Java对字符串加密并返回星号※
程序员文章站
2022-07-11 10:18:48
If you don't look back, you'll never know I waiting for you behind you. Java对字符串加密并返回星号※ PasswordUtils这个加密工具类是在Ranger项目的源码中发现的,它是一个安全管理框架,普通的加密需求应该用它的 ......
if you don't look back, you'll never know i waiting for you behind you.
java对字符串加密并返回星号※
passwordutils这个加密工具类是在ranger项目的源码中发现的,它是一个安全管理框架,普通的加密需求应该用它的加密工具类就ok了;
首先,用户输入密码,前端先用type为password把密码显示为※,但是这时通过f12查看,浏览器仍然可以看到密码信息,但是这是用户自己输入的,第一把看见也ok;一旦请求提交立刻返回经加密后的密码,此处并非返回加密后的密码,而是直接返回一个※密码如“******”,并把转换加密后的密码存入数据库,之后每次请求也都返回“******”;然后在后台需要用到密码的地方就自己解密咯。
加密工具类passwordutils:
1 package org.apache.ranger.plugin.util;
2
3 import java.io.ioexception;
4 import java.util.map;
5
6 import javax.crypto.cipher;
7 import javax.crypto.secretkey;
8 import javax.crypto.secretkeyfactory;
9 import javax.crypto.spec.pbekeyspec;
10 import javax.crypto.spec.pbeparameterspec;
11
12 import org.apache.commons.lang.stringutils;
13 import org.slf4j.logger;
14 import org.slf4j.loggerfactory;
15
16 import com.sun.jersey.core.util.base64;
17 public class passwordutils {
18
19 private static final logger log = loggerfactory.getlogger(passwordutils.class);
20
21 private final string crypt_algo;
22 private string password;
23 private final char[] encrypt_key;
24 private final byte[] salt;
25 private final int iteration_count;
26 private final char[] encryptkey;
27 private final byte[] salt;
28 private static final string len_separator_str = ":";
29
30 public static final string default_crypt_algo = "pbewithmd5anddes";
31 public static final string default_encrypt_key = "tzl1akl5uc4nkyaoq4p3wlgibfpxwpwdu1frm9004jtqiv";
32 public static final string default_salt = "f77alylo";
33 public static final int default_iteration_count = 17;
34
35 public static string encryptpassword(string apassword) throws ioexception {
36 return new passwordutils(apassword).encrypt();
37 }
38
39 private string encrypt() throws ioexception {
40 string ret = null;
41 string strtoencrypt = null;
42 if (password == null) {
43 strtoencrypt = "";
44 } else {
45 strtoencrypt = password.length() + len_separator_str + password;
46 }
47 try {
48 cipher engine = cipher.getinstance(crypt_algo);
49 pbekeyspec keyspec = new pbekeyspec(encryptkey);
50 secretkeyfactory skf = secretkeyfactory.getinstance(crypt_algo);
51 secretkey key = skf.generatesecret(keyspec);
52 engine.init(cipher.encrypt_mode, key, new pbeparameterspec(salt, iteration_count));
53 byte[] encryptedstr = engine.dofinal(strtoencrypt.getbytes());
54 ret = new string(base64.encode(encryptedstr));
55 }
56 catch(throwable t) {
57 log.error("unable to encrypt password due to error", t);
58 throw new ioexception("unable to encrypt password due to error", t);
59 }
60 return ret;
61 }
62
63 passwordutils(string apassword) {
64 string[] crypt_algo_array = null;
65 int count = 0;
66 if (apassword != null && apassword.contains(",")) {
67 count = stringutils.countmatches(apassword, ",");
68 crypt_algo_array = apassword.split(",");
69 }
70 if (crypt_algo_array != null && crypt_algo_array.length > 4) {
71 crypt_algo = crypt_algo_array[0];
72 encrypt_key = crypt_algo_array[1].tochararray();
73 salt = crypt_algo_array[2].getbytes();
74 iteration_count = integer.parseint(crypt_algo_array[3]);
75 password = crypt_algo_array[4];
76 if (count > 4) {
77 for (int i = 5 ; i<=count ; i++){
78 password = password + "," + crypt_algo_array[i];
79 }
80 }
81 } else {
82 crypt_algo = default_crypt_algo;
83 encrypt_key = default_encrypt_key.tochararray();
84 salt = default_salt.getbytes();
85 iteration_count = default_iteration_count;
86 password = apassword;
87 }
88 map<string, string> env = system.getenv();
89 string encryptkeystr = env.get("encrypt_key");
90 if (encryptkeystr == null) {
91 encryptkey=encrypt_key;
92 }else{
93 encryptkey=encryptkeystr.tochararray();
94 }
95 string saltstr = env.get("encrypt_salt");
96 if (saltstr == null) {
97 salt = salt;
98 }else{
99 salt=saltstr.getbytes();
100 }
101 }
102
103 public static string decryptpassword(string apassword) throws ioexception {
104 return new passwordutils(apassword).decrypt();
105 }
106
107 private string decrypt() throws ioexception {
108 string ret = null;
109 try {
110 byte[] decodedpassword = base64.decode(password);
111 cipher engine = cipher.getinstance(crypt_algo);
112 pbekeyspec keyspec = new pbekeyspec(encryptkey);
113 secretkeyfactory skf = secretkeyfactory.getinstance(crypt_algo);
114 secretkey key = skf.generatesecret(keyspec);
115 engine.init(cipher.decrypt_mode, key,new pbeparameterspec(salt, iteration_count));
116 string decrypted = new string(engine.dofinal(decodedpassword));
117 int foundat = decrypted.indexof(len_separator_str);
118 if (foundat > -1) {
119 if (decrypted.length() > foundat) {
120 ret = decrypted.substring(foundat+1);
121 }
122 else {
123 ret = "";
124 }
125 }
126 else {
127 ret = null;
128 }
129 }
130 catch(throwable t) {
131 log.error("unable to decrypt password due to error", t);
132 throw new ioexception("unable to decrypt password due to error", t);
133 }
134 return ret;
135 }
136
137 public static string getdecryptpassword(string password) {
138 string decryptedpwd = null;
139 try {
140 decryptedpwd = decryptpassword(password);
141 } catch (exception ex) {
142 log.warn("password decryption failed, trying original password string.");
143 decryptedpwd = null;
144 } finally {
145 if (decryptedpwd == null) {
146 decryptedpwd = password;
147 }
148 }
149 return decryptedpwd;
150 }
151 }
测试加密/解密执行结果:
1 package com.xinyan.springcloud.tjt;
2
3 public class testdecryptencrypt {
4
5 public static void main(string[] args) throws exception {
6 string password = "taojietaoge";
7 //加密:
8 string encryptpassword = passwordutils.encryptpassword(password);
9 system.out.println("加密后:"+ encryptpassword);
10 //解密:
11 string decryptpassword = passwordutils.decryptpassword(encryptpassword);
12 system.out.println("解密后:"+ decryptpassword);
13 }
14
15 }
执行结果如下: