/**
 * 對字符串md5加密
 *
 * @param str
 * @return
 */
import java.security.MessageDigest;
public static String getMD5(String str) {
 try {
 // 生成一個MD5加密計算摘要
 MessageDigest md = MessageDigest.getInstance("MD5");
 // 計算md5函數(shù)
 md.update(str.getBytes());
 // digest()最后確定返回md5 hash值，返回值為8為字符串。因為md5 hash值是16位的hex值，實際上就是8位的字符
 // BigInteger函數(shù)則將8位的字符串轉(zhuǎn)換成16位hex值，用字符串來表示；得到字符串形式的hash值
 return new BigInteger(1, md.digest()).toString(16);
 } catch (Exception e) {
 throw new SpeedException("MD5加密出現(xiàn)錯誤");
 }
}

package com.zyg.security.md5;

import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;

public class MyMD5Util {
 
 private static final String HEX_NUMS_STR="0123456789ABCDEF";
 private static final Integer SALT_LENGTH = 12;
 
 /** 
 * 將16進制字符串轉(zhuǎn)換成字節(jié)數(shù)組 
 * @param hex 
 * @return 
 */
 public static byte[] hexStringToByte(String hex) {
 int len = (hex.length() / 2);
 byte[] result = new byte[len];
 char[] hexChars = hex.toCharArray();
 for (int i = 0; i < len; i++) {
 int pos = i * 2;
 result[i] = (byte) (HEX_NUMS_STR.indexOf(hexChars[pos]) << 4 
 | HEX_NUMS_STR.indexOf(hexChars[pos + 1]));
 }
 return result;
 }

 
 /**
 * 將指定byte數(shù)組轉(zhuǎn)換成16進制字符串
 * @param b
 * @return
 */
 public static String byteToHexString(byte[] b) {
 StringBuffer hexString = new StringBuffer();
 for (int i = 0; i < b.length; i++) {
 String hex = Integer.toHexString(b[i] & 0xFF);
 if (hex.length() == 1) {
 hex = '0' + hex;
 }
 hexString.append(hex.toUpperCase());
 }
 return hexString.toString();
 }
 
 /**
 * 驗證口令是否合法
 * @param password
 * @param passwordInDb
 * @return
 * @throws NoSuchAlgorithmException
 * @throws UnsupportedEncodingException
 */
 public static boolean validPassword(String password, String passwordInDb)
 throws NoSuchAlgorithmException, UnsupportedEncodingException {
 //將16進制字符串格式口令轉(zhuǎn)換成字節(jié)數(shù)組
 byte[] pwdInDb = hexStringToByte(passwordInDb);
 //聲明鹽變量
 byte[] salt = new byte[SALT_LENGTH];
 //將鹽從數(shù)據(jù)庫中保存的口令字節(jié)數(shù)組中提取出來
 System.arraycopy(pwdInDb, 0, salt, 0, SALT_LENGTH);
 //創(chuàng)建消息摘要對象
 MessageDigest md = MessageDigest.getInstance("MD5");
 //將鹽數(shù)據(jù)傳入消息摘要對象
 md.update(salt);
 //將口令的數(shù)據(jù)傳給消息摘要對象
 md.update(password.getBytes("UTF-8"));
 //生成輸入口令的消息摘要
 byte[] digest = md.digest();
 //聲明一個保存數(shù)據(jù)庫中口令消息摘要的變量
 byte[] digestInDb = new byte[pwdInDb.length - SALT_LENGTH];
 //取得數(shù)據(jù)庫中口令的消息摘要
 System.arraycopy(pwdInDb, SALT_LENGTH, digestInDb, 0, digestInDb.length);
 //比較根據(jù)輸入口令生成的消息摘要和數(shù)據(jù)庫中消息摘要是否相同
 if (Arrays.equals(digest, digestInDb)) {
 //口令正確返回口令匹配消息
 return true;
 } else {
 //口令不正確返回口令不匹配消息
 return false;
 }
 }


 /**
 * 獲得加密后的16進制形式口令
 * @param password
 * @return
 * @throws NoSuchAlgorithmException
 * @throws UnsupportedEncodingException
 */
 public static String getEncryptedPwd(String password)
 throws NoSuchAlgorithmException, UnsupportedEncodingException {
 //聲明加密后的口令數(shù)組變量
 byte[] pwd = null;
 //隨機數(shù)生成器
 SecureRandom random = new SecureRandom();
 //聲明鹽數(shù)組變量
 byte[] salt = new byte[SALT_LENGTH];
 //將隨機數(shù)放入鹽變量中
 random.nextBytes(salt);

 //聲明消息摘要對象
 MessageDigest md = null;
 //創(chuàng)建消息摘要
 md = MessageDigest.getInstance("MD5");
 //將鹽數(shù)據(jù)傳入消息摘要對象
 md.update(salt);
 //將口令的數(shù)據(jù)傳給消息摘要對象
 md.update(password.getBytes("UTF-8"));
 //獲得消息摘要的字節(jié)數(shù)組
 byte[] digest = md.digest();

 //因為要在口令的字節(jié)數(shù)組中存放鹽，所以加上鹽的字節(jié)長度
 pwd = new byte[digest.length + SALT_LENGTH];
 //將鹽的字節(jié)拷貝到生成的加密口令字節(jié)數(shù)組的前12個字節(jié)，以便在驗證口令時取出鹽
 System.arraycopy(salt, 0, pwd, 0, SALT_LENGTH);
 //將消息摘要拷貝到加密口令字節(jié)數(shù)組從第13個字節(jié)開始的字節(jié)
 System.arraycopy(digest, 0, pwd, SALT_LENGTH, digest.length);
 //將字節(jié)數(shù)組格式加密后的口令轉(zhuǎn)化為16進制字符串格式的口令
 return byteToHexString(pwd);
 }
}

package com.zyg.security.md5;

import java.io.UnsupportedEncodingException;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
import java.util.Map;

public class Client {
 private static Map users = new HashMap();
 
 public static void main(String[] args){
 String userName = "zyg";
 String password = "123";
 registerUser(userName,password);
 
 userName = "changong";
 password = "456";
 registerUser(userName,password);
 
 String loginUserId = "zyg";
 String pwd = "1232";
 try {
 if(loginValid(loginUserId,pwd)){
 System.out.println("歡迎登陸?。。?);
 }else{
 System.out.println("口令錯誤，請重新輸入?。?！");
 }
 } catch (NoSuchAlgorithmException e) {
 // TODO Auto-generated catch block
 e.printStackTrace();
 } catch (UnsupportedEncodingException e) {
 // TODO Auto-generated catch block
 e.printStackTrace();
 } 
 }
 
 /**
 * 注冊用戶
 * 
 * @param userName
 * @param password
 */
 public static void registerUser(String userName,String password){
 String encryptedPwd = null;
 try {
 encryptedPwd = MyMD5Util.getEncryptedPwd(password);
 
 users.put(userName, encryptedPwd);
 
 } catch (NoSuchAlgorithmException e) {
 // TODO Auto-generated catch block
 e.printStackTrace();
 } catch (UnsupportedEncodingException e) {
 // TODO Auto-generated catch block
 e.printStackTrace();
 }
 }
 
 /**
 * 驗證登陸
 * 
 * @param userName
 * @param password
 * @return
 * @throws UnsupportedEncodingException 
 * @throws NoSuchAlgorithmException 
 */
 public static boolean loginValid(String userName,String password) 
 throws NoSuchAlgorithmException, UnsupportedEncodingException{
 String pwdInDb = (String)users.get(userName);
 if(null!=pwdInDb){ // 該用戶存在
 return MyMD5Util.validPassword(password, pwdInDb);
 }else{
 System.out.println("不存在該用戶?。?！");
 return false;
 }
 }
}