Springboot实现密码的加密解密

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion> <groupId>com.ninemax</groupId> <artifactId>spring-Login-test</artifactId> <version>0.0.1-SNAPSHOT</version> <packaging>war</packaging>    <parent>    <groupId>org.springframework.boot</groupId>    <artifactId>spring-boot-starter-parent</artifactId>    <version>1.3.2.RELEASE</version>    <relativePath/>  </parent>  <properties>    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>    <java.version>1.8</java.version>  </properties>  <dependencies>        <dependency>      <groupId>org.springframework.boot</groupId>      <artifactId>spring-boot-starter</artifactId>    </dependency>    <dependency>      <groupId>org.springframework.boot</groupId>      <artifactId>spring-boot-starter-test</artifactId>      <scope>test</scope>    </dependency>    <dependency>      <groupId>org.mybatis.spring.boot</groupId>      <artifactId>mybatis-spring-boot-starter</artifactId>      <version>1.1.1</version>    </dependency>    <dependency>      <groupId>org.springframework.boot</groupId>      <artifactId>spring-boot-starter-web</artifactId>    </dependency>    <dependency>      <groupId>commons-dbcp</groupId>      <artifactId>commons-dbcp</artifactId>    </dependency>    <dependency>      <groupId>com.oracle</groupId>      <artifactId>ojdbc14</artifactId>      <version>10.2.0.3.0</version>    </dependency>             <dependency>      <groupId>org.springframework.boot</groupId>      <artifactId>spring-boot-starter-thymeleaf</artifactId>    </dependency>          </dependencies>  <build>    <plugins>      <plugin>        <groupId>org.springframework.boot</groupId>        <artifactId>spring-boot-maven-plugin</artifactId>      </plugin>      <plugin>        <groupId>org.apache.maven.plugins</groupId>        <artifactId>maven-surefire-plugin</artifactId>        <configuration>          <skip>true</skip>        </configuration>      </plugin>    </plugins>  </build>   </project>

package com;import org.springframework.boot.SpringApplication;import org.springframework.boot.autoconfigure.SpringBootApplication;@SpringBootApplicationpublic class AppTest {   public static void main(String[] args) {     SpringApplication.run(AppTest.class, args);   }   }

package com.entity;public class User {  private String username;  private String password;    public String getUsername() {    return username;  }  public void setUsername(String username) {    this.username = username;  }  public String getPassword() {    return password;  }  public void setPassword(String password) {    this.password = password;  }  @Override  public String toString() {    return "User [username=" + username + ", password=" + password + "]";  }}

package com.controller;import java.security.SecureRandom;import javax.crypto.Cipher;import javax.crypto.SecretKey;import javax.crypto.SecretKeyFactory;import javax.crypto.spec.DESKeySpec;import javax.servlet.http.HttpServletRequest;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.stereotype.Controller;import org.springframework.web.bind.annotation.RequestMapping;import com.dao.UserDao;import com.entity.User;@Controllerpublic class UserController {   @Autowired   private UserDao userDao;      @RequestMapping("/regist")   public String regist() {     return "regist";   }      @RequestMapping("/login")   public String login() {     return "login";   }       @RequestMapping("/success")   public String success(HttpServletRequest request) {     String username = request.getParameter("username");     String password = request.getParameter("password");          userDao.save(username, password);     return "success";   }      @RequestMapping("/Loginsuccess")   public String successLogin(HttpServletRequest request) {     String username = request.getParameter("username");     String password = request.getParameter("password"); ///123456     User user = userDao.findByUname(username);       if(user.getPassword().equals(password)) {         return "successLogin";       }       return "failure";   }}

package com.dao;import org.apache.ibatis.annotations.Insert;import org.apache.ibatis.annotations.Mapper;import org.apache.ibatis.annotations.Param;import org.apache.ibatis.annotations.Select;import com.entity.User;@Mapperpublic interface UserDao {   @Insert("INSERT INTO LOGIN_NINE VALUES(#{username}, #{password})")   void save(@Param("username")String username,@Param("password")String password);      @Select("SELECT * FROM LOGIN_NINE WHERE username= #{username}")   User findByUname(@Param("username")String username);}

spring.datasource.url=jdbc:oracle:thin:@10.236.4.251:1521:orclspring.datasource.username=hellospring.datasource.password=lisaspring.datasource.driver-class-name=oracle.jdbc.driver.OracleDriver

<!DOCTYPE html><html xmlns:th="http://www.thymeleaf.org"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>注册</title><style type="text/css">  h1 {   text-align:center;   font-size:35px;   color:red;  }  div {   text-align:center;  }  div input {   margin:10px;  }</style></head><body>   <h1>注册账号</h1>   <div>   <form action="success" method="post">                  用户名<input type="text" name="username"/> <br/>                 密码<input type="password" name = "password"/> <br/>      <input type="submit" value="提交"/>        <input type="reset"/>                  </form>   </div></body></html>

<!DOCTYPE html><html xmlns:th="http://www.thymeleaf.org"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>登录</title><style type="text/css">  h1 {   text-align:center;   font-size:35px;   color:red;  }  div {   text-align:center;  }  div input {   margin:10px;  }  </style></head><body>   <h1>欢迎登录</h1>   <div>   <form action="Loginsuccess" method="post">                  请输入用户名<input type="text" name="username"/> <br/>                 请输入密码<input type="password" name = "password"/> <br/>      <input type="submit" value="提交"/>        <input type="reset"/>   <br/>      <a href="/regist" rel="external nofollow" >注册账号</a>            </form>   </div></body></html>

<!DOCTYPE html><html xmlns:th="http://www.thymeleaf.org"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>注册成功</title><style type="text/css">  h1 {   text-align:center;   font-size:60px;   color:green;  }  span {   font-size:30px;   color:green;  }</style></head><body><h1>注册成功</h1><a href="/login" rel="external nofollow" >返回登录</a></body></html>

<!DOCTYPE html><html xmlns:th="http://www.thymeleaf.org"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>登录失败</title></head><body>     登录失败</body></html>

<!DOCTYPE html><html xmlns:th="http://www.thymeleaf.org"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>成功</title></head><body>   success</body></html>

package com.controller;import java.security.SecureRandom;import javax.crypto.Cipher;import javax.crypto.SecretKey;import javax.crypto.SecretKeyFactory;import javax.crypto.spec.DESKeySpec;import javax.servlet.http.HttpServletRequest;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.stereotype.Controller;import org.springframework.web.bind.annotation.RequestMapping;import com.dao.UserDao;import com.entity.User;@Controllerpublic class UserController {   @Autowired   private UserDao userDao;      @RequestMapping("/regist")   public String regist() {     return "regist";   }      @RequestMapping("/login")   public String login() {     return "login";   }      /**    * EDS的加密解密代码    */   private static final byte[] DES_KEY = { 21, 1, -110, 82, -32, -85, -128, -65 };    @SuppressWarnings("restriction")    public static String encryptBasedDes(String data) {      String encryptedData = null;      try {        // DES算法要求有一个可信任的随机数源        SecureRandom sr = new SecureRandom();        DESKeySpec deskey = new DESKeySpec(DES_KEY);        // 创建一个密匙工厂，然后用它把DESKeySpec转换成一个SecretKey对象        SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");        SecretKey key = keyFactory.generateSecret(deskey);        // 加密对象        Cipher cipher = Cipher.getInstance("DES");        cipher.init(Cipher.ENCRYPT_MODE, key, sr);        // 加密，并把字节数组编码成字符串        encryptedData = new sun.misc.BASE64Encoder().encode(cipher.doFinal(data.getBytes()));      } catch (Exception e) {        // log.error("加密错误，错误信息：", e);        throw new RuntimeException("加密错误，错误信息：", e);      }      return encryptedData;    }    @SuppressWarnings("restriction")    public static String decryptBasedDes(String cryptData) {      String decryptedData = null;      try {        // DES算法要求有一个可信任的随机数源        SecureRandom sr = new SecureRandom();        DESKeySpec deskey = new DESKeySpec(DES_KEY);        // 创建一个密匙工厂，然后用它把DESKeySpec转换成一个SecretKey对象        SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");        SecretKey key = keyFactory.generateSecret(deskey);        // 解密对象        Cipher cipher = Cipher.getInstance("DES");        cipher.init(Cipher.DECRYPT_MODE, key, sr);        // 把字符串进行解码，解码为为字节数组，并解密        decryptedData = new String(cipher.doFinal(new sun.misc.BASE64Decoder().decodeBuffer(cryptData)));      } catch (Exception e) {        throw new RuntimeException("解密错误，错误信息：", e);      }      return decryptedData;    }       @RequestMapping("/success")   public String success(HttpServletRequest request) {     String username = request.getParameter("username");     String password = request.getParameter("password");     String s1 = encryptBasedDes(password);     userDao.save(username, s1);     return "success";   }      @RequestMapping("/Loginsuccess")   public String successLogin(HttpServletRequest request) {     String username = request.getParameter("username");     String password = request.getParameter("password"); ///123456     User user = userDao.findByUname(username);       if(decryptBasedDes(user.getPassword()).equals(password)) {         return "successLogin";       }       return "failure";   }}