這種方法是采用隨機生成鹽值加入password中組合成的新密碼,下面是md5+鹽的一個工具類,直接導入使用即可!
工具類
package com.oracle.utils;
import java.security.MessageDigest;
import java.util.Random;
import org.apache.commons.codec.binary.Hex;
public class Md5AndSalt {
public static String generate(String password) {
Random r = new Random();
StringBuilder sb = new StringBuilder(16);
sb.append(r.nextInt(99999999)).append(r.nextInt(99999999));
int len = sb.length();
if (len < 16) {
for (int i = 0; i < 16 - len; i++) {
sb.append("0");
}
}
String salt = sb.toString();
password = md5Hex(password + salt);
char[] cs = new char[48];
for (int i = 0; i < 48; i += 3) {
cs[i] = password.charAt(i / 3 * 2);
char c = salt.charAt(i / 3);
cs[i + 1] = c;
cs[i + 2] = password.charAt(i / 3 * 2 + 1);
}
return new String(cs);
}
/**
* 獲取十六進制字符串形式的MD5摘要
*/
private static String md5Hex(String src) {
try {
MessageDigest md5 = MessageDigest.getInstance("MD5");
byte[] bs = md5.digest(src.getBytes());
return new String(new Hex().encode(bs));
} catch (Exception e) {
return null;
}
}
public static boolean verify(String password, String md5) {
char[] cs1 = new char[32];
char[] cs2 = new char[16];
for (int i = 0; i < 48; i += 3) {
cs1[i / 3 * 2] = md5.charAt(i);
cs1[i / 3 * 2 + 1] = md5.charAt(i + 2);
cs2[i / 3] = md5.charAt(i + 1);
}
String salt = new String(cs2);
return md5Hex(password + salt).equals(new String(cs1));
}
}
測試
package com.oracle.test;
import java.security.MessageDigest;
import java.util.Random;
import org.apache.commons.codec.binary.Hex;
import org.junit.Test;
import com.oracle.utils.Md5AndSalt;
public class Md5AndSaltTest {
Md5AndSalt MS=new Md5AndSalt();
@Test
public void Test() {
String ss = MS.generate("123456");
System.out.println(MS.generate("123456"));
System.out.println("是否是同一字符串:"+MS.verify("123456", ss));
}
}