📄 passwordservlet.java
字号:
/*
The server takes the user name and looks up the corresponding password,
which should be stored securely in a file or a database. Then it creates
a digest value of the user name, password, timestamp, and random number.
If the digest value created on the server matches the digest value sent
by the client MIDlet, then the server knows that the user typed in the
right password.The user has just logged in successfully.
*/
import javax.servlet.http.*;
import javax.servlet.*;
import java.io.*;
import java.util.*;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.digests.SHA1Digest;
public class PasswordServlet extends HttpServlet {
public void doGet(HttpServletRequest request,HttpServletResponse response)
throws ServletException, IOException {
System.out.println("timestamp ="+ request.getParameter("timestamp"));
System.out.println("random="+ request.getParameter("random"));
System.out.println("digest="+ request.getParameter("digest"));
String user = lookupUser();
String password = lookupPassword(user);
String timestamp = request.getParameter("timestamp");
String randomNumber = request.getParameter("random");
byte[] userBytes = user.getBytes();
byte[] timestampBytes = HexCodec.hexToBytes(timestamp);
byte[] randomBytes = HexCodec.hexToBytes(randomNumber);
byte[] passwordBytes = password.getBytes();
Digest digest = new SHA1Digest();
digest.update(userBytes, 0, userBytes.length);
digest.update(timestampBytes, 0, timestampBytes.length);
digest.update(randomBytes, 0, randomBytes.length);
digest.update(passwordBytes, 0, passwordBytes.length);
byte[] digestValue = new byte[digest.getDigestSize()];
digest.doFinal(digestValue, 0);
int r=-1;
String message = "";
String clientDigest = request.getParameter("digest");
if (isEqual(digestValue, HexCodec.hexToBytes(clientDigest)))
r=1;
PrintWriter out = response.getWriter();
out.println(r);
}
private String lookupPassword(String user) {
return "uestc";
}
private String lookupUser(){
return "UESTC";
}
private boolean isEqual(byte[] one, byte[] two) {
if (one.length != two.length) return false;
for (int i = 0; i < one.length; i++)
if (one[i] != two[i]) return false;
return true;
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -