【背景】一般情况下,前台都是用js等语言来写的,后台语言各有各的实现,相同语言下的加密解密比较简单不再赘述,这里说说不同语言的加密解密
【前端】JavaScript 加密 使用Crypto-Js加密库
$.
ajax({
type:
"post",
url:
"./oapi/v1/login",
contentType:
"application/json",
data:
JSON.
stringify({
"username"
:
CryptoJS.
AES.
encrypt(
CryptoJS.
enc.
Utf8.
parse(
telephone),
CryptoJS.
enc.
Utf8.
parse(
postkey),{
iv:CryptoJS.
enc.
Utf8.
parse(
postkey)}).
toString(),
"password"
:
CryptoJS.
AES.
encrypt(
CryptoJS.
enc.
Utf8.
parse(
password),
CryptoJS.
enc.
Utf8.
parse(
postkey),{
iv:CryptoJS.
enc.
Utf8.
parse(
postkey)}).
toString(),
"key"
:postkey,
"iv"
:postkey
}),
dataType:
"json",
success:
function (
dataRes) {
【后端】golang 解密
func
getLoginStru(r *http.Request, t *Ticket) (ls *LoginStru, err
error) {
ls = &LoginStru{}
data,
err :=
getLoginStructFromReq(r)
if err !=
nil {
return
}
userName := data.UserName
passWord := data.PassWord
if userName ==
"" || passWord ==
"" {
log.
Error(
"username or password is null")
err = ErrGetUP
return
}
if data.Key !=
"" && data.Iv !=
"" {
ua,
err :=
Base64AndAESAndCBCAndPKCS7Decrypter(data.UserName, data.Key, data.Iv)
if err !=
nil {
log.
Error(
"username decrypt error")
return
nil, errors.
New(
"username decrypt error")
}
userName = *ua
pw,
err :=
Base64AndAESAndCBCAndPKCS7Decrypter(data.PassWord, data.Key, data.Iv)
if err !=
nil {
log.
Error(
"password decrypt error")
return
nil, errors.
New(
"password decrypt error")
}
passWord = *pw
}
import (
"encoding/base64"
)
func
Base64AndAESAndCBCAndPKCS7Decrypter(cipherText, key, iv
string) (*
string,
error) {
bs,
err := base64.StdEncoding.
DecodeString(cipherText)
if err !=
nil {
return
nil, err
}
textBs,
err :=
AESAndCBCAndPKCS7Decrypter(bs, []
byte(key), []
byte(iv))
if err !=
nil {
return
nil, err
}
text :=
string(textBs)
return &text, err
}