前后端密码加密
1 前端
安装crypto
npm install crypto-js
js工具
import CryptoJS from 'crypto-js/crypto-js'
/**
* AES加密 :字符串 key iv 返回base64
*/
export function Encrypt(word, keyStr) {
let key,iv,ivStr;
if (!keyStr) {
throw new Error("keyStr 不能为空");
}
ivStr = keyStr;
key = CryptoJS.enc.Utf8.parse(keyStr);
iv = CryptoJS.enc.Utf8.parse(ivStr);
let srcs = CryptoJS.enc.Utf8.parse(word);
var encrypted = CryptoJS.AES.encrypt(srcs, key, {
iv: iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.ZeroPadding
});
// console.log("-=-=-=-", encrypted.ciphertext)
return CryptoJS.enc.Base64.stringify(encrypted.ciphertext);
}
/**
* AES 解密 :字符串 key iv 返回base64
*/
export function Decrypt(word, keyStr) {
let key,iv,ivStr;
if (!keyStr) {
throw new Error("keyStr 不能为空");
}
ivStr = keyStr;
key = CryptoJS.enc.Utf8.parse(keyStr);
iv = CryptoJS.enc.Utf8.parse(ivStr);
let base64 = CryptoJS.enc.Base64.parse(word);
let src = CryptoJS.enc.Base64.stringify(base64);
var decrypt = CryptoJS.AES.decrypt(src, key, {
iv: iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.ZeroPadding
});
var decryptedStr = decrypt.toString(CryptoJS.enc.Utf8);
return decryptedStr.toString();
}
2 后端
public class AesUtil {
/**
* 加密方法
* @param data 要加密的数据
* @param key 加密key
* @return 加密的结果
* @throws Exception
*/
public static String encrypt(String data, String key){
try {
String iv = key;
//"算法/模式/补码方式"NoPadding PkcsPadding
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
int blockSize = cipher.getBlockSize();
byte[] dataBytes = data.getBytes();
int plaintextLength = dataBytes.length;
if (plaintextLength % blockSize != 0) {
plaintextLength = plaintextLength + (blockSize - (plaintextLength % blockSize));
}
byte[] plaintext = new byte[plaintextLength];
System.arraycopy(dataBytes, 0, plaintext, 0, dataBytes.length);
SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");
IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes());
cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec);
byte[] encrypted = cipher.doFinal(plaintext);
return new Base64().encodeToString(encrypted);
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
/**
* 解密方法
* @param data 要解密的数据
* @param key 解密key
* @return 解密的结果
* @throws Exception
*/
public static String desEncrypt(String data, String key) {
try {
String iv = key;
byte[] encrypted1 = new Base64().decode(data);
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");
IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes());
cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec);
byte[] original = cipher.doFinal(encrypted1);
String originalString = new String(original, "utf-8");
return originalString;
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
/**
* 生成默认的 key 和 iv,key = iv iv 的长度必须是16位
**/
public static String generateKeyAndIv(){
String uid = SecureUtil.md5(String.valueOf(System.currentTimeMillis()));
// 盐加密
String salt = UUID.randomUUID().toString();
uid = SecureUtil.md5(uid + salt);
return uid.substring(16);
}
}
3 使用
前端发送请求时使用工具加密字段
import {Encrypt} from "@/utils/aesUtil";
//密码16位,前后端保持一致
let key = "aaaaaaaaaaaaaaaa"
let psw = Encrypt(password.trim(),key)
后端解析
String psw = AesUtil.desEncrypt(password, "aaaaaaaaaaaaaaaa");
