最近为了解决项目中用户名、密码明文传输的问题,使用了AES在前台加密,然后在后台解密,稍微整理了一下,记录AES前台加解密和后台java加解密,以防忘记。
前台使用CryptoJS实现AES加解密的,所以要先下载组件,下载CryptoJS-v3.1.2版本之后,文件中包含components和rollups两个文件夹,components文件夹下是单个组件,rollups文件夹下是汇总,引用rollups下的aes.js文件即可。
下载地址:CryptoJS-v3.1.2
前台加解密:
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<title>AES加解密</title>
<style>
*{margin:0;padding:0}
.demo-wrap{width: 400px;height:50px;margin: 50px auto auto auto}
</style>
<script src="./js/aes.js"></script>
<script type="text/javascript">
function getAesString(data,key,iv){
var key = CryptoJS.enc.Utf8.parse(key);
var iv = CryptoJS.enc.Utf8.parse(iv);
var encrypted =CryptoJS.AES.encrypt(data,key,{
iv:iv,
mode:CryptoJS.mode.CBC,
padding:CryptoJS.pad.Pkcs7
});
return encrypted.toString(); //返回的是base64格式的密文
}
function getDAesString(encrypted,key,iv){
var key = CryptoJS.enc.Utf8.parse(key);
var iv = CryptoJS.enc.Utf8.parse(iv);
var decrypted =CryptoJS.AES.decrypt(encrypted,key,{
iv:iv,
mode:CryptoJS.mode.CBC,
padding:CryptoJS.pad.Pkcs7
});
return decrypted.toString(CryptoJS.enc.Utf8);
}
function getAES(){//加密
var data =document.getElementById("data-ipt").value;//明文
var key = 'abcdefghijklmn12'; //密钥
var iv = 'abcdefghijklmn12';
var encrypted =getAesString(data,key,iv); //密文
var encrypted1 =CryptoJS.enc.Utf8.parse(encrypted);
document.getElementById("encrypted").innerHTML = encrypted;
}
function getDAes(){//解密
var encrypted =document.getElementById("encrypted").innerHTML; //密文
var key = 'abcdefghijklmn12';
var iv = 'abcdefghijklmn12';
var decryptedStr =getDAesString(encrypted,key,iv);
document.getElementById("decrypted").innerHTML = decryptedStr;
}
</script>
</head>
<body>
<div class="demo-wrap">
<input type="text" id="data-ipt"/>
<button onclick="getAES();">AES加密</button>
<button onclick="getDAes();">AES解密</button>
<br/>
加密后的数据:
<p id ="encrypted"></p>
解密后的数据:
<p id="decrypted"></p>
</div>
</body>
</html>
后台加解密:
package com.yanzhengma.servlet;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
public class AESTest {
public static void main(String args[]) throws Exception{
String content = "test";
String key = "abcdefghijklmn12";
String iv = "abcdefghijklmn12";
//加密
byte[] encrypted = AES_CBC_Encrypt(content.getBytes(), key.getBytes(), iv.getBytes());
//解密
byte[] decrypted = AES_CBC_Decrypt(decryptBASE64("加密后的密文"), key.getBytes(), iv.getBytes());
System.out.println("加密后:"+encryptBASE64(encrypted));
System.out.println("解密后:"+byteToString(decrypted));
}
public static String byteToString(byte[] byte1){
return new String(byte1);
}
public static byte[] AES_CBC_Encrypt(byte[] content, byte[] keyBytes, byte[] iv){
try {
SecretKeySpec key = new SecretKeySpec(keyBytes, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE,key, new IvParameterSpec(iv));
byte[] result = cipher.doFinal(content);
return result;
} catch (Exception e) {
System.out.println("exception:"+e.toString());
}
return null;
}
public static byte[] AES_CBC_Decrypt(byte[] content, byte[] keyBytes, byte[] iv){
try {
SecretKeySpec key = new SecretKeySpec(keyBytes, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE,key, new IvParameterSpec(iv));
byte[] result = cipher.doFinal(content);
return result;
} catch (Exception e) {
System.out.println("exception:"+e.toString());
}
return null;
}
//字符串装换成base64
public static byte[] decryptBASE64(String key) throws Exception {
return Base64.decodeBase64(key.getBytes());
}
//base64装换成字符串
public static String encryptBASE64(byte[] key) throws Exception {
return new String(Base64.encodeBase64(key));
}
}