用户密码加密 MD5+Salt
1.设计工具类 EncrptUtil和SaltUtil类分别实现MD5散列和随机生成16位salt
public class EncryptUtil {
public static String md5(String plainText){
String encryStr=null;
if(plainText==null&&!"".equals(plainText)){
return null;
}
try {
byte[] ret= MessageDigest.getInstance("md5").digest(plainText.getBytes());
String md5Code=new BigInteger(1,ret).toString(16);
for (int i = 0; i < 32-md5Code.length(); i++) {
md5Code="0"+md5Code;
}
encryStr =md5Code;
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return encryStr;
}
}
public class SaltUtil {
private static char[] hex = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
public static String salt() {
Random random = new Random();
StringBuilder sb = new StringBuilder(16);
for (int i = 0; i < sb.capacity(); i++) {
sb.append(hex[random.nextInt(16)]);
}
return sb.toString();
}
}
2.将两个工具类集成到entity user类中的pwd和salt成员变量中
public String getLoginPwd() {
return loginPwd;
}
public void setLoginPwd(String loginPwd) {
this.loginPwd = EncryptUtil.md5(loginPwd+getSalt());
}
public void setLoginPwd(String loginPwd,int i) {
this.loginPwd = loginPwd;
}
public String getSalt() {
return salt;
}
public void setSalt() {
this.salt = SaltUtil.salt();
}
public void setSalt(String salt) {
this.salt = salt;
}
3.测试用户登录
public class UserService {
public User login (String loginName, String pwd){
UserDao u1 =new UserDao();
User saveUser = u1.findByLoginName("25");
System.out.println(saveUser.getSalt());
if(saveUser != null && saveUser.getLoginName().equals(loginName) && saveUser.getLoginPwd().equals(EncryptUtil.md5(pwd+ saveUser.getSalt()))) {
return saveUser;
}else {
return null;
}
}
}
![在这里插入图片描述](https://img-blog.csdnimg.cn/20200513204032217.png#pic_center)