All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.alibaba.otter.canal.protocol.SecurityUtil Maven / Gradle / Ivy

package com.alibaba.otter.canal.protocol;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;

/**
 * 
 * 1、client
 *    stage1_hash = SHA1(明文密码).
 *    token = SHA1(scramble + SHA1(stage1_hash)) XOR stage1_hash
 * 2. server
 *    token = SHA1(token XOR SHA1(scramble + password))
 * 3. checktoken vs password
 * 
* * @author agapple 2019年8月26日 下午4:58:15 * @since 1.1.4 */ public class SecurityUtil { private static char[] digits = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' }; private static Map rDigits = new HashMap<>(16); static { for (int i = 0; i < digits.length; ++i) { rDigits.put(digits[i], i); } } public static String md5String(String content) throws NoSuchAlgorithmException { MessageDigest md = MessageDigest.getInstance("md5"); byte[] bt = md.digest(content.getBytes()); if (null == bt || bt.length != 16) { throw new IllegalArgumentException("md5 need"); } return byte2HexStr(bt); } public static final String scrambleGenPass(byte[] pass) throws NoSuchAlgorithmException { MessageDigest md = MessageDigest.getInstance("SHA-1"); byte[] pass1 = md.digest(pass); md.reset(); byte[] pass2 = md.digest(pass1); return SecurityUtil.byte2HexStr(pass2); } /** * server auth check */ public static final boolean scrambleServerAuth(byte[] token, byte[] pass, byte[] seed) throws NoSuchAlgorithmException { MessageDigest md = MessageDigest.getInstance("SHA-1"); md.update(seed); byte[] pass1 = md.digest(pass); for (int i = 0; i < pass1.length; i++) { pass1[i] = (byte) (token[i] ^ pass1[i]); } md = MessageDigest.getInstance("SHA-1"); byte[] pass2 = md.digest(pass1); return Arrays.equals(pass, pass2); } public static final byte[] scramble411(byte[] pass, byte[] seed) throws NoSuchAlgorithmException { MessageDigest md = MessageDigest.getInstance("SHA-1"); byte[] pass1 = md.digest(pass); md.reset(); byte[] pass2 = md.digest(pass1); md.reset(); md.update(seed); byte[] pass3 = md.digest(pass2); for (int i = 0; i < pass3.length; i++) { pass3[i] = (byte) (pass3[i] ^ pass1[i]); } return pass3; } /** * bytes转换成十六进制字符串 */ public static String byte2HexStr(byte[] b) { StringBuilder hs = new StringBuilder(); for (byte value : b) { String hex = (Integer.toHexString(value & 0XFF)); if (hex.length() == 1) { hs.append("0" + hex); } else { hs.append(hex); } } return hs.toString(); } /** * bytes转换成十六进制字符串 */ public static byte[] hexStr2Bytes(String src) { if (src == null) { return null; } int offset = 0; int length = src.length(); if (length == 0) { return new byte[0]; } boolean odd = length << 31 == Integer.MIN_VALUE; byte[] bs = new byte[odd ? (length + 1) >> 1 : length >> 1]; for (int i = offset, limit = offset + length; i < limit; ++i) { char high, low; if (i == offset && odd) { high = '0'; low = src.charAt(i); } else { high = src.charAt(i); low = src.charAt(++i); } int b; switch (high) { case '0': b = 0; break; case '1': b = 0x10; break; case '2': b = 0x20; break; case '3': b = 0x30; break; case '4': b = 0x40; break; case '5': b = 0x50; break; case '6': b = 0x60; break; case '7': b = 0x70; break; case '8': b = 0x80; break; case '9': b = 0x90; break; case 'a': case 'A': b = 0xa0; break; case 'b': case 'B': b = 0xb0; break; case 'c': case 'C': b = 0xc0; break; case 'd': case 'D': b = 0xd0; break; case 'e': case 'E': b = 0xe0; break; case 'f': case 'F': b = 0xf0; break; default: throw new IllegalArgumentException("illegal hex-string: " + src); } switch (low) { case '0': break; case '1': b += 1; break; case '2': b += 2; break; case '3': b += 3; break; case '4': b += 4; break; case '5': b += 5; break; case '6': b += 6; break; case '7': b += 7; break; case '8': b += 8; break; case '9': b += 9; break; case 'a': case 'A': b += 10; break; case 'b': case 'B': b += 11; break; case 'c': case 'C': b += 12; break; case 'd': case 'D': b += 13; break; case 'e': case 'E': b += 14; break; case 'f': case 'F': b += 15; break; default: throw new IllegalArgumentException("illegal hex-string: " + src); } bs[(i - offset) >> 1] = (byte) b; } return bs; } }




© 2015 - 2025 Weber Informatics LLC | Privacy Policy