6
去年,我在C#中編寫了一次性密碼(OTP)生成器。現在我需要在Java中使用OTP生成器,但我無法在Java中找到等效的函數。代碼的一次性密碼(OTP)C#到Java轉換
這是我去年寫的代碼:(我知道這OTP的安全性低,但我並不需要一個防彈一個)
SHA1CryptoServiceProvider hash = new SHA1CryptoServiceProvider(); //first hash with sha1
byte[] hashPass = hash.ComputeHash(Encoding.ASCII.GetBytes(pass)); //pass is entered by user
HMACMD5 hma = new HMACMD5(hashPass); // use the hashed value as a key to hmac
OTPass = hma.ComputeHash(Encoding.ASCII.GetBytes(email + Counter(email)));// generate OTPass, Counter(email) is the counter of the user taken from database
increaseCounter(email); // updating the counter
this.SetLog(this.GetLog() + Environment.NewLine + "OTPass Generated: " + BitConverter.ToString(OTPass)); // OTP
這裏是Java代碼中,我試圖轉換C#成:(這只是SHA1的一部分,我找不到怎麼寫HMAC-MD5在Java中)
import java.io.*;
import java.security.*;
public class otp {
/**
* @param args
* @throws IOException
*/
public static void main(String[] args) throws IOException {
System.out.println("Please enter your username:");
BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
String username = br.readLine();
System.out.println("Please enter your password:");
String password = br.readLine();
try {
MessageDigest md = MessageDigest.getInstance("SHA1");
String input = password;
md.update(input.getBytes());
byte[] output = md.digest();
System.out.println();
System.out.println("SHA1(\""+input+"\") =");
System.out.println(" "+bytesToHex(output));
} catch (Exception e) {
System.out.println("Exception: "+e);
}
}
public static String bytesToHex(byte[] b) {
char hexDigit[] = {'0', '1', '2', '3', '4', '5', '6', '7',
'8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
StringBuffer buf = new StringBuffer();
for (int j=0; j<b.length; j++) {
buf.append(hexDigit[(b[j] >> 4) & 0x0f]);
buf.append(hexDigit[b[j] & 0x0f]);
}
return buf.toString();
}
}
感謝您的幫助
對於那些不知道是誰, OTP是「一次性密碼」的縮寫。 (只是想爲維基百科節省帶寬:-)。) – 2011-06-12 14:10:48