crypto前台AES加密，后台AES解密

来源：互联网发布：sqlalchemy sql 编辑：程序博客网时间：2024/05/16 12:14

正值这次项目的安全测试，来分享一下在项目中的加密。

crypto前台加密

CryptoJS (crypto.js) 为 JavaScript 提供了各种各样的加密算法。目前已支持的算法包括：

MD5
SHA-1
SHA-256
AES
Rabbit
MARC4
HMAC
HMAC-MD5
HMAC-SHA1
HMAC-SHA256
PBKDF2

官网地址：https://github.com/brix/crypto-js

//引用aesjs<script type="text/javascript" src="${ctx}/js/crypto/rollups/aes.js"></script><javascript type="text/javascript">//加密functionfunction Encrypt(word){      var key = CryptoJS.enc.Utf8.parse("0102030405060708");   //加密密钥    var iv  = CryptoJS.enc.Utf8.parse('0102030405060708');   //加密向量    var srcs = CryptoJS.enc.Utf8.parse(word);      var encrypted = CryptoJS.AES.encrypt(srcs, key, { iv: iv,mode:CryptoJS.mode.CBC});      return encrypted.toString();  } </javascript>//提交到后台验证$.post("${ctx}/base/security/userinfo!login.action", {            account : aesaccount,            pwd : aespwd,            vcode : vcode,            vcodepass: vcodepass}

后台解密

   package ICT.utils;    import javax.crypto.Cipher;import javax.crypto.spec.IvParameterSpec;import javax.crypto.spec.SecretKeySpec;import org.apache.commons.codec.binary.Base64;/** * helper class to encrypt and decrypt string */public class CryptoHelper {    public static String digest(String data) {        String digest="";        try {             java.security.MessageDigest alg=java.security.MessageDigest.getInstance("MD5");             alg.update(data.getBytes());             byte[] digesta=alg.digest();             digest=byte2hex(digesta);             return digest;        } catch (Exception ex) {            return (null);        }    }    public static String byte2hex(byte[] b) //二行制转字符串    {     String hs="";     String stmp="";     for (int n=0;n<b.length;n++)      {       stmp=(java.lang.Integer.toHexString(b[n] & 0XFF));       if (stmp.length()==1) hs=hs+"0"+stmp;       else hs=hs+stmp;       if (n<b.length-1)  hs=hs+"";      }     return hs.toUpperCase();    }    public static String Decrypt(String sSrc, String sKey) throws Exception {            try {                // 判断Key是否正确                if (sKey == null) {                    System.out.print("Key为空null");                      return null;                }                // 判断Key是否为16位                if (sKey.length() != 16) {                    System.out.print("Key长度不是16位");                    return null;                }                byte[] raw = sKey.getBytes("ASCII");                SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");                IvParameterSpec iv = new IvParameterSpec("0102030405060708"                        .getBytes());                cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);                byte[] encrypted1 = Base64.decodeBase64(sSrc);//先用bAES64解密                try {                    byte[] original = cipher.doFinal(encrypted1);                    String originalString = new String(original);                    return originalString;                } catch (Exception e) {                    System.out.println(e.toString());                    return null;                }            } catch (Exception ex) {                System.out.println(ex.toString());                return null;            }        }       /* public static void main(String[] args) {        try {            String str ="123456";            String enStr = digest(str);            System.out.println(enStr);            //System.out.println(decrypt(enStr));        } catch (Exception ex) {            System.out.println(ex.getMessage());        }    }*/    public static void main(String[] args)  {        CryptoHelper my=new CryptoHelper();        System.out.println(my.digest("1"));      }}

2 0