crypto前台AES加密,后台AES解密
2015-11-10 00:25
459 查看
正值这次项目的安全测试,来分享一下在项目中的加密。
crypto前台加密
CryptoJS (crypto.js) 为 JavaScript 提供了各种各样的加密算法。目前已支持的算法包括:
MD5
SHA-1
SHA-256
AES
Rabbit
MARC4
HMAC
HMAC-MD5
HMAC-SHA1
HMAC-SHA256
PBKDF2
官网地址:https://github.com/brix/crypto-js
后台解密
crypto前台加密
CryptoJS (crypto.js) 为 JavaScript 提供了各种各样的加密算法。目前已支持的算法包括:
MD5
SHA-1
SHA-256
AES
Rabbit
MARC4
HMAC
HMAC-MD5
HMAC-SHA1
HMAC-SHA256
PBKDF2
官网地址:https://github.com/brix/crypto-js
//引用aesjs <script type="text/javascript" src="${ctx}/js/crypto/rollups/aes.js"></script> <javascript type="text/javascript"> //加密function function Encrypt(word){ var key = CryptoJS.enc.Utf8.parse("0102030405060708"); //加密密钥 var iv = CryptoJS.enc.Utf8.parse('0102030405060708'); //加密向量 var srcs = CryptoJS.enc.Utf8.parse(word); var encrypted = CryptoJS.AES.encrypt(srcs, key, { iv: iv,mode:CryptoJS.mode.CBC}); return encrypted.toString(); } </javascript> //提交到后台验证 $.post("${ctx}/base/security/userinfo!login.action", { account : aesaccount, pwd : aespwd, vcode : vcode, vcodepass: vcodepass }
后台解密
package ICT.utils; import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import org.apache.commons.codec.binary.Base64; /** * helper class to encrypt and decrypt string */ public class CryptoHelper { public static String digest(String data) { String digest=""; try { java.security.MessageDigest alg=java.security.MessageDigest.getInstance("MD5"); alg.update(data.getBytes()); byte[] digesta=alg.digest(); digest=byte2hex(digesta); return digest; } catch (Exception ex) { return (null); } } public static String byte2hex(byte[] b) //二行制转字符串 { String hs=""; String stmp=""; for (int n=0;n<b.length;n++) { stmp=(java.lang.Integer.toHexString(b & 0XFF)); if (stmp.length()==1) hs=hs+"0"+stmp; else hs=hs+stmp; if (n<b.length-1) hs=hs+""; } return hs.toUpperCase(); } public static String Decrypt(String sSrc, String sKey) throws Exception { try { // 判断Key是否正确 if (sKey == null) { System.out.print("Key为空null"); return null; } // 判断Key是否为16位 if (sKey.length() != 16) { System.out.print("Key长度不是16位"); return null; } byte[] raw = sKey.getBytes("ASCII"); SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES"); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); IvParameterSpec iv = new IvParameterSpec("0102030405060708" .getBytes()); cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv); byte[] encrypted1 = Base64.decodeBase64(sSrc);//先用bAES64解密 try { byte[] original = cipher.doFinal(encrypted1); String originalString = new String(original); return originalString; } catch (Exception e) { System.out.println(e.toString()); return null; } } catch (Exception ex) { System.out.println(ex.toString()); return null; } } /* public static void main(String[] args) { try { String str ="123456"; String enStr = digest(str); System.out.println(enStr); //System.out.println(decrypt(enStr)); } catch (Exception ex) { System.out.println(ex.getMessage()); } }*/ public static void main(String[] args) { CryptoHelper my=new CryptoHelper(); System.out.println(my.digest("1")); } }
相关文章推荐
- JSTL标签提示:"items" does not support runtime expressions
- prefix springmvc
- Unity3D-Mecanim动画系统-IK
- 做一个绕Y轴旋转的动画时遇到问题
- nginx 负载均衡
- macports安装问题总结
- XYZZY
- ubuntu 安装nginx和php
- Newtonsoft.Json(Json.Net)学习笔记
- 将QT开发的界面程序封装成DLL,在VC中成功调用
- char*转wchar_t
- Open CV 图像显示(1)
- poj 3278 暴力BFS
- MySQL的安装(msi和zip格式)
- Java类加载过程
- 排序算法(八):小结
- 三列自适应布局的实现方式(兼容IE6+)
- T001 A+B(附常见标准输入输出)
- JDK中数据类型Boolean、Byte
- 关于KVC的介绍及使用---Cocoa中的大招