package pwc.taxtech.atms.security; import java.nio.charset.StandardCharsets; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import org.apache.commons.codec.binary.Hex; import org.nutz.lang.Lang; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Component; import org.springframework.util.Assert; @Component public class AtmsPasswordEncoderImpl implements PasswordEncoder, AtmsPasswordEncoder { /* (non-Javadoc) * @see pwc.taxtech.atms.security.AtmsPasswordEncoder#encode(java.lang.CharSequence) */ @Override public String encode(CharSequence rawPassword) { Assert.notNull(rawPassword, "Null password"); String generatedPassword = null; try { String salt = getMD5(rawPassword); // System.out.println("salt:" + salt); MessageDigest md = MessageDigest.getInstance("SHA-512"); byte[] bytes = md.digest((rawPassword + salt).getBytes(StandardCharsets.UTF_8)); generatedPassword = Hex.encodeHexString(bytes).toUpperCase(); } catch (NoSuchAlgorithmException e) { throw Lang.wrapThrow(e); } return generatedPassword; } /* (non-Javadoc) * @see pwc.taxtech.atms.security.AtmsPasswordEncoder#matches(java.lang.CharSequence, java.lang.String) */ @Override public boolean matches(CharSequence rawPassword, String encodedPassword) { String encodedResult = encode(rawPassword); return encodedPassword != null && encodedPassword.equals(encodedResult); } private static String getMD5(CharSequence str) { try { MessageDigest md = MessageDigest.getInstance("MD5"); md.update(String.valueOf(str).getBytes(StandardCharsets.UTF_8)); return Hex.encodeHexString(md.digest()); } catch (NoSuchAlgorithmException e) { throw Lang.wrapThrow(e); } } }