LDAP-SHA加密与解析

1. 对字段进行SHA加密

  /* SHA加密 生成40位SHA码    * @param 待加密字符串    * @return 返回40位SHA码    */   public static String shaEncode(String inStr) throws Exception {       MessageDigest sha = null;       try {           sha = MessageDigest.getInstance("SHA");       } catch (Exception e) {           System.out.println(e.toString());           e.printStackTrace();           return "";       }       byte[] byteArray = inStr.getBytes("UTF-8");       byte[] md5Bytes = sha.digest(byteArray);       StringBuffer hexValue = new StringBuffer();       for (int i = 0; i < md5Bytes.length; i++) {           int val = ((int) md5Bytes[i]) & 0xff;           if (val < 16) {                hexValue.append("0");           }           hexValue.append(Integer.toHexString(val));       }       return hexValue.toString();   }

2.原始密码与LDAP-SHA加密字段的比较

public static boolean verifySHA(String ldappw, String inputpw)throws NoSuchAlgorithmException {// MessageDigest 提供了消息摘要算法，如 MD5 或 SHA，的功能，这里LDAP使用的是SHA-1MessageDigest md = MessageDigest.getInstance("SHA");// 取出加密字符ldappw = ldappw.substring(5);// 解码BASE64byte[] ldappwbyte = Base64.decode(ldappw);byte[] shacode;byte[] salt;// 前20位是SHA-1加密段，20位后是最初加密时的随机明文if (ldappwbyte.length <= 20) {shacode = ldappwbyte;salt = new byte[0];} else {shacode = new byte[20];salt = new byte[ldappwbyte.length - 20];System.arraycopy(ldappwbyte, 0, shacode, 0, 20);System.arraycopy(ldappwbyte, 20, salt, 0, salt.length);}// 把用户输入的密码添加到摘要计算信息md.update(inputpw.getBytes());// 把随机明文添加到摘要计算信息md.update(salt);// 按SSHA把当前用户密码进行计算byte[] inputpwbyte = md.digest();// 返回校验结果return MessageDigest.isEqual(shacode, inputpwbyte);}