安全なプログラミングのMD 5撒塩暗号化


MD 5撒塩暗号化は主に文字列検証を行うことができる--最も適切なのはログインパスワード検証操作である.
import java.security.MessageDigest;
import java.util.Random;

public class MD5Util {

    /**
     *   MD5
     *
     * @param password
     * @return
     * @author daniel
     * @time 2016-6-11   8:45:04
     */
    public static String generateMD5(String password) {
        Random r = new Random();
        StringBuilder sb = new StringBuilder(16);
        sb.append(r.nextInt(99999999)).append(r.nextInt(99999999));
        int len = sb.length();
        if (len < 16) {
            for (int i = 0; i < 16 - len; i++) {
                sb.append("0");
            }
        }
        String salt = sb.toString();
        password = md5Hex(password + salt);
        char[] cs = new char[48];
        for (int i = 0; i < 48; i += 3) {
            cs[i] = password.charAt(i / 3 * 2);
            char c = salt.charAt(i / 3);
            cs[i + 1] = c;
            cs[i + 2] = password.charAt(i / 3 * 2 + 1);
        }
        return new String(cs);
    }

    /**
     *             
     *
     * @param str
     * @param md5
     * @return
     * @author daniel
     * @time 2016-6-11   8:45:39
     */
    public static boolean verify(String str, String md5) {
        char[] cs1 = new char[32];
        char[] cs2 = new char[16];
        for (int i = 0; i < 48; i += 3) {
            cs1[i / 3 * 2] = md5.charAt(i);
            cs1[i / 3 * 2 + 1] = md5.charAt(i + 2);
            cs2[i / 3] = md5.charAt(i + 1);
        }
        String salt = new String(cs2);
        return md5Hex(str + salt).equals(new String(cs1));
    }

    /**
     *             MD5  
     */
    private static String md5Hex(String src) {
        try {
            MessageDigest md5 = MessageDigest.getInstance("MD5");
            byte[] bs = md5.digest(src.getBytes());
            return new String(hexEncode(bs));
        } catch (Exception e) {
            return null;
        }
    }

    /**
     *            
     */
    public static String hexEncode(byte[] src) {
        String strHex;
        StringBuilder sb = new StringBuilder();
        for (int n = 0; n < src.length; n++) {
            strHex = Integer.toHexString(src[n] & 0xFF);
            sb.append((strHex.length() == 1) ? "0" + strHex : strHex); //            ,    ,   0
        }
        return sb.toString().trim();
    }

    //      
    public static void main(String args[]) {
        //   
        String passwordStr = "password22";

        //       MD5 
        String md5Value = MD5Util.generateMD5(passwordStr);
        System.out.println("   MD5:" + md5Value);

        System.out.println("        :" + MD5Util.verify(passwordStr,md5Value));

        System.out.println("-----------------------------------------------------------");
        
        //        MD5 
        String[] strMd5s = new String[]{"98641096ee18e91476d93a9de23915862536715a9740e702","554c50735a9c149b0a556a5d89302d794b4242c44257dd99"
        ,"69aa44d7f53f345e6ec5ef8eb6923eb3083890591a701b0d","36c28d591946a4928bc16878c9d29e20ba02b7bd5f80243f"};
        for (String strMd5:strMd5s){
            System.out.println("        :" + MD5Util.verify(passwordStr, strMd5));
        }
    }

}

実行結果:
塩を加えたMD 5:09 a 233 f 6 b 90 d 583641 b 5531983 e 310394 a 49896 d 0564 f 367が同一文字列かどうか:true--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------