茫茫網海中的冷日
         
茫茫網海中的冷日
發生過的事,不可能遺忘,只是想不起來而已!
 恭喜您是本站第 1746140 位訪客!  登入  | 註冊
主選單

Google 自訂搜尋

Goole 廣告

隨機相片
IMG_60D_00011.jpg

授權條款

使用者登入
使用者名稱:

密碼:


忘了密碼?

現在就註冊!

爪哇咖啡屋 : [轉貼]Java 的 MD5 加密

發表者 討論內容
冷日
(冷日)
Webmaster
  • 註冊日: 2008/2/19
  • 來自:
  • 發表數: 15773
[轉貼]Java 的 MD5 加密

Java 的 MD5 加密

現在公司上上下下在瘋資安, 所有的資訊系統都要進行管控, 以往登入比對都是用明碼 (趕時間上線, 能用就行), 管理員都知道每一個人的密碼, 為了怕瓜田李下, 我都要人家隨便用 123 就好, 反正內部網路, 也不怕外部入侵. 但資安來了就不能便宜行事, 所以登入密碼都要加密.

最常用的加密系統是 md5, 例如 PHP 就提供了 md5() 函式, 非常方便.

# http://www.w3school.com.cn/php/func_string_md5.asp


那 Java 該怎麼做呢? 這要用到 java.security.MessageDigest 這個抽象類別, 呼叫其 getInstance() 並傳入 "MD5" 字串指定其加密演算法就會傳回一個實作此演算法的 MessageDigest 物件, 呼叫此物件的 digest() 方法, 並將欲加密的字串以 byte 陣列方式傳入, 就會傳回以 MD5 加密之 byte 陣列. 其 API 見 :

#
http://docs.oracle.com/javase/7/docs/api/java/security/MessageDigest.html

以下範例是我參考 "Java 程式開發 349 例" 一書中的例子改寫的, 

import java.security.MessageDigest;
public class mytest {
  public static void main(String[] args) {
    String str="I love you";
    System.out.println( md5(str));  //輸出 E4F58A805A6E1FD0F6BEF58C86F9CEB3
    }
  public static String md5(String str) {
    String md5=null;
    try {
      MessageDigest md= MessageDigest.getInstance("MD5");
      byte[] barr= md.digest(
str.getBytes()
);  //將 byte 陣列加密
      StringBuffer sb=new StringBuffer();  //將 byte 陣列轉成 16 進制
      for (int i=0; i < barr.length; i++) {sb.append( byte2Hex(barr[i]));}
      String hex=sb.toString();
      md5=hex.toUpperCase(); //一律轉成大寫
      }
    catch(Exception e) {e.printStackTrace();}
    return md5;
    }
  public static String byte2Hex
(byte b) {
    String[] h={"0","1","2","3","4","5","6","7","8","9","a","b","c","d","e","f"};
    int i=b;
    if (i < 0) {i += 256;}
    return h[i/16] + h[i%16];
    }
  }

這裡的 byte2Hex() 方法是用來將經過 md5 加密的每一個 byte 轉成 16 進位表示, 所以 "I love you" 經加密運算後會變成 "E4F58A805A6E1FD0F6BEF58C86F9CEB3". 依據 Wiki 的 MD5 說明, MD5 是一種雜湊演算法, 它會固定生成 32 位的 16 進制數字 (即 128 位元). 即使原文只變動一點點, 演算出來的值卻變動相當大. 例如我們在上面例子中加個驚嘆號 "I love you!", 其 MD5 演算結果變成 "690A8CDA8894E37A6FFF4D1790D53B33", 幾乎完全不一樣了.

最重要的特性是, MD5 是不可逆的, 也就是沒辦法從 "E4F58A805A6E1FD0F6BEF58C86F9CEB3" 反推算出 "I love you", 除非利用超級電腦, 但那也需要很久的時間, 所以只能把它的對應關係記下來. 我在網路上找到下面這個號稱能反解譯的網站, 大約 5 秒就說解出 "I love you" 了, 但要看結果要給錢, 哇咧.

# md5在线查询破解,md5解密加密


據說 MD5 在 2009 年被破解了, 在一般電腦只需幾秒鐘, 搞不好這網站是利用這種破解法來做生意的.



原文出處: 小狐狸事務所: Java 的 MD5 加密
冷日
(冷日)
Webmaster
  • 註冊日: 2008/2/19
  • 來自:
  • 發表數: 15773
[轉貼]Java 三行代码搞定 MD5 加密

Java三行代码搞定MD5加密

Get MD5 Hash In A Few Lines Of Java


 /**
* 對字符串md5加密
*
* @param str
* @return
*/
public String getMD5(String str) {
String ret = null;
try {
// 生成一個MD5加密計算摘要
MessageDigest md = MessageDigest.getInstance("MD5");
// 計算md5函數
md.update(str.getBytes());
// digest()最後確定返回md5 hash值,返回值為8為字符串。因為md5 hash值是16位的hex值,實際上就是8位的字符
// BigInteger函數則將8位的字符串轉換成16位hex值,用字符串來表示;得到字符串形式的hash值
ret = new BigInteger(1, md.digest()).toString(16);
} catch (Exception e) {
//throw new SpeedException("MD5加密出現錯誤");
e.printStackTrace();
}
return ret;
}


java.math.BigInteger.toString(int radix)方法實例

java.math.BigInteger.toString(int radix) 返回此BigInteger在給定的基數的字符串表示形式。如果基數是從Character.MIN_RADIX到Character.MAX_RADIX包容的範圍內,它會默認為10(因為Integer.toString的情況下)。

聲明

以下是java.math.BigInteger.toString()方法的聲明

public String toString(int radix)

參數

radix – 該字符串表示形式的基數

返回值

此方法返回此BigInteger在給定的基數的字符串表示形式。


BigInteger(byte[] val)
BigInteger的大小为val的顺序拼接结果

byte[] val = new byte[]{0x11,0x22,0x33};
BigInteger bigInteger = new BigInteger(val);
System.out.println(bigInteger.toString(16)); //16进制输出 , 结果 : 112233

BigInteger(String val, int radix)
得到大小为val , 以 radix 为基数的 BigInteger

System.out.println(bigInteger.toString(16));//输出结果 1f
System.out.println(bigInteger.toString(10));//输出结果 31


BigInteger b = new BigInteger(s1,16);           // 16进制转成大数类型
String s2 = b.toString(16); // 大数类型转成16进制

上列的範例輸入結果:

s1: 126656864e144ad88d7ff96badd2f68b
s2: 126656864e144ad88d7ff96badd2f68b

如果前2碼修改為00,則:

s1: 006656864e144ad88d7ff96badd2f68b
s2: 6656864e144ad88d7ff96badd2f68b

所以,最上面的例子,前面要補滿0 才不會出錯。


原文出處: Java三行代码搞定MD5加密 – Max的程式語言筆記
冷日
(冷日)
Webmaster
  • 註冊日: 2008/2/19
  • 來自:
  • 發表數: 15773
[轉貼]【Java】MD5 加密

【Java】MD5 加密

參考資料 ----
Android - how to encrypt a string?



 
public String md5(String s)
{
try
{
// Create MD5 Hash
MessageDigest digest = java.security.MessageDigest.getInstance("MD5");
digest.update(s.getBytes());
byte messageDigest[] = digest.digest();
// Create Hex String
StringBuffer hexString = new StringBuffer();
for(int i=0; i<messageDigest.length; i++)
{
hexString.append(Integer.toHexString(0xFF & messageDigest[i]));
}
return hexString.toString();
}
catch (NoSuchAlgorithmException e)
{
e.printStackTrace();
}
return "";
}
 


原文出處:老灰鴨的筆記本: 【Java】MD5 加密
冷日
(冷日)
Webmaster
  • 註冊日: 2008/2/19
  • 來自:
  • 發表數: 15773
[轉貼]How to hash a string in Android?
How to hash a string in Android?

I am working on an Android app and have a couple strings that I would like to encrypt before sending to a database. I'd like something that's secure, easy to implement, will generate the same thing every time it's passed the same data, and preferably will result in a string that stays a constant length no matter how large the string being passed to it is. Maybe I'm looking for a hash.



This snippet calculate md5 for any given string
public String md5(String s) {
    try {
        // Create MD5 Hash
        MessageDigest digest = java.security.MessageDigest.getInstance("MD5");
        digest.update(s.getBytes());
        byte messageDigest[] = digest.digest();

        // Create Hex String
        StringBuffer hexString = new StringBuffer();
        for (int i=0; i<messageDigest.length; i++)
            hexString.append(Integer.toHexString(0xFF & messageDigest[i]));
        return hexString.toString();

    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    }
    return "";
}

Source: http://www.androidsnippets.com/snippets/52/index.html

Hope this is useful for you



That function above from (http://www.androidsnippets.org/snippets/52/index.html) is flawed. If one of the digits in the messageDigest is not a two character hex value (i.e. 0x09), it doesn't work properly because it doesn't pad with a 0. If you search around you'll find that function and complaints about it not working. Here a better one found in the comment section of this page, which I slightly modified:
public static String md5(String s)
{
    MessageDigest digest;
    try
    {
        digest = MessageDigest.getInstance("MD5");
        digest.update(s.getBytes(Charset.forName("US-ASCII")),0,s.length());
        byte[] magnitude = digest.digest();
        BigInteger bi = new BigInteger(1, magnitude);
        String hash = String.format("%0" + (magnitude.length << 1) + "x", bi);
        return hash;
    }
    catch (NoSuchAlgorithmException e)
    {
        e.printStackTrace();
    }
    return "";
}




not working method:
public static String md5(String s) {
    try {
        // Create MD5 Hash
        MessageDigest digest = java.security.MessageDigest
                .getInstance("MD5");
        digest.update(s.getBytes());
        byte messageDigest[] = digest.digest();

        // Create Hex String
        StringBuffer hexString = new StringBuffer();
        for (int i = 0; i < messageDigest.length; i++)
            hexString.append(Integer.toHexString(0xFF & messageDigest[i]));
        return hexString.toString();

    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    }
    return "";
}

result - 1865e62e7129927f6e4cd9bff104f0 (length 30)
working method:
public static final String md5(final String toEncrypt) {
    try {
        final MessageDigest digest = MessageDigest.getInstance("md5");
        digest.update(toEncrypt.getBytes());
        final byte[] bytes = digest.digest();
        final StringBuilder sb = new StringBuilder();
        for (int i = 0; i < bytes.length; i++) {
            sb.append(String.format("%02X", bytes[i]));
        }
        return sb.toString().toLowerCase();
    } catch (Exception exc) {
        return ""; // Impossibru!
    }
}

result - 1865e62e7129927f6e4c0d9bff1004f0 (length 32)



private static char[] hextable = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };

public static String byteArrayToHex(byte[] array) {
    String s = "";
    for (int i = 0; i < array.length; ++i) {
        int di = (array[i] + 256) & 0xFF; // Make it unsigned
        s = s + hextable[(di >> 4) & 0xF] + hextable[di & 0xF];
    }
    return s;
}

public static String digest(String s, String algorithm) {
    MessageDigest m = null;
    try {
        m = MessageDigest.getInstance(algorithm);
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
        return s;
    }

    m.update(s.getBytes(), 0, s.length());
    return byteArrayToHex(m.digest());
}

public static String md5(String s) {
    return digest(s, "MD5");
}




The answer above is almost 100% correct. It will fail with unicode.
    MessageDigest digest;
    try {
        digest = MessageDigest.getInstance("MD5");
        byte utf8_bytes[] = tag_xml.getBytes();
        digest.update(utf8_bytes,0,utf8_bytes.length);
        hash = new BigInteger(1, digest.digest()).toString(16);
    }
    catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    }

Need the length from the byte array not the string.



With @Donut solution, with UTF-8 encoded characters (eg: é) you have to use getBytes("UTF-8"). Here is my correction of the digest method:
private static char[] hextable = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};

public static String byteArrayToHex(byte[] array) {
    String s = "";
    for (int i = 0; i < array.length; ++i) {
        int di = (array[i] + 256) & 0xFF; // Make it unsigned
        s = s + hextable[(di >> 4) & 0xF] + hextable[di & 0xF];
    }
    return s;
}

public static String digest(String s, String algorithm) {
    MessageDigest m = null;
    try {
        m = MessageDigest.getInstance(algorithm);
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
        return s;
    }

    try {
        m.update(s.getBytes("UTF-8"));
    } catch (UnsupportedEncodingException e) {
        e.printStackTrace();
        m.update(s.getBytes());
    }
    return byteArrayToHex(m.digest());
}

public static String md5(String s) {
    return digest(s, "MD5");
}




Donut's solution in a single function:
private static char[] hextable = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };

private static String md5(String s)
{
    MessageDigest digest;
    try
    {
        digest = MessageDigest.getInstance("MD5");
        digest.update(s.getBytes(), 0, s.length());
        byte[] bytes = digest.digest();

        String hash = "";
        for (int i = 0; i < bytes.length; ++i)
        {
            int di = (bytes[i] + 256) & 0xFF;
            hash = hash + hextable[(di >> 4) & 0xF] + hextable[di & 0xF];
        }

        return hash;
    }
    catch (NoSuchAlgorithmException e)
    {
    }

    return "";
}




The following worked for me on Android without truncating any 0's infront:
MessageDigest md = null;
String digest = null;
    try {
        md = MessageDigest.getInstance("MD5");

        byte[] hash = md.digest(myStringToEncode.getBytes("UTF-8")); //converting byte array to Hexadecimal String
        StringBuilder sb = new StringBuilder(2*hash.length);

        for(byte b : hash){
            sb.append(String.format("%02x", b&0xff));
        }

        digest = sb.toString();

    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    } catch (UnsupportedEncodingException e) {
        e.printStackTrace();
    }
return digest;




MessageDigest md = MessageDigest.getInstance("MD5");
md.update('yourstring');
byte[] digest = md.digest();
StringBuffer sb = new StringBuffer();
for (byte b : digest) {
    sb.append(String.format("%02x", (0xFF & b)));
}

It's late for the author, but before this, I get Integer.toHexString(0xff&b) , which strips leading 0s from the hex string. It makes me struggled for a long time. Hope useful for some guys.



if you are using guava:
public String generateMd5(String input) {
    HashFunction hf = Hashing.md5();
    Hasher hasher = hf.newHasher();
    HashCode hc = hasher.putString(input, StandardCharsets.UTF_8).hash();
    return hc.toString();
}




If you didn't have security constraints and just wanted to convert String to a unique int. I'm writing it because that what I looked for and reached here.
String my_key
int my_key.hashCode()

if you have up to 10 chars it will even be unique See also https://stackoverflow.com/a/17583653/1984636



This not missing '0'
  public static String md5(String string) {
        if (TextUtils.isEmpty(string)) {
            return "";
        }
        MessageDigest md5 = null;
        try {
            md5 = MessageDigest.getInstance("MD5");
            byte[] bytes = md5.digest(string.getBytes());
            String result = "";
            for (byte b : bytes) {
                String temp = Integer.toHexString(b & 0xff);
                if (temp.length() == 1) {
                    temp = "0" + temp;
                }
                result += temp;
            }
            return result;
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        }
        return "";
    }


原文出處:java - How to hash a string in Android? - Stack Overflow
前一個主題 | 下一個主題 | 頁首 | | |



Powered by XOOPS 2.0 © 2001-2008 The XOOPS Project|