import java.security.MessageDigest;
public static String MD5(String key) {
char hexDigits[] = {
'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'
};
try {
byte[] btInput = key.getBytes();
// 获得MD5摘要算法的 MessageDigest 对象
MessageDigest mdInst = MessageDigest.getInstance("MD5");
// 使用指定的字节更新摘要
mdInst.update(btInput);
// 获得密文
byte[] md = mdInst.digest();
// 把密文转换成十六进制的字符串形式
int j = md.length;
char str[] = new char[j * 2];
int k = 0;
for (int i = 0; i < j; i++) {
byte byte0 = md[i];
str[k++] = hexDigits[byte0 >>> 4 & 0xf];
str[k++] = hexDigits[byte0 & 0xf];
}
return new String(str);
} catch (Exception e) {
logger.error("生成MD5失败", e);
return null;
}
public static void main(String[] args) {
String password = "12345";
String md5password = MD5(password);
System.out.println(md5password);//827CCB0EEA8A706C4C34A16891F84E7B
}
}
不足之处,通过大量的对比,可以解密,所以引入盐的概念.salt
package md5;
import java.security.MessageDigest;
import java.util.UUID;
public class Md5Test {
public static String MD5(String key) {
char hexDigits[] = {
'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'
};
try {
byte[] btInput = key.getBytes();
// 获得MD5摘要算法的 MessageDigest 对象
MessageDigest mdInst = MessageDigest.getInstance("MD5");
// 使用指定的字节更新摘要
mdInst.update(btInput);
// 获得密文
byte[] md = mdInst.digest();
// 把密文转换成十六进制的字符串形式
int j = md.length;
char str[] = new char[j * 2];
int k = 0;
for (int i = 0; i < j; i++) {
byte byte0 = md[i];
str[k++] = hexDigits[byte0 >>> 4 & 0xf];
str[k++] = hexDigits[byte0 & 0xf];
}
return new String(str);
} catch (Exception e) {
System.out.println("加密生成失败");
e.printStackTrace();
return null;
}
}
public static String getSalt() {
String salt=UUID.randomUUID().toString().replaceAll("-","").substring(0, 10);
return salt;
}
public static void main(String[] args) {
String password = "12345";
String salt = getSalt();
String md5password = MD5(password+salt);
System.out.println(salt);
System.out.println("salt,md5加密后的密码"+md5password);
System.out.println("............");
String loginpassword = "123";
boolean result = MD5(loginpassword+salt).equals(md5password);
System.out.println(result);
}
}
shiro自带的带盐加密n次
package md5;
import org.apache.shiro.crypto.SecureRandomNumberGenerator;
import org.apache.shiro.crypto.hash.SimpleHash;
public class shiroMd5 {
public static void main(String[] args) {
String password = "123";
String salt = new SecureRandomNumberGenerator().nextBytes().toString();
int times = 2;
String algorithmName = "md5";
String encodedPassword = new SimpleHash(algorithmName,password,salt,times).toString();
System.out.printf("原始密码是 %s , 盐是: %s, 运算次数是: %d, 运算出来的密文是:%s ",password,salt,times,encodedPassword);
}
}
Shiro 整合加密
数据库调整
user表加入salt字段
alter table user add (salt varchar(100) )