2. Java
  3. 登陆密码加密与验证

登陆密码加密与验证

xiaoxiao2021-02-27  136
/** * 生成安全的密码,生成随机的16位salt并经过1024次 sha-1 hash */ public static String entryptPassword(String plainPassword) { byte[] salt = Digests.generateSalt(SALT_SIZE); byte[] hashPassword = Digests.sha1(plainPassword.getBytes(), salt, HASH_INTERATIONS); return Encodes.encodeHex(salt)+Encodes.encodeHex(hashPassword); } /** * 验证密码 * @param plainPassword 明文密码 * @param password 密文密码 * @return 验证成功返回true */ public static boolean validatePassword(String plainPassword, String password) { byte[] salt = Encodes.decodeHex(password.substring(0,16)); byte[] hashPassword = Digests.sha1(plainPassword.getBytes(), salt, HASH_INTERATIONS); return password.equals(Encodes.encodeHex(salt)+Encodes.encodeHex(hashPassword)); } 解码器 /** * Copyright (c) 2005-2012 springside.org.cn */ package com.bw.portal.common.security; import java.io.IOException; import java.io.InputStream; import java.security.GeneralSecurityException; import java.security.MessageDigest; import java.security.SecureRandom; import org.apache.commons.lang3.Validate; import com.bw.portal.common.utils.Exceptions; /** * 支持SHA-1/MD5消息摘要的工具类. * * 返回ByteSource,可进一步被编码为Hex, Base64或UrlSafeBase64 * * @author calvin */ public class Digests { private static final String SHA1 = "SHA-1"; private static final String MD5 = "MD5"; private static SecureRandom random = new SecureRandom(); /** * 对输入字符串进行md5散列. */ public static byte[] md5(byte[] input) { return digest(input, MD5, null, 1); } public static byte[] md5(byte[] input, int iterations) { return digest(input, MD5, null, iterations); } /** * 对输入字符串进行sha1散列. */ public static byte[] sha1(byte[] input) { return digest(input, SHA1, null, 1); } public static byte[] sha1(byte[] input, byte[] salt) { return digest(input, SHA1, salt, 1); } public static byte[] sha1(byte[] input, byte[] salt, int iterations) { return digest(input, SHA1, salt, iterations); } /** * 对字符串进行散列, 支持md5与sha1算法. */ private static byte[] digest(byte[] input, String algorithm, byte[] salt, int iterations) { try { MessageDigest digest = MessageDigest.getInstance(algorithm); if (salt != null) { digest.update(salt); } byte[] result = digest.digest(input); for (int i = 1; i < iterations; i++) { digest.reset(); result = digest.digest(result); } return result; } catch (GeneralSecurityException e) { throw Exceptions.unchecked(e); } } /** * 生成随机的Byte[]作为salt. * * @param numBytes byte数组的大小 */ public static byte[] generateSalt(int numBytes) { Validate.isTrue(numBytes > 0, "numBytes argument must be a positive integer (1 or larger)", numBytes); byte[] bytes = new byte[numBytes]; random.nextBytes(bytes); return bytes; } /** * 对文件进行md5散列. */ public static byte[] md5(InputStream input) throws IOException { return digest(input, MD5); } /** * 对文件进行sha1散列. */ public static byte[] sha1(InputStream input) throws IOException { return digest(input, SHA1); } private static byte[] digest(InputStream input, String algorithm) throws IOException { try { MessageDigest messageDigest = MessageDigest.getInstance(algorithm); int bufferLength = 8 * 1024; byte[] buffer = new byte[bufferLength]; int read = input.read(buffer, 0, bufferLength); while (read > -1) { messageDigest.update(buffer, 0, read); read = input.read(buffer, 0, bufferLength); } return messageDigest.digest(); } catch (GeneralSecurityException e) { throw Exceptions.unchecked(e); } } public static String string2MD5(String inStr){ MessageDigest md5 = null; try{ md5 = MessageDigest.getInstance("MD5"); }catch (Exception e){ System.out.println(e.toString()); e.printStackTrace(); return ""; } char[] charArray = inStr.toCharArray(); byte[] byteArray = new byte[charArray.length]; for (int i = 0; i < charArray.length; i++) byteArray[i] = (byte) charArray[i]; byte[] md5Bytes = md5.digest(byteArray); StringBuffer hexValue = new StringBuffer(); for (int i = 0; i < md5Bytes.length; i++){ int val = ((int) md5Bytes[i]) & 0xff; if (val < 16) hexValue.append("0"); hexValue.append(Integer.toHexString(val)); } return hexValue.toString(); } } 编码解码工具 /** * Copyright (c) 2005-2012 springside.org.cn */ package com.bw.portal.common.utils; import java.io.UnsupportedEncodingException; import java.net.URLDecoder; import java.net.URLEncoder; import org.apache.commons.codec.DecoderException; import org.apache.commons.codec.binary.Base64; import org.apache.commons.codec.binary.Hex; import org.apache.commons.lang3.StringEscapeUtils; /** * 封装各种格式的编码解码工具类. * 1.Commons-Codec的 hex/base64 编码 * 2.自制的base62 编码 * 3.Commons-Lang的xml/html escape * 4.JDK提供的URLEncoder */ public class Encodes { private static final String DEFAULT_URL_ENCODING = "UTF-8"; private static final char[] BASE62 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz".toCharArray(); /** * Hex编码. */ public static String encodeHex(byte[] input) { return new String(Hex.encodeHex(input)); } /** * Hex解码. */ public static byte[] decodeHex(String input) { try { return Hex.decodeHex(input.toCharArray()); } catch (DecoderException e) { throw Exceptions.unchecked(e); } } /** * Base64编码. */ public static String encodeBase64(byte[] input) { return new String(Base64.encodeBase64(input)); } /** * Base64编码. */ public static String encodeBase64(String input) { try { return new String(Base64.encodeBase64(input.getBytes(DEFAULT_URL_ENCODING))); } catch (UnsupportedEncodingException e) { return ""; } } // /** // * Base64编码, URL安全(将Base64中的URL非法字符'+'和'/'转为'-'和'_', 见RFC3548). // */ // public static String encodeUrlSafeBase64(byte[] input) { // return Base64.encodeBase64URLSafe(input); // } /** * Base64解码. */ public static byte[] decodeBase64(String input) { return Base64.decodeBase64(input.getBytes()); } /** * Base64解码. */ public static String decodeBase64String(String input) { try { return new String(Base64.decodeBase64(input.getBytes()), DEFAULT_URL_ENCODING); } catch (UnsupportedEncodingException e) { return ""; } } /** * Base62编码。 */ public static String encodeBase62(byte[] input) { char[] chars = new char[input.length]; for (int i = 0; i < input.length; i++) { chars[i] = BASE62[((input[i] & 0xFF) % BASE62.length)]; } return new String(chars); } /** * Html 转码. */ public static String escapeHtml(String html) { return StringEscapeUtils.escapeHtml4(html); } /** * Html 解码. */ public static String unescapeHtml(String htmlEscaped) { return StringEscapeUtils.unescapeHtml4(htmlEscaped); } /** * Xml 转码. */ public static String escapeXml(String xml) { return StringEscapeUtils.escapeXml10(xml); } /** * Xml 解码. */ public static String unescapeXml(String xmlEscaped) { return StringEscapeUtils.unescapeXml(xmlEscaped); } /** * URL 编码, Encode默认为UTF-8. */ public static String urlEncode(String part) { try { return URLEncoder.encode(part, DEFAULT_URL_ENCODING); } catch (UnsupportedEncodingException e) { throw Exceptions.unchecked(e); } } /** * URL 解码, Encode默认为UTF-8. */ public static String urlDecode(String part) { try { return URLDecoder.decode(part, DEFAULT_URL_ENCODING); } catch (UnsupportedEncodingException e) { throw Exceptions.unchecked(e); } } }
转载请注明原文地址: https://www.6miu.com/read-15390.html

技术

最新回复(0)