加密策略

一、前言

  这两天研究了一下项目中的密码加密,可以说得上是学到了很多。下面来大致说一下。

二、常用加密

  1.单向加密算法

  单向加密算法主要用来验证数据传输的过程中,是否被篡改过。

  • BASE64 严格地说,属于编码格式,而非加密算法

  • MD5(Message Digest algorithm 5,信息摘要算法)

  • SHA(Secure Hash Algorithm,安全散列算法)

  • HMAC(Hash Message Authentication Code,散列消息鉴别码

    2.对称和非对称加密算法
    对称和非对称加密算法主要采用公钥和私钥的形式,来对数据加密。
  • DES(Data Encryption Standard,数据加密算法)

  • PBE(Password-based encryption,基于密码验证)

  • RSA(算法的名字以发明者的名字命名:Ron Rivest, AdiShamir 和Leonard Adleman)

  • DH(Diffie-Hellman算法,密钥一致协议)

  • DSA(Digital Signature Algorithm,数字签名)

  • ECC(Elliptic Curves Cryptography,椭圆曲线密码编码学)

 

  参考:Java中的各种加密算法   聊一聊MD5   各种Java加密算法

三、项目中的加密策略

  创建用户:同一默认密码处理,用户登录时要修改密码。获取到默认密码之后先进行一次sha1加密,然后根据user code 和 salt进行第二次sha1加密存入数据库。

  校验用户:用户登录时,js处理密码。首先进行一次sha1加密,然后进行一次rsa加密(需要向后台请求ras公钥的modulus 和 exponent)。后台通过rsa公钥对应的私钥进行解密,然后根据user code进行找到对应的用户,通过user code 和 salt进行sha1加密,将得到的结果和数据库中的进行对比。

四、代码

  js sha1算法加密(sha1.js)

'use strict';
(function (E) {
    function t(c, a, e) {
        var g = 0, b = [], d = 0, f, k, l, h, m, w, n, q = !1, r = !1, p = [], t = [], v, u = !1;
        e = e || {};
        f = e.encoding || "UTF8";
        v = e.numRounds || 1;
        l = y(a, f);
        if (v !== parseInt(v, 10) || 1 > v)throw Error("numRounds must a integer >= 1");
        if ("SHA-1" === c)m = 512, w = z, n = F, h = 160; else throw Error("Chosen SHA variant is not supported");
        k = x(c);
        this.setHMACKey = function (a, b, d) {
            var e;
            if (!0 === r)throw Error("HMAC key already set");
            if (!0 === q)throw Error("Cannot set HMAC key after finalizing hash");
            if (!0 === u)throw Error("Cannot set HMAC key after calling update");
            f = (d || {}).encoding || "UTF8";
            b = y(b, f)(a);
            a = b.binLen;
            b = b.value;
            e = m >>> 3;
            d = e / 4 - 1;
            if (e < a / 8) {
                for (b = n(b, a, 0, x(c)); b.length <= d;)b.push(0);
                b[d] &= 4294967040
            } else if (e > a / 8) {
                for (; b.length <= d;)b.push(0);
                b[d] &= 4294967040
            }
            for (a = 0; a <= d; a += 1)p[a] = b[a] ^ 909522486, t[a] = b[a] ^ 1549556828;
            k = w(p, k);
            g = m;
            r = !0
        };
        this.update = function (a) {
            var c, e, f, h = 0, n = m >>> 5;
            c = l(a, b, d);
            a = c.binLen;
            e = c.value;
            c = a >>> 5;
            for (f = 0; f < c; f += n)h + m <= a && (k = w(e.slice(f, f + n), k), h += m);
            g += h;
            b = e.slice(h >>> 5);
            d = a % m;
            u = !0
        };
        this.getHash = function (a, e) {
            var f, l, m;
            if (!0 ===
                r)throw Error("Cannot call getHash after setting HMAC key");
            m = A(e);
            switch (a) {
                case "HEX":
                    f = function (a) {
                        return B(a, m)
                    };
                    break;
                case "B64":
                    f = function (a) {
                        return C(a, m)
                    };
                    break;
                case "BYTES":
                    f = D;
                    break;
                default:
                    throw Error("format must be HEX, B64, or BYTES");
            }
            if (!1 === q)for (k = n(b, d, g, k), l = 1; l < v; l += 1)k = n(k, h, 0, x(c));
            q = !0;
            return f(k)
        };
        this.getHMAC = function (a, e) {
            var f, l, p;
            if (!1 === r)throw Error("Cannot call getHMAC without first setting HMAC key");
            p = A(e);
            switch (a) {
                case "HEX":
                    f = function (a) {
                        return B(a, p)
                    };
                    break;
                case "B64":
                    f =
                        function (a) {
                            return C(a, p)
                        };
                    break;
                case "BYTES":
                    f = D;
                    break;
                default:
                    throw Error("outputFormat must be HEX, B64, or BYTES");
            }
            !1 === q && (l = n(b, d, g, k), k = w(t, x(c)), k = n(l, h, m, k));
            q = !0;
            return f(k)
        }
    }

    function G(c, a, e) {
        var g = c.length, b, d, f, k, l;
        a = a || [0];
        e = e || 0;
        l = e >>> 3;
        if (0 !== g % 2)throw Error("String of HEX type must be in byte increments");
        for (b = 0; b < g; b += 2) {
            d = parseInt(c.substr(b, 2), 16);
            if (isNaN(d))throw Error("String of HEX type contains invalid characters");
            k = (b >>> 1) + l;
            for (f = k >>> 2; a.length <= f;)a.push(0);
            a[f] |= d <<
                8 * (3 - k % 4)
        }
        return {value: a, binLen: 4 * g + e}
    }

    function H(c, a, e) {
        var g = [], b, d, f, k, g = a || [0];
        e = e || 0;
        d = e >>> 3;
        for (b = 0; b < c.length; b += 1)a = c.charCodeAt(b), k = b + d, f = k >>> 2, g.length <= f && g.push(0), g[f] |= a << 8 * (3 - k % 4);
        return {value: g, binLen: 8 * c.length + e}
    }

    function I(c, a, e) {
        var g = [], b = 0, d, f, k, l, h, m, g = a || [0];
        e = e || 0;
        a = e >>> 3;
        if (-1 === c.search(/^[a-zA-Z0-9=+\/]+$/))throw Error("Invalid character in base-64 string");
        f = c.indexOf("=");
        c = c.replace(/\=/g, "");
        if (-1 !== f && f < c.length)throw Error("Invalid '=' found in base-64 string");
        for (f = 0; f < c.length; f += 4) {
            h = c.substr(f, 4);
            for (k = l = 0; k < h.length; k += 1)d = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/".indexOf(h[k]), l |= d << 18 - 6 * k;
            for (k = 0; k < h.length - 1; k += 1) {
                m = b + a;
                for (d = m >>> 2; g.length <= d;)g.push(0);
                g[d] |= (l >>> 16 - 8 * k & 255) << 8 * (3 - m % 4);
                b += 1
            }
        }
        return {value: g, binLen: 8 * b + e}
    }

    function B(c, a) {
        var e = "", g = 4 * c.length, b, d;
        for (b = 0; b < g; b += 1)d = c[b >>> 2] >>> 8 * (3 - b % 4), e += "0123456789abcdef".charAt(d >>> 4 & 15) + "0123456789abcdef".charAt(d & 15);
        return a.outputUpper ? e.toUpperCase() : e
    }

    function C(c,
               a) {
        var e = "", g = 4 * c.length, b, d, f;
        for (b = 0; b < g; b += 3)for (f = b + 1 >>> 2, d = c.length <= f ? 0 : c[f], f = b + 2 >>> 2, f = c.length <= f ? 0 : c[f], f = (c[b >>> 2] >>> 8 * (3 - b % 4) & 255) << 16 | (d >>> 8 * (3 - (b + 1) % 4) & 255) << 8 | f >>> 8 * (3 - (b + 2) % 4) & 255, d = 0; 4 > d; d += 1)8 * b + 6 * d <= 32 * c.length ? e += "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/".charAt(f >>> 6 * (3 - d) & 63) : e += a.b64Pad;
        return e
    }

    function D(c) {
        var a = "", e = 4 * c.length, g, b;
        for (g = 0; g < e; g += 1)b = c[g >>> 2] >>> 8 * (3 - g % 4) & 255, a += String.fromCharCode(b);
        return a
    }

    function A(c) {
        var a = {outputUpper: !1, b64Pad: "="};
        c = c || {};
        a.outputUpper = c.outputUpper || !1;
        a.b64Pad = c.b64Pad || "=";
        if ("boolean" !== typeof a.outputUpper)throw Error("Invalid outputUpper formatting option");
        if ("string" !== typeof a.b64Pad)throw Error("Invalid b64Pad formatting option");
        return a
    }

    function y(c, a) {
        var e;
        switch (a) {
            case "UTF8":
            case "UTF16BE":
            case "UTF16LE":
                break;
            default:
                throw Error("encoding must be UTF8, UTF16BE, or UTF16LE");
        }
        switch (c) {
            case "HEX":
                e = G;
                break;
            case "TEXT":
                e = function (e, b, d) {
                    var f = [], c = [], l = 0, h, m, p, n, q, f = b || [0];
                    b = d || 0;
                    p = b >>> 3;
                    if ("UTF8" ===
                        a)for (h = 0; h < e.length; h += 1)for (d = e.charCodeAt(h), c = [], 128 > d ? c.push(d) : 2048 > d ? (c.push(192 | d >>> 6), c.push(128 | d & 63)) : 55296 > d || 57344 <= d ? c.push(224 | d >>> 12, 128 | d >>> 6 & 63, 128 | d & 63) : (h += 1, d = 65536 + ((d & 1023) << 10 | e.charCodeAt(h) & 1023), c.push(240 | d >>> 18, 128 | d >>> 12 & 63, 128 | d >>> 6 & 63, 128 | d & 63)), m = 0; m < c.length; m += 1) {
                        q = l + p;
                        for (n = q >>> 2; f.length <= n;)f.push(0);
                        f[n] |= c[m] << 8 * (3 - q % 4);
                        l += 1
                    } else if ("UTF16BE" === a || "UTF16LE" === a)for (h = 0; h < e.length; h += 1) {
                        d = e.charCodeAt(h);
                        "UTF16LE" === a && (m = d & 255, d = m << 8 | d >>> 8);
                        q = l + p;
                        for (n = q >>>
                            2; f.length <= n;)f.push(0);
                        f[n] |= d << 8 * (2 - q % 4);
                        l += 2
                    }
                    return {value: f, binLen: 8 * l + b}
                };
                break;
            case "B64":
                e = I;
                break;
            case "BYTES":
                e = H;
                break;
            default:
                throw Error("format must be HEX, TEXT, B64, or BYTES");
        }
        return e
    }

    function r(c, a) {
        return c << a | c >>> 32 - a
    }

    function p(c, a) {
        var e = (c & 65535) + (a & 65535);
        return ((c >>> 16) + (a >>> 16) + (e >>> 16) & 65535) << 16 | e & 65535
    }

    function u(c, a, e, g, b) {
        var d = (c & 65535) + (a & 65535) + (e & 65535) + (g & 65535) + (b & 65535);
        return ((c >>> 16) + (a >>> 16) + (e >>> 16) + (g >>> 16) + (b >>> 16) + (d >>> 16) & 65535) << 16 | d & 65535
    }

    function x(c) {
        if ("SHA-1" ===
            c)c = [1732584193, 4023233417, 2562383102, 271733878, 3285377520]; else throw Error("No SHA variants supported");
        return c
    }

    function z(c, a) {
        var e = [], g, b, d, f, k, l, h;
        g = a[0];
        b = a[1];
        d = a[2];
        f = a[3];
        k = a[4];
        for (h = 0; 80 > h; h += 1)e[h] = 16 > h ? c[h] : r(e[h - 3] ^ e[h - 8] ^ e[h - 14] ^ e[h - 16], 1), l = 20 > h ? u(r(g, 5), b & d ^ ~b & f, k, 1518500249, e[h]) : 40 > h ? u(r(g, 5), b ^ d ^ f, k, 1859775393, e[h]) : 60 > h ? u(r(g, 5), b & d ^ b & f ^ d & f, k, 2400959708, e[h]) : u(r(g, 5), b ^ d ^ f, k, 3395469782, e[h]), k = f, f = d, d = r(b, 30), b = g, g = l;
        a[0] = p(g, a[0]);
        a[1] = p(b, a[1]);
        a[2] = p(d, a[2]);
        a[3] = p(f, a[3]);
        a[4] = p(k, a[4]);
        return a
    }

    function F(c, a, e, g) {
        var b;
        for (b = (a + 65 >>> 9 << 4) + 15; c.length <= b;)c.push(0);
        c[a >>> 5] |= 128 << 24 - a % 32;
        c[b] = a + e;
        e = c.length;
        for (a = 0; a < e; a += 16)g = z(c.slice(a, a + 16), g);
        return g
    }

    "function" === typeof define && define.amd ? define(function () {
        return t
    }) : "undefined" !== typeof exports ? "undefined" !== typeof module && module.exports ? module.exports = exports = t : exports = t : E.jsSHA = t
})(this);
View Code

  encrypt.js

var sha1 = require ('xxx/sha1.js');

function _encrypt(jsSHA) {
    var encrypt = function(string){
        var shaObj = new jsSHA("SHA-1", "TEXT");
        shaObj.update(string);
        var hash = shaObj.getHash("HEX");
        return hash;
    }
    return encrypt;
}

const encrypt = _encrypt(sha1)

export default encrypt;

  js rsa 算法加密(security.js)

var RSAUtils = {};

var biRadixBase = 2;
var biRadixBits = 16;
var bitsPerDigit = biRadixBits;
var biRadix = 1 << 16; // = 2^16 = 65536
var biHalfRadix = biRadix >>> 1;
var biRadixSquared = biRadix * biRadix;
var maxDigitVal = biRadix - 1;
var maxInteger = 9999999999999998;

//maxDigits:
//Change this to accommodate your largest number size. Use setMaxDigits()
//to change it!
//
//In general, if you're working with numbers of size N bits, you'll need 2*N
//bits of storage. Each digit holds 16 bits. So, a 1024-bit key will need
//
//1024 * 2 / 16 = 128 digits of storage.
//
var maxDigits;
var ZERO_ARRAY;
var bigZero, bigOne;

var BigInt = window.BigInt = function(flag) {
    if (typeof flag == "boolean" && flag == true) {
        this.digits = null;
    } else {
        this.digits = ZERO_ARRAY.slice(0);
    }
    this.isNeg = false;
};

RSAUtils.setMaxDigits = function(value) {
    maxDigits = value;
    ZERO_ARRAY = new Array(maxDigits);
    for (var iza = 0; iza < ZERO_ARRAY.length; iza++) ZERO_ARRAY[iza] = 0;
    bigZero = new BigInt();
    bigOne = new BigInt();
    bigOne.digits[0] = 1;
};
RSAUtils.setMaxDigits(20);

//The maximum number of digits in base 10 you can convert to an
//integer without JavaScript throwing up on you.
var dpl10 = 15;

RSAUtils.biFromNumber = function(i) {
    var result = new BigInt();
    result.isNeg = i < 0;
    i = Math.abs(i);
    var j = 0;
    while (i > 0) {
        result.digits[j++] = i & maxDigitVal;
        i = Math.floor(i / biRadix);
    }
    return result;
};

//lr10 = 10 ^ dpl10
var lr10 = RSAUtils.biFromNumber(1000000000000000);

RSAUtils.biFromDecimal = function(s) {
    var isNeg = s.charAt(0) == '-';
    var i = isNeg ? 1 : 0;
    var result;
    // Skip leading zeros.
    while (i < s.length && s.charAt(i) == '0') ++i;
    if (i == s.length) {
        result = new BigInt();
    }
    else {
        var digitCount = s.length - i;
        var fgl = digitCount % dpl10;
        if (fgl == 0) fgl = dpl10;
        result = RSAUtils.biFromNumber(Number(s.substr(i, fgl)));
        i += fgl;
        while (i < s.length) {
            result = RSAUtils.biAdd(RSAUtils.biMultiply(result, lr10),
                    RSAUtils.biFromNumber(Number(s.substr(i, dpl10))));
            i += dpl10;
        }
        result.isNeg = isNeg;
    }
    return result;
};

RSAUtils.biCopy = function(bi) {
    var result = new BigInt(true);
    result.digits = bi.digits.slice(0);
    result.isNeg = bi.isNeg;
    return result;
};

RSAUtils.reverseStr = function(s) {
    var result = "";
    for (var i = s.length - 1; i > -1; --i) {
        result += s.charAt(i);
    }
    return result;
};

var hexatrigesimalToChar = [
    '0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
    'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j',
    'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't',
    'u', 'v', 'w', 'x', 'y', 'z'
];

RSAUtils.biToString = function(x, radix) { // 2 <= radix <= 36
    var b = new BigInt();
    b.digits[0] = radix;
    var qr = RSAUtils.biDivideModulo(x, b);
    var result = hexatrigesimalToChar[qr[1].digits[0]];
    while (RSAUtils.biCompare(qr[0], bigZero) == 1) {
        qr = RSAUtils.biDivideModulo(qr[0], b);
        digit = qr[1].digits[0];
        result += hexatrigesimalToChar[qr[1].digits[0]];
    }
    return (x.isNeg ? "-" : "") + RSAUtils.reverseStr(result);
};

RSAUtils.biToDecimal = function(x) {
    var b = new BigInt();
    b.digits[0] = 10;
    var qr = RSAUtils.biDivideModulo(x, b);
    var result = String(qr[1].digits[0]);
    while (RSAUtils.biCompare(qr[0], bigZero) == 1) {
        qr = RSAUtils.biDivideModulo(qr[0], b);
        result += String(qr[1].digits[0]);
    }
    return (x.isNeg ? "-" : "") + RSAUtils.reverseStr(result);
};

var hexToChar = ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
        'a', 'b', 'c', 'd', 'e', 'f'];

RSAUtils.digitToHex = function(n) {
    var mask = 0xf;
    var result = "";
    for (var i = 0; i < 4; ++i) {
        result += hexToChar[n & mask];
        n >>>= 4;
    }
    return RSAUtils.reverseStr(result);
};

RSAUtils.biToHex = function(x) {
    var result = "";
    var n = RSAUtils.biHighIndex(x);
    for (var i = RSAUtils.biHighIndex(x); i > -1; --i) {
        result += RSAUtils.digitToHex(x.digits[i]);
    }
    return result;
};

RSAUtils.charToHex = function(c) {
    var ZERO = 48;
    var NINE = ZERO + 9;
    var littleA = 97;
    var littleZ = littleA + 25;
    var bigA = 65;
    var bigZ = 65 + 25;
    var result;

    if (c >= ZERO && c <= NINE) {
        result = c - ZERO;
    } else if (c >= bigA && c <= bigZ) {
        result = 10 + c - bigA;
    } else if (c >= littleA && c <= littleZ) {
        result = 10 + c - littleA;
    } else {
        result = 0;
    }
    return result;
};

RSAUtils.hexToDigit = function(s) {
    var result = 0;
    var sl = Math.min(s.length, 4);
    for (var i = 0; i < sl; ++i) {
        result <<= 4;
        result |= RSAUtils.charToHex(s.charCodeAt(i));
    }
    return result;
};

RSAUtils.biFromHex = function(s) {
    var result = new BigInt();
    var sl = s.length;
    for (var i = sl, j = 0; i > 0; i -= 4, ++j) {
        result.digits[j] = RSAUtils.hexToDigit(s.substr(Math.max(i - 4, 0), Math.min(i, 4)));
    }
    return result;
};

RSAUtils.biFromString = function(s, radix) {
    var isNeg = s.charAt(0) == '-';
    var istop = isNeg ? 1 : 0;
    var result = new BigInt();
    var place = new BigInt();
    place.digits[0] = 1; // radix^0
    for (var i = s.length - 1; i >= istop; i--) {
        var c = s.charCodeAt(i);
        var digit = RSAUtils.charToHex(c);
        var biDigit = RSAUtils.biMultiplyDigit(place, digit);
        result = RSAUtils.biAdd(result, biDigit);
        place = RSAUtils.biMultiplyDigit(place, radix);
    }
    result.isNeg = isNeg;
    return result;
};

RSAUtils.biDump = function(b) {
    return (b.isNeg ? "-" : "") + b.digits.join(" ");
};

RSAUtils.biAdd = function(x, y) {
    var result;

    if (x.isNeg != y.isNeg) {
        y.isNeg = !y.isNeg;
        result = RSAUtils.biSubtract(x, y);
        y.isNeg = !y.isNeg;
    }
    else {
        result = new BigInt();
        var c = 0;
        var n;
        for (var i = 0; i < x.digits.length; ++i) {
            n = x.digits[i] + y.digits[i] + c;
            result.digits[i] = n % biRadix;
            c = Number(n >= biRadix);
        }
        result.isNeg = x.isNeg;
    }
    return result;
};

RSAUtils.biSubtract = function(x, y) {
    var result;
    if (x.isNeg != y.isNeg) {
        y.isNeg = !y.isNeg;
        result = RSAUtils.biAdd(x, y);
        y.isNeg = !y.isNeg;
    } else {
        result = new BigInt();
        var n, c;
        c = 0;
        for (var i = 0; i < x.digits.length; ++i) {
            n = x.digits[i] - y.digits[i] + c;
            result.digits[i] = n % biRadix;
            // Stupid non-conforming modulus operation.
            if (result.digits[i] < 0) result.digits[i] += biRadix;
            c = 0 - Number(n < 0);
        }
        // Fix up the negative sign, if any.
        if (c == -1) {
            c = 0;
            for (var i = 0; i < x.digits.length; ++i) {
                n = 0 - result.digits[i] + c;
                result.digits[i] = n % biRadix;
                // Stupid non-conforming modulus operation.
                if (result.digits[i] < 0) result.digits[i] += biRadix;
                c = 0 - Number(n < 0);
            }
            // Result is opposite sign of arguments.
            result.isNeg = !x.isNeg;
        } else {
            // Result is same sign.
            result.isNeg = x.isNeg;
        }
    }
    return result;
};

RSAUtils.biHighIndex = function(x) {
    var result = x.digits.length - 1;
    while (result > 0 && x.digits[result] == 0) --result;
    return result;
};

RSAUtils.biNumBits = function(x) {
    var n = RSAUtils.biHighIndex(x);
    var d = x.digits[n];
    var m = (n + 1) * bitsPerDigit;
    var result;
    for (result = m; result > m - bitsPerDigit; --result) {
        if ((d & 0x8000) != 0) break;
        d <<= 1;
    }
    return result;
};

RSAUtils.biMultiply = function(x, y) {
    var result = new BigInt();
    var c;
    var n = RSAUtils.biHighIndex(x);
    var t = RSAUtils.biHighIndex(y);
    var uv, k;

    for (var i = 0; i <= t; ++i) {
        c = 0;
        k = i;
        for (var j = 0; j <= n; ++j, ++k) {
            uv = result.digits[k] + x.digits[j] * y.digits[i] + c;
            result.digits[k] = uv & maxDigitVal;
            c = uv >>> biRadixBits;
            //c = Math.floor(uv / biRadix);
        }
        result.digits[i + n + 1] = c;
    }
    // Someone give me a logical xor, please.
    result.isNeg = x.isNeg != y.isNeg;
    return result;
};

RSAUtils.biMultiplyDigit = function(x, y) {
    var n, c, uv, result;

    result = new BigInt();
    n = RSAUtils.biHighIndex(x);
    c = 0;
    for (var j = 0; j <= n; ++j) {
        uv = result.digits[j] + x.digits[j] * y + c;
        result.digits[j] = uv & maxDigitVal;
        c = uv >>> biRadixBits;
        //c = Math.floor(uv / biRadix);
    }
    result.digits[1 + n] = c;
    return result;
};

RSAUtils.arrayCopy = function(src, srcStart, dest, destStart, n) {
    var m = Math.min(srcStart + n, src.length);
    for (var i = srcStart, j = destStart; i < m; ++i, ++j) {
        dest[j] = src[i];
    }
};

var highBitMasks = [0x0000, 0x8000, 0xC000, 0xE000, 0xF000, 0xF800,
        0xFC00, 0xFE00, 0xFF00, 0xFF80, 0xFFC0, 0xFFE0,
        0xFFF0, 0xFFF8, 0xFFFC, 0xFFFE, 0xFFFF];

RSAUtils.biShiftLeft = function(x, n) {
    var digitCount = Math.floor(n / bitsPerDigit);
    var result = new BigInt();
    RSAUtils.arrayCopy(x.digits, 0, result.digits, digitCount,
              result.digits.length - digitCount);
    var bits = n % bitsPerDigit;
    var rightBits = bitsPerDigit - bits;
    for (var i = result.digits.length - 1, i1 = i - 1; i > 0; --i, --i1) {
        result.digits[i] = ((result.digits[i] << bits) & maxDigitVal) |
                           ((result.digits[i1] & highBitMasks[bits]) >>>
                            (rightBits));
    }
    result.digits[0] = ((result.digits[i] << bits) & maxDigitVal);
    result.isNeg = x.isNeg;
    return result;
};

var lowBitMasks = [0x0000, 0x0001, 0x0003, 0x0007, 0x000F, 0x001F,
        0x003F, 0x007F, 0x00FF, 0x01FF, 0x03FF, 0x07FF,
        0x0FFF, 0x1FFF, 0x3FFF, 0x7FFF, 0xFFFF];

RSAUtils.biShiftRight = function(x, n) {
    var digitCount = Math.floor(n / bitsPerDigit);
    var result = new BigInt();
    RSAUtils.arrayCopy(x.digits, digitCount, result.digits, 0,
              x.digits.length - digitCount);
    var bits = n % bitsPerDigit;
    var leftBits = bitsPerDigit - bits;
    for (var i = 0, i1 = i + 1; i < result.digits.length - 1; ++i, ++i1) {
        result.digits[i] = (result.digits[i] >>> bits) |
                           ((result.digits[i1] & lowBitMasks[bits]) << leftBits);
    }
    result.digits[result.digits.length - 1] >>>= bits;
    result.isNeg = x.isNeg;
    return result;
};

RSAUtils.biMultiplyByRadixPower = function(x, n) {
    var result = new BigInt();
    RSAUtils.arrayCopy(x.digits, 0, result.digits, n, result.digits.length - n);
    return result;
};

RSAUtils.biDivideByRadixPower = function(x, n) {
    var result = new BigInt();
    RSAUtils.arrayCopy(x.digits, n, result.digits, 0, result.digits.length - n);
    return result;
};

RSAUtils.biModuloByRadixPower = function(x, n) {
    var result = new BigInt();
    RSAUtils.arrayCopy(x.digits, 0, result.digits, 0, n);
    return result;
};

RSAUtils.biCompare = function(x, y) {
    if (x.isNeg != y.isNeg) {
        return 1 - 2 * Number(x.isNeg);
    }
    for (var i = x.digits.length - 1; i >= 0; --i) {
        if (x.digits[i] != y.digits[i]) {
            if (x.isNeg) {
                return 1 - 2 * Number(x.digits[i] > y.digits[i]);
            } else {
                return 1 - 2 * Number(x.digits[i] < y.digits[i]);
            }
        }
    }
    return 0;
};

RSAUtils.biDivideModulo = function(x, y) {
    var nb = RSAUtils.biNumBits(x);
    var tb = RSAUtils.biNumBits(y);
    var origYIsNeg = y.isNeg;
    var q, r;
    if (nb < tb) {
        // |x| < |y|
        if (x.isNeg) {
            q = RSAUtils.biCopy(bigOne);
            q.isNeg = !y.isNeg;
            x.isNeg = false;
            y.isNeg = false;
            r = biSubtract(y, x);
            // Restore signs, 'cause they're references.
            x.isNeg = true;
            y.isNeg = origYIsNeg;
        } else {
            q = new BigInt();
            r = RSAUtils.biCopy(x);
        }
        return [q, r];
    }

    q = new BigInt();
    r = x;

    // Normalize Y.
    var t = Math.ceil(tb / bitsPerDigit) - 1;
    var lambda = 0;
    while (y.digits[t] < biHalfRadix) {
        y = RSAUtils.biShiftLeft(y, 1);
        ++lambda;
        ++tb;
        t = Math.ceil(tb / bitsPerDigit) - 1;
    }
    // Shift r over to keep the quotient constant. We'll shift the
    // remainder back at the end.
    r = RSAUtils.biShiftLeft(r, lambda);
    nb += lambda; // Update the bit count for x.
    var n = Math.ceil(nb / bitsPerDigit) - 1;

    var b = RSAUtils.biMultiplyByRadixPower(y, n - t);
    while (RSAUtils.biCompare(r, b) != -1) {
        ++q.digits[n - t];
        r = RSAUtils.biSubtract(r, b);
    }
    for (var i = n; i > t; --i) {
    var ri = (i >= r.digits.length) ? 0 : r.digits[i];
    var ri1 = (i - 1 >= r.digits.length) ? 0 : r.digits[i - 1];
    var ri2 = (i - 2 >= r.digits.length) ? 0 : r.digits[i - 2];
    var yt = (t >= y.digits.length) ? 0 : y.digits[t];
    var yt1 = (t - 1 >= y.digits.length) ? 0 : y.digits[t - 1];
        if (ri == yt) {
            q.digits[i - t - 1] = maxDigitVal;
        } else {
            q.digits[i - t - 1] = Math.floor((ri * biRadix + ri1) / yt);
        }

        var c1 = q.digits[i - t - 1] * ((yt * biRadix) + yt1);
        var c2 = (ri * biRadixSquared) + ((ri1 * biRadix) + ri2);
        while (c1 > c2) {
            --q.digits[i - t - 1];
            c1 = q.digits[i - t - 1] * ((yt * biRadix) | yt1);
            c2 = (ri * biRadix * biRadix) + ((ri1 * biRadix) + ri2);
        }

        b = RSAUtils.biMultiplyByRadixPower(y, i - t - 1);
        r = RSAUtils.biSubtract(r, RSAUtils.biMultiplyDigit(b, q.digits[i - t - 1]));
        if (r.isNeg) {
            r = RSAUtils.biAdd(r, b);
            --q.digits[i - t - 1];
        }
    }
    r = RSAUtils.biShiftRight(r, lambda);
    // Fiddle with the signs and stuff to make sure that 0 <= r < y.
    q.isNeg = x.isNeg != origYIsNeg;
    if (x.isNeg) {
        if (origYIsNeg) {
            q = RSAUtils.biAdd(q, bigOne);
        } else {
            q = RSAUtils.biSubtract(q, bigOne);
        }
        y = RSAUtils.biShiftRight(y, lambda);
        r = RSAUtils.biSubtract(y, r);
    }
    // Check for the unbelievably stupid degenerate case of r == -0.
    if (r.digits[0] == 0 && RSAUtils.biHighIndex(r) == 0) r.isNeg = false;

    return [q, r];
};

RSAUtils.biDivide = function(x, y) {
    return RSAUtils.biDivideModulo(x, y)[0];
};

RSAUtils.biModulo = function(x, y) {
    return RSAUtils.biDivideModulo(x, y)[1];
};

RSAUtils.biMultiplyMod = function(x, y, m) {
    return RSAUtils.biModulo(RSAUtils.biMultiply(x, y), m);
};

RSAUtils.biPow = function(x, y) {
    var result = bigOne;
    var a = x;
    while (true) {
        if ((y & 1) != 0) result = RSAUtils.biMultiply(result, a);
        y >>= 1;
        if (y == 0) break;
        a = RSAUtils.biMultiply(a, a);
    }
    return result;
};

RSAUtils.biPowMod = function(x, y, m) {
    var result = bigOne;
    var a = x;
    var k = y;
    while (true) {
        if ((k.digits[0] & 1) != 0) result = RSAUtils.biMultiplyMod(result, a, m);
        k = RSAUtils.biShiftRight(k, 1);
        if (k.digits[0] == 0 && RSAUtils.biHighIndex(k) == 0) break;
        a = RSAUtils.biMultiplyMod(a, a, m);
    }
    return result;
};


window.BarrettMu = function(m) {
    this.modulus = RSAUtils.biCopy(m);
    this.k = RSAUtils.biHighIndex(this.modulus) + 1;
    var b2k = new BigInt();
    b2k.digits[2 * this.k] = 1; // b2k = b^(2k)
    this.mu = RSAUtils.biDivide(b2k, this.modulus);
    this.bkplus1 = new BigInt();
    this.bkplus1.digits[this.k + 1] = 1; // bkplus1 = b^(k+1)
    this.modulo = BarrettMu_modulo;
    this.multiplyMod = BarrettMu_multiplyMod;
    this.powMod = BarrettMu_powMod;
};

function BarrettMu_modulo(x) {
    var $dmath = RSAUtils;
    var q1 = $dmath.biDivideByRadixPower(x, this.k - 1);
    var q2 = $dmath.biMultiply(q1, this.mu);
    var q3 = $dmath.biDivideByRadixPower(q2, this.k + 1);
    var r1 = $dmath.biModuloByRadixPower(x, this.k + 1);
    var r2term = $dmath.biMultiply(q3, this.modulus);
    var r2 = $dmath.biModuloByRadixPower(r2term, this.k + 1);
    var r = $dmath.biSubtract(r1, r2);
    if (r.isNeg) {
        r = $dmath.biAdd(r, this.bkplus1);
    }
    var rgtem = $dmath.biCompare(r, this.modulus) >= 0;
    while (rgtem) {
        r = $dmath.biSubtract(r, this.modulus);
        rgtem = $dmath.biCompare(r, this.modulus) >= 0;
    }
    return r;
}

function BarrettMu_multiplyMod(x, y) {
    /*
    x = this.modulo(x);
    y = this.modulo(y);
    */
    var xy = RSAUtils.biMultiply(x, y);
    return this.modulo(xy);
}

function BarrettMu_powMod(x, y) {
    var result = new BigInt();
    result.digits[0] = 1;
    var a = x;
    var k = y;
    while (true) {
        if ((k.digits[0] & 1) != 0) result = this.multiplyMod(result, a);
        k = RSAUtils.biShiftRight(k, 1);
        if (k.digits[0] == 0 && RSAUtils.biHighIndex(k) == 0) break;
        a = this.multiplyMod(a, a);
    }
    return result;
}

var RSAKeyPair = function(encryptionExponent, decryptionExponent, modulus) {
    var $dmath = RSAUtils;
    this.e = $dmath.biFromHex(encryptionExponent);
    this.d = $dmath.biFromHex(decryptionExponent);
    this.m = $dmath.biFromHex(modulus);
    // We can do two bytes per digit, so
    // chunkSize = 2 * (number of digits in modulus - 1).
    // Since biHighIndex returns the high index, not the number of digits, 1 has
    // already been subtracted.
    this.chunkSize = 2 * $dmath.biHighIndex(this.m);
    this.radix = 16;
    this.barrett = new window.BarrettMu(this.m);
};

RSAUtils.getKeyPair = function(encryptionExponent, decryptionExponent, modulus) {
    return new RSAKeyPair(encryptionExponent, decryptionExponent, modulus);
};

if(typeof window.twoDigit === 'undefined') {
    window.twoDigit = function(n) {
        return (n < 10 ? "0" : "") + String(n);
    };
}

// Altered by Rob Saunders (rob@robsaunders.net). New routine pads the
// string after it has been converted to an array. This fixes an
// incompatibility with Flash MX's ActionScript.
RSAUtils.encryptedString = function(key, s) {
    var a = [];
    var sl = s.length;
    var i = 0;
    while (i < sl) {
        a[i] = s.charCodeAt(i);
        i++;
    }

    while (a.length % key.chunkSize != 0) {
        a[i++] = 0;
    }

    var al = a.length;
    var result = "";
    var j, k, block;
    for (i = 0; i < al; i += key.chunkSize) {
        block = new BigInt();
        j = 0;
        for (k = i; k < i + key.chunkSize; ++j) {
            block.digits[j] = a[k++];
            block.digits[j] += a[k++] << 8;
        }
        var crypt = key.barrett.powMod(block, key.e);
        var text = key.radix == 16 ? RSAUtils.biToHex(crypt) : RSAUtils.biToString(crypt, key.radix);
        result += text + " ";
    }
    return result.substring(0, result.length - 1); // Remove last space.
};

RSAUtils.decryptedString = function(key, s) {
    var blocks = s.split(" ");
    var result = "";
    var i, j, block;
    for (i = 0; i < blocks.length; ++i) {
        var bi;
        if (key.radix == 16) {
            bi = RSAUtils.biFromHex(blocks[i]);
        }
        else {
            bi = RSAUtils.biFromString(blocks[i], key.radix);
        }
        block = key.barrett.powMod(bi, key.d);
        for (j = 0; j <= RSAUtils.biHighIndex(block); ++j) {
            result += String.fromCharCode(block.digits[j] & 255,
                                          block.digits[j] >> 8);
        }
    }
    // Remove trailing null, if any.
    if (result.charCodeAt(result.length - 1) == 0) {
        result = result.substring(0, result.length - 1);
    }
    return result;
};

RSAUtils.setMaxDigits(130);

export  default RSAUtils;
View Code

   前端加密示例

import RSAUtils from 'xxx/security';
import encrypt from 'xxx/encrypt';

plainPassword = encrypt(plainPassword);

var key = RSAUtils.getKeyPair(exponent, '', modulus);
var encryptedPwd = RSAUtils.encryptedString(key, plainPassword);

 

  java rsa 算法(RSAUtils.java)

import java.math.BigInteger;
import java.security.InvalidParameterException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import javax.crypto.Cipher;
import org.apache.commons.codec.DecoderException;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.time.DateFormatUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public abstract class RSAUtils {
    private static final Logger LOGGER = LoggerFactory.getLogger(RSAUtils.class);
    private static final String ALGORITHOM = "RSA";
    private static final int KEY_SIZE = 1024;
    private static final Provider DEFAULT_PROVIDER = new BouncyCastleProvider();

    private static KeyPairGenerator keyPairGen = null;
    private static KeyFactory keyFactory = null;

    private static KeyPair oneKeyPair = null;

    public static synchronized KeyPair generateKeyPair() {
        try {
            keyPairGen.initialize(1024,
                    new SecureRandom(DateFormatUtils.format(System.currentTimeMillis(), "yyyyMMdd").getBytes()));
            oneKeyPair = keyPairGen.generateKeyPair();
            return oneKeyPair;
        } catch (InvalidParameterException ex) {
            LOGGER.error("KeyPairGenerator does not support a key length of 1024.", ex);
        } catch (NullPointerException ex) {
            LOGGER.error("RSAUtils#KEY_PAIR_GEN is null, can not generate KeyPairGenerator instance.", ex);
        }
        return null;
    }

    public static KeyPair getKeyPair() {
        return oneKeyPair;
    }

    public static void setKeyPair(KeyPair redisKeyPair) {
        oneKeyPair = redisKeyPair;
    }

    public static RSAPublicKey generateRSAPublicKey(byte[] modulus, byte[] publicExponent) {
        RSAPublicKeySpec publicKeySpec = new RSAPublicKeySpec(new BigInteger(modulus), new BigInteger(publicExponent));
        try {
            return ((RSAPublicKey) keyFactory.generatePublic(publicKeySpec));
        } catch (InvalidKeySpecException ex) {
            LOGGER.error("RSAPublicKeySpec is unavailable.", ex);
        } catch (NullPointerException ex) {
            LOGGER.error("RSAUtils#KEY_FACTORY is null, can not generate KeyFactory instance.", ex);
        }
        return null;
    }

    public static RSAPrivateKey generateRSAPrivateKey(byte[] modulus, byte[] privateExponent) {
        RSAPrivateKeySpec privateKeySpec = new RSAPrivateKeySpec(new BigInteger(modulus),
                new BigInteger(privateExponent));
        try {
            return ((RSAPrivateKey) keyFactory.generatePrivate(privateKeySpec));
        } catch (InvalidKeySpecException ex) {
            LOGGER.error("RSAPrivateKeySpec is unavailable.", ex);
        } catch (NullPointerException ex) {
            LOGGER.error("RSAUtils#KEY_FACTORY is null, can not generate KeyFactory instance.", ex);
        }
        return null;
    }

    public static RSAPrivateKey getRSAPrivateKey(String hexModulus, String hexPrivateExponent) {
        if ((StringUtils.isBlank(hexModulus)) || (StringUtils.isBlank(hexPrivateExponent))) {
            if (LOGGER.isDebugEnabled()) {
                LOGGER.debug(
                        "hexModulus and hexPrivateExponent cannot be empty. RSAPrivateKey value is null to return.");
            }
            return null;
        }
        byte[] modulus = null;
        byte[] privateExponent = null;
        try {
            modulus = Hex.decodeHex(hexModulus.toCharArray());
            privateExponent = Hex.decodeHex(hexPrivateExponent.toCharArray());
        } catch (DecoderException ex) {
            LOGGER.error("hexModulus or hexPrivateExponent value is invalid. return null(RSAPrivateKey).");
        }
        if ((modulus != null) && (privateExponent != null)) {
            return generateRSAPrivateKey(modulus, privateExponent);
        }
        return null;
    }

    public static RSAPublicKey getRSAPublidKey(String hexModulus, String hexPublicExponent) {
        if ((StringUtils.isBlank(hexModulus)) || (StringUtils.isBlank(hexPublicExponent))) {
            if (LOGGER.isDebugEnabled()) {
                LOGGER.debug("hexModulus and hexPublicExponent cannot be empty. return null(RSAPublicKey).");
            }
            return null;
        }
        byte[] modulus = null;
        byte[] publicExponent = null;
        try {
            modulus = Hex.decodeHex(hexModulus.toCharArray());
            publicExponent = Hex.decodeHex(hexPublicExponent.toCharArray());
        } catch (DecoderException ex) {
            LOGGER.error("hexModulus or hexPublicExponent value is invalid. return null(RSAPublicKey).");
        }
        if ((modulus != null) && (publicExponent != null)) {
            return generateRSAPublicKey(modulus, publicExponent);
        }
        return null;
    }

    public static byte[] encrypt(PublicKey publicKey, byte[] data) throws Exception {
        Cipher ci = Cipher.getInstance("RSA", DEFAULT_PROVIDER);
        ci.init(1, publicKey);
        return ci.doFinal(data);
    }

    public static byte[] decrypt(PrivateKey privateKey, byte[] data) throws Exception {
        Cipher ci = Cipher.getInstance("RSA", DEFAULT_PROVIDER);
        ci.init(2, privateKey);
        return ci.doFinal(data);
    }

    public static String encryptString(PublicKey publicKey, String plaintext) {
        if ((publicKey == null) || (plaintext == null)) {
            return null;
        }
        byte[] data = plaintext.getBytes();
        try {
            byte[] en_data = encrypt(publicKey, data);
            return new String(Hex.encodeHex(en_data));
        } catch (Exception ex) {
            LOGGER.error(ex.getCause().getMessage());
        }
        return null;
    }

    public static String encryptString(String plaintext) {
        if (plaintext == null) {
            return null;
        }
        byte[] data = plaintext.getBytes();
        KeyPair keyPair = getKeyPair();
        try {
            byte[] en_data = encrypt((RSAPublicKey) keyPair.getPublic(), data);
            return new String(Hex.encodeHex(en_data));
        } catch (NullPointerException ex) {
            LOGGER.error("keyPair cannot be null.");
        } catch (Exception ex) {
            LOGGER.error(ex.getCause().getMessage());
        }
        return null;
    }

    public static String decryptString(PrivateKey privateKey, String encrypttext) {
        if ((privateKey == null) || (StringUtils.isBlank(encrypttext)))
            return null;
        try {
            byte[] en_data = Hex.decodeHex(encrypttext.toCharArray());
            byte[] data = decrypt(privateKey, en_data);
            return new String(data);
        } catch (Exception ex) {
            LOGGER.error(String.format("\"%s\" Decryption failed. Cause: %s",
                    new Object[] { encrypttext, ex.getCause().getMessage() }));
        }
        return null;
    }

    public static String decryptString(String encrypttext) {
        if (StringUtils.isBlank(encrypttext)) {
            return null;
        }
        KeyPair keyPair = getKeyPair();
        try {
            byte[] en_data = Hex.decodeHex(encrypttext.toCharArray());
            byte[] data = decrypt((RSAPrivateKey) keyPair.getPrivate(), en_data);
            return new String(data);
        } catch (NullPointerException ex) {
            LOGGER.error("keyPair cannot be null.");
        } catch (Exception ex) {
            LOGGER.error(String.format("\"%s\" Decryption failed. Cause: %s",
                    new Object[] { encrypttext, ex.getMessage() }));
        }
        return null;
    }

    public static String decryptStringByJs(String encrypttext) {
        String text = decryptString(encrypttext);
        if (text == null) {
            return null;
        }
        return StringUtils.reverse(text);
    }

    public static RSAPublicKey getDefaultPublicKey() {
        KeyPair keyPair = getKeyPair();
        if (keyPair != null) {
            return ((RSAPublicKey) keyPair.getPublic());
        }
        return null;
    }

    public static RSAPrivateKey getDefaultPrivateKey() {
        KeyPair keyPair = getKeyPair();
        if (keyPair != null) {
            return ((RSAPrivateKey) keyPair.getPrivate());
        }
        return null;
    }

    static {
        try {
            keyPairGen = KeyPairGenerator.getInstance("RSA", DEFAULT_PROVIDER);
            keyFactory = KeyFactory.getInstance("RSA", DEFAULT_PROVIDER);
        } catch (NoSuchAlgorithmException ex) {
            LOGGER.error(ex.getMessage());
        }
    }
}
View Code

  java rsa 公钥获取(传递给前端)

import java.security.KeyPair;
import java.security.interfaces.RSAPublicKey;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import com.alibaba.fastjson.JSONObject;
import xxx.RSAUtils;
import xxx.ObjectResponse;
import xxx.ReturnCode;
import xxx.RedisCacheTemplate;

@Controller
@RequestMapping("pubkey")
public class RSAPubkeyController {
    Logger logger = LoggerFactory.getLogger(RSAPubkeyController.class);
    
    public static final String KEY_PAIR = "tenant_key_pair";
    
    @Autowired
    private RedisCacheTemplate redisCacheTemplate;
    
    @RequestMapping(value="get", method=RequestMethod.GET)
    @ResponseBody
    public ObjectResponse<JSONObject> getPubkey() {
        ObjectResponse<JSONObject> result = new ObjectResponse<JSONObject>();
        try {
            if(RSAUtils.getKeyPair() == null) {
                if(redisCacheTemplate.get(KEY_PAIR) == null) {
                    KeyPair oneKeyPair = RSAUtils.generateKeyPair();
                    redisCacheTemplate.put(KEY_PAIR, oneKeyPair);
                } else {
                    KeyPair redisKeyPair = (KeyPair) redisCacheTemplate.get(KEY_PAIR);
                    RSAUtils.setKeyPair(redisKeyPair);
                }
            } 
            RSAPublicKey pubkey = RSAUtils.getDefaultPublicKey();
            
            JSONObject key = new JSONObject();
            key.put("exponent", pubkey.getPublicExponent().toString(16));
            key.put("modulus", pubkey.getModulus().toString(16));
            result.setCode(ReturnCode.SUCCESS);
            result.setData(key);
            result.setMsg("pubkey 获取成功!");
        } catch(Exception e) {
            e.printStackTrace();
            logger.error(e.getMessage());
            result.setCode(ReturnCode.FAILURE);
            result.setMsg("pubkey 获取异常!");
        }
        
        return result;
    }
}
View Code

  java sha 算法(PasswordUtils.java)

import xxx.UserBaseVO;
import org.apache.commons.lang.StringUtils;
import org.springside.modules.security.utils.Digests;
import org.springside.modules.utils.Encodes;

public class PasswordUtils {
    public static final int HASH_INTERATIONS = 1;
    private static final int SALT_SIZE = 8;

    public static String encodebyUserCode(UserBaseVO user) {
        String userCode = user.getUserCode();
        if (StringUtils.isNotBlank(userCode)) {
            String hashUserCode = encodePasswordUsingSHA(userCode);
            byte[] hashPassword = Digests.sha1(
                    (user.getUserPassword() + hashUserCode).getBytes(),
                    Encodes.decodeHex(user.getSalt()), HASH_INTERATIONS);

            return Encodes.encodeHex(hashPassword);
        }
        byte[] hashPassword = Digests.sha1(user.getUserPassword().getBytes(),
                Encodes.decodeHex(user.getSalt()), HASH_INTERATIONS);

        return Encodes.encodeHex(hashPassword);
    }

    public static void setSalt(UserBaseVO user) {
        byte[] salt = Digests.generateSalt(SALT_SIZE);
        user.setSalt(Encodes.encodeHex(salt));
    }

    public static String encodePassword(String password, String salt) {
        byte[] hashPassword = Digests.sha1(password.getBytes(),
                Encodes.decodeHex(salt), HASH_INTERATIONS);
        return Encodes.encodeHex(hashPassword);
    }

    public static String encodePasswordByUserCode(String password, String salt,
                                                  String userCode) {
        if (StringUtils.isNotBlank(userCode)) {
            String hashUserCode = encodePasswordUsingSHA(userCode);
            byte[] hashPassword = Digests.sha1(
                    (password + hashUserCode).getBytes(),
                    Encodes.decodeHex(salt), HASH_INTERATIONS);

            return Encodes.encodeHex(hashPassword);
        }
        byte[] hashPassword = Digests.sha1(password.getBytes(),
                Encodes.decodeHex(salt), HASH_INTERATIONS);
        return Encodes.encodeHex(hashPassword);
    }

    public static String encodePasswordUsingSHA(String password) {
        byte[] hashPassword = Digests.sha1(password.getBytes());
        String result = Encodes.encodeHex(hashPassword);
        return result;
    }

    public static String encodePasswordUsingSHA(String password, String salt) {
        byte[] hashPassword = Digests.sha1(password.getBytes());
        String shaResult = Encodes.encodeHex(hashPassword);
        byte[] encrytyPassword = Digests.sha1(shaResult.getBytes(),
                Encodes.decodeHex(salt), HASH_INTERATIONS);
        return Encodes.encodeHex(encrytyPassword);
    }

    public static String getSalt() {
        byte[] salt = Digests.generateSalt(SALT_SIZE);
        return Encodes.encodeHex(salt);
    }
}
View Code

  后端校验示例

//获取到前端传递的密码参数
password = RSAUtils.decryptStringByJs(password);

//根据usercode 获取到用户 user
String checkPwd = PasswordUtils.encodePasswordByUserCode(password, user.getSalt(), user.getUserCode());

assert checkPwd.equals(user.getUserPassword())

  后端加密示例

UserBaseVO vo = (将要新增的用户);
PasswordUtils.setSalt(vo);
String shaPassword = PasswordUtils.encodePasswordUsingSHA(vo.getUserPassword());
vo.setUserPassword(shaPassword);
vo.setUserPassword(PasswordUtils.encodebyUserCode(vo));

 

 

posted @ 2017-03-02 18:58  hjzqyx  阅读(1083)  评论(4编辑  收藏  举报