欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

自定义MD5加盐加密方式代码实现 博客分类: java随笔 Securityjava 

程序员文章站 2024-03-13 19:15:21
...
   按照自己的理解对密码加盐加密。当用户注册时候会先生成盐值,保存,然后保存账户和密码。当用户去登录的时候,我们需要先通过我们的用户名去查询我们的盐值,然后再根据盐值和密码去匹配对应的数据库。当然这里可能出现一个用户名有多个盐值的问题,这可能也是很多网站注册利用用户名去唯一识别,当然也跟需求有关,不能修改用户名.。如果是多个的就需要循环去比对.这次加密,主要讲MD5自己改写 然后加上盐值去保存,双重保密,这样应该可以防止暴力破解了吧。
来看代码吧:
package demo.dcn.service.utils.security;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

public class Md5Util {
	// 全局数组
    private final static String[] strDigits = { "0", "1", "2", "3", "4", "5",
            "6", "7", "8", "9", "a", "b", "c", "d", "e", "f","h","g","i","j","k","m","n","o",
            "p","q","x","y","z","u","w","=","+","-","^","*","#","v"};

    public Md5Util() {
    	
    }
    	/**
    	 * 返回形式为数字跟字符串
    	 * @param bByte
    	 * @return
    	 */
	    private static String byteToArrayString(byte bByte) {
	        int iRet = bByte;
	        // System.out.println("iRet="+iRet);
	        if (iRet < 0) {
	            iRet += 256;
	        }
	        int iD1 = iRet / 38;
	        int iD2 = iRet % 38;
	        return strDigits[iD1] + strDigits[iD2];
	    }
	    /**
	     * 转换字节数组为16进制字串
	     * @param bByte
	     * @return
	     */
	    private static String byteToString(byte[] bByte) {
	        StringBuffer sBuffer = new StringBuffer();
	        for (int i = 0; i < bByte.length; i++) {
	            sBuffer.append(byteToArrayString(bByte[i]));
	        }
	        return sBuffer.toString();
	    }
	    /**
	     * HASH加密
	     * @param strObj
	     * @return
	     */
	    public static String GetMD5Code(String strObj) {
	        String resultString = null;
	        try {
	            resultString = new String(strObj);
	            MessageDigest md = MessageDigest.getInstance("MD5");
	            // md.digest() 该函数返回值为存放哈希值结果的byte数组
	            resultString = byteToString(md.digest(strObj.getBytes()));
	        } catch (NoSuchAlgorithmException ex) {
	            ex.printStackTrace();
	        }
	        return resultString;
	    }
	    public static void main(String[] args) {
	    	Md5Util getMD5 = new Md5Util();
	        System.out.println(getMD5.GetMD5Code("0123"));
	        System.out.println(getMD5.GetMD5Code("0123"));
	    }
}


package demo.dcn.service.impl;

import java.util.List;

import javax.annotation.Resource;

import org.springframework.stereotype.Service;

import demo.dcn.dao.LookerDaoMapper;
import demo.dcn.service.RegisterService;
import demo.dcn.service.utils.security.Md5Util;
import demo.dcn.type.ResultMap;
import demo.dcn.vo.Looker;
import demo.dcn.vo.LookerSalt;
@Service
public class RegisterServiceImpl implements RegisterService {
	
	@Resource
	private LookerDaoMapper lookerDaoMapper;

	@Override
	public ResultMap lookerRegister(Looker looker) {
		ResultMap resultMap = ResultMap.SUCCESS;
		lookerDaoMapper.lookerRegisterDao(looker);
		return resultMap;
	}

	@Override
	public void lookerSaltRegister(LookerSalt lookerSalt) {
		lookerDaoMapper.lookerSaltReDao(lookerSalt);
	}
	
	@Override
	public Looker lookerLogin(Looker looker) {
		List<String> salts =	lookerDaoMapper.find(looker.getLookerName());//可能查询多个盐值
		Looker	looker2 = null;
		if(salts!=null&&salts.size()>0){
			String password = looker.getLookerPassword();
			for (String salt : salts) {
				looker.setLookerPassword(Md5Util.GetMD5Code(password)+salt);
				looker2 = lookerDaoMapper.lookerLogin(looker);
				if(looker2!=null){//如果匹配到对应的帐号就返回
					break;
				}
			}
		}
		return looker2;
	}
}


import javax.annotation.Resource;

import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;

import demo.dcn.service.RegisterService;
import demo.dcn.service.utils.UuidUtils;
import demo.dcn.service.utils.security.Md5Util;
import demo.dcn.vo.Looker;
import demo.dcn.vo.LookerSalt;
/**
 * 测试
 * @author kun.zhang@downjoy.com
 *
 *
 */
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(locations={
		"classpath*:config/demo-spring-context.xml",
		"classpath*:config/demo-spring-datasource.xml",
		"classpath*:config/demo-spring-redis.xml",
		"classpath*:config/demo-sql-config.xml"
		
})
public class test {
	
	@Autowired
	private RegisterService registerService;
	@Test
	public void testRegist(){
		LookerSalt lookerSalt = new LookerSalt();
		String uuid = UuidUtils.getuuid();
		lookerSalt.setLookerName("张三");
		lookerSalt.setUuid(uuid);
		registerService.lookerSaltRegister(lookerSalt);
		Looker looker = new Looker();
		looker.setLookerName("张三");
		looker.setLookerLevel(1);
		looker.setLoginStatus(0);
		looker.setLookerPassword(Md5Util.GetMD5Code("adcv0123fsac")+uuid);//加密
		registerService.lookerRegister(looker);
		System.out.println("a");
	}

	@Test
	public void testLogin(){
		Looker looker = new Looker();
		looker.setLookerName("张三");
		looker.setLookerPassword("adcv0123fsac");
		Looker looker2=	registerService.lookerLogin(looker);
		if(looker2!=null){
			System.out.println("登录成功");
			looker2.toString();
		}else{
			System.out.println("登录失败");
		}
	}


这里写了主要逻辑业务代码,其他代码就不写了,盐值自己用了uuid 当然也可以自己定义,用其他盐值。
数据库保存的密码:3y166d4b4#4=4w2x3j5p2u1n602#2e4747c4aceee805427696846f3a83f880be
数据库的盐值:47c4aceee805427696846f3a83f880be




相关标签: Security java