标签:
不应该说是前段时间了,就最近吧,发现公司有一个系统用的还是Http协议,当时就想了,现在都用https协议,有证书的那安全大很多啊 ,还用http不会连加密都没有吧,找了一番,果然如此,别说是传输加密了,就连后台保存到数据库的密码都没有加密,本着闲的蛋疼的想法(主要是公司大部分是业务,感觉想跳啊),于是一个毁(无)天(聊)灭(之)地(极)的计划就这样诞生了,咳咳。。。
好了不废话,下面说下简单的思路:
用户登录页面,获取到用户密码,用MD5加密,然后进行传输,服务器端获取的是一个加密过的密码。然后把从数据库里面获取的密码也用MD5加密,然后比较,验证登录。
为什么用这种方法呢,当时想了2个方案,一个是换成https服务器,然后购买一个证书(所有需要用钱的都要一层一层审批,我不知道审批下来后,我还有想做不),另一个就是今天要说的,javascript+ Java+md5
---------------------------------------------------------------------------------------------------前端------------------------------------------------------------------------------------------------------------
//MD5加密
function encryptionPassword(){
var hpassword=document.getElementById("cpassword").value;
var hash=MD5(hpassword)
document.getElementById("cpassword").value=hash.substring(22,32);
}
MD5方法的md5.js 代码最后给出,有点多
---------------------------------------------------------------------------------------------------后台------------------------------------------------------------------------------------------------------------
把从数据库获得的密码用MD5加密
password.equals(StringUtil.getMD5Str(operator.getPassword()).substring(22,32))
StringUtil工具类中具体代码如下:
/**
* MD5加密
* @修改时间:2015-06-08
* @修改作者:Wangj
*
*/
public synchronized static final String getMD5Str(String str) {
if (null == str) {
str = "";
}
String MD5Str = "";
try {
// JDK 6 支持以下6种消息摘要算法,不区分大小写
// md5,sha(sha-1),md2,sha-256,sha-384,sha-512
MessageDigest messageDigest = MessageDigest.getInstance("MD5");
messageDigest.update(str.getBytes());
byte b[] = messageDigest.digest();
int i;
StringBuilder builder = new StringBuilder(32);
for (int offset = 0; offset < b.length; offset++) {
i = b[offset];
if (i < 0)
i += 256;
if (i < 16)
builder.append("0");
builder.append(Integer.toHexString(i));
}
MD5Str = builder.toString();
// LogUtil.println("result: " + buf.toString());// 32位的加密
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return MD5Str;
}
最后是mds.js的代码
---------------------------------------------------------------------------------------------------md5.js--------------------------------------------------------------------------------------------------------
(function UMD(name, context, definition) {
if (typeof module !== "undefined" && module.exports) {
module.exports = definition();
} else if (typeof define === "function" && define.amd) {
define(definition);
} else {
context[name] = definition(name, context);
}
})
("md5",
this,
function DEF(name, context) {
"use strict";
var old_public_api = (context || {})[name];
function md5_func(text) {
return hex_md5(text);
}
;
//计算MD5算法
var hexcase = 0;
function hex_md5(a) {
if (a == "")
return a;
return rstr2hex(rstr_md5(str2rstr_utf8(a)))
}
;
function hex_hmac_md5(a, b) {
return rstr2hex(rstr_hmac_md5(str2rstr_utf8(a),
str2rstr_utf8(b)))
}
;
function md5_vm_test() {
return hex_md5("abc").toLowerCase() == "900150983cd24fb0d6963f7d28e17f72"
}
;
function rstr_md5(a) {
return binl2rstr(binl_md5(rstr2binl(a), a.length * 8))
}
;
function rstr_hmac_md5(c, f) {
var e = rstr2binl(c);
if (e.length > 16) {
e = binl_md5(e, c.length * 8)
}
var a = Array(16), d = Array(16);
for ( var b = 0; b < 16; b++) {
a[b] = e[b] ^ 909522486;
d[b] = e[b] ^ 1549556828
}
var g = binl_md5(a.concat(rstr2binl(f)), 512 + f.length * 8);
return binl2rstr(binl_md5(d.concat(g), 512 + 128))
}
;
function rstr2hex(c) {
try {
hexcase
} catch (g) {
hexcase = 0
}
var f = hexcase ? "0123456789ABCDEF" : "0123456789abcdef";
var b = "";
var a;
for ( var d = 0; d < c.length; d++) {
a = c.charCodeAt(d);
b += f.charAt((a >>> 4) & 15) + f.charAt(a & 15)
}
return b
}
;
function str2rstr_utf8(c) {
var b = "";
var d = -1;
var a, e;
while (++d < c.length) {
a = c.charCodeAt(d);
e = d + 1 < c.length ? c.charCodeAt(d + 1) : 0;
if (55296 <= a && a <= 56319 && 56320 <= e
&& e <= 57343) {
a = 65536 + ((a & 1023) << 10) + (e & 1023);
d++
}
if (a <= 127) {
b += String.fromCharCode(a)
} else {
if (a <= 2047) {
b += String.fromCharCode(
192 | ((a >>> 6) & 31), 128 | (a & 63))
} else {
if (a <= 65535) {
b += String.fromCharCode(
224 | ((a >>> 12) & 15),
128 | ((a >>> 6) & 63),
128 | (a & 63))
} else {
if (a <= 2097151) {
b += String.fromCharCode(
240 | ((a >>> 18) & 7),
128 | ((a >>> 12) & 63),
128 | ((a >>> 6) & 63),
128 | (a & 63))
}
}
}
}
}
return b
}
;
function rstr2binl(b) {
var a = Array(b.length >> 2);
for ( var c = 0; c < a.length; c++) {
a[c] = 0
}
for ( var c = 0; c < b.length * 8; c += 8) {
a[c >> 5] |= (b.charCodeAt(c / 8) & 255) << (c % 32)
}
return a
}
;
function binl2rstr(b) {
var a = "";
for ( var c = 0; c < b.length * 32; c += 8) {
a += String
.fromCharCode((b[c >> 5] >>> (c % 32)) & 255)
}
return a
}
;
function binl_md5(p, k) {
p[k >> 5] |= 128 << ((k) % 32);
p[(((k + 64) >>> 9) << 4) + 14] = k;
var o = 1732584193;
var n = -271733879;
var m = -1732584194;
var l = 271733878;
for ( var g = 0; g < p.length; g += 16) {
var j = o;
var h = n;
var f = m;
var e = l;
o = md5_ff(o, n, m, l, p[g + 0], 7, -680876936);
l = md5_ff(l, o, n, m, p[g + 1], 12, -389564586);
m = md5_ff(m, l, o, n, p[g + 2], 17, 606105819);
n = md5_ff(n, m, l, o, p[g + 3], 22, -1044525330);
o = md5_ff(o, n, m, l, p[g + 4], 7, -176418897);
l = md5_ff(l, o, n, m, p[g + 5], 12, 1200080426);
m = md5_ff(m, l, o, n, p[g + 6], 17, -1473231341);
n = md5_ff(n, m, l, o, p[g + 7], 22, -45705983);
o = md5_ff(o, n, m, l, p[g + 8], 7, 1770035416);
l = md5_ff(l, o, n, m, p[g + 9], 12, -1958414417);
m = md5_ff(m, l, o, n, p[g + 10], 17, -42063);
n = md5_ff(n, m, l, o, p[g + 11], 22, -1990404162);
o = md5_ff(o, n, m, l, p[g + 12], 7, 1804603682);
l = md5_ff(l, o, n, m, p[g + 13], 12, -40341101);
m = md5_ff(m, l, o, n, p[g + 14], 17, -1502002290);
n = md5_ff(n, m, l, o, p[g + 15], 22, 1236535329);
o = md5_gg(o, n, m, l, p[g + 1], 5, -165796510);
l = md5_gg(l, o, n, m, p[g + 6], 9, -1069501632);
m = md5_gg(m, l, o, n, p[g + 11], 14, 643717713);
n = md5_gg(n, m, l, o, p[g + 0], 20, -373897302);
o = md5_gg(o, n, m, l, p[g + 5], 5, -701558691);
l = md5_gg(l, o, n, m, p[g + 10], 9, 38016083);
m = md5_gg(m, l, o, n, p[g + 15], 14, -660478335);
n = md5_gg(n, m, l, o, p[g + 4], 20, -405537848);
o = md5_gg(o, n, m, l, p[g + 9], 5, 568446438);
l = md5_gg(l, o, n, m, p[g + 14], 9, -1019803690);
m = md5_gg(m, l, o, n, p[g + 3], 14, -187363961);
n = md5_gg(n, m, l, o, p[g + 8], 20, 1163531501);
o = md5_gg(o, n, m, l, p[g + 13], 5, -1444681467);
l = md5_gg(l, o, n, m, p[g + 2], 9, -51403784);
m = md5_gg(m, l, o, n, p[g + 7], 14, 1735328473);
n = md5_gg(n, m, l, o, p[g + 12], 20, -1926607734);
o = md5_hh(o, n, m, l, p[g + 5], 4, -378558);
l = md5_hh(l, o, n, m, p[g + 8], 11, -2022574463);
m = md5_hh(m, l, o, n, p[g + 11], 16, 1839030562);
n = md5_hh(n, m, l, o, p[g + 14], 23, -35309556);
o = md5_hh(o, n, m, l, p[g + 1], 4, -1530992060);
l = md5_hh(l, o, n, m, p[g + 4], 11, 1272893353);
m = md5_hh(m, l, o, n, p[g + 7], 16, -155497632);
n = md5_hh(n, m, l, o, p[g + 10], 23, -1094730640);
o = md5_hh(o, n, m, l, p[g + 13], 4, 681279174);
l = md5_hh(l, o, n, m, p[g + 0], 11, -358537222);
m = md5_hh(m, l, o, n, p[g + 3], 16, -722521979);
n = md5_hh(n, m, l, o, p[g + 6], 23, 76029189);
o = md5_hh(o, n, m, l, p[g + 9], 4, -640364487);
l = md5_hh(l, o, n, m, p[g + 12], 11, -421815835);
m = md5_hh(m, l, o, n, p[g + 15], 16, 530742520);
n = md5_hh(n, m, l, o, p[g + 2], 23, -995338651);
o = md5_ii(o, n, m, l, p[g + 0], 6, -198630844);
l = md5_ii(l, o, n, m, p[g + 7], 10, 1126891415);
m = md5_ii(m, l, o, n, p[g + 14], 15, -1416354905);
n = md5_ii(n, m, l, o, p[g + 5], 21, -57434055);
o = md5_ii(o, n, m, l, p[g + 12], 6, 1700485571);
l = md5_ii(l, o, n, m, p[g + 3], 10, -1894986606);
m = md5_ii(m, l, o, n, p[g + 10], 15, -1051523);
n = md5_ii(n, m, l, o, p[g + 1], 21, -2054922799);
o = md5_ii(o, n, m, l, p[g + 8], 6, 1873313359);
l = md5_ii(l, o, n, m, p[g + 15], 10, -30611744);
m = md5_ii(m, l, o, n, p[g + 6], 15, -1560198380);
n = md5_ii(n, m, l, o, p[g + 13], 21, 1309151649);
o = md5_ii(o, n, m, l, p[g + 4], 6, -145523070);
l = md5_ii(l, o, n, m, p[g + 11], 10, -1120210379);
m = md5_ii(m, l, o, n, p[g + 2], 15, 718787259);
n = md5_ii(n, m, l, o, p[g + 9], 21, -343485551);
o = safe_add(o, j);
n = safe_add(n, h);
m = safe_add(m, f);
l = safe_add(l, e)
}
return Array(o, n, m, l)
}
;
function md5_cmn(h, e, d, c, g, f) {
return safe_add(bit_rol(safe_add(safe_add(e, h), safe_add(
c, f)), g), d)
}
;
function md5_ff(g, f, k, j, e, i, h) {
return md5_cmn((f & k) | ((~f) & j), g, f, e, i, h)
}
;
function md5_gg(g, f, k, j, e, i, h) {
return md5_cmn((f & j) | (k & (~j)), g, f, e, i, h)
}
;
function md5_hh(g, f, k, j, e, i, h) {
return md5_cmn(f ^ k ^ j, g, f, e, i, h)
}
;
function md5_ii(g, f, k, j, e, i, h) {
return md5_cmn(k ^ (f | (~j)), g, f, e, i, h)
}
;
function safe_add(a, d) {
var c = (a & 65535) + (d & 65535);
var b = (a >> 16) + (d >> 16) + (c >> 16);
return (b << 16) | (c & 65535)
}
;
function bit_rol(a, b) {
return (a << b) | (a >>> (32 - b))
}
;
md5_func.noConflict = function publicAPI$noConflict() {
if (context) {
context[name] = old_public_api;
}
return md5_func;
};
return md5_func;
})
---------------------------------------------------------------------------------------------------------md5.js--------------------------------------------------------------------------------------------------
具体代码都在上面了,如果有什么问题,希望大家提出来,谢谢大家帮忙指出问题。写这个只是为了记录自己成长的经历,我会把每次我遇到,解决的问题记录下来,有些可能会写出来分享给大家,谢谢。
2015-6-8 用javascript+ Java+md5解决http协议下,用户登录明文传输密码问题
标签:
原文地址:http://www.cnblogs.com/chaoyablog/p/4561425.html
