在shiro授权和认证中,我们经常用到数据的加密和解密,这里做了一些数据的加密方法的测试
1、添加依赖
<!-- https://mvnrepository.com/artifact/org.apache.shiro/shiro-core --> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-core</artifactId> <version>1.4.0</version> </dependency> <!-- https://mvnrepository.com/artifact/commons-logging/commons-logging --> <dependency> <groupId>commons-logging</groupId> <artifactId>commons-logging</artifactId> <version>1.2</version> </dependency>
2、编写测试代码
package test; import org.apache.shiro.codec.Base64; import org.apache.shiro.codec.Hex; import org.apache.shiro.crypto.hash.*; import org.junit.Test; /** * @author 大宇 * @create 2018/12/10 21:12 * Description 加密、解密 */ public class EncryptTest { //加密内容 private String pass = "encryptString"; //盐 private String salt = "salt"; //加密次数 private int hashIterations = 10; /** * base64 */ @Test public void test1() { String encodeToString = Base64.encodeToString(pass.getBytes()); System.out.println(encodeToString); String decodeToString = new String(Base64.decodeToString(pass)); System.out.println(decodeToString); } /** * md5加密 */ @Test public void test2() { //MD5普通加密 String encodeToString = new Md5Hash(pass).toString(); System.out.println(encodeToString); //md5加密转base64位编码或者16进制编码 String md5Base64 = new Md5Hash(pass).toBase64(); String md5Hex = new Md5Hash(pass).toHex(); System.out.println(md5Base64); System.out.println(md5Hex); //md5加密,加密内容source,带盐加密salt,还可以指定加密次数:hashIterations md5Base64 = new Md5Hash("asdf", "123", 5).toBase64(); System.out.println(md5Base64); } /** * sha加密 * SHA1,SHA256,SHA512 */ @Test public void test3() { String sha1hash = new Sha1Hash(pass, salt, hashIterations).toBase64(); String sha256hash = new Sha256Hash(pass, salt, hashIterations).toBase64(); String sha512hash = new Sha512Hash(pass, salt, hashIterations).toBase64(); System.out.println(sha1hash); System.out.println(sha256hash); System.out.println(sha512hash); } /** * 通用加密:SimpleHash,将算法名称添加到方法即可 */ @Test public void testSimleHash() { // algorithmName 算法名称 String algorithmName="md5";//sha1,sha-256,sha-512。。。,下面的第一个参数 String encryptStr = new SimpleHash("md5", pass, salt, hashIterations).toBase64(); String sha256 = new SimpleHash("sha-256", pass, salt, hashIterations).toBase64(); String sha512= new SimpleHash("sha-512", pass, salt, hashIterations).toBase64(); System.out.println(encryptStr); System.out.println(sha256); System.out.println(sha512); } //hex十六进制编码 @Test public void testHex() { String encodeToString = Hex.encodeToString(pass.getBytes()); String decodeToString = new String(Hex.decode(encodeToString)); System.out.println("加密:"+encodeToString); System.out.println("解密:"+decodeToString); } }
通常,我们保存用户的账号密码都应该使用不可逆的加密方式,用来防账号泄露带来的风险,而不是可逆的加密方式