/**
* String Utility Class This is used to encode passwords programmatically
*
* <p>
* <a h ref="StringUtil.java.html"><i>View Source</i></a>
* </p>
*
* @author <a href="mailto:matt@raibledesigns.com">Matt Raible</a>
*/
public class PasswordMD5Encryption {
// ~ Static fields/initializers
private static Logger logger = Logger.getLogger(PasswordMD5Encryption.class);
private final static Log log = LogFactory
.getLog(PasswordMD5Encryption.class);
// ~ Methods
/**
* Encode a string using algorithm specified in web.xml and return the
* resulting encrypted password. If exception, the plain credentials string
* is returned
*
* @param password
* Password or other credentials to use in authenticating this
* username
* @param algorithm
* Algorithm used to do the digest
*
* @return encypted password based on the algorithm.
*/
public static String encodePassword(String password, String algorithm) {
byte[] unencodedPassword = password.getBytes();
MessageDigest md = null;
try {
// first create an instance, given the provider
md = MessageDigest.getInstance(algorithm);
} catch (Exception e) {
log.error("Exception: " + e);
return password;
}
md.reset();
// call the update method one or more times
// (useful when you don't know the size of your data, eg. stream)
md.update(unencodedPassword);
// now calculate the hash
byte[] encodedPassword = md.digest();
StringBuffer buf = new StringBuffer();
for (int i = 0; i < encodedPassword.length; i++) {
if ((encodedPassword[i] & 0xff) < 0x10) {
buf.append("0");
}
buf.append(Long.toString(encodedPassword[i] & 0xff, 16));
}
return buf.toString();
}
/**
* Encode a string using Base64 encoding. Used when storing passwords as
* cookies.
*
* This is weak encoding in that anyone can use the decodeString routine to
* reverse the encoding.
*
* @param str
* @return String
*/
public static String encodeString(String str) {
sun.misc.BASE64Encoder encoder = new sun.misc.BASE64Encoder();
return encoder.encodeBuffer(str.getBytes()).trim();
}
/**
* Decode a string using Base64 encoding.
* @param str
* @return String
*/
public static String decodeString(String str) {
sun.misc.BASE64Decoder dec = new sun.misc.BASE64Decoder();
try {
return new String(dec.decodeBuffer(str));
} catch (IOException io) {
throw new RuntimeException(io.getMessage(), io.getCause());
}
}
public static void main(String[] args) {
String passString = "123456";
String newpass = PasswordMD5Encryption.encodeString(passString);
System.out.println(passString+" 加密后的字符串是 : " + newpass);
String newpassAgin = PasswordMD5Encryption.decodeString(newpass);
System.out.println(newpass+" 加密后再解密的字符串是 : " + newpassAgin);
}
}
1. MD5加密,常用于加密用户名密码,当用户验证时。 不可逆
protected byte[] encrypt(byte[] obj) ...{
try ...{
MessageDigest md5 = MessageDigest.getInstance("MD5");
md5.update(obj);
return md5.digest();
} catch (NoSuchAlgorithmException e) ...{
e.printStackTrace();
}
}
2. SHA加密,与MD5相似的用法,只是两者的算法不同。
protected byte[] encrypt(byte[] obj) ...{
try ...{
MessageDigest sha = MessageDigest.getInstance("SHA");
sha.update(obj);
return sha.digest();
} catch (NoSuchAlgorithmException e) ...{
e.printStackTrace();
}
}
3. RSA加密,RAS加密允许解密。常用于文本内容的加密。
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import javax.crypto.Cipher;
/** *//**
* <b>RSAEncrypt</b>
* <p>
* @author maqujun
* @see
*/
public class RSAEncrypt ...{
/** *//**
* Main method for RSAEncrypt.
* @param args
*/
public static void main(String[] args) ...{
try ...{
RSAEncrypt encrypt = new RSAEncrypt();
String encryptText = "encryptText";
KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA");
keyPairGen.initialize(1024);
KeyPair keyPair = keyPairGen.generateKeyPair();
// Generate keys
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
byte[] e = encrypt.encrypt(publicKey, encryptText.getBytes());
byte[] de = encrypt.decrypt(privateKey,e);
System.out.println(encrypt.bytesToString(e));
System.out.println(encrypt.bytesToString(de));
} catch (Exception e) ...{
e.printStackTrace();
}
}
/** *//**
* Change byte array to String.
* @return byte[]
*/
protected String bytesToString(byte[] encrytpByte) ...{
String result = "";
for (Byte bytes : encrytpByte) ...{
result += (char) bytes.intValue();
}
return result;
}
/** *//**
* Encrypt String.
* @return byte[]
*/
protected byte[] encrypt(RSAPublicKey publicKey, byte[] obj) ...{
if (publicKey != null) ...{
try ...{
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
return cipher.doFinal(obj);
} catch (Exception e) ...{
e.printStackTrace();
}
}
return null;
}
/** *//**
* Basic decrypt method
* @return byte[]
*/
protected byte[] decrypt(RSAPrivateKey privateKey, byte[] obj) ...{
if (privateKey != null) ...{
try ...{
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE, privateKey);
return cipher.doFinal(obj);
} catch (Exception e) ...{
e.printStackTrace();
}
}
return null;
}
}
学习网址:http://www.ibm.com/developerworks/cn/java/l-security/
http://www.builder.com.cn/2007/0823/465427.shtml