项目中加密存储密码的工具类---PasswordUtil类
2012-04-04 02:55
309 查看
PBE——Password-based encryption(基于密码加密)。其特点在于口令由用户自己掌管,不借助任何物理媒体;采用随机数(这里我们叫做盐)杂凑多重加密等方法保证数据的安全性。是一种简便的加密方式。
本类运用了Java 6所支持的PBE对称加密算法到Android环境里,实现密码的安全存储.
代码的使用:
运行的效果:
可以使用该工具类,把密码和盐值都固定在工具类里,将用户输入的密码,加密后保存在SharePreference里面.已达到安全存储密码的需求.
------------------------分割线---------------------------
以下是SHA1安全哈希算法的使用工具,在常见的登录操作中,服务器采用的验证方式为:MD5(username+SHA1(password)+时间戳+APP_KEY)
本类运用了Java 6所支持的PBE对称加密算法到Android环境里,实现密码的安全存储.
import java.security.Key;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
public class PasswordUtil {
/**
* JAVA6支持以下任意一种算法
* PBEWITHMD5ANDDES
* PBEWITHMD5ANDTRIPLEDES
* PBEWITHSHAANDDESEDE
* PBEWITHSHA1ANDRC2_40
* PBKDF2WITHHMACSHA1
* */
/**
* 定义使用的算法为:PBEWITHMD5andDES算法
*/
public static final String ALGORITHM = "PBEWithMD5AndDES";
/**
* 定义迭代次数为1000次
*/
private static final int ITERATIONCOUNT = 1000;
/**
* 获取加密算法中使用的盐值,解密中使用的盐值必须与加密中使用的相同才能完成操作.
* 盐长度必须为8字节
*
* @return byte[] 盐值
* */
public static byte[] getSalt() throws Exception {
//实例化安全随机数
SecureRandom random = new SecureRandom();
//产出盐
return random.generateSeed(8);
}
/**
* 根据PBE密码生成一把密钥
*
* @param password
* 生成密钥时所使用的密码
* @return Key PBE算法密钥
* */
private static Key getPBEKey(String password) throws Exception {
// 实例化使用的算法
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM);
// 设置PBE密钥参数
PBEKeySpec keySpec = new PBEKeySpec(password.toCharArray());
// 生成密钥
SecretKey secretKey = keyFactory.generateSecret(keySpec);
return secretKey;
}
/**
* 加密明文字符串
*
* @param plaintext
* 待加密的明文字符串
* @param password
* 生成密钥时所使用的密码
* @param salt
* 盐值
* @return 加密后的密文字符串
* @throws Exception
*/
public static String encrypt(String plaintext, String password, byte[] salt) throws Exception {
Key key = getPBEKey(password);
PBEParameterSpec parameterSpec = new PBEParameterSpec(salt, ITERATIONCOUNT);
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, key, parameterSpec);
byte encipheredData[] = cipher.doFinal(plaintext.getBytes());
return bytesToHexString(encipheredData);
}
/**
* 解密密文字符串
*
* @param ciphertext
* 待解密的密文字符串
* @param password
* 生成密钥时所使用的密码(如需解密,该参数需要与加密时使用的一致)
* @param salt
* 盐值(如需解密,该参数需要与加密时使用的一致)
* @return 解密后的明文字符串
* @throws Exception
*/
public static String decrypt(String ciphertext, String password, byte[] salt) throws Exception {
Key key = getPBEKey(password);
PBEParameterSpec parameterSpec = new PBEParameterSpec(salt, ITERATIONCOUNT);
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, key, parameterSpec);
byte[] passDec = cipher.doFinal(hexStringToBytes(ciphertext));
return new String(passDec);
}
/**
* 将字节数组转换为十六进制字符串
* @param src 字节数组
* @return
*/
public static String bytesToHexString(byte[] src) {
StringBuilder stringBuilder = new StringBuilder("");
if (src == null || src.length <= 0) {
return null;
}
for (int i = 0; i < src.length; i++) {
int v = src[i] & 0xFF;
String hv = Integer.toHexString(v);
if (hv.length() < 2) {
stringBuilder.append(0);
}
stringBuilder.append(hv);
}
return stringBuilder.toString();
}
/**
* 将十六进制字符串转换为字节数组
*
* @param hexString 十六进制字符串
* @return
*/
public static byte[] hexStringToBytes(String hexString) {
if (hexString == null || hexString.equals("")) {
return null;
}
hexString = hexString.toUpperCase();
int length = hexString.length() / 2;
char[] hexChars = hexString.toCharArray();
byte[] d = new byte[length];
for (int i = 0; i < length; i++) {
int pos = i * 2;
d[i] = (byte) (charToByte(hexChars[pos]) << 4 | charToByte(hexChars[pos + 1]));
}
return d;
}
private static byte charToByte(char c) {
return (byte) "0123456789ABCDEF".indexOf(c);
}
}代码的使用:
public static void main(String[] args) {
String str = "PBE";
String password = "123";
System.out.println("明文:" + str);
System.out.println("密码:" + password);
try {
byte[] salt = PasswordUtil.getSalt();
String ciphertext = PasswordUtil.encrypt(str, password, salt);
System.out.println("密文:" + ciphertext);
String plaintext = PasswordUtil.decrypt(ciphertext, password, salt);
System.out.println("明文:" + plaintext);
} catch (Exception e) {
e.printStackTrace();
}
}运行的效果:
可以使用该工具类,把密码和盐值都固定在工具类里,将用户输入的密码,加密后保存在SharePreference里面.已达到安全存储密码的需求.
------------------------分割线---------------------------
以下是SHA1安全哈希算法的使用工具,在常见的登录操作中,服务器采用的验证方式为:MD5(username+SHA1(password)+时间戳+APP_KEY)
public class SHA1Util {
private static final boolean hexcase = false;
private static final String b64pad = "=";
private static final int chrsz = 8;
// 得到字符串SHA-1值的方法
public static String hex_sha1(String s) {
s = (s == null) ? "" : s;
return binb2hex(core_sha1(str2binb(s), s.length() * chrsz));
}
public static String b64_hmac_sha1(String key, String data) {
return binb2b64(core_hmac_sha1(key, data));
}
public static String b64_sha1(String s) {
s = (s == null) ? "" : s;
return binb2b64(core_sha1(str2binb(s), s.length() * chrsz));
}
private static String binb2b64(int[] binarray) {
String tab = "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz0123456789+/";
String str = "";
binarray = strechbinarray(binarray, binarray.length * 4);
for (int i = 0; i < binarray.length * 4; i += 3) {
int triplet = (((binarray[i >> 2] >> 8 * (3 - i % 4)) & 0xff) << 16)
| (((binarray[i + 1 >> 2] >> 8 * (3 - (i + 1) % 4)) & 0xff) << ((binarray[i + 2 >> 2] >> 8 * (3 - (i + 2) % 4)) & 0xff));
for (int j = 0; j < 4; j++) {
if (i * 8 + j * 6 > binarray.length * 32) {
str += b64pad;
} else {
str += tab.charAt((triplet >> 6 * (3 - j)) & 0x3f);
}
}
}
return cleanb64str(str);
}
private static String binb2hex(int[] binarray) {
String hex_tab = hexcase ? "0123456789abcdef" : "0123456789abcdef";
String str = "";
for (int i = 0; i < binarray.length * 4; i++) {
char a = (char) hex_tab.charAt((binarray[i >> 2] >> ((3 - i % 4) * 8 + 4)) & 0xf);
char b = (char) hex_tab.charAt((binarray[i >> 2] >> ((3 - i % 4) * 8)) & 0xf);
str += (new Character(a).toString() + new Character(b).toString());
}
return str;
}
private static String binb2str(int[] bin) {
String str = "";
int mask = (1 << chrsz) - 1;
for (int i = 0; i < bin.length * 32; i += chrsz) {
str += (char) ((bin[i >> 5] >>> (24 - i % 32)) & mask);
}
return str;
}
private static int bit_rol(int num, int cnt) {
return (num << cnt) | (num >>> (32 - cnt));
}
private static String cleanb64str(String str) {
str = (str == null) ? "" : str;
int len = str.length();
if (len <= 1) {
return str;
}
char trailchar = str.charAt(len - 1);
String trailstr = "";
for (int i = len - 1; i >= 0 && str.charAt(i) == trailchar; i--) {
trailstr += str.charAt(i);
}
return str.substring(0, str.indexOf(trailstr));
}
private static int[] complete216(int[] oldbin) {
if (oldbin.length >= 16) {
return oldbin;
}
int[] newbin = new int[16 - oldbin.length];
for (int i = 0; i < newbin.length; newbin[i] = 0, i++)
;
return concat(oldbin, newbin);
}
private static int[] concat(int[] oldbin, int[] newbin) {
int[] retval = new int[oldbin.length + newbin.length];
for (int i = 0; i < (oldbin.length + newbin.length); i++) {
if (i < oldbin.length) {
retval[i] = oldbin[i];
} else {
retval[i] = newbin[i - oldbin.length];
}
}
return retval;
}
private static int[] core_hmac_sha1(String key, String data) {
key = (key == null) ? "" : key;
data = (data == null) ? "" : data;
int[] bkey = complete216(str2binb(key));
if (bkey.length > 16) {
bkey = core_sha1(bkey, key.length() * chrsz);
}
int[] ipad = new int[16];
int[] opad = new int[16];
for (int i = 0; i < 16; ipad[i] = 0, opad[i] = 0, i++)
;
for (int i = 0; i < 16; i++) {
ipad[i] = bkey[i] ^ 0x36363636;
opad[i] = bkey[i] ^ 0x5c5c5c5c;
}
int[] hash = core_sha1(concat(ipad, str2binb(data)), 512 + data.length() * chrsz);
return core_sha1(concat(opad, hash), 512 + 160);
}
private static int[] core_sha1(int[] x, int len) {
int size = (len >> 5);
x = strechbinarray(x, size);
x[len >> 5] |= 0x80 << (24 - len % 32);
size = ((len + 64 >> 9) << 4) + 15;
x = strechbinarray(x, size);
x[((len + 64 >> 9) << 4) + 15] = len;
int[] w = new int[80];
int a = 1732584193;
int b = -271733879;
int c = -1732584194;
int d = 271733878;
int e = -1009589776;
for (int i = 0; i < x.length; i += 16) {
int olda = a;
int oldb = b;
int oldc = c;
int oldd = d;
int olde = e;
for (int j = 0; j < 80; j++) {
if (j < 16) {
w[j] = x[i + j];
} else {
w[j] = rol(w[j - 3] ^ w[j - 8] ^ w[j - 14] ^ w[j - 16], 1);
}
int t = safe_add(safe_add(rol(a, 5), sha1_ft(j, b, c, d)), safe_add(safe_add(e, w[j]), sha1_kt(j)));
e = d;
d = c;
c = rol(b, 30);
b = a;
a = t;
}
a = safe_add(a, olda);
b = safe_add(b, oldb);
c = safe_add(c, oldc);
d = safe_add(d, oldd);
e = safe_add(e, olde);
}
int[] retval = new int[5];
retval[0] = a;
retval[1] = b;
retval[2] = c;
retval[3] = d;
retval[4] = e;
return retval;
}
private static void dotest() {
String key = "key";
String data = "data";
System.out.println("hex_sha1(" + data + ")=" + hex_sha1(data));
System.out.println("b64_sha1(" + data + ")=" + b64_sha1(data));
System.out.println("str_sha1(" + data + ")=" + str_sha1(data));
System.out.println("hex_hmac_sha1(" + key + "," + data + ")=" + hex_hmac_sha1(key, data));
System.out.println("b64_hmac_sha1(" + key + "," + data + ")=" + b64_hmac_sha1(key, data));
System.out.println("str_hmac_sha1(" + key + "," + data + ")=" + str_hmac_sha1(key, data));
}
public static String hex_hmac_sha1(String key, String data) {
return binb2hex(core_hmac_sha1(key, data));
}
private static int rol(int num, int cnt) {
return (num << cnt) | (num >>> (32 - cnt));
}
private static int safe_add(int x, int y) {
int lsw = (int) (x & 0xffff) + (int) (y & 0xffff);
int msw = (x >> 16) + (y >> 16) + (lsw >> 16);
return (msw << 16) | (lsw & 0xffff);
}
private static int sha1_ft(int t, int b, int c, int d) {
if (t < 20)
return (b & c) | ((~b) & d);
if (t < 40)
return b ^ c ^ d;
if (t < 60)
return (b & c) | (b & d) | (c & d);
return b ^ c ^ d;
}
private static int sha1_kt(int t) {
return (t < 20) ? 1518500249 : (t < 40) ? 1859775393 : (t < 60) ? -1894007588 : -899497514;
}
private static boolean sha1_vm_test() {
return hexcase ? hex_sha1("abc").equals("a9993e364706816aba3e25717850c26c9cd0d89d") : hex_sha1("abc").equals("a9993e364706816aba3e25717850c26c9cd0d89d");
}
public static String str_hmac_sha1(String key, String data) {
return binb2str(core_hmac_sha1(key, data));
}
public static String str_sha1(String s) {
s = (s == null) ? "" : s;
return binb2str(core_sha1(str2binb(s), s.length() * chrsz));
}
private static int[] str2binb(String str) {
str = (str == null) ? "" : str;
int[] tmp = new int[str.length() * chrsz];
int mask = (1 << chrsz) - 1;
for (int i = 0; i < str.length() * chrsz; i += chrsz) {
tmp[i >> 5] |= ((int) (str.charAt(i / chrsz)) & mask) << (24 - i % 32);
}
int len = 0;
for (int i = 0; i < tmp.length && tmp[i] != 0; i++, len++)
;
int[] bin = new int[len];
for (int i = 0; i < len; i++) {
bin[i] = tmp[i];
}
return bin;
}
private static int[] strechbinarray(int[] oldbin, int size) {
int currlen = oldbin.length;
if (currlen >= size + 1) {
return oldbin;
}
int[] newbin = new int[size + 1];
for (int i = 0; i < size; newbin[i] = 0, i++)
;
for (int i = 0; i < currlen; i++) {
newbin[i] = oldbin[i];
}
return newbin;
}
}
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 项目中加密存储密码的工具类---PasswordUtil类
- 用flask开发个人博客(30)—— 用WerkZeug实现密码的加密存储
- Spring Security笔记:使用BCrypt算法加密存储登录密码
- ios客户端学习-密码加密存储keychain,KeychainItemWrapper和SFHFKeychainUtils
- 使用BCrypt算法加密存储登录密码用法及好处
- Flask学习总结笔记(10) -- 利用Werkzeug实现账号密码加密存储
- 直接存储用户密码的明文或者将密码加密存储
- java存储用户信息用MD5对密码加密
- 用户密码加密存储十问十答,一文说透密码安全存储
- tomcat安全配置之证书密码加密存储
- 查看并修改Oracle用户的密码【oracle不能查看dba_users里password字段(存储密码的加密过的字符串)对应的密码明文】
- 登山-C#-对密码进行加密存储
- 这才是一个完整的用户登录(Forms身份认证+记住密码+加密存储+LoginedPage/BasePage)
- 密码存储以及网络传输的加密算法-Base64加密加盐后MD5的加密
- Web项目中对配置文件中的密码进行加密(数据库连接密码)
- 技术文库项目的最新浏览记录和记住登录状态的COOKIE加密存储
- java web项目中的properties文件中的属性值在启动后进行修改(数据库密码加密等)
- 【工具类】Android数据存储sharedpreferences加密
- 一个密码锁加密应用项目源码
- 何惧MD5简单搞定加密及密码验证工具类