAM user, log on to the RAM console.
String accessKeyId = "<yourAccessKeyId>";
String accessKeySecret = "<yourAccessKeySecret>";

// Create an OSSClient instance.
OSS ossClient = new OSSClientBuilder().build(endpoint, accessKeyId, accessKeySecret);

// Upload a string.
String content = "Hello OSS";

ObjectMetadata meta = new ObjectMetadata();
// Configure MD5 verification.
String md5 = BinaryUtil.toBase64String(BinaryUtil.calculateMd5(content.getBytes()));
meta.setContentMD5(md5);

ossClient.putObject("<yourBucketName>", "<yourObjectName>", new ByteArrayInputStream(content.getBytes()), meta);

// Shut down the OSSClient instance.
ossClient.shutdown();
			
Note MD5 verification can be used for putObject, getObject, appendObject, postObject, and uploadPart.

CRC-64

By default, CRC-64 is enabled to ensure data integrity when you upload, download, and copy an object.

Note
  • CRC-64 can be used for putObject, getObject, appendObject, and uploadPart. By default, CRC-64 is enabled when you upload an object. If the CRC-64 value calculated on the client is different from the CRC-64 value returned by the OSS server, InconsistentException is returned.
  • CRC-64 is not supported in range download.
  • CRC-64 consumes CPU resources and slows down uploads and downloads.
  • CRC-64 in object download

    The following code provides an example on how to perform CRC-64 in object download:

    // The endpoint of the China (Hangzhou) region is used in this example. Specify the actual endpoint.
    String endpoint = "http://oss-cn-hangzhou.aliyuncs.com";
    // Security risks may arise if you use the AccessKey pair of an Alibaba Cloud account to log on to OSS because the account has permissions on all API operations. We recommend that you use your RAM user's credentials to call API operations or perform routine operations and maintenance. To create a RAM user, log on to the RAM console.
    String accessKeyId = "<yourAccessKeyId>";
    String accessKeySecret = "<yourAccessKeySecret>";
    String bucketName = "<yourBucketName>";
    String objectName = "<yourObjectName>";
    
    // Create an OSSClient instance.
    OSS ossClient = new OSSClientBuilder().build(endpoint, accessKeyId, accessKeySecret);
    
    // Download the object in streaming mode.
    GetObjectRequest getObjectRequest = new GetObjectRequest(bucketName, objectName);
    OSSObject ossObject = ossClient.getObject(bucketName, objectName);
    
    // Read the object from the stream to obtain clientCrc.
    System.out.println("Object content:");
    BufferedReader reader = new BufferedReader(new InputStreamReader(ossObject.getObjectContent()));
    while (true) {
        String line = reader.readLine();
        if (line == null) break;
    
        System.out.println("\n" + line);
    }
    // You must close the stream obtained by using ossClient.getObject after the object is read. Otherwise, connection leaks may occur. Consequently, no connections are available and an exception occurs.
    reader.close();
    
    // Check whether CRC-64 is enabled on the client. By default, CRC-64 is enabled on the client.
    Boolean isCrcCheckEnabled = ((OSSClient)ossClient).getClientConfiguration().isCrcCheckEnabled();
    // Check whether the download request is a range download request. CRC-64 cannot be used in range download.
    Boolean isRangGetRequest = getObjectRequest.getHeaders().get(OSSHeaders.RANGE) ! = null;
    
    // Check whether the CRC-64 value in the returned result is the same as that of the downloaded object.
    if (isCrcCheckEnabled && ! isRangGetRequest) {
        Long clientCRC = IOUtils.getCRCValue(ossObject.getObjectContent());
        OSSUtils.checkChecksum(clientCRC, ossObject.getServerCRC(), ossObject.getRequestId());
    }
    
    // Shut down the OSSClient instance.
    ossClient.shutdown();
  • CRC-64 in append upload
    // The endpoint of the China (Hangzhou) region is used in this example. Specify the actual endpoint.
    String endpoint = "http://oss-cn-hangzhou.aliyuncs.com";
    // Security risks may arise if you use the AccessKey pair of an Alibaba Cloud account to log on to OSS because the account has permissions on all API operations. We recommend that you use your RAM user's credentials to call API operations or perform routine operations and maintenance. To create a RAM user, log on to the RAM console.
    String accessKeyId = "<yourAccessKeyId>";
    String accessKeySecret = "<yourAccessKeySecret>";
    String bucketName = "<yourBucketName>";
    String objectName = "<yourObjectName>";
    String firstAppendContent = "<yourFirstAppendContent>";
    String secondAppendContent = "<yourSecondAppendContent>";
    
    // Create an OSSClient instance.
    OSS ossClient = new OSSClientBuilder().build(endpoint, accessKeyId, accessKeySecret);
    
    // Start the first append.
    AppendObjectRequest appendObjectRequest = new AppendObjectRequest(bucketName, objectName, new ByteArrayInputStream(firstAppendContent.getBytes()));
    appendObjectRequest.setPosition(0L);
    // Initialize setInitCRC. After setInitCRC is initialized, OSS SDK for Java performs CRC-64 on the uploaded content by default.
    appendObjectRequest.setInitCRC(0L);
    AppendObjectResult appendObjectResult = ossClient.appendObject(appendObjectRequest);
    
    // Start the second append.
    appendObjectRequest = new AppendObjectRequest(bucketName, objectName, new ByteArrayInputStream(secondAppendContent.getBytes()));
    appendObjectRequest.setPosition(appendObjectResult.getNextPosition());
    // Set the CRC-64 value to that of the uploaded object. After setInitCRC is initialized, OSS SDK for Java performs CRC-64 on the uploaded content by default.
    appendObjectRequest.setInitCRC(appendObjectResult.getClientCRC());
    ossClient.appendObject(appendObjectRequest);
    
    // Shut down the OSSClient instance.
    ossClient.shutdown();