很長時間沒有更新自己的blog了,最近忙一個基于alfreco的項目開發,趕快把用到的一些東西記錄一下,誰讓自己記性不好呢。這里是password的加解密:
PasswordUtil.java
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
public class PasswordUtil {
public final static int ITERATION_NUMBER = 1000;
public static final String algorithm = "Blowfish";// we can use DES,DESede,Blowfish
/**
*
* @param password
* @return
* @throws Exception
*/
public static PasswordBean encry(String password) throws Exception {
Security.addProvider(new com.sun.crypto.provider.SunJCE());
try {
KeyGenerator keygen = KeyGenerator.getInstance(algorithm);
SecretKey deskey = keygen.generateKey();
Cipher c1 = Cipher.getInstance(algorithm);
c1.init(Cipher.ENCRYPT_MODE, deskey);
byte[] cipherByte = c1.doFinal(password.getBytes());
String saltKey = PasswordUtil.byteToBase64(deskey.getEncoded());
String pass = PasswordUtil.byteToBase64(cipherByte);
return new PasswordBean(saltKey, pass);
//System.out.println("After encry:" + key + "====" + password);
} catch (Exception e) {
throw e;
}
}
/**
*
* @param bean
* @return
* @throws Exception
*/
public static String decry(PasswordBean bean) throws Exception {
return decry(bean.getSaltKey(), bean.getPassword());
}
/**
*
* @param saltKey
* @param pass
* @return
* @throws Exception
*/
public static String decry(String saltKey, String pass) throws Exception {
//Security.addProvider(new com.sun.crypto.provider.SunJCE());
try {
Security.addProvider(new com.sun.crypto.provider.SunJCE());
byte[] keyser = PasswordUtil.base64ToByte(saltKey);
javax.crypto.spec.SecretKeySpec destmp = new javax.crypto.spec.SecretKeySpec(keyser, algorithm);
SecretKey mydeskey = destmp;
Cipher c1 = Cipher.getInstance(algorithm);
c1.init(Cipher.DECRYPT_MODE, mydeskey);
byte[] clearByte = c1.doFinal(PasswordUtil.base64ToByte(pass));
return new String(clearByte);
} catch (Exception e) {
//e.printStackTrace();
System.out.println("saltKey:" + saltKey + " pass:" + pass) ;
throw e;
}
}
/**
* From a password, a number of iterations and a salt, returns the
* corresponding digest
*
* @param iterationNb
* int The number of iterations of the algorithm
* @param password
* String The password to encrypt
* @param salt
* byte[] The salt
* @return byte[] The digested password
* @throws NoSuchAlgorithmException
* If the algorithm doesn't exist
*/
public static byte[] getHash(int iterationNb, String password, byte[] salt)
throws NoSuchAlgorithmException {
MessageDigest digest = MessageDigest.getInstance("SHA-1");
digest.reset();
digest.update(salt);
byte[] input = digest.digest(password.getBytes());
for (int i = 0; i < iterationNb; i++) {
digest.reset();
input = digest.digest(input);
}
return input;
}
/**
* From a base 64 representation, returns the corresponding byte[]
*
* @param data
* String The base64 representation
* @return byte[]
* @throws IOException
*/
public static byte[] base64ToByte(String data) throws IOException {
BASE64Decoder decoder = new BASE64Decoder();
return decoder.decodeBuffer(data);
}
/**
* From a byte[] returns a base 64 representation
*
* @param data
* byte[]
* @return String
* @throws IOException
*/
public static String byteToBase64(byte[] data) {
BASE64Encoder endecoder = new BASE64Encoder();
return endecoder.encode(data);
}
}
PasswordBean.java
public class PasswordBean {
private String saltKey = null;
private String password = null;
public PasswordBean(String key, String pass) {
this.saltKey = key;
this.password = pass;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getSaltKey() {
return saltKey;
}
public void setSaltKey(String saltKey) {
this.saltKey = saltKey;
}
}
使用的時候可以是:
String password = PasswordUtil.decry(salt, encodePassword);
PasswordBean passwordBean = PasswordUtil.encry(password);