1.maven引入codec和commons依赖:
<dependency> <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> <version>1.9</version> </dependency> <dependency> <groupId>org.apache.commons</groupId> <artifactId>commons-lang3</artifactId> <version>3.4</version> </dependency>
2.util新建secrity包放入Digests.java、Encodes.java和Exceptions.java工具类
3.ValidateUtil:
public class ValidateUtil { public static final String HASH_ALGORITHM = "SHA-1"; public static final int HASH_INTERATIONS = 1024; public static final int SALT_SIZE = 8; /** * @param plainPassword * @return password 加密密码(生成安全的密码,生成随机的16位salt并经过1024次 sha-1 hash) */ public static String entryptPassword(String plainPassword) { byte[] salt = Digests.generateSalt(SALT_SIZE); byte[] hashPassword = Digests.sha1(plainPassword.getBytes(), salt, HASH_INTERATIONS); return Encodes.encodeHex(salt) + Encodes.encodeHex(hashPassword); } /** * @param plainPassword * @param password * @return boolean 解密判断密码是否正确 */ public static boolean validatePassword(String plainPassword, String password) { byte[] salt = Encodes.decodeHex(password.substring(0, 16)); byte[] hashPassword = Digests.sha1(plainPassword.getBytes(), salt, HASH_INTERATIONS); return password.equals(Encodes.encodeHex(salt) + Encodes.encodeHex(hashPassword)); } }