更改 Password 实现。

2023-04-19 06:05:02 +08:00
parent 104bffb0e8
commit 30f29bb4b3
3 changed files with 22 additions and 50 deletions
--- a/plusone-system/plusone-system-common/src/main/java/xyz/zhouxy/plusone/system/util/PasswordUtil.java
+++ b/plusone-system/plusone-system-common/src/main/java/xyz/zhouxy/plusone/system/util/PasswordUtil.java
@@ -1,15 +1,12 @@
 package xyz.zhouxy.plusone.system.util;

-import java.math.BigInteger;
 import java.nio.charset.StandardCharsets;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.util.Objects;
+import java.util.Arrays;

-import javax.annotation.Nonnull;
+import org.springframework.util.Assert;
+
+import com.google.common.hash.Hashing;

-import xyz.zhouxy.plusone.constant.ErrorCodeConsts;
-import xyz.zhouxy.plusone.exception.BizException;
 import xyz.zhouxy.plusone.util.RandomUtil;

 /**
@@ -28,19 +25,18 @@ public final class PasswordUtil {
     * @param salt     随机盐
     * @return 哈希加密的结果
     */
-    @Nonnull
-    public static String hashPassword(@Nonnull String password, @Nonnull String salt) {
-        int length = salt.length();
-        int i = length > 0 ? length / 2 : 0;
-        var passwordWithSalt = salt.substring(0, i)
-                + password
-                + salt.substring(1);
-
-        try {
-            return sha512Hex(passwordWithSalt);
-        } catch (Exception e) {
-            throw new BizException(ErrorCodeConsts.DEFAULT_ERROR_CODE, "哈希加密失败！", e);
-        }
+    public static String hashPassword(String password, String salt) {
+        Assert.notNull(password, "Password must not be null");
+        Assert.notNull(salt, "Salt must not be null");
+        return Hashing.sha512().newHasher()
+                .putInt(Arrays.hashCode(salt.toCharArray()))
+                .putString(password, StandardCharsets.UTF_8)
+                .putInt(password.length())
+                .putBoolean(password.length() % 2 == 0)
+                .putString(salt, StandardCharsets.UTF_8)
+                .putInt(Arrays.hashCode(password.toCharArray()))
+                .hash()
+                .toString();
    }

    /**
@@ -56,13 +52,4 @@ public final class PasswordUtil {
        // 不允许实例化
        throw new IllegalStateException("Utility class");
    }
-
-    @Nonnull
-    private static String sha512Hex(String data) throws NoSuchAlgorithmException {
-        MessageDigest messageDigest = MessageDigest.getInstance("SHA-512");
-        messageDigest.update(data.getBytes(StandardCharsets.UTF_8));
-        byte[] result = messageDigest.digest();
-        var sha512Hex = new BigInteger(1, result).toString(16);
-        return Objects.requireNonNull(sha512Hex);
-    }
 }