/*
* 用户授权(注册,对授权用户进行加密)
*/
public boolean regUser(Users user) {
try {
sql = "insert into usertable (username,PASSWORD,salt) values(?,?,?)";
ps = conn.prepareStatement(sql);
/*
* SHA1加密
*/
String password = user.getPassword();
Random ranGen = new SecureRandom();// 生成安全随机种子
byte[] aesKey = new byte[20];
ranGen.nextBytes(aesKey);// 生成用户指定的随机字节数
String salt = new String(aesKey,"utf-8");
System.out.println("加密salt:"+salt);
password += salt;
byte[] srcBytes = password.getBytes();
MessageDigest md5 = MessageDigest.getInstance("SHA1");
md5.update(srcBytes);// 使用srcBytes更新摘要
byte[] resultBytes = md5.digest();// 完成哈希计算,得到result
password = new String(resultBytes,"utf-8");
System.out.println("加密password:"+password);
ps.setString(1, user.getUsername());
ps.setString(2, password);
ps.setString(3, salt);
ps.executeUpdate();
return true;
} catch (SQLException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
// TODO 自动生成的 catch 块
e.printStackTrace();
}
return false;
}