MD5加密不加鹽方法:
MD5是一個安全的散列算法(Hash Functions),是哈希算法中的一種,輸入兩個不同的明文不會得到相同的輸出值。根據密文不能得到明文,其過程不可逆,也就是MD5只能用於加密認證,密文是無法解密。
代碼:
- public String md5(String str) {
- MessageDigest messageDigest = null;
- try {
- messageDigest = MessageDigest.getInstance(”MD5”);
- messageDigest.reset();
- messageDigest.update(str.getBytes(”UTF-8”));
- } catch (NoSuchAlgorithmException e) {
- System.exit(-1);
- } catch (UnsupportedEncodingException e) {
- e.printStackTrace();
- }
- byte[] byteArray = messageDigest.digest();
- StringBuffer md5StrBuff = new StringBuffer();
- for (int i = 0; i < byteArray.length; i++) {
- if (Integer.toHexString(0xFF & byteArray[i]).length() == 1)
- md5StrBuff.append(”0”).append(
- Integer.toHexString(0xFF & byteArray[i]));
- else
- md5StrBuff.append(Integer.toHexString(0xFF & byteArray[i]));
- }
- return md5StrBuff.toString();
- }
public String md5(String str) {
MessageDigest messageDigest = null;
try {
messageDigest = MessageDigest.getInstance("MD5");
messageDigest.reset();
messageDigest.update(str.getBytes("UTF-8"));
} catch (NoSuchAlgorithmException e) {
System.exit(-1);
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
byte[] byteArray = messageDigest.digest();
StringBuffer md5StrBuff = new StringBuffer();
for (int i = 0; i < byteArray.length; i++) {
if (Integer.toHexString(0xFF & byteArray[i]).length() == 1)
md5StrBuff.append("0").append(
Integer.toHexString(0xFF & byteArray[i]));
else
md5StrBuff.append(Integer.toHexString(0xFF & byteArray[i]));
}
return md5StrBuff.toString();
}
MD5加密加鹽方法:
雖然MD5自身是不可逆,但是現在網絡上的MD5數據庫的數據量已經非常龐大,大部分常用密碼都可以通過碰撞的方法給暴力破解出來,網上比較有名的有彩虹表都能很好的破解常用MD5加密,所以一般通過加鹽的方式來提高數據的安全;
鹽值加密:把你原來密碼,加上一些鹽然後再進行一些列的加密算法。
比如你的密碼是:899312 用戶名是:jiandan
在security 中鹽值加密可以是這樣加鹽的899312{jiandan} 然後 ,在進行一些列的加密
代碼:
- package com.itgocome.framework.security;
- import java.security.MessageDigest;
- import java.util.Random;
- import org.apache.commons.codec.binary.Hex;
- /**
- * @author Rain
- * @email [email protected]
- * @date 2013-06-01
- */
- public class PasswordUtil {
- /**
- * 生成含有隨機鹽的密碼
- */
- public static String generate(String password) {
- Random r = new Random();
- StringBuilder sb = new StringBuilder(16);
- sb.append(r.nextInt(99999999)).append(r.nextInt(99999999));
- int len = sb.length();
- if (len < 16) {
- for (int i = 0; i < 16 - len; i++) {
- sb.append(”0”);
- }
- }
- String salt = sb.toString();
- password = md5Hex(password + salt);
- char[] cs = new char[48];
- for (int i = 0; i < 48; i += 3) {
- cs[i] = password.charAt(i / 3 * 2);
- char c = salt.charAt(i / 3);
- cs[i + 1] = c;
- cs[i + 2] = password.charAt(i / 3 * 2 + 1);
- }
- return new String(cs);
- }
- /**
- * 校驗密碼是否正確
- */
- public static boolean verify(String password, String md5) {
- char[] cs1 = new char[32];
- char[] cs2 = new char[16];
- for (int i = 0; i < 48; i += 3) {
- cs1[i / 3 * 2] = md5.charAt(i);
- cs1[i / 3 * 2 + 1] = md5.charAt(i + 2);
- cs2[i / 3] = md5.charAt(i + 1);
- }
- String salt = new String(cs2);
- return md5Hex(password + salt).equals(new String(cs1));
- }
- /**
- * 獲取十六進制字符串形式的MD5摘要
- */
- public static String md5Hex(String src) {
- try {
- MessageDigest md5 = MessageDigest.getInstance(”MD5”);
- byte[] bs = md5.digest(src.getBytes());
- return new String(new Hex().encode(bs));
- } catch (Exception e) {
- return null;
- }
- }
- public static void main(String[] args) {
- String password = generate(”admin”);
- System.out.println(verify(”admin”, password));
- }
- }
package com.itgocome.framework.security;
import java.security.MessageDigest;
import java.util.Random;
import org.apache.commons.codec.binary.Hex;
/**
* @author Rain
* @email [email protected]
* @date 2013-06-01
*/
public class PasswordUtil {
/**
* 生成含有隨機鹽的密碼
*/
public static String generate(String password) {
Random r = new Random();
StringBuilder sb = new StringBuilder(16);
sb.append(r.nextInt(99999999)).append(r.nextInt(99999999));
int len = sb.length();
if (len < 16) {
for (int i = 0; i < 16 - len; i++) {
sb.append("0");
}
}
String salt = sb.toString();
password = md5Hex(password + salt);
char[] cs = new char[48];
for (int i = 0; i < 48; i += 3) {
cs[i] = password.charAt(i / 3 * 2);
char c = salt.charAt(i / 3);
cs[i + 1] = c;
cs[i + 2] = password.charAt(i / 3 * 2 + 1);
}
return new String(cs);
}
/**
* 校驗密碼是否正確
*/
public static boolean verify(String password, String md5) {
char[] cs1 = new char[32];
char[] cs2 = new char[16];
for (int i = 0; i < 48; i += 3) {
cs1[i / 3 * 2] = md5.charAt(i);
cs1[i / 3 * 2 + 1] = md5.charAt(i + 2);
cs2[i / 3] = md5.charAt(i + 1);
}
String salt = new String(cs2);
return md5Hex(password + salt).equals(new String(cs1));
}
/**
* 獲取十六進制字符串形式的MD5摘要
*/
public static String md5Hex(String src) {
try {
MessageDigest md5 = MessageDigest.getInstance("MD5");
byte[] bs = md5.digest(src.getBytes());
return new String(new Hex().encode(bs));
} catch (Exception e) {
return null;
}
}
public static void main(String[] args) {
String password = generate("admin");
System.out.println(verify("admin", password));
}
}