欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

安全编程之MD5撒盐加密

程序员文章站 2024-03-19 09:29:40
...

MD5撒盐加密 主要可以做字符串验证--最合适的是登录密码验证操作

import java.security.MessageDigest;
import java.util.Random;

public class MD5Util {

    /**
     * 加盐MD5
     *
     * @param password
     * @return
     * @author daniel
     * @time 2016-6-11 下午8:45:04
     */
    public static String generateMD5(String password) {
        Random r = new Random();
        StringBuilder sb = new StringBuilder(16);
        sb.append(r.nextInt(99999999)).append(r.nextInt(99999999));
        int len = sb.length();
        if (len < 16) {
            for (int i = 0; i < 16 - len; i++) {
                sb.append("0");
            }
        }
        String salt = sb.toString();
        password = md5Hex(password + salt);
        char[] cs = new char[48];
        for (int i = 0; i < 48; i += 3) {
            cs[i] = password.charAt(i / 3 * 2);
            char c = salt.charAt(i / 3);
            cs[i + 1] = c;
            cs[i + 2] = password.charAt(i / 3 * 2 + 1);
        }
        return new String(cs);
    }

    /**
     * 校验加盐后是否和原文一致
     *
     * @param str
     * @param md5
     * @return
     * @author daniel
     * @time 2016-6-11 下午8:45:39
     */
    public static boolean verify(String str, String md5) {
        char[] cs1 = new char[32];
        char[] cs2 = new char[16];
        for (int i = 0; i < 48; i += 3) {
            cs1[i / 3 * 2] = md5.charAt(i);
            cs1[i / 3 * 2 + 1] = md5.charAt(i + 2);
            cs2[i / 3] = md5.charAt(i + 1);
        }
        String salt = new String(cs2);
        return md5Hex(str + salt).equals(new String(cs1));
    }

    /**
     * 获取十六进制字符串形式的MD5摘要
     */
    private static String md5Hex(String src) {
        try {
            MessageDigest md5 = MessageDigest.getInstance("MD5");
            byte[] bs = md5.digest(src.getBytes());
            return new String(hexEncode(bs));
        } catch (Exception e) {
            return null;
        }
    }

    /**
     * 字节流转成十六进制表示
     */
    public static String hexEncode(byte[] src) {
        String strHex;
        StringBuilder sb = new StringBuilder();
        for (int n = 0; n < src.length; n++) {
            strHex = Integer.toHexString(src[n] & 0xFF);
            sb.append((strHex.length() == 1) ? "0" + strHex : strHex); // 每个字节由两个字符表示,位数不够,高位补0
        }
        return sb.toString().trim();
    }

    // 测试主函数
    public static void main(String args[]) {
        // 原文
        String passwordStr = "password22";

        // 获取加盐后的MD5值
        String md5Value = MD5Util.generateMD5(passwordStr);
        System.out.println("加盐后MD5:" + md5Value);

        System.out.println("是否是同一字符串:" + MD5Util.verify(passwordStr,md5Value));

        System.out.println("-----------------------------------------------------------");
        
        //加盐后每次生成的MD5值
        String[] strMd5s = new String[]{"98641096ee18e91476d93a9de23915862536715a9740e702","554c50735a9c149b0a556a5d89302d794b4242c44257dd99"
        ,"69aa44d7f53f345e6ec5ef8eb6923eb3083890591a701b0d","36c28d591946a4928bc16878c9d29e20ba02b7bd5f80243f"};
        for (String strMd5:strMd5s){
            System.out.println("是否是同一字符串:" + MD5Util.verify(passwordStr, strMd5));
        }
    }

}

运行结果:

加盐后MD5:09a233f6b90d583641b5531983e310394a49896d0564f367
是否是同一字符串:true
-----------------------------------------------------------
是否是同一字符串:false
是否是同一字符串:false
是否是同一字符串:true
是否是同一字符串:false

 

上一篇: md5加密

下一篇: MD5加密工具类