前端CryptoJS加密、后端解密代碼實現參考
1、使用AES算法的CBC模式加密
1.1、前端加密代碼實現參考
vue項目需要安裝CryptoJS安裝包,安裝命令如下:
npm install crypto-js
在項目中引入CryptoJS
import CryptoJS from 'crypto-js'
參考代碼如下:
<script>
// 此處key為16進制
let key = '385f33cb91484b04a177828829081ab7';
console.log('密鑰:', key);
// key格式化處理
key = CryptoJS.enc.Utf8.parse(key)
// 偏移量長度為16位, 注:偏移量需要與后端定義好,保證一致
let iv = "37fa77f6a3b0462d";
iv = CryptoJS.enc.Utf8.parse("37fa77f6a3b0462d");
// 加密內容
const source = {
"username": "用戶名",
"password": "密碼",
"timestamp": new Date().getTime()
}
const content = JSON.stringify(source);
console.log('加密前:', source);
// 加密方法
const encryptedContent = CryptoJS.AES.encrypt(content, key, {
iv: iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
})
const encStr = encryptedContent.ciphertext.toString()
console.log("加密后:", encStr);
// 解密方法
const decryptedContent = CryptoJS.AES.decrypt(CryptoJS.format.Hex.parse(encStr), key, {
iv: iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
})
console.log('解密:',CryptoJS.enc.Utf8.stringify(decryptedContent));
</script>
前端打印結果
說明:
1> CBC模式前、后端需要確定偏移量的值,並且保持一致,這樣才能確保后端解密成功。
2> 前端CBC模式或者ECB模式下的填充方式 Pkcs7,對應后端AES算法模式中的 PKCS5Padding 填充方式
3> CryptoJS對應的API文檔地址:https://cryptojs.gitbook.io/docs/#encoders
1.2、后端解密代碼實現參考
后端代碼實現需要引入的maven依賴如下:
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.15</version>
</dependency>
參考代碼實現如下:
import org.apache.commons.codec.DecoderException;
import org.apache.commons.codec.binary.Hex;
import javax.crypto.*;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
/**
* AES對稱加密工具類
*
* @author 星空流年
*/
public class AesUtil {
/**
* 偏移量
*
* 說明:偏移量字符串必須是16位 當模式是CBC的時候必須設置偏移量
* 此處值與前端偏移量值保持一致
*/
private static String iv = "37fa77f6a3b0462d";
/**
* 加密算法
*/
private static String Algorithm = "AES";
/**
* 算法/模式/補碼方式
*/
private static String AlgorithmProvider = "AES/CBC/PKCS5Padding";
/**
* 加密
*
* @param src 加密內容
* @param uniqueKey 加密key
* @return
* @throws NoSuchPaddingException
* @throws NoSuchAlgorithmException
* @throws InvalidKeyException
* @throws BadPaddingException
* @throws IllegalBlockSizeException
* @throws InvalidAlgorithmParameterException
* @throws UnsupportedEncodingException
*/
public static String encrypt(String src, String uniqueKey) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, InvalidAlgorithmParameterException, UnsupportedEncodingException {
byte[] key = uniqueKey.getBytes();
SecretKey secretKey = new SecretKeySpec(key, Algorithm);
IvParameterSpec ivParameterSpec = new IvParameterSpec(iv.getBytes("utf-8"));
Cipher cipher = Cipher.getInstance(AlgorithmProvider);
cipher.init(Cipher.ENCRYPT_MODE, secretKey, ivParameterSpec);
byte[] cipherBytes = cipher.doFinal(src.getBytes("UTF-8"));
return byteToHexString(cipherBytes);
}
/**
* 解密
*
* @param enc 加密內容
* @param uniqueKey 唯一key
* @return
* @throws NoSuchPaddingException
* @throws NoSuchAlgorithmException
* @throws UnsupportedEncodingException
* @throws InvalidAlgorithmParameterException
* @throws InvalidKeyException
* @throws DecoderException
* @throws BadPaddingException
* @throws IllegalBlockSizeException
*/
public static String decrypt(String enc, String uniqueKey) throws NoSuchPaddingException, NoSuchAlgorithmException, UnsupportedEncodingException, InvalidAlgorithmParameterException, InvalidKeyException, DecoderException, BadPaddingException, IllegalBlockSizeException {
byte[] key = uniqueKey.getBytes();
SecretKey secretKey = new SecretKeySpec(key, Algorithm);
IvParameterSpec ivParameterSpec = new IvParameterSpec(iv.getBytes("utf-8"));
Cipher cipher = Cipher.getInstance(AlgorithmProvider);
cipher.init(Cipher.DECRYPT_MODE, secretKey, ivParameterSpec);
byte[] hexBytes = hexStringToBytes(enc);
byte[] plainBytes = cipher.doFinal(hexBytes);
return new String(plainBytes, "UTF-8");
}
/**
* 將byte數組轉換為16進制字符串
*
* @param src
* @return
*/
private static String byteToHexString(byte[] src) {
return Hex.encodeHexString(src);
}
/**
* 將16進制字符串轉換為byte數組
*
* @param hexString
* @return
*/
private static byte[] hexStringToBytes(String hexString) throws DecoderException {
return Hex.decodeHex(hexString);
}
/**
* AES加密、解密測試方法
*
* @param args
*/
public static void main(String[] args) {
try {
// 唯一key作為密鑰
String uniqueKey = "385f33cb91484b04a177828829081ab7";
// 加密前數據,此處數據與前端數據一致(加密內容包含有時間戳),請注意查看前端加密前數據
String src = "{\"username\":\"用戶名\",\"password\":\"密碼\",\"timestamp\":1628218094188}";
System.out.println("密鑰:" + uniqueKey);
System.out.println("原字符串:" + src);
// 加密
String encrypt = encrypt(src, uniqueKey);
System.out.println("加密:" + encrypt);
// 解密
String decrypt = decrypt(encrypt, uniqueKey);
System.out.println("解密:" + decrypt);
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
}
}
測試結果
2、使用AES算法的ECB模式加密
前面也說到,AES的ECB和CBC模式下的填充方式 Pkcs7,對應后端AES算法模式中的 PKCS5Padding 填充方式,只不過CBC模式需要添加偏移量,而ECB模式則不需要,大體實現方式本質上沒有太大差別。
2.1、前端加密代碼實現參考
vue項目需要安裝CryptoJS安裝包,安裝命令如下:
npm install crypto-js
在項目中引入CryptoJS
import CryptoJS from 'crypto-js'
參考代碼如下:
<script>
// 此處key為16進制
let key = '385f33cb91484b04a177828829081ab7';
console.log('密鑰:', key);
// key格式化處理
key = CryptoJS.enc.Utf8.parse(key)
// 加密內容
const source = {
"username": "用戶名",
"password": "密碼",
"timestamp": new Date().getTime()
}
const content = JSON.stringify(source);
console.log('加密前:', source);
// 加密方法
const encryptedContent = CryptoJS.AES.encrypt(content, key, {
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7
})
const encStr = encryptedContent.ciphertext.toString()
console.log('加密后:', encStr);
// 解密方法
const decryptedContent = CryptoJS.AES.decrypt(CryptoJS.format.Hex.parse(encStr), key, {
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7
})
console.log('解密:',CryptoJS.enc.Utf8.stringify(decryptedContent));
</script>
前端打印結果
2.2、后端加密代碼實現參考
import org.apache.commons.codec.DecoderException;
import org.apache.commons.codec.binary.Hex;
import javax.crypto.*;
import javax.crypto.spec.SecretKeySpec;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
/**
* AES對稱加密工具類
*
* @author 星空流年
*/
public class AesUtil {
/**
* 加密算法
*/
private static String Algorithm = "AES";
/**
* 算法/模式/補碼方式
*/
private static String AlgorithmProvider = "AES/ECB/PKCS5Padding";
/**
* 加密
*
* @param src 原內容
* @param uniqueKey 唯一key
* @return
* @throws NoSuchPaddingException
* @throws NoSuchAlgorithmException
* @throws InvalidKeyException
* @throws BadPaddingException
* @throws IllegalBlockSizeException
* @throws DecoderException
*/
public static String encrypt(String src, String uniqueKey) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, DecoderException {
byte[] key = uniqueKey.getBytes();
SecretKey secretKey = new SecretKeySpec(key, Algorithm);
Cipher cipher = Cipher.getInstance(AlgorithmProvider);
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
byte[] cipherBytes = cipher.doFinal(src.getBytes(StandardCharsets.UTF_8));
return byteToHexString(cipherBytes);
}
/**
* 解密
*
* @param enc 加密內容
* @param uniqueKey 唯一key
* @return
* @throws NoSuchPaddingException
* @throws NoSuchAlgorithmException
* @throws UnsupportedEncodingException
* @throws InvalidAlgorithmParameterException
* @throws InvalidKeyException
* @throws DecoderException
* @throws BadPaddingException
* @throws IllegalBlockSizeException
*/
public static String decrypt(String enc, String uniqueKey) throws NoSuchPaddingException, NoSuchAlgorithmException, UnsupportedEncodingException, InvalidAlgorithmParameterException, InvalidKeyException, DecoderException, BadPaddingException, IllegalBlockSizeException {
byte[] key = uniqueKey.getBytes();
SecretKey secretKey = new SecretKeySpec(key, Algorithm);
Cipher cipher = Cipher.getInstance(AlgorithmProvider);
cipher.init(Cipher.DECRYPT_MODE, secretKey);
byte[] hexBytes = hexStringToBytes(enc);
byte[] plainBytes = cipher.doFinal(hexBytes);
return new String(plainBytes, SystemConstants.UTF_8);
}
/**
* 將byte數組轉換為16進制字符串
*
* @param src
* @return
*/
private static String byteToHexString(byte[] src) {
return Hex.encodeHexString(src);
}
/**
* 將16進制字符串轉換為byte數組
*
* @param hexString
* @return
*/
private static byte[] hexStringToBytes(String hexString) throws DecoderException {
return Hex.decodeHex(hexString);
}
/**
* AES加密、解密測試方法
*
* @param args
*/
public static void main(String[] args) {
try {
// 唯一key作為密鑰
String uniqueKey = "385f33cb91484b04a177828829081ab7";
// 加密前數據,此處數據與前端數據一致(加密內容包含有時間戳),請注意查看前端加密前數據
String src = "{\"username\":\"用戶名\",\"password\":\"密碼\",\"timestamp\":1628220492939}";
System.out.println("密鑰:" + uniqueKey);
System.out.println("原字符串:" + src);
// 加密
String encrypt = encrypt(src, uniqueKey);
System.out.println("加密:" + encrypt);
// 解密
String decrypt = decrypt(encrypt, uniqueKey);
System.out.println("解密:" + decrypt);
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
}
}
測試結果
參考內容:
1、https://blog.csdn.net/lsvtogergo/article/details/80804312
2、https://cryptojs.gitbook.io/docs/#encoders
3、https://www.cnblogs.com/hetutu-5238/p/10648116.html