jquery實現登錄加密的幾種方法以及cookie存放加密/解密

本篇文章的所有操作都是在jsp頁面上進行的，完全與后台分離

part 1：加密方式

  這個加密方式網上基本都有很多人總結，我在此也就拋磚引玉一下；

1、base64加密

　　在頁面中引入base64.js文件，調用方法為：

　　　

<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>base64加密</title>
<script type="text/javascript" src="base64.js"></script>
<script type="text/javascript">  
var b = new Base64();  
var str = b.encode("admin:admin");  
        alert("base64 encode:" + str);  
　　　　　//解密
        str = b.decode(str);  
        alert("base64 decode:" + str);  
</script>  
</head>

<body>
</body>
</html>

 

2、md5加密

　　在頁面中引用md5.js文件，調用方法為

　　

<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>md5加密</title>
<script type="text/ecmascript" src="md5.js"></script>
<script type="text/javascript">  
var hash = hex_md5("123dafd");
    alert(hash)
</script>  
</head>

<body>
</body>
</html>

 

3、sha1加密

　　據說這是最安全的加密

　　頁面中引入sha1.js，調用方法為

<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>sha1加密</title>
<script type="text/ecmascript" src="sha1.js"></script>
<script type="text/javascript">
var sha = hex_sha1('mima123465')
    alert(sha)   
</script>  
</head>

<body>
</body>
</html>

part 2：加密以及解密

md5.js只能實現加密功能，但是如果你從cookie中把密碼取出來想解密的時候就尷尬了，所以此處我推薦兩種密碼加密又能解密的方法

 1.Base64.js

廢話不說，直接看代碼（此處包括如何在jsp頁面往cookie中保存用戶名和密碼）

 

<script>
    //step 1:當鼠標點擊復選框時，創建一個持久化的cookie
    var userName=null;
    var passWord=null;
         //限制為：鼠標點擊登錄時判斷：
         $("#accLogBut").click(function(){
             /* 將登錄按鈕置灰 */
         
             //如果被選中狀態，則創建cookie
            if($('input[type=checkbox]').is(':checked')){
                passWord = $('#passWord').val();
                //創建cookie，並將用戶名和密碼保存進去,密碼采用base64加密以及解密
                $.cookie('userName',$('#userName').val(), { expires: 7});
                $.cookie('passWord',$.base64.encode(passWord),{ expires: 7});
            }else{
                //如果復選框沒有被選中，則刪除cookie
                
                $.cookie('userName', ""); 
                $.cookie('passWord', ""); 
            }        
         });        
 //頁面每次被加載的時候，都把cookie中的值取出來，然后存放到對應的文本框中
 $(function(){
         
         var userName=$.cookie('userName');
        var passWord=$.cookie('passWord');
        
        $("#userName").val(userName);
        $("#passWord").val($.base64.decode(passWord));
         if(userName!=null&&userName!=""&&passWord!=null&&passWord!=""){
                
            $("#rememberPassword").attr("checked",true);
        }        
    
}); 
</script>
<!--  登錄時記住密碼結束-->

 

主要用到上面的兩種方法：$.base64.encode(str)加密字符串

 

$.base64.decode(str)解密字符串

2.這是jquery插件庫中的一種比較輕量級的加密解密過程

名字叫做DES

前端采用谷歌的crypto-js

直接上代碼

前端需要引入的js

  <script type="text/javascript" src="js/jquery.min.js" ></script>
  <script type="text/javascript" src="js/tripledes.js" ></script>
  <script type="text/javascript" src="js/mode-ecb.js" ></script>

CryptoJS v3.1.2.zip下載

關鍵方法

DES加密

// DES加密
function encryptByDES(message, key) {
    var keyHex = CryptoJS.enc.Utf8.parse(key);
    var encrypted = CryptoJS.DES.encrypt(message, keyHex, {
        mode: CryptoJS.mode.ECB,
        padding: CryptoJS.pad.Pkcs7
    });
    return encrypted.toString();
}

我們對helloworld進行DES加密，key設置為12345678

加密后的結果為

ovATL3QOQmKh0WiTqhkSbg==

后台采用java版本的DES解密

 

java版的DES工具類

DESUtil.java

import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;

/**
 * DES加解密工具類
 * 
 */
public class DESUtil {
    private static final String DES_ALGORITHM = "DES";

    /**
     * DES加密
     * 
     * @param plainData 原始字符串
     * @param secretKey 加密密鑰
     * @return 加密后的字符串
     * @throws Exception
     */
    public static String encryption(String plainData, String secretKey) throws Exception {

        Cipher cipher = null;
        try {
            cipher = Cipher.getInstance(DES_ALGORITHM);
            cipher.init(Cipher.ENCRYPT_MODE, generateKey(secretKey));

        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (NoSuchPaddingException e) {
            e.printStackTrace();
        } catch (InvalidKeyException e) {

        }

        try {
            // 為了防止解密時報javax.crypto.IllegalBlockSizeException: Input length must
            // be multiple of 8 when decrypting with padded cipher異常，
            // 不能把加密后的字節數組直接轉換成字符串
            byte[] buf = cipher.doFinal(plainData.getBytes());

            return Base64Utils.encode(buf);

        } catch (IllegalBlockSizeException e) {
            e.printStackTrace();
            throw new Exception("IllegalBlockSizeException", e);
        } catch (BadPaddingException e) {
            e.printStackTrace();
            throw new Exception("BadPaddingException", e);
        }

    }


    /**
     * DES解密
     * @param secretData 密碼字符串
     * @param secretKey 解密密鑰
     * @return 原始字符串
     * @throws Exception
     */
    public static String decryption(String secretData, String secretKey) throws Exception {

        Cipher cipher = null;
        try {
            cipher = Cipher.getInstance(DES_ALGORITHM);
            cipher.init(Cipher.DECRYPT_MODE, generateKey(secretKey));

        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            throw new Exception("NoSuchAlgorithmException", e);
        } catch (NoSuchPaddingException e) {
            e.printStackTrace();
            throw new Exception("NoSuchPaddingException", e);
        } catch (InvalidKeyException e) {
            e.printStackTrace();
            throw new Exception("InvalidKeyException", e);

        }

        try {

            byte[] buf = cipher.doFinal(Base64Utils.decode(secretData.toCharArray()));

            return new String(buf);

        } catch (IllegalBlockSizeException e) {
            e.printStackTrace();
            throw new Exception("IllegalBlockSizeException", e);
        } catch (BadPaddingException e) {
            e.printStackTrace();
            throw new Exception("BadPaddingException", e);
        }
    }

    /**
     * 獲得秘密密鑰
     * 
     * @param secretKey
     * @return
     * @throws NoSuchAlgorithmException
     * @throws InvalidKeySpecException
     * @throws InvalidKeyException
     */
    private static SecretKey generateKey(String secretKey)
            throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException {
        SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(DES_ALGORITHM);
        DESKeySpec keySpec = new DESKeySpec(secretKey.getBytes());
        keyFactory.generateSecret(keySpec);
        return keyFactory.generateSecret(keySpec);
    }

    static private class Base64Utils {

        static private char[] alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="
                .toCharArray();
        static private byte[] codes = new byte[256];

        static {
            for (int i = 0; i < 256; i++)
                codes[i] = -1;
            for (int i = 'A'; i <= 'Z'; i++)
                codes[i] = (byte) (i - 'A');
            for (int i = 'a'; i <= 'z'; i++)
                codes[i] = (byte) (26 + i - 'a');
            for (int i = '0'; i <= '9'; i++)
                codes[i] = (byte) (52 + i - '0');
            codes['+'] = 62;
            codes['/'] = 63;
        }

        /**
         * 將原始數據編碼為base64編碼
         */
        static private String encode(byte[] data) {
            char[] out = new char[((data.length + 2) / 3) * 4];
            for (int i = 0, index = 0; i < data.length; i += 3, index += 4) {
                boolean quad = false;
                boolean trip = false;
                int val = (0xFF & (int) data[i]);
                val <<= 8;
                if ((i + 1) < data.length) {
                    val |= (0xFF & (int) data[i + 1]);
                    trip = true;
                }
                val <<= 8;
                if ((i + 2) < data.length) {
                    val |= (0xFF & (int) data[i + 2]);
                    quad = true;
                }
                out[index + 3] = alphabet[(quad ? (val & 0x3F) : 64)];
                val >>= 6;
                out[index + 2] = alphabet[(trip ? (val & 0x3F) : 64)];
                val >>= 6;
                out[index + 1] = alphabet[val & 0x3F];
                val >>= 6;
                out[index + 0] = alphabet[val & 0x3F];
            }

            return new String(out);
        }

        /**
         * 將base64編碼的數據解碼成原始數據
         */
        static private byte[] decode(char[] data) {
            int len = ((data.length + 3) / 4) * 3;
            if (data.length > 0 && data[data.length - 1] == '=')
                --len;
            if (data.length > 1 && data[data.length - 2] == '=')
                --len;
            byte[] out = new byte[len];
            int shift = 0;
            int accum = 0;
            int index = 0;
            for (int ix = 0; ix < data.length; ix++) {
                int value = codes[data[ix] & 0xFF];
                if (value >= 0) {
                    accum <<= 6;
                    shift += 6;
                    accum |= value;
                    if (shift >= 8) {
                        shift -= 8;
                        out[index++] = (byte) ((accum >> shift) & 0xff);
                    }
                }
            }
            if (index != out.length)
                throw new Error("miscalculated data length!");
            return out;
        }
    }
}