crypto前台AES加密,后台AES解密

正值这次项目的安全测试,来分享一下在项目中的加密。

crypto前台加密

CryptoJS (crypto.js) 为 JavaScript 提供了各种各样的加密算法。目前已支持的算法包括:

  1. MD5
  2. SHA-1
  3. SHA-256
  4. AES
  5. Rabbit
  6. MARC4
  7. HMAC
  8. HMAC-MD5
  9. HMAC-SHA1
  10. HMAC-SHA256
  11. PBKDF2

官网地址:https://github.com/brix/crypto-js

//引用aesjs



//加密function
function Encrypt(word){  
    var key = CryptoJS.enc.Utf8.parse("0102030405060708");   //加密密钥
    var iv  = CryptoJS.enc.Utf8.parse('0102030405060708');   //加密向量
    var srcs = CryptoJS.enc.Utf8.parse(word);  
    var encrypted = CryptoJS.AES.encrypt(srcs, key, { iv: iv,mode:CryptoJS.mode.CBC});  
    return encrypted.toString();  
} 


//提交到后台验证
$.post("${ctx}/base/security/userinfo!login.action", {
            account : aesaccount,
            pwd : aespwd,
            vcode : vcode,
            vcodepass: vcodepass
}

后台解密

   package ICT.utils;

    import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

import org.apache.commons.codec.binary.Base64;


/**
 * helper class to encrypt and decrypt string
 */

public class CryptoHelper {

    public static String digest(String data) {
        String digest="";
        try {
             java.security.MessageDigest alg=java.security.MessageDigest.getInstance("MD5");
             alg.update(data.getBytes());
             byte[] digesta=alg.digest();
             digest=byte2hex(digesta);
             return digest;
        } catch (Exception ex) {
            return (null);
        }
    }
    public static String byte2hex(byte[] b) //二行制转字符串
    {
     String hs="";
     String stmp="";
     for (int n=0;n0XFF));
       if (stmp.length()==1) hs=hs+"0"+stmp;
       else hs=hs+stmp;
       if (n1)  hs=hs+"";
      }
     return hs.toUpperCase();
    }
    public static String Decrypt(String sSrc, String sKey) throws Exception {    
        try {    
            // 判断Key是否正确    
            if (sKey == null) {    
                System.out.print("Key为空null");      
                return null;    
            }    
            // 判断Key是否为16位    
            if (sKey.length() != 16) {    
                System.out.print("Key长度不是16位");    
                return null;    
            }    
            byte[] raw = sKey.getBytes("ASCII");    
            SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");    
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");    
            IvParameterSpec iv = new IvParameterSpec("0102030405060708"    
                    .getBytes());    
            cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);    
            byte[] encrypted1 = Base64.decodeBase64(sSrc);//先用bAES64解密    
            try {    
                byte[] original = cipher.doFinal(encrypted1);    
                String originalString = new String(original);    
                return originalString;    
            } catch (Exception e) {    
                System.out.println(e.toString());    
                return null;    
            }    
        } catch (Exception ex) {    
            System.out.println(ex.toString());    
            return null;    
        }    
    }    


   /* public static void main(String[] args) {
        try {
            String str ="123456";
            String enStr = digest(str);
            System.out.println(enStr);
            //System.out.println(decrypt(enStr));
        } catch (Exception ex) {
            System.out.println(ex.getMessage());
        }
    }*/

    public static void main(String[] args)  {
        CryptoHelper my=new CryptoHelper();
        System.out.println(my.digest("1"));

      }
} 

你可能感兴趣的:(【前端】)