Java 密碼加鹽雜湊
阿新 • • 發佈:2021-01-16
import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.util.Random; public class PasswordSaltedHashExample { public static void main(String[] args) { String password = "MyPass123"; String SaltString = getSaltString(32); System.out.println("SaltString: " + SaltString); String passwordToHash = password + SaltString; String generatedPassword = null; try { // Create MessageDigest instance for MD5 MessageDigest md = MessageDigest.getInstance("SHA-256"); // Add password bytes to digest md.update(passwordToHash.getBytes()); // Get the hash's bytes byte[] bytes = md.digest(); // This bytes[] has bytes in decimal format; // Convert it to hexadecimal format StringBuilder sb = new StringBuilder(); for (int i = 0; i < bytes.length; i++) { sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1)); } // Get complete hashed password in hex format generatedPassword = sb.toString(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } System.out.println("PasswordSaltedHash: " + generatedPassword); } public static String getSaltString(int length) { final char[] allAllowed = "abcdefghijklmnopqrstuvwxyzABCDEFGJKLMNPRSTUVWXYZ0123456789".toCharArray(); Random random = new SecureRandom(); StringBuilder salt = new StringBuilder(); for (int i = 0; i < length; i++) { salt.append(allAllowed[random.nextInt(allAllowed.length)]); } return salt.toString(); } }