Java加密等于不工作
好的,我有这个散列方法:Java加密等于不工作,java,hash,Java,Hash,好的,我有这个散列方法: public static String getEncodedHash(String password, String salt) throws UnsupportedEncodingException { // Returns only the last part of whole encoded password PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(new S
public static String getEncodedHash(String password, String salt) throws UnsupportedEncodingException {
// Returns only the last part of whole encoded password
PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(new SHA256Digest());
gen.init(password.getBytes(), salt.getBytes(), DEFAULT_ITERATIONS);
byte[] dk = ((KeyParameter) gen.generateDerivedParameters(256)).getKey();
return Base64.toBase64String(dk);
}
据我所知,它的散列很好,当它返回一个字符串时,我将它与我拥有的字符串进行比较,它们看起来是相同的,但是.equals
方法说没有。有人有什么想法吗?因为我真的全力以赴了
这是整个LoginHelper
类:
import java.io.UnsupportedEncodingException;
import org.spongycastle.crypto.digests.SHA256Digest;
import org.spongycastle.crypto.generators.PKCS5S2ParametersGenerator;
import org.spongycastle.crypto.params.KeyParameter;
import org.spongycastle.util.encoders.Base64;
public class LoginHelper {
public static final Integer DEFAULT_ITERATIONS = 20000;
public static boolean passwordCorrect(String enteredPassword, String storedPassword) throws UnsupportedEncodingException {
String[] parts = storedPassword.split("\\$");
String salt = parts[2];
String storedHash = parts[3];
String calculatedHash = getEncodedHash(enteredPassword, salt);
System.out.println(storedHash);
System.out.println(calculatedHash);
System.out.println(storedHash.length());
System.out.println(calculatedHash.length());
return storedPassword.equals(calculatedHash);
}
public static String getEncodedHash(String password, String salt) throws UnsupportedEncodingException {
// Returns only the last part of whole encoded password
PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(new SHA256Digest());
gen.init(password.getBytes(), salt.getBytes(), DEFAULT_ITERATIONS);
byte[] dk = ((KeyParameter) gen.generateDerivedParameters(256)).getKey();
return Base64.toBase64String(dk);
}
}
我呼吁:
System.out.println(LoginHelper.passwordCorrect("password","pbkdf2_sha256$20000$wlW7Po1nm1DW$nt9LYWbxwvHIXmyBGUQG7NyPDkrt/2fivN3ws//HzLnks="));
将
storedHash
与calculatedHash
进行比较。您正在比较的是storedPassword
,它的前缀仍然是“pbkdf2_sha256$20000$”
,它们看起来完全相同,而且完全相同,这是两件不同的事情。尝试使用WINMerge比较字符串。是否可以发布比较部分以及您尝试过的一些输入?写出字符串的长度和每个字符的数值。其中一个上面可能有空格或类似的内容。我可以发布整个课程吗?我也会修剪空白