import java.io.IOException; import java.io.UnsupportedEncodingException; import java.security.InvalidKeyException; import java.security.Key; import java.security.NoSuchAlgorithmException; import javax.crypto.Mac; import javax.crypto.spec.SecretKeySpec; /** * * HmacSHA1加密类 * */ public class SHA1 { public static String getHmacSHA1(String password,String loginname, String algorithm){ byte[] keyBytes = password.getBytes(); Key key = new SecretKeySpec(keyBytes, 0, keyBytes.length, algorithm); Mac mac=null; try { mac = Mac.getInstance(algorithm); mac.init(key); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); }catch (InvalidKeyException e) { e.printStackTrace(); } return byteArrayToHex(mac.doFinal(loginname.getBytes())); } /** * 16进制加密 * @param a * @return */ protected static String byteArrayToHex(byte [] a) { int hn, ln, cx; String hexDigitChars = "0123456789abcdef"; StringBuffer buf = new StringBuffer(a.length * 2); for(cx = 0; cx < a.length; cx++) { hn = ((int)(a[cx]) & 0x00ff) /16 ; ln = ((int)(a[cx]) & 0x000f); buf.append(hexDigitChars.charAt(hn)); buf.append(hexDigitChars.charAt(ln)); } return buf.toString(); } public static void main(String[] args) throws NoSuchAlgorithmException, UnsupportedEncodingException, IOException { String loginKey= getHmacSHA1("密码", "用户名", "HmacSHA1"); System.out.println(loginKey);//53b3a8413cf49e939d8711a0ba34916b2ec2db75 String loginKey2= getHmacSHA1("123456", "admin", "HmacSHA1"); System.out.println(loginKey2);//3c39afa93e0b12c28f1f08b18488ebd4ad2e5858 } }
html+JavaScript代码:
<html> <head> <script src="./hmac-sha1.js"></script> <script type="text/javascript"> function genkey() { var userName=document.getElementById("userName").value; var password=document.getElementById("password").value; var hash = CryptoJS.HmacSHA1(userName, password); document.getElementById("key").value=hash; }; </script> </head> <body> 用户名:<input id="userName" value="" type="text"> 密码:<input id="password" value="" type="text"><br> 40位字符key:<input id="key" value="" type="text" style="width:400px"><br> <input id="genKey" value="生成key" type="button" onclick="genkey()"> </body> </html>
java 以及 js ,html 源码下载: 链接:http://pan.baidu.com/s/1c0pTIes 密码:j77s
值得注意的是: 前台页面通过js加密后,直接进行ajax请求时会出现 ajax无法执行,原因无非是参数不对,这是 要把加密厚的 key放在一个隐藏域中(变成了字符串,而非对象)然后再取出
<input type="hidden" id="key" >
var key= CryptoJS.HmacSHA1(companyAccount, password);
$("#key").val(key);
$.ajax({
url:urlStr,
data:{
"password": $("#key").val(),
},
开始做,坚持做,重复做
