项目场景:
适用于接口数据敏感信息,比如 明文传输姓名、居住地址、手机号等信息,如果存在明文传输敏感数据问题、及数据泄漏风险,则可使用此方法加密解密。
一、下载crypot-js
1.如果为vue项目,安装cnpm,采用命令安装即可:
安装命令:cnpm install crypto-js;
2.如果为一般web项目,https://github.com/brix/crypto-js,进行下载;
二、前端引入crypto-js文件,并命名为secrt.js
import CryptoJS from 'crypto-js'
// 默认的 KEY 与 iv 如果没有给,可自行设定,但必须16位
const KEY = CryptoJS.enc.Utf8.parse("abcdefgh12345678");
const IV = CryptoJS.enc.Utf8.parse('12345678abcdefgh');
/**
- AES加密 :字符串 key iv 返回base64
*/
export function Encrypt(word, keyStr, ivStr) {
let key = KEY; let iv = IV; if (keyStr) { key = CryptoJS.enc.Utf8.parse(keyStr); iv = CryptoJS.enc.Utf8.parse(ivStr); } let srcs = CryptoJS.enc.Utf8.parse(word); var encrypted = CryptoJS.AES.encrypt(srcs, key, { iv: iv, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.ZeroPadding }); return CryptoJS.enc.Base64.stringify(encrypted.ciphertext);}
/**
AES 解密 :字符串 key iv 返回base64
- @return {string}
*/
export function Decrypt(word, keyStr, ivStr) {
let key = KEY; let iv = IV; if (keyStr) { key = CryptoJS.enc.Utf8.parse(keyStr); iv = CryptoJS.enc.Utf8.parse(ivStr); } let base64 = CryptoJS.enc.Base64.parse(word); let src = CryptoJS.enc.Base64.stringify(base64); let decrypt = CryptoJS.AES.decrypt(src, key, { iv: iv, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.ZeroPadding }); let decryptedStr = decrypt.toString(CryptoJS.enc.Utf8); return decryptedStr.toString();}
三、前端页面引入并加密数据
import {Encrypt} from '../../secrt.js'
//text为需要加密的内容
var userId= Encrypt(text);
四、后端解密数据
1.pom引用
2.创建工具类
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;public class SecretUtil {
/***
* key和iv值可以随机生成,确保与前端的key,iv对应
*/
private static String KEY = "abcdefgh12345678";
private static String IV = "12345678abcdefgh";/*** * 加密 * * @param data 要加密的数据 * @return encrypt */ public static String encrypt(String data) { return encrypt(data, KEY, IV); } /*** * 解密 * @param data 要解密的数据 */ public static String desEncrypt(String data) { return desEncrypt(data, KEY, IV); } /** * 加密方法 */ private static String encrypt(String data, String key, String iv) { try { // "算法/模式/补码方式"NoPadding PkcsPadding Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding"); int blockSize = cipher.getBlockSize(); byte[] dataBytes = data.getBytes(); int plaintextLength = dataBytes.length; if (plaintextLength % blockSize != 0) { plaintextLength = plaintextLength + (blockSize - (plaintextLength % blockSize)); } byte[] plaintext = new byte[plaintextLength]; System.arraycopy(dataBytes, 0, plaintext, 0, dataBytes.length); SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES"); IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes()); cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec); byte[] encrypted = cipher.doFinal(plaintext); return new Base64().encodeToString(encrypted); } catch (Exception e) { e.printStackTrace(); return null; } } /** * 解密方法 */ private static String desEncrypt(String data, String key, String iv) { try { byte[] encrypted1 = new Base64().decode(data); Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding"); SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(), "AES"); IvParameterSpec ivSpec = new IvParameterSpec(iv.getBytes()); cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec); byte[] original = cipher.doFinal(encrypted1); return new String(original).trim(); } catch (Exception e) { e.printStackTrace(); return null; } }}
3.数据解密
@GetMapping(value = "/userInfo")
public getUserInfo(@RequestParam(name = "userId") String userId)
String userId= desEncrypt(userId);
}
版权归原作者 渔夫搬砖 所有, 如有侵权,请联系我们删除。