浅谈加密算法BCrypt
@Test
public void contextLoads() {
String password = "12345";
String hashed = BCrypt.hashpw(password, BCrypt.gensalt());
System.out.println(hashed); String hashed01 = BCrypt.hashpw(password, BCrypt.gensalt());
System.out.println(hashed01); String hashed02 = BCrypt.hashpw(password, BCrypt.gensalt());
System.out.println(hashed02); String hashed03 = BCrypt.hashpw(password, BCrypt.gensalt());
System.out.println(hashed03); String hashed04 = BCrypt.hashpw(password, BCrypt.gensalt());
System.out.println(hashed04); String hashed05 = BCrypt.hashpw(password, BCrypt.gensalt());
System.out.println(hashed05);
// gensalt's log_rounds parameter determines the complexity
// the work factor is 2**log_rounds, and the default is 10
String hashed2 = BCrypt.hashpw(password, BCrypt.gensalt(12)); // Check that an unencrypted password matches one that has
// previously been hashed
String candidate = "12345"; if (BCrypt.checkpw(candidate, hashed))
System.out.println("It matches");
else
System.out.println("It does not match");
}
在最新的Springboot secrity包中,登录加密的方式是BCrypt
当然,也可以直接下载BCrypt的jar包,进行加密和判断输入是否一致
<dependency>
<groupId>org.mindrot</groupId>
<artifactId>jbcrypt</artifactId>
<version>0.4</version>
</dependency>
也可以到官网 http://www.mindrot.org/projects/jBCrypt/
ok,依赖的事情说完时候,可以用上述测试代码查看一下,加密之后的字符串,运行了对于字符串12345的加密,结果如下
其中:$是分割符,无意义;2a是bcrypt加密版本号;10是cost的值;而后的前22位是salt值;再然后的字符串就是密码的密文了。
这块代码的格式拼接可以查看gensalt()方法源码:
从最下面往上看,返回log_rounds = 10,这就是版本号;
下一步,返回版本号和引用对象;
下一步,rs指向一个StringBuffer对象,先不管三七二十一,添加 $2a$
再判断 log_rounds 的值,小于10的按照0处理,大于30的抛出异常
11-29之间(包含),在 $2a$ 先添加 log_rounds 的值,再添加 $ , 再添加 base64位的加密
这一切之后,返回了salt值
public static String hashpw(String password, String salt) {
char minor = 0;
int off = false;
StringBuffer rs = new StringBuffer();
if (salt.charAt(0) == '$' && salt.charAt(1) == '2') {
byte off;
if (salt.charAt(2) == '$') {
off = 3;
} else {
minor = salt.charAt(2);
if (minor != 'a' || salt.charAt(3) != '$') {
throw new IllegalArgumentException("Invalid salt revision");
}
off = 4;
}
if (salt.charAt(off + 2) > '$') {
throw new IllegalArgumentException("Missing salt rounds");
} else {
int rounds = Integer.parseInt(salt.substring(off, off + 2));
String real_salt = salt.substring(off + 3, off + 25);
byte[] passwordb;
try {
passwordb = (password + (minor >= 'a' ? "\u0000" : "")).getBytes("UTF-8");
} catch (UnsupportedEncodingException var12) {
throw new AssertionError("UTF-8 is not supported");
}
byte[] saltb = decode_base64(real_salt, 16);
BCrypt B = new BCrypt();
byte[] hashed = B.crypt_raw(passwordb, saltb, rounds, (int[])((int[])bf_crypt_ciphertext.clone()));
rs.append("$2");
if (minor >= 'a') {
rs.append(minor);
}
rs.append("$");
if (rounds < 10) {
rs.append("0");
}
if (rounds > 30) {
throw new IllegalArgumentException("rounds exceeds maximum (30)");
} else {
rs.append(Integer.toString(rounds));
rs.append("$");
rs.append(encode_base64(saltb, saltb.length));
rs.append(encode_base64(hashed, bf_crypt_ciphertext.length * 4 - 1));
return rs.toString();
}
}
} else {
throw new IllegalArgumentException("Invalid salt version");
}
}
之后加密计算返回加密后的字符串,方法名是hashpw,具体实现有点长,复制了代码如上
具体的encode_base64加密和解密,和我以前了解的不太一致
以前的了解是单个字符串进行base64加密和解密,可逆 https://www.cnblogs.com/qianjinyan/p/9541368.html
而此时是如下
//
// Source code recreated from a .class file by IntelliJ IDEA
// (powered by Fernflower decompiler)
// package org.mindrot.jbcrypt; import java.io.UnsupportedEncodingException;
import java.security.SecureRandom; public class BCrypt {
private static final int GENSALT_DEFAULT_LOG2_ROUNDS = 10;
private static final int BCRYPT_SALT_LEN = 16;
private static final int BLOWFISH_NUM_ROUNDS = 16;
private static final int[] P_orig = new int[]{608135816, -2052912941, 320440878, 57701188, -1542899678, 698298832, 137296536, -330404727, 1160258022, 953160567, -1101764913, 887688300, -1062458953, -914599715, 1065670069, -1253635817, -1843997223, -1988494565};
private static final int[] S_orig = new int[]{-785314906, -1730169428, 805139163, -803545161, -1193168915, 1780907670, -1166241723, -248741991, 614570311, -1282315017, 134345442, -2054226922, 1667834072, 1901547113, -1537671517, -191677058, 227898511, 1921955416, 1904987480, -2112533778, 2069144605, -1034266187, -1674521287, 720527379, -976113629, 677414384, -901678824, -1193592593, -1904616272, 1614419982, 1822297739, -1340175810, -686458943, -1120842969, 2024746970, 1432378464, -430627341, -1437226092, 1464375394, 1676153920, 1439316330, 715854006, -1261675468, 289532110, -1588296017, 2087905683, -1276242927, 1668267050, 732546397, 1947742710, -832815594, -1685613794, -1344882125, 1814351708, 2050118529, 680887927, 999245976, 1800124847, -994056165, 1713906067, 1641548236, -81679983, 1216130144, 1575780402, -276538019, -377129551, -601480446, -345695352, 596196993, -745100091, 258830323, -2081144263, 772490370, -1534844924, 1774776394, -1642095778, 566650946, -152474470, 1728879713, -1412200208, 1783734482, -665571480, -1777359064, -1420741725, 1861159788, 326777828, -1170476976, 2130389656, -1578015459, 967770486, 1724537150, -2109534584, -1930525159, 1164943284, 2105845187, 998989502, -529566248, -2050940813, 1075463327, 1455516326, 1322494562, 910128902, 469688178, 1117454909, 936433444, -804646328, -619713837, 1240580251, 122909385, -2137449605, 634681816, -152510729, -469872614, -1233564613, -1754472259, 79693498, -1045868618, 1084186820, 1583128258, 426386531, 1761308591, 1047286709, 322548459, 995290223, 1845252383, -1691314900, -863943356, -1352745719, -1092366332, -567063811, 1712269319, 422464435, -1060394921, 1170764815, -771006663, -1177289765, 1434042557, 442511882, -694091578, 1076654713, 1738483198, -81812532, -1901729288, -617471240, 1014306527, -43947243, 793779912, -1392160085, 842905082, -48003232, 1395751752, 1040244610, -1638115397, -898659168, 445077038, -552113701, -717051658, 679411651, -1402522938, -1940957837, 1767581616, -1144366904, -503340195, -1192226400, 284835224, -48135240, 1258075500, 768725851, -1705778055, -1225243291, -762426948, 1274779536, -505548070, -1530167757, 1660621633, -823867672, -283063590, 913787905, -797008130, 737222580, -1780753843, -1366257256, -357724559, 1804850592, -795946544, -1345903136, -1908647121, -1904896841, -1879645445, -233690268, -2004305902, -1878134756, 1336762016, 1754252060, -774901359, -1280786003, 791618072, -1106372745, -361419266, -1962795103, -442446833, -1250986776, 413987798, -829824359, -1264037920, -49028937, 2093235073, -760370983, 375366246, -2137688315, -1815317740, 555357303, -424861595, 2008414854, -950779147, -73583153, -338841844, 2067696032, -700376109, -1373733303, 2428461, 544322398, 577241275, 1471733935, 610547355, -267798242, 1432588573, 1507829418, 2025931657, -648391809, 545086370, 48609733, -2094660746, 1653985193, 298326376, 1316178497, -1287180854, 2064951626, 458293330, -1705826027, -703637697, -1130641692, 727753846, -2115603456, 146436021, 1461446943, -224990101, 705550613, -1235000031, -407242314, -13368018, -981117340, 1404054877, -1449160799, 146425753, 1854211946, 1266315497, -1246549692, -613086930, -1004984797, -1385257296, 1235738493, -1662099272, -1880247706, -324367247, 1771706367, 1449415276, -1028546847, 422970021, 1963543593, -1604775104, -468174274, 1062508698, 1531092325, 1804592342, -1711849514, -1580033017, -269995787, 1294809318, -265986623, 1289560198, -2072974554, 1669523910, 35572830, 157838143, 1052438473, 1016535060, 1802137761, 1753167236, 1386275462, -1214491899, -1437595849, 1040679964, 2145300060, -1904392980, 1461121720, -1338320329, -263189491, -266592508, 33600511, -1374882534, 1018524850, 629373528, -603381315, -779021319, 2091462646, -1808644237, 586499841, 988145025, 935516892, -927631820, -1695294041, -1455136442, 265290510, -322386114, -1535828415, -499593831, 1005194799, 847297441, 406762289, 1314163512, 1332590856, 1866599683, -167115585, 750260880, 613907577, 1450815602, -1129346641, -560302305, -644675568, -1282691566, -590397650, 1427272223, 778793252, 1343938022, -1618686585, 2052605720, 1946737175, -1130390852, -380928628, -327488454, -612033030, 1661551462, -1000029230, -283371449, 840292616, -582796489, 616741398, 312560963, 711312465, 1351876610, 322626781, 1910503582, 271666773, -2119403562, 1594956187, 70604529, -677132437, 1007753275, 1495573769, -225450259, -1745748998, -1631928532, 504708206, -2031925904, -353800271, -2045878774, 1514023603, 1998579484, 1312622330, 694541497, -1712906993, -2143385130, 1382467621, 776784248, -1676627094, -971698502, -1797068168, -1510196141, 503983604, -218673497, 907881277, 423175695, 432175456, 1378068232, -149744970, -340918674, -356311194, -474200683, -1501837181, -1317062703, 26017576, -1020076561, -1100195163, 1700274565, 1756076034, -288447217, -617638597, 720338349, 1533947780, 354530856, 688349552, -321042571, 1637815568, 332179504, -345916010, 53804574, -1442618417, -1250730864, 1282449977, -711025141, -877994476, -288586052, 1617046695, -1666491221, -1292663698, 1686838959, 431878346, -1608291911, 1700445008, 1080580658, 1009431731, 832498133, -1071531785, -1688990951, -2023776103, -1778935426, 1648197032, -130578278, -1746719369, 300782431, 375919233, 238389289, -941219882, -1763778655, 2019080857, 1475708069, 455242339, -1685863425, 448939670, -843904277, 1395535956, -1881585436, 1841049896, 1491858159, 885456874, -30872223, -293847949, 1565136089, -396052509, 1108368660, 540939232, 1173283510, -1549095958, -613658859, -87339056, -951913406, -278217803, 1699691293, 1103962373, -669091426, -2038084153, -464828566, 1031889488, -815619598, 1535977030, -58162272, -1043876189, 2132092099, 1774941330, 1199868427, 1452454533, 157007616, -1390851939, 342012276, 595725824, 1480756522, 206960106, 497939518, 591360097, 863170706, -1919713727, -698356495, 1814182875, 2094937945, -873565088, 1082520231, -831049106, -1509457788, 435703966, -386934699, 1641649973, -1452693590, -989067582, 1510255612, -2146710820, -1639679442, -1018874748, -36346107, 236887753, -613164077, 274041037, 1734335097, -479771840, -976997275, 1899903192, 1026095262, -244449504, 356393447, -1884275382, -421290197, -612127241, -381855128, -1803468553, -162781668, -1805047500, 1091903735, 1979897079, -1124832466, -727580568, -737663887, 857797738, 1136121015, 1342202287, 507115054, -1759230650, 337727348, -1081374656, 1301675037, -1766485585, 1895095763, 1721773893, -1078195732, 62756741, 2142006736, 835421444, -1762973773, 1442658625, -635090970, -1412822374, 676362277, 1392781812, 170690266, -373920261, 1759253602, -683120384, 1745797284, 664899054, 1329594018, -393761396, -1249058810, 2062866102, -1429332356, -751345684, -830954599, 1080764994, 553557557, -638351943, -298199125, 991055499, 499776247, 1265440854, 648242737, -354183246, 980351604, -581221582, 1749149687, -898096901, -83167922, -654396521, 1161844396, -1169648345, 1431517754, 545492359, -26498633, -795437749, 1437099964, -1592419752, -861329053, -1713251533, -1507177898, 1060185593, 1593081372, -1876348548, -34019326, 69676912, -2135222948, 86519011, -1782508216, -456757982, 1220612927, -955283748, 133810670, 1090789135, 1078426020, 1569222167, 845107691, -711212847, -222510705, 1091646820, 628848692, 1613405280, -537335645, 526609435, 236106946, 48312990, -1352249391, -892239595, 1797494240, 859738849, 992217954, -289490654, -2051890674, -424014439, -562951028, 765654824, -804095931, -1783130883, 1685915746, -405998096, 1414112111, -2021832454, -1013056217, -214004450, 172450625, -1724973196, 980381355, -185008841, -1475158944, -1578377736, -1726226100, -613520627, -964995824, 1835478071, 660984891, -590288892, -248967737, -872349789, -1254551662, 1762651403, 1719377915, -824476260, -1601057013, -652910941, -1156370552, 1364962596, 2073328063, 1983633131, 926494387, -871278215, -2144935273, -198299347, 1749200295, -966120645, 309677260, 2016342300, 1779581495, -1215147545, 111262694, 1274766160, 443224088, 298511866, 1025883608, -488520759, 1145181785, 168956806, -653464466, -710153686, 1689216846, -628709281, -1094719096, 1692713982, -1648590761, -252198778, 1618508792, 1610833997, -771914938, -164094032, 2001055236, -684262196, -2092799181, -266425487, -1333771897, 1006657119, 2006996926, -1108824540, 1430667929, -1084739999, 1314452623, -220332638, -193663176, -2021016126, 1399257539, -927756684, -1267338667, 1190975929, 2062231137, -1960976508, -2073424263, -1856006686, 1181637006, 548689776, -1932175983, -922558900, -1190417183, -1149106736, 296247880, 1970579870, -1216407114, -525738999, 1714227617, -1003338189, -396747006, 166772364, 1251581989, 493813264, 448347421, 195405023, -1584991729, 677966185, -591930749, 1463355134, -1578971493, 1338867538, 1343315457, -1492745222, -1610435132, 233230375, -1694987225, 2000651841, -1017099258, 1638401717, -266896856, -1057650976, 6314154, 819756386, 300326615, 590932579, 1405279636, -1027467724, -1144263082, -1866680610, -335774303, -833020554, 1862657033, 1266418056, 963775037, 2089974820, -2031914401, 1917689273, 448879540, -744572676, -313240200, 150775221, -667058989, 1303187396, 508620638, -1318983944, -1568336679, 1817252668, 1876281319, 1457606340, 908771278, -574175177, -677760460, -1838972398, 1729034894, 1080033504, 976866871, -738527793, -1413318857, 1522871579, 1555064734, 1336096578, -746444992, -1715692610, -720269667, -1089506539, -701686658, -956251013, -1215554709, 564236357, -1301368386, 1781952180, 1464380207, -1131123079, -962365742, 1699332808, 1393555694, 1183702653, -713881059, 1288719814, 691649499, -1447410096, -1399511320, -1101077756, -1577396752, 1781354906, 1676643554, -1702433246, -1064713544, 1126444790, -1524759638, -1661808476, -2084544070, -1679201715, -1880812208, -1167828010, 673620729, -1489356063, 1269405062, -279616791, -953159725, -145557542, 1057255273, 2012875353, -2132498155, -2018474495, -1693849939, 993977747, -376373926, -1640704105, 753973209, 36408145, -1764381638, 25011837, -774947114, 2088578344, 530523599, -1376601957, 1524020338, 1518925132, -534139791, -535190042, 1202760957, -309069157, -388774771, 674977740, -120232407, 2031300136, 2019492241, -311074731, -141160892, -472686964, 352677332, -1997247046, 60907813, 90501309, -1007968747, 1016092578, -1759044884, -1455814870, 457141659, 509813237, -174299397, 652014361, 1966332200, -1319764491, 55981186, -1967506245, 676427537, -1039476232, -1412673177, -861040033, 1307055953, 942726286, 933058658, -1826555503, -361066302, -79791154, 1361170020, 2001714738, -1464409218, -1020707514, 1222529897, 1679025792, -1565652976, -580013532, 1770335741, 151462246, -1281735158, 1682292957, 1483529935, 471910574, 1539241949, 458788160, -858652289, 1807016891, -576558466, 978976581, 1043663428, -1129001515, 1927990952, -94075717, -1922690386, -1086558393, -761535389, 1412390302, -1362987237, -162634896, 1947078029, -413461673, -126740879, -1353482915, 1077988104, 1320477388, 886195818, 18198404, -508558296, -1785185763, 112762804, -831610808, 1866414978, 891333506, 18488651, 661792760, 1628790961, -409780260, -1153795797, 876946877, -1601685023, 1372485963, 791857591, -1608533303, -534984578, -1127755274, -822013501, -1578587449, 445679433, -732971622, -790962485, -720709064, 54117162, -963561881, -1913048708, -525259953, -140617289, 1140177722, -220915201, 668550556, -1080614356, 367459370, 261225585, -1684794075, -85617823, -826893077, -1029151655, 314222801, -1228863650, -486184436, 282218597, -888953790, -521376242, 379116347, 1285071038, 846784868, -1625320142, -523005217, -744475605, -1989021154, 453669953, 1268987020, -977374944, -1015663912, -550133875, -1684459730, -435458233, 266596637, -447948204, 517658769, -832407089, -851542417, 370717030, -47440635, -2070949179, -151313767, -182193321, -1506642397, -1817692879, 1456262402, -1393524382, 1517677493, 1846949527, -1999473716, -560569710, -2118563376, 1280348187, 1908823572, -423180355, 846861322, 1172426758, -1007518822, -911584259, 1655181056, -1155153950, 901632758, 1897031941, -1308360158, -1228157060, -847864789, 1393639104, 373351379, 950779232, 625454576, -1170726756, -146354570, 2007998917, 544563296, -2050228658, -1964470824, 2058025392, 1291430526, 424198748, 50039436, 29584100, -689184263, -1865090967, -1503863136, 1057563949, -1039604065, -1219600078, -831004069, 1469046755, 985887462};
private static final int[] bf_crypt_ciphertext = new int[]{1332899944, 1700884034, 1701343084, 1684370003, 1668446532, 1869963892};
private static final char[] base64_code = new char[]{'.', '/', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9'};
private static final byte[] index_64 = new byte[]{-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 0, 1, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, -1, -1, -1, -1, -1, -1, -1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, -1, -1, -1, -1, -1, -1, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, -1, -1, -1, -1, -1};
private int[] P;
private int[] S; public BCrypt() {
} private static String encode_base64(byte[] d, int len) throws IllegalArgumentException {
int off = 0;
StringBuffer rs = new StringBuffer();
if (len > 0 && len <= d.length) {
while(off < len) {
int c1 = d[off++] & 255;
rs.append(base64_code[c1 >> 2 & 63]);
c1 = (c1 & 3) << 4;
if (off >= len) {
rs.append(base64_code[c1 & 63]);
break;
} int c2 = d[off++] & 255;
c1 |= c2 >> 4 & 15;
rs.append(base64_code[c1 & 63]);
c1 = (c2 & 15) << 2;
if (off >= len) {
rs.append(base64_code[c1 & 63]);
break;
} c2 = d[off++] & 255;
c1 |= c2 >> 6 & 3;
rs.append(base64_code[c1 & 63]);
rs.append(base64_code[c2 & 63]);
} return rs.toString();
} else {
throw new IllegalArgumentException("Invalid len");
}
} private static byte char64(char x) {
return x >= 0 && x <= index_64.length ? index_64[x] : -1;
} private static byte[] decode_base64(String s, int maxolen) throws IllegalArgumentException {
StringBuffer rs = new StringBuffer();
int off = 0;
int slen = s.length();
int olen = 0;
if (maxolen <= 0) {
throw new IllegalArgumentException("Invalid maxolen");
} else {
while(off < slen - 1 && olen < maxolen) {
byte c1 = char64(s.charAt(off++));
byte c2 = char64(s.charAt(off++));
if (c1 == -1 || c2 == -1) {
break;
} byte o = (byte)(c1 << 2);
o = (byte)(o | (c2 & 48) >> 4);
rs.append((char)o);
++olen;
if (olen >= maxolen || off >= slen) {
break;
} byte c3 = char64(s.charAt(off++));
if (c3 == -1) {
break;
} o = (byte)((c2 & 15) << 4);
o = (byte)(o | (c3 & 60) >> 2);
rs.append((char)o);
++olen;
if (olen >= maxolen || off >= slen) {
break;
} byte c4 = char64(s.charAt(off++));
o = (byte)((c3 & 3) << 6);
o |= c4;
rs.append((char)o);
++olen;
} byte[] ret = new byte[olen]; for(off = 0; off < olen; ++off) {
ret[off] = (byte)rs.charAt(off);
} return ret;
}
} private final void encipher(int[] lr, int off) {
int l = lr[off];
int r = lr[off + 1];
l ^= this.P[0]; int n;
for(int i = 0; i <= 14; l ^= n ^ this.P[i]) {
n = this.S[l >> 24 & 255];
n += this.S[256 | l >> 16 & 255];
n ^= this.S[512 | l >> 8 & 255];
n += this.S[768 | l & 255];
++i;
r ^= n ^ this.P[i];
n = this.S[r >> 24 & 255];
n += this.S[256 | r >> 16 & 255];
n ^= this.S[512 | r >> 8 & 255];
n += this.S[768 | r & 255];
++i;
} lr[off] = r ^ this.P[17];
lr[off + 1] = l;
} private static int streamtoword(byte[] data, int[] offp) {
int word = 0;
int off = offp[0]; for(int i = 0; i < 4; ++i) {
word = word << 8 | data[off] & 255;
off = (off + 1) % data.length;
} offp[0] = off;
return word;
} private void init_key() {
this.P = (int[])((int[])P_orig.clone());
this.S = (int[])((int[])S_orig.clone());
} private void key(byte[] key) {
int[] koffp = new int[]{0};
int[] lr = new int[]{0, 0};
int plen = this.P.length;
int slen = this.S.length; int i;
for(i = 0; i < plen; ++i) {
this.P[i] ^= streamtoword(key, koffp);
} for(i = 0; i < plen; i += 2) {
this.encipher(lr, 0);
this.P[i] = lr[0];
this.P[i + 1] = lr[1];
} for(i = 0; i < slen; i += 2) {
this.encipher(lr, 0);
this.S[i] = lr[0];
this.S[i + 1] = lr[1];
} } private void ekskey(byte[] data, byte[] key) {
int[] koffp = new int[]{0};
int[] doffp = new int[]{0};
int[] lr = new int[]{0, 0};
int plen = this.P.length;
int slen = this.S.length; int i;
for(i = 0; i < plen; ++i) {
this.P[i] ^= streamtoword(key, koffp);
} for(i = 0; i < plen; i += 2) {
lr[0] ^= streamtoword(data, doffp);
lr[1] ^= streamtoword(data, doffp);
this.encipher(lr, 0);
this.P[i] = lr[0];
this.P[i + 1] = lr[1];
} for(i = 0; i < slen; i += 2) {
lr[0] ^= streamtoword(data, doffp);
lr[1] ^= streamtoword(data, doffp);
this.encipher(lr, 0);
this.S[i] = lr[0];
this.S[i + 1] = lr[1];
} } public byte[] crypt_raw(byte[] password, byte[] salt, int log_rounds, int[] cdata) {
int clen = cdata.length;
if (log_rounds >= 4 && log_rounds <= 30) {
int rounds = 1 << log_rounds;
if (salt.length != 16) {
throw new IllegalArgumentException("Bad salt length");
} else {
this.init_key();
this.ekskey(salt, password); int i;
for(i = 0; i != rounds; ++i) {
this.key(password);
this.key(salt);
} int j;
for(i = 0; i < 64; ++i) {
for(j = 0; j < clen >> 1; ++j) {
this.encipher(cdata, j << 1);
}
} byte[] ret = new byte[clen * 4];
i = 0; for(j = 0; i < clen; ++i) {
ret[j++] = (byte)(cdata[i] >> 24 & 255);
ret[j++] = (byte)(cdata[i] >> 16 & 255);
ret[j++] = (byte)(cdata[i] >> 8 & 255);
ret[j++] = (byte)(cdata[i] & 255);
} return ret;
}
} else {
throw new IllegalArgumentException("Bad number of rounds");
}
} public static String hashpw(String password, String salt) {
char minor = 0;
int off = false;
StringBuffer rs = new StringBuffer();
if (salt.charAt(0) == '$' && salt.charAt(1) == '2') {
byte off;
if (salt.charAt(2) == '$') {
off = 3;
} else {
minor = salt.charAt(2);
if (minor != 'a' || salt.charAt(3) != '$') {
throw new IllegalArgumentException("Invalid salt revision");
} off = 4;
} if (salt.charAt(off + 2) > '$') {
throw new IllegalArgumentException("Missing salt rounds");
} else {
int rounds = Integer.parseInt(salt.substring(off, off + 2));
String real_salt = salt.substring(off + 3, off + 25); byte[] passwordb;
try {
passwordb = (password + (minor >= 'a' ? "\u0000" : "")).getBytes("UTF-8");
} catch (UnsupportedEncodingException var12) {
throw new AssertionError("UTF-8 is not supported");
} byte[] saltb = decode_base64(real_salt, 16);
BCrypt B = new BCrypt();
byte[] hashed = B.crypt_raw(passwordb, saltb, rounds, (int[])((int[])bf_crypt_ciphertext.clone()));
rs.append("$2");
if (minor >= 'a') {
rs.append(minor);
} rs.append("$");
if (rounds < 10) {
rs.append("0");
} if (rounds > 30) {
throw new IllegalArgumentException("rounds exceeds maximum (30)");
} else {
rs.append(Integer.toString(rounds));
rs.append("$");
rs.append(encode_base64(saltb, saltb.length));
rs.append(encode_base64(hashed, bf_crypt_ciphertext.length * 4 - 1));
return rs.toString();
}
}
} else {
throw new IllegalArgumentException("Invalid salt version");
}
} public static String gensalt(int log_rounds, SecureRandom random) {
StringBuffer rs = new StringBuffer();
byte[] rnd = new byte[16];
random.nextBytes(rnd);
rs.append("$2a$");
if (log_rounds < 10) {
rs.append("0");
} if (log_rounds > 30) {
throw new IllegalArgumentException("log_rounds exceeds maximum (30)");
} else {
rs.append(Integer.toString(log_rounds));
rs.append("$");
rs.append(encode_base64(rnd, rnd.length));
return rs.toString();
}
} public static String gensalt(int log_rounds) {
return gensalt(log_rounds, new SecureRandom());
} public static String gensalt() {
return gensalt(10);
} public static boolean checkpw(String plaintext, String hashed) {
byte[] hashed_bytes;
byte[] try_bytes;
try {
String try_pw = hashpw(plaintext, hashed);
hashed_bytes = hashed.getBytes("UTF-8");
try_bytes = try_pw.getBytes("UTF-8");
} catch (UnsupportedEncodingException var6) {
return false;
} if (hashed_bytes.length != try_bytes.length) {
return false;
} else {
byte ret = 0; for(int i = 0; i < try_bytes.length; ++i) {
ret = (byte)(ret | hashed_bytes[i] ^ try_bytes[i]);
} return ret == 0;
}
}
}
总体来说,这种加密方式的有点
1. 登录密码进行加密后再存储到DB,即使被拖库,不会泄露密码,因为很多用户,在各个网站上为了密码易记忆,都是采用了同一个密码,那一个平台泄露,处处平台泄露极其不安全
2. 那简单的加密,比如对一个字符串N次加密,每次得到的密码是一致的,这种也不安全,用户多了你会发现,很多人的密码是一样的,比如我常见的密码12345,12qwaszx等等
3. 同样的密码, 需要加密后存储的值不一样,又能保证下次登录能够正确,BCrypt比其他加密方式多了一些thoughts
浅谈加密算法BCrypt的更多相关文章
- Android应用安全开发之浅谈加密算法的坑
<Android应用安全开发之浅谈加密算法的坑> 作者:阿里移动安全@伊樵,@舟海 阿里聚安全,一站式解决应用开发安全问题 Android开发中,难免会遇到需要加解密一些数据内 ...
- Android安全开发之启动私有组件漏洞浅谈
0x00 私有组件浅谈 android应用中,如果某个组件对外导出,那么这个组件就是一个攻击面.很有可能就存在很多问题,因为攻击者可以以各种方式对该组件进行测试攻击.但是开发者不一定所有的安全问题都能 ...
- 浅谈RSA加密算法
一.什么是非对称加密 1.加密的密钥与加密的密钥不相同,这样的加密算法称之为非对称加密 2.密钥分为:公钥,私钥 公钥:可以对外给任何人的加密和解密的密码,是公开的 私钥:通过私钥可以生成公钥,但从 ...
- 浅谈DES加密算法
一.DES加密算法介绍 1.要求密钥必须是8个字节,即64bit长度 2.因为密钥是byte[8] , 代表字符串也可以是非可见的字节,可以与Base64编码算法一起使用 3.加密.解密都需要通过字节 ...
- Android安全开发之浅谈密钥硬编码
Android安全开发之浅谈密钥硬编码 作者:伊樵.呆狐@阿里聚安全 1 简介 在阿里聚安全的漏洞扫描器中和人工APP安全审计中,经常发现有开发者将密钥硬编码在Java代码.文件中,这样做会引起很大风 ...
- 浅谈HTTPS以及Fiddler抓取HTTPS协议
最近想尝试基于Fiddler的录制功能做一些接口的获取和处理工作,碰到的一个问题就是简单连接Fiddler只能抓取HTTP协议,关键的登录请求等HTTPS协议都没有捕捉到,所以想让Fiddler能够同 ...
- 浅谈Base64编码算法
一.什么是编码解码 编码:利用特定的算法,对原始内容进行处理,生成运算后的内容,形成另一种数据的表现形式,可以根据算法,再还原回来,这种操作称之为编码. 解码:利用编码使用的算法的逆运算,对经过编码的 ...
- 【转】 浅谈Radius协议
浅谈Radius协议 2013-12-03 16:06 5791人阅读 评论(0) 收藏 举报 分类: Radius协议分析(6) 从事Radius协议开发有段时间了,小弟不怕才疏学浅,卖弄一下, ...
- 转:浅谈Radius协议 -来自CSDN:http://blog.csdn.net/wangpengqi/article/details/17097221
浅谈Radius协议 2013-12-03 16:06 5791人阅读 评论(0) 收藏 举报 分类: Radius协议分析(6) 从事Radius协议开发有段时间了,小弟不怕才疏学浅,卖弄一下, ...
随机推荐
- python全栈开发 * 29知识点汇总 * 180712
29 正则表达式 re模块一.正则表达式官方定义:正则表达式是对字符串操作的一种逻辑公式,就是用事先定义好的一些特定字符.及这些特定字符的组合,组成一个“规则字符串”, 这个“规则字符串”用来表达对字 ...
- vue的属性样式绑定,
<template> <div id="app"> <div v-html="H"></div> //绑定ht ...
- 转载http协议
转载自:https://blog.csdn.net/weixin_38051694/article/details/77777010 1.说一下什么是Http协议 对器客户端和 服务器端之间数据传输的 ...
- freertos 建立任务超过几个后系统不能能运行
/* *** NOTE *********************************************************** If you find your application ...
- python 控制语句基础---->代码块:以为冒号作为开始,用缩进来划分作用域,代表一个整体,是一个代码块,一个文件(模块)也称为一个代码块 | 作用域:作用的范围
# ### 代码块:以为冒号作为开始,用缩进来划分作用域,代表一个整体,是一个代码块,一个文件(模块)也称为一个代码块 # ### 作用域:作用的范围 print(11) print(12) prin ...
- Python返回多个值
def get_abc(): a = 1 b = 2 c = 3 return a,b,c temp = get_abc() #temp = (1,2,3) a,b,c = get_abc() #a ...
- MTSC2019第五届中国移动互联网测试开发大会北京站震撼来袭!
MTSC2019 暨第五届中国移动互联网测试开发大会(Mobile Testing Summit China)是由国内最大的测试开发技术社区之一 TesterHome 发起的行业会议,聚焦于软件测试及 ...
- SV randomize
randomize中的变量只支持2-state的values,不支持4-states. randc类型的变量不能被约束在solve------before的语句中. constraint可以被定义在c ...
- Java中try、finally语句中有return时的执行情况 [转]
原文:http://kingj.iteye.com/blog/1436761 在Java中当try.finally语句中包含return语句时,执行情况到底是怎样的,finally中的代码是否执行,大 ...
- U-boot2010.06移植--阶段一
2011-02-24 23:14:57 我今天的移植将分如下3步.加上写记录文档,预计时间3小时. 一,不改变源码,完成编译. 二,修改源码,搭建一个U-boot的框架,完成编译. 三,修改源码,完成 ...