检查两个密码以查看它们是否相等

时间:2013-04-03 21:32:39

标签: java

我在JAVA中有一个代码,它连接到数据库并获取数据库中每个用户的密码。

以下是代码:

private void loginButtonActionPerformed(ActionEvent e) {

    String password = "";
        password=loginPasswordField.getText();
        String md5hashdatabase = "3f197eedfeaf826ad2af0bac49ded752";            
        try
        {
            MessageDigest md = MessageDigest.getInstance("MD5");
            md.update(password.getBytes());
            System.out.println(new BigInteger(1, md.digest()).toString(16));
            String md5hashes = new BigInteger(1, md.digest()).toString(16);
            String m = md5hashes;

            String myDriver = "org.gjt.mm.mysql.Driver";
            String myUrl = "jdbc:mysql://experimentalx.com/exper482_social";
            Class.forName(myDriver);
            Connection conn = DriverManager.getConnection(myUrl, "admin", "test");

            String query = "SELECT password FROM social_users";

            Statement st = conn.createStatement();

            ResultSet rs = st.executeQuery(query);

            while (rs.next())
            {
                String encryptedPassWord = rs.getString("password");
                System.out.format("%s\n", encryptedPassWord);

                if(m.equals(encryptedPassWord)) 
                {
                    System.out.println("Its exactly the same!");
                }
                else if(!m.equals(encryptedPassWord)) 
                {
                    System.out.println("Its not the same!");
                }
                else
                {
                    System.out.println("For some reason, this is just not wanting to work!");
                }           
          }
            st.close();
        }
        catch (Exception e1)
        {
            System.err.println("Got an exception! ");
            System.err.println(e1.getMessage());
        }   
    }

获取密码,然后检查字符串md5hash是否与从数据库中收到的md5哈希值之一(encryptedPassWord)相同。当它执行此操作时,它只是说所有这些都不相同,即使数据库中的第一个哈希与字符串m(md5hashes)相同。

我错过了什么吗?如果是这样,请指导我走正确的道路。谢谢。

3 个答案:

答案 0 :(得分:0)

试试这个

if(m.trim().equals(encryptedPassWord.trim())) {
                System.out.println("Its exactly the same!");
            } else {
                System.out.println("Its not the same!");
            }

答案 1 :(得分:0)

private static boolean isPasswordCorrect(char[] input)
{
    boolean isCorrect = false;
    try
    {
        // This is where you encrypt your password
        byte[] einput = Encryption.encrypt(String.copyValueOf(input));
        // I'm not sure where you are loading your encrypted password
        isCorrect = new String(einput).equals(new String(passWordToCheckAgainst));
    } catch (Exception e)
    {
        e.printStackTrace();
    }
    return isCorrect;
}

char[] input = loginPasswordField.getPassword();
if (isPasswordCorrect(input))
{
    JOptionPane.showMessageDialog(controllingFrame, "Success! You typed the right password.");
}

答案 2 :(得分:0)

我找到了解决方案:

我安全地哈希输入密码的方式做错了,现在我已经修好了。感谢大家的帮助。

我将加密更改为这样:

String value2=loginPasswordField.getText(); //The Password Field (I know getText() isnt secure)
MessageDigest md = MessageDigest.getInstance("MD5");
                md.update(value2.getBytes());
                String value3 = new BigInteger(1, md.digest()).toString(16);
                System.out.println("It should work: "+value3);
相关问题
最新问题