第七周总结
本周我学习了mysql加密密码的方法:
mysql密文存储密码
一、首先在创建表时,password要选varbinary(xxx)类型,二进制类型
二、创建加密类
package Bean;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
public class SymmetricEncryption {
private static final String ALGORITHM = "AES";//AES对称加密
private static final String KEY = "JCLFMXFOREVERYES";//加密密钥
public static byte[] encrypt(byte[] data) throws Exception {//加密方法
SecretKeySpec secretKeySpec = new SecretKeySpec(KEY.getBytes(), ALGORITHM);
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
return cipher.doFinal(data);
}
public static byte[] decrypt(byte[] encryptedData) throws Exception {//解密方法
SecretKeySpec secretKeySpec = new SecretKeySpec(KEY.getBytes(), ALGORITHM);
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec);
return cipher.doFinal(encryptedData);
}
public SymmetricEncryption() {
}
}
三、在注册函数或登录函数内实现
注册函数内:
package guanliyuan;
import Bean.JDBCTools;
import Bean.SymmetricEncryption;
import guanliyuan.*;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
import yonghu.*;
public class GuanliyuanDao {
SymmetricEncryption symmetricEncryption=new SymmetricEncryption();
public boolean register(String username,String password){
Connection connection = null;
PreparedStatement preparedStatement = null;
ResultSet resultSet = null;
List<yonghu> list=new ArrayList<>();
try {
connection = JDBCTools.getConnection();
String sql = "select * from kaixue.yonghu where username = ?";
preparedStatement = connection.prepareStatement(sql);
preparedStatement.setString(1, username);
resultSet = preparedStatement.executeQuery();
while (resultSet.next()) {
String username1 = resultSet.getString(1);
String password1 = resultSet.getString(2);
yonghu yonghu= new yonghu(username1, password1);
list.add(yonghu);
}
if(list.isEmpty()){
register1(username,password);
}
else{
return false;
}
} catch (Exception e) {
e.printStackTrace();
}finally {
JDBCTools.release(connection,preparedStatement,null);
}
return true;
}
private void register1(String username,String password) throws Exception {
byte[] data = password.getBytes();
byte[] encryptedData = symmetricEncryption.encrypt(data);
Connection connection = null;
PreparedStatement preparedStatement = null;
ResultSet resultSet = null;
try {
connection = JDBCTools.getConnection();
String sql="insert into kaixue.yonghu(username, password) values(?,?)";
preparedStatement = connection.prepareStatement(sql);
preparedStatement.setString(1, username);
preparedStatement.setBytes(2, encryptedData);
preparedStatement.executeUpdate();
} catch (SQLException e) {
e.printStackTrace();
}finally {
JDBCTools.release(connection,preparedStatement,resultSet);
}
}
}
登录函数内:
public class yonghuDao {
SymmetricEncryption symmetricEncryption=new SymmetricEncryption();
public List<yonghu> login(String username,String password) throws Exception {
byte[] data = password.getBytes();
byte[] encryptedData = symmetricEncryption.encrypt(data);
Connection connection = null;
PreparedStatement preparedStatement = null;
ResultSet resultSet = null;
List<yonghu> list = new ArrayList<>();
try {
String sql = "select * from kaixue.yonghu where username= ? and password = ?";
connection = JDBCTools.getConnection();
preparedStatement = connection.prepareStatement(sql);
preparedStatement.setString(1, username);
preparedStatement.setBytes(2, encryptedData);
resultSet = preparedStatement.executeQuery();
while (resultSet.next()) {
String username1 = resultSet.getString(1);
String password1 = resultSet.getString(2);
yonghu yonghu=new yonghu(username1,password1);
list.add(yonghu);
}
return list;
} catch (SQLException e) {
e.printStackTrace();
return null;
}
}
}
注意,解密方法一般不需要,只需要判断加密后是否和储存的加密后的二进制数据一致即可,不需要将二进制反解然后和输入的字符串对照。
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 使用C#创建一个MCP客户端
· 分享一个免费、快速、无限量使用的满血 DeepSeek R1 模型,支持深度思考和联网搜索!
· ollama系列1:轻松3步本地部署deepseek,普通电脑可用
· 基于 Docker 搭建 FRP 内网穿透开源项目(很简单哒)
· 按钮权限的设计及实现