Java 如何使用MD5转换密码并检查用户';s凭据是否与有效凭据相对?
我对Java非常陌生。我必须编写一个程序,从用户那里获取用户名和密码,使用MD5转换密码,然后验证用户名和密码。用户有3次机会输入正确的信息。一旦它是正确的,我需要显示一个欢迎信息。如果输入3次错误信息,则程序需要退出。我甚至不知道从哪里开始 我收到了一个包含MD5信息的文件。我还收到了一个包含所有用户信息以及散列密码的文件 以下是用户凭据:Java 如何使用MD5转换密码并检查用户';s凭据是否与有效凭据相对?,java,hash,login,md5,Java,Hash,Login,Md5,我对Java非常陌生。我必须编写一个程序,从用户那里获取用户名和密码,使用MD5转换密码,然后验证用户名和密码。用户有3次机会输入正确的信息。一旦它是正确的,我需要显示一个欢迎信息。如果输入3次错误信息,则程序需要退出。我甚至不知道从哪里开始 我收到了一个包含MD5信息的文件。我还收到了一个包含所有用户信息以及散列密码的文件 以下是用户凭据: griffin.keyes 108de81c31bf9c622f76876b74e9285f "alphabet soup" rosario
griffin.keyes 108de81c31bf9c622f76876b74e9285f "alphabet soup"
rosario.dawson 3e34baa4ee2ff767af8c120a496742b5 "animal doctor"
bernie.gorilla a584efafa8f9ea7fe5cf18442f32b07b "secret password"
提供给我的MD5是:
import java.security.MessageDigest;
public class MD5Digest {
public static void main(String[] args) throws Exception {
//Copy and paste this section of code
String original = "letmein"; //Replace "password" with the actual password inputted by the user
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(original.getBytes());
byte[] digest = md.digest();
StringBuffer sb = new StringBuffer();
for (byte b : digest) {
sb.append(String.format("%02x", b & 0xff));
}
//End copy/paste
System.out.println("original:" + original);
System.out.println("digested:" + sb.toString()); //sb.toString() is what you'll need to compare password strings
}
}
我也应该把我的程序分成两个不同的方法,但这是我现在最不担心的。我已经为此工作了一个星期了,我还没走多远。任何帮助都将不胜感激。这是我的
import java.security.MessageDigest;
import java.util.Scanner;
class CredAndPass {
public static void CredAndPass() throws Exception {
String original = "letmein"; //Replace "password" with the actual password inputted by the user
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(original.getBytes());
byte[] digest = md.digest();
StringBuffer sb = new StringBuffer();
for (byte b : digest) {
sb.append(String.format("%02x", b & 0xff));
}
}
}
public class AuthSystem {
public static void main(String[] args) throws Exception {
int i;
String username = "";
String password = "";
for (i = 0; i <= 2; ++i){
Scanner scnr = new Scanner(System.in);
System.out.println("Enter username:");
username = scnr.next();
System.out.println("Enter password:");
String password1 = scnr.next();
}
}
}
import java.security.MessageDigest;
导入java.util.Scanner;
班证{
public static void CredAndPass()引发异常{
String original=“letmein”;//将“password”替换为用户输入的实际密码
MessageDigest md=MessageDigest.getInstance(“MD5”);
md.update(original.getBytes());
字节[]摘要=md.digest();
StringBuffer sb=新的StringBuffer();
for(字节b:摘要){
sb.append(字符串格式(“%02x”,b&0xff));
}
}
}
公共类授权系统{
公共静态void main(字符串[]args)引发异常{
int i;
字符串username=“”;
字符串密码=”;
对于(i=0;i首先,我们改进CredAndPass.CredAndPass
以从给定的字符串中获得MD5
哈希值
class CredAndPass {
public static String CredAndPass(String original) throws Exception {
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(original.getBytes());
byte[] digest = md.digest();
// Note here that I use a StringBuilder instead of a StringBuffer
// as it is not meant to be shared so no need to use a thread safe
// builder of String
StringBuilder sb = new StringBuilder(32);
for (byte b : digest) {
sb.append(String.format("%02x", b & 0xff));
}
// Returns the result
return sb.toString();
}
}
然后我们稍微修改main
方法的逻辑,如果不成功,在离开之前检查3次
public static void main(String[] args) throws Exception {
// A Map for testing purpose representing the login and hash of your existing users
Map<String, String> credentials = new HashMap<>();
credentials.put("griffin.keyes", "108de81c31bf9c622f76876b74e9285f");
credentials.put("rosario.dawson", "3e34baa4ee2ff767af8c120a496742b5");
credentials.put("bernie.gorilla", "a584efafa8f9ea7fe5cf18442f32b07b");
// Variable used to know if it was successful or not
boolean success = false;
BufferedReader scnr = new BufferedReader(new InputStreamReader(System.in));
String username = null;
// Iterate up to 3 times
for (int i = 0; i < 3; ++i){
System.out.println("Enter username:");
username = scnr.readLine();
System.out.println("Enter password:");
String password1 = scnr.readLine();
// Get the hash for the given username
String hash = credentials.get(username);
// Check if the username exists and if so check if the hash of his
// password matches with the hash of the provided password
if (hash == null || !hash.equals(CredAndPass.CredAndPass(password1))) {
// We don't have a match so we keep going
System.err.println("User or password invalid");
continue;
}
success = true;
// Exit from the loop as we have a success
break;
}
if (success) {
System.out.printf("Welcome %s!%n", username);
} else {
System.out.println("Could not connect");
}
}
publicstaticvoidmain(字符串[]args)引发异常{
//用于测试目的的映射,表示现有用户的登录名和哈希
映射凭据=新的HashMap();
凭证.put(“格里芬·凯斯”,“108DE81C31BF9C622F768766B74E9285F”);
凭证.put(“rosario.dawson”,“3e34baa4ee2ff767af8c120a496742b5”);
证书.put(“bernie.gorilla”,“a584efafa8f9ea7fe5cf18442f32b07b”);
//变量用于知道它是否成功
布尔成功=假;
BufferedReader scnr=新的BufferedReader(新的InputStreamReader(System.in));
字符串username=null;
//最多迭代3次
对于(int i=0;i<3;++i){
System.out.println(“输入用户名:”);
username=scnr.readLine();
System.out.println(“输入密码:”);
字符串password1=scnr.readLine();
//获取给定用户名的哈希值
String hash=凭证.get(用户名);
//检查用户名是否存在,如果存在,则检查其
//密码与提供的密码的哈希匹配
if(hash==null | |!hash.equals(CredAndPass.CredAndPass(password1))){
//我们没有比赛,所以我们继续
System.err.println(“用户或密码无效”);
继续;
}
成功=真实;
//退出循环,因为我们已经成功了
打破
}
如果(成功){
System.out.printf(“欢迎%s!%n”,用户名);
}否则{
System.out.println(“无法连接”);
}
}
首先,我们改进了CredAndPass.CredAndPass
以从给定的字符串中获得MD5
哈希值
class CredAndPass {
public static String CredAndPass(String original) throws Exception {
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(original.getBytes());
byte[] digest = md.digest();
// Note here that I use a StringBuilder instead of a StringBuffer
// as it is not meant to be shared so no need to use a thread safe
// builder of String
StringBuilder sb = new StringBuilder(32);
for (byte b : digest) {
sb.append(String.format("%02x", b & 0xff));
}
// Returns the result
return sb.toString();
}
}
然后我们稍微修改main
方法的逻辑,如果不成功,在离开之前检查3次
public static void main(String[] args) throws Exception {
// A Map for testing purpose representing the login and hash of your existing users
Map<String, String> credentials = new HashMap<>();
credentials.put("griffin.keyes", "108de81c31bf9c622f76876b74e9285f");
credentials.put("rosario.dawson", "3e34baa4ee2ff767af8c120a496742b5");
credentials.put("bernie.gorilla", "a584efafa8f9ea7fe5cf18442f32b07b");
// Variable used to know if it was successful or not
boolean success = false;
BufferedReader scnr = new BufferedReader(new InputStreamReader(System.in));
String username = null;
// Iterate up to 3 times
for (int i = 0; i < 3; ++i){
System.out.println("Enter username:");
username = scnr.readLine();
System.out.println("Enter password:");
String password1 = scnr.readLine();
// Get the hash for the given username
String hash = credentials.get(username);
// Check if the username exists and if so check if the hash of his
// password matches with the hash of the provided password
if (hash == null || !hash.equals(CredAndPass.CredAndPass(password1))) {
// We don't have a match so we keep going
System.err.println("User or password invalid");
continue;
}
success = true;
// Exit from the loop as we have a success
break;
}
if (success) {
System.out.printf("Welcome %s!%n", username);
} else {
System.out.println("Could not connect");
}
}
publicstaticvoidmain(字符串[]args)引发异常{
//用于测试目的的映射,表示现有用户的登录名和哈希
映射凭据=新的HashMap();
凭证.put(“格里芬·凯斯”,“108DE81C31BF9C622F768766B74E9285F”);
凭证.put(“rosario.dawson”,“3e34baa4ee2ff767af8c120a496742b5”);
证书.put(“bernie.gorilla”,“a584efafa8f9ea7fe5cf18442f32b07b”);
//变量用于知道它是否成功
布尔成功=假;
BufferedReader scnr=新的BufferedReader(新的InputStreamReader(System.in));
字符串username=null;
//最多迭代3次
对于(int i=0;i<3;++i){
System.out.println(“输入用户名:”);
username=scnr.readLine();
System.out.println(“输入密码:”);
字符串password1=scnr.readLine();
//获取给定用户名的哈希值
String hash=凭证.get(用户名);
//检查用户名是否存在,如果存在,则检查其
//密码与提供的密码的哈希匹配
if(hash==null | |!hash.equals(CredAndPass.CredAndPass(password1))){
//我们没有比赛,所以我们继续
System.err.println(“用户或密码无效”);
继续;
}
成功=真实;
//退出循环,因为我们已经成功了
打破
}
如果(成功){
System.out.printf(“欢迎%s!%n”,用户名);
}否则{
System.out.println(“无法连接”);
}
}
这很有帮助,尽管我不明白地图是什么。当我运行这项操作时,即使我输入了正确的用户名和密码,它仍会再问我两次。如果用户名和密码第一次是正确的,有没有办法自动打印成功消息?或者我仍然做错了什么?有没有办法打印成功消息不是每个用户都有一条唯一的欢迎消息吗?我尝试在结尾添加单独的打印语句来替换“成功”,但这不起作用。这很有帮助,尽管我不知道映射是什么。当我运行此操作时,即使我输入了正确的用户名和密码,它仍会再问我两个问题