import java.security.*;
import java.io.*;
import java.util.*;
import sun.misc.*;
public class MD {
// 加密
public static String creatPassword(String password) throws Exception {
SecureRandom random = new SecureRandom();
byte[] salt = new byte[12];
random.nextBytes(salt);
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(salt);
md.update(password.getBytes("UTF8"));
byte[] digest = md.digest();
String outp = new BASE64Encoder().encode(salt);
outp = outp + new BASE64Encoder().encode(digest);
return outp;
}
// 认证,gavingPassword是客户输入的密码明文,password是存放的密码的密文
public static boolean authenticatePassword(String gavingPassword,
String password) throws Exception {
String saltString = password.substring(0, 16);
byte[] salt = new BASE64Decoder().decodeBuffer(saltString);
String digest1 = password.substring(16);
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(salt);
md.update(gavingPassword.getBytes("UTF8"));
byte[] digest = md.digest();
String digest2 = new BASE64Encoder().encode(digest);
if (digest1.equals(digest2))
return true;
else
return false;
}
}
|