中文亚洲精品无码_熟女乱子伦免费_人人超碰人人爱国产_亚洲熟妇女综合网

當(dāng)前位置: 首頁 > news >正文

kotlin做網(wǎng)站谷歌瀏覽器下載手機版

news 2025/7/5 10:16:11
kotlin做網(wǎng)站,谷歌瀏覽器下載手機版,wordpress 短鏈插件,網(wǎng)址導(dǎo)航網(wǎng)站建設(shè)簡述 介紹其三種密碼加密方法 1.SM2加密與驗簽 2.隨機密碼鹽加密 3.MD5加密 推薦使用方法1,其次使用方法2,最不推薦的是方法3。方法3極其容易被密碼字典破解,如果項目進行安全測試,通常是不允許的加密方式。 SM2加密與驗簽 引入…

簡述

介紹其三種密碼加密方法
1.SM2加密與驗簽
2.隨機密碼鹽加密
3.MD5加密
推薦使用方法1,其次使用方法2,最不推薦的是方法3。方法3極其容易被密碼字典破解,如果項目進行安全測試,通常是不允許的加密方式。

SM2加密與驗簽

引入bcprov,以使用SM2加密。

        <dependency><groupId>org.bouncycastle</groupId><artifactId>bcprov-jdk15to18</artifactId><version>1.69</version></dependency>

工具類與測試方法

加密的主要工具類如下,其中帶有測試的main方法。

import lombok.extern.slf4j.Slf4j;
import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.engines.SM2Engine;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.params.ParametersWithRandom;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECParameterSpec;import java.security.*;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.Map;/*** sm2算法與簽名的使用** @author fir* @date 2024/7/23 14:22*/
@Slf4j
public class Sm2SignatureUtils {static {Security.addProvider(new BouncyCastleProvider());}public static final String PUBLIC_KEY = "publicKey";public static final String PRIVATE_KEY = "privateKey";/*** 生成國密公私鑰對*/public static Map<String, String> generateSmKey() throws Exception {KeyPairGenerator keyPairGenerator;SecureRandom secureRandom = new SecureRandom();ECGenParameterSpec sm2Spec = new ECGenParameterSpec("sm2p256v1");keyPairGenerator = KeyPairGenerator.getInstance("EC", new BouncyCastleProvider());keyPairGenerator.initialize(sm2Spec);keyPairGenerator.initialize(sm2Spec, secureRandom);KeyPair keyPair = keyPairGenerator.generateKeyPair();PrivateKey privateKey = keyPair.getPrivate();PublicKey publicKey = keyPair.getPublic();String publicKeyStr = new String(Base64.getEncoder().encode(publicKey.getEncoded()));String privateKeyStr = new String(Base64.getEncoder().encode(privateKey.getEncoded()));return Map.of(PUBLIC_KEY, publicKeyStr, PRIVATE_KEY, privateKeyStr);}/*** 將Base64轉(zhuǎn)碼的公鑰串,轉(zhuǎn)化為公鑰對象*/public static PublicKey createPublicKey(String publicKey) {PublicKey publickey = null;try {X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(Base64.getDecoder().decode(publicKey));KeyFactory keyFactory = KeyFactory.getInstance("EC", new BouncyCastleProvider());publickey = keyFactory.generatePublic(publicKeySpec);} catch (Exception e) {log.error("將Base64轉(zhuǎn)碼的公鑰串,轉(zhuǎn)化為公鑰對象異常:{}", e.getMessage(), e);}return publickey;}/*** 將Base64轉(zhuǎn)碼的私鑰串,轉(zhuǎn)化為私鑰對象*/public static PrivateKey createPrivateKey(String privateKey) {PrivateKey publickey = null;try {PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(Base64.getDecoder().decode(privateKey));KeyFactory keyFactory = KeyFactory.getInstance("EC", new BouncyCastleProvider());publickey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);} catch (Exception e) {log.error("將Base64轉(zhuǎn)碼的私鑰串,轉(zhuǎn)化為私鑰對象異常:{}", e.getMessage(), e);}return publickey;}/*** 根據(jù)publicKey對原始數(shù)據(jù)data,使用SM2加密*/public static String encrypt(byte[] data, String publicKeyBase64) {PublicKey publicKey = createPublicKey(publicKeyBase64);ECPublicKeyParameters localEcPublicKeyParameters = getEcPublicKeyParameters(publicKey);SM2Engine localSm2Engine = new SM2Engine();localSm2Engine.init(true, new ParametersWithRandom(localEcPublicKeyParameters, new SecureRandom()));byte[] arrayOfByte2;try {arrayOfByte2 = localSm2Engine.processBlock(data, 0, data.length);return Base64.getEncoder().encodeToString(arrayOfByte2);} catch (InvalidCipherTextException e) {log.error("SM2加密失敗:{}", e.getMessage(), e);return null;}}private static ECPublicKeyParameters getEcPublicKeyParameters(PublicKey publicKey) {ECPublicKeyParameters localEcPublicKeyParameters = null;if (publicKey instanceof BCECPublicKey localEcPublicKey) {ECParameterSpec localEcParameterSpec = localEcPublicKey.getParameters();ECDomainParameters localEcDomainParameters = new ECDomainParameters(localEcParameterSpec.getCurve(),localEcParameterSpec.getG(), localEcParameterSpec.getN());localEcPublicKeyParameters = new ECPublicKeyParameters(localEcPublicKey.getQ(), localEcDomainParameters);}return localEcPublicKeyParameters;}/*** 根據(jù)privateKey對加密數(shù)據(jù)encode data,使用SM2解密*/public static String decrypt(String encodeBase64, String privateKeyBase64) {SM2Engine localSm2Engine = new SM2Engine();PrivateKey privateKey = createPrivateKey(privateKeyBase64);BCECPrivateKey sm2PriK = (BCECPrivateKey) privateKey;byte[] encodeData = Base64.getDecoder().decode(encodeBase64);ECParameterSpec localEcParameterSpec = sm2PriK.getParameters();ECDomainParameters localEcDomainParameters = new ECDomainParameters(localEcParameterSpec.getCurve(),localEcParameterSpec.getG(), localEcParameterSpec.getN());ECPrivateKeyParameters localEcPrivateKeyParameters = new ECPrivateKeyParameters(sm2PriK.getD(),localEcDomainParameters);localSm2Engine.init(false, localEcPrivateKeyParameters);try {byte[] result = localSm2Engine.processBlock(encodeData, 0, encodeData.length);return new String(result);} catch (InvalidCipherTextException e) {log.error("SM2解密失敗:{}", e.getMessage(), e);return null;}}/*** 私鑰,數(shù)據(jù),生成簽名*/public static String signByPrivateKey(String dataStr, String privateKeyBase64) throws Exception {PrivateKey privateKey = createPrivateKey(privateKeyBase64);byte[] data = Base64.getDecoder().decode(dataStr);Signature sig = Signature.getInstance(GMObjectIdentifiers.sm2sign_with_sm3.toString(), BouncyCastleProvider.PROVIDER_NAME);sig.initSign(privateKey);sig.update(data);byte[] sign = sig.sign();return Base64.getEncoder().encodeToString(sign);}/*** 公鑰與簽名驗證數(shù)據(jù)合法性*/public static boolean verifyByPublicKey(String dataStr, String publicKeyBase64, String signatureBase64) throws Exception {PublicKey publicKey = createPublicKey(publicKeyBase64);byte[] signature = Base64.getDecoder().decode(signatureBase64);byte[] data = Base64.getDecoder().decode(dataStr);Signature sig = Signature.getInstance(GMObjectIdentifiers.sm2sign_with_sm3.toString(), BouncyCastleProvider.PROVIDER_NAME);sig.initVerify(publicKey);sig.update(data);return sig.verify(signature);}public static void test() throws Exception {// 生成公私鑰對Map<String, String> keys = generateSmKey();String publicKey = keys.get(PUBLIC_KEY);String privateKey = keys.get(PRIVATE_KEY);String testStr = "123456";System.out.println("原始字符串:" + testStr);System.out.println("公鑰:" + keys.get(PUBLIC_KEY));System.out.println("私鑰:" + keys.get(PRIVATE_KEY));System.out.println();// 公鑰加密String encrypt = encrypt(testStr.getBytes(), publicKey);System.out.println("加密數(shù)據(jù):" + encrypt);// 私鑰簽名,后續(xù)根據(jù)數(shù)據(jù)與公鑰驗簽String sign = signByPrivateKey(encrypt, privateKey);System.out.println("數(shù)據(jù)簽名:" + sign);// 公鑰驗簽,驗證通過后再進行數(shù)據(jù)解密boolean b = verifyByPublicKey(encrypt, publicKey, sign);System.out.println("數(shù)據(jù)驗簽:" + b);//私鑰解密String decrypt = decrypt(encrypt, privateKey);System.out.println("解密數(shù)據(jù):" + decrypt);}public static void uesCase() throws Exception {//生成公私鑰對String publicKey = "MFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEsrdE0XrAO2S7Ize0tm0r3diH9cPH23t0J9yVDtiVux6g71msH5YGTWW6/ogQSCVJ4iaofgCS/ly5+wkXa+/IGg==";String privateKey = "MIGTAgEAMBMGByqGSM49AgEGCCqBHM9VAYItBHkwdwIBAQQgNxb+Jcu1vhGt9UEbeFUYeCC+RWL7+sfUL1vnhBp2KtKgCgYIKoEcz1UBgi2hRANCAASyt0TResA7ZLsjN7S2bSvd2If1w8fbe3Qn3JUO2JW7HqDvWawflgZNZbr+iBBIJUniJqh+AJL+XLn7CRdr78ga";String testStr = "123456";System.out.println("原始字符串:" + testStr);System.out.println("公鑰:" + publicKey);System.out.println("私鑰:" + privateKey);System.out.println();//公鑰加密String encrypt = encrypt(testStr.getBytes(), publicKey);System.out.println("加密數(shù)據(jù):" + encrypt);// 私鑰簽名,后續(xù)根據(jù)數(shù)據(jù)與公鑰驗簽String sign = signByPrivateKey(encrypt, privateKey);System.out.println("數(shù)據(jù)簽名:" + sign);//公鑰驗簽,驗證通過后再進行數(shù)據(jù)解密boolean b = verifyByPublicKey(encrypt, publicKey, sign);System.out.println("數(shù)據(jù)驗簽:" + b);//私鑰解密String decrypt = decrypt(encrypt, privateKey);System.out.println("解密數(shù)據(jù):" + decrypt);}public static void main(String[] args) {try {test();
//            uesCase();} catch (Exception e) {throw new RuntimeException(e);}}
}

使用案例

驗證密碼

接受到用戶輸入的用戶與密碼之后,在數(shù)據(jù)庫中查詢出舊的密碼,并進行舊密碼進行驗簽、解密。解密后判斷用戶輸入的密碼與數(shù)據(jù)庫存儲的密碼是否相同。

        // 驗證密碼是否正確String password = "123456";String passwordOld = user.getPassword();String signature = user.getSignature();String decryptPasswordOld = null;try {// 公鑰驗簽,查看數(shù)據(jù)與簽名是否有效boolean b = Sm2SignatureUtils.verifyByPublicKey(passwordOld, public, signature);if(!b){throw new CommonException("數(shù)據(jù)損壞");}decryptPasswordOld = Sm2SignatureUtils.decrypt(passwordOld, private);}catch (Exception e){throw new CommonException("數(shù)據(jù)損壞");}if (decryptPasswordOld == null || !decryptPasswordOld.equals(password)) {throw new CommonException("用戶密碼錯誤");}
修改密碼

接收到用戶的密碼后,根據(jù)公私要生成加密數(shù)據(jù)串與私鑰簽名。并存儲到數(shù)據(jù)庫,用于之后的密碼驗證。

            // 公鑰加密String password = "123456";String encrypt = Sm2SignatureUtils.encrypt(password.getBytes(), public);// 根據(jù)數(shù)據(jù)與私鑰,生成私鑰簽名String sign = Sm2SignatureUtils.signByPrivateKey(encrypt, private);user.setPassword(encrypt);user.setSignature(sign);

隨機密碼鹽加密

工具類與測試方法

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Base64;/*** @author fir* @date 2024/7/25 12:22*/
public class SaltUtils {/*** 生成隨機安全鹽** @return 鹽*/public static String generateSalt() {// 使用SecureRandom生成安全的隨機鹽SecureRandom random = new SecureRandom();byte[] salt = new byte[16];random.nextBytes(salt);return Base64.getEncoder().encodeToString(salt);}/*** 生成加鹽密碼** @return 鹽*/public static String hashPassword(String password, String salt){// 將密碼和鹽結(jié)合String saltedPassword = password + salt;// 使用SHA-256進行哈希MessageDigest md;try {md = MessageDigest.getInstance("SHA-256");}catch (NoSuchAlgorithmException e){throw new RuntimeException("加密鹽處理失敗");}byte[] hashedBytes = md.digest(saltedPassword.getBytes());// 將哈希值轉(zhuǎn)換為字符串return Base64.getEncoder().encodeToString(hashedBytes);}public static void main(String[] args){String salt = generateSalt();String password = "123456";String hashPassword = hashPassword(password, salt);System.out.println("鹽:" + salt);System.out.println("密碼:" + password);System.out.println("加密密碼:" + hashPassword);}}

使用案例

驗證密碼

查詢出用戶的密碼,將用戶輸入的密碼鹽加密,并判斷與數(shù)據(jù)庫的加密密碼是否一致。

        String password = "123456";String salt = user.getSalt();String passwordOld = user.getPassword();String mPassword = SaltUtils.hashPassword(password, salt);if (!mPassword.equals(passwordOld)) {throw new CommonException("密碼錯誤");}
修改密碼

將用戶輸入的密碼md5加密之后,存在數(shù)據(jù)庫中,用于之后的密碼驗證

        String password = "123456";String salt = SaltUtils.generateSalt();String hashPassword = SaltUtils.hashPassword(password, salt);user.setPassword(hashPassword);

MD5加密

引入hutool包,以使用md5加密。

        <dependency><groupId>cn.hutool</groupId><artifactId>hutool-all</artifactId><version>5.8.19</version></dependency>

測試方法

import cn.hutool.crypto.digest.MD5;/*** @author fir* @date 2024/7/22 10:07*/
public class Md5Utils {public static void main(String[] args){// MD5取值String mPassword = MD5.create().digestHex("123456");System.out.println(mPassword);}
}

使用案例

驗證密碼

查詢出用戶的密碼,將用戶輸入的密碼MD5加密,并判斷與數(shù)據(jù)庫的加密密碼是否一致。

        String password = "123456";String mPassword = MD5.create().digestHex(password);String passwordOld = user.getPassword();if (!mPassword.equals(passwordOld)) {throw new CommonException("密碼錯誤");}
修改密碼

將用戶輸入的密碼md5加密之后,存在數(shù)據(jù)庫中,用于之后的密碼驗證

        String password = "123456";String passwordMd5 = MD5.create().digestHex(password);user.setPassword(passwordMd5);
http://www.risenshineclean.com/news/1121.html

相關(guān)文章:

  • dede做購物網(wǎng)站發(fā)帖推廣平臺
  • 百度官網(wǎng)網(wǎng)站登錄seo公司推廣宣傳
  • WordPress文字水印寧波優(yōu)化系統(tǒng)
  • 紅葉網(wǎng)站開發(fā)工作室優(yōu)化推廣方案
  • 咖啡網(wǎng)站開發(fā)企業(yè)官網(wǎng)怎么做
  • 做360手機網(wǎng)站關(guān)鍵詞優(yōu)化的軟件
  • 自己免費制作appseo排名優(yōu)化軟件有
  • 網(wǎng)站流量一直做不起來百度關(guān)鍵詞搜索引擎
  • 網(wǎng)站優(yōu)化北京哪家強?百度點擊軟件名風(fēng)
  • 日本設(shè)計網(wǎng)站推薦商丘關(guān)鍵詞優(yōu)化推廣
  • 免費跨境電商網(wǎng)站網(wǎng)站平臺推廣
  • 深圳網(wǎng)站建設(shè)葉林如何做一個營銷方案
  • 深圳網(wǎng)站制作收費sem代運營公司
  • 泉州中企網(wǎng)站做的好嗎軟件外包公司
  • 產(chǎn)品價格的網(wǎng)站建設(shè)三只松鼠口碑營銷案例
  • 專門做男裝的網(wǎng)站設(shè)計網(wǎng)站排行
  • 中企動力免費做網(wǎng)站實時熱搜
  • 功能網(wǎng)站建設(shè)seo網(wǎng)絡(luò)優(yōu)化是做什么的
  • 建設(shè)部執(zhí)業(yè)資格注冊中心網(wǎng)站查詢天天外鏈官網(wǎng)
  • 一家只做直購的網(wǎng)站企業(yè)培訓(xùn)內(nèi)容
  • 匿名ip訪問網(wǎng)站受限百度起訴seo公司
  • 嘉興網(wǎng)站推廣企業(yè)建網(wǎng)站建設(shè)
  • 做自行車車隊網(wǎng)站的名字用html制作淘寶網(wǎng)頁
  • 詳述網(wǎng)站建設(shè)的過程怎樣建網(wǎng)站平臺
  • 網(wǎng)站建設(shè)的簡歷制作b2b免費網(wǎng)站推廣平臺
  • 做網(wǎng)站的用多少錢創(chuàng)建網(wǎng)站的基本步驟
  • 網(wǎng)站訪問量太多網(wǎng)站推廣交換鏈接
  • 可以先做網(wǎng)站后備案么網(wǎng)絡(luò)營銷方案案例范文
  • 鄭州營銷型網(wǎng)站設(shè)計運營在線收錄
  • 網(wǎng)站優(yōu)化的方法推廣計劃方案模板