用Java加密和解密密码

时间:2021-10-21 18:24:48

I want to encrypt and decrypt a password in Java and store into database in the form of encrypted. It will great if it is open source. Any suggestions / pointers ?

我想用Java加密和解密密码,并以加密的形式存储到数据库中。如果它是开源的话会很棒。有什么建议/指点吗?

5 个解决方案

#1


9  

EDIT : this answer is old. Usage of MD5 is now discouraged as it can easily be broken.

编辑:这个答案很老。现在不鼓励使用MD5,因为它很容易被破坏。


MD5 must be good enough for you I imagine? You can achieve it with MessageDigest.

我想,MD5必须足够好吗?您可以使用MessageDigest实现它。

MessageDigest.getInstance("MD5");

There are also other algorithms listed here.

此处还列出了其他算法。

And here's an third party version of it, if you really want: Fast MD5

如果你真的想要的话,这里是它的第三方版本:Fast MD5

#2


19  

Here is the algorithm I use to crypt with MD5.It returns your crypted output.

这是我用来加密MD5的算法。它返回你的加密输出。

   public class CryptWithMD5 {
   private static MessageDigest md;

   public static String cryptWithMD5(String pass){
    try {
        md = MessageDigest.getInstance("MD5");
        byte[] passBytes = pass.getBytes();
        md.reset();
        byte[] digested = md.digest(passBytes);
        StringBuffer sb = new StringBuffer();
        for(int i=0;i<digested.length;i++){
            sb.append(Integer.toHexString(0xff & digested[i]));
        }
        return sb.toString();
    } catch (NoSuchAlgorithmException ex) {
        Logger.getLogger(CryptWithMD5.class.getName()).log(Level.SEVERE, null, ex);
    }
        return null;


   }
}

You cannot decrypt MD5, but you can compare outputs since if you put the same string in this method it will have the same crypted output.If you want to decrypt you need to use the SHA.You will never use decription for a users password.For that always use MD5.That exception is pretty redundant.It will never throw it.

你不能解密MD5,但你可以比较输出,因为如果你在这个方法中放入相同的字符串,它将具有相同的加密输出。如果你想解密你需要使用SHA。你永远不会使用decription用户密码。为此总是使用MD5.That异常是多余的。它永远不会抛出它。

#3


9  

Jasypt can do it for you.easy and simple

Jasypt可以为你做到这一点。简单易行

#4


3  

You can use java.security.MessageDigest with SHA as your algorithm choice.

您可以使用带有SHA的java.security.MessageDigest作为算法选择。

For reference,

Try available example here

试试这里的例子

#5


2  

I recently used Spring Security 3.0 for this (combined with Wicket btw), and am quite happy with it. Here's a good thorough tutorial and documentation. Also take a look at this tutorial which gives a good explanation of the hashing/salting/decoding setup for Spring Security 2.

我最近使用了Spring Security 3.0(与Wicket btw结合使用),我很满意。这是一个很好的全面教程和文档。另请参阅本教程,该教程详细说明了Spring Security 2的哈希/ salting /解码设置。

#1


9  

EDIT : this answer is old. Usage of MD5 is now discouraged as it can easily be broken.

编辑:这个答案很老。现在不鼓励使用MD5,因为它很容易被破坏。


MD5 must be good enough for you I imagine? You can achieve it with MessageDigest.

我想,MD5必须足够好吗?您可以使用MessageDigest实现它。

MessageDigest.getInstance("MD5");

There are also other algorithms listed here.

此处还列出了其他算法。

And here's an third party version of it, if you really want: Fast MD5

如果你真的想要的话,这里是它的第三方版本:Fast MD5

#2


19  

Here is the algorithm I use to crypt with MD5.It returns your crypted output.

这是我用来加密MD5的算法。它返回你的加密输出。

   public class CryptWithMD5 {
   private static MessageDigest md;

   public static String cryptWithMD5(String pass){
    try {
        md = MessageDigest.getInstance("MD5");
        byte[] passBytes = pass.getBytes();
        md.reset();
        byte[] digested = md.digest(passBytes);
        StringBuffer sb = new StringBuffer();
        for(int i=0;i<digested.length;i++){
            sb.append(Integer.toHexString(0xff & digested[i]));
        }
        return sb.toString();
    } catch (NoSuchAlgorithmException ex) {
        Logger.getLogger(CryptWithMD5.class.getName()).log(Level.SEVERE, null, ex);
    }
        return null;


   }
}

You cannot decrypt MD5, but you can compare outputs since if you put the same string in this method it will have the same crypted output.If you want to decrypt you need to use the SHA.You will never use decription for a users password.For that always use MD5.That exception is pretty redundant.It will never throw it.

你不能解密MD5,但你可以比较输出,因为如果你在这个方法中放入相同的字符串,它将具有相同的加密输出。如果你想解密你需要使用SHA。你永远不会使用decription用户密码。为此总是使用MD5.That异常是多余的。它永远不会抛出它。

#3


9  

Jasypt can do it for you.easy and simple

Jasypt可以为你做到这一点。简单易行

#4


3  

You can use java.security.MessageDigest with SHA as your algorithm choice.

您可以使用带有SHA的java.security.MessageDigest作为算法选择。

For reference,

Try available example here

试试这里的例子

#5


2  

I recently used Spring Security 3.0 for this (combined with Wicket btw), and am quite happy with it. Here's a good thorough tutorial and documentation. Also take a look at this tutorial which gives a good explanation of the hashing/salting/decoding setup for Spring Security 2.

我最近使用了Spring Security 3.0(与Wicket btw结合使用),我很满意。这是一个很好的全面教程和文档。另请参阅本教程,该教程详细说明了Spring Security 2的哈希/ salting /解码设置。