前台js加密,将摘要和参数传递到后台
后台根据参数加密,与摘要进行比对,确定数据的完整性
js算法如下:
// 字符串加密成 hex 字符串
function SHA1(s) {
//加盐值 随意定义盐值,与后台保持一致
s+="1qaz!QAZ";
var data = new Uint8Array(encodeUTF8(s))
var i, j, t;
var l = ((data.length + 8) >>> 6 << 4) + 16, s = new Uint8Array(l << 2);
s.set(new Uint8Array(data.buffer)), s = new Uint32Array(s.buffer);
for (t = new DataView(s.buffer), i = 0; i < l; i++)
s[i] = t.getUint32(i << 2);
s[data.length >> 2] |= 0x80 << (24 - (data.length & 3) * 8);
s[l - 1] = data.length << 3;
var w = [], f = [ function() {
return m[1] & m[2] | ~m[1] & m[3];
}, function() {
return m[1] ^ m[2] ^ m[3];
}, function() {
return m[1] & m[2] | m[1] & m[3] | m[2] & m[3];
}, function() {
return m[1] ^ m[2] ^ m[3];
} ], rol = function(n, c) {
return n << c | n >>> (32 - c);
}, k = [ 1518500249, 1859775393, -1894007588, -899497514 ], m = [
1732584193, -271733879, null, null, -1009589776 ];
m[2] = ~m[0], m[3] = ~m[1];
for (i = 0; i < s.length; i += 16) {
var o = m.slice(0);
for (j = 0; j < 80; j++)
w[j] = j < 16 ? s[i + j] : rol(w[j - 3] ^ w[j - 8] ^ w[j - 14]
^ w[j - 16], 1), t = rol(m[0], 5) + f[j / 20 | 0]() + m[4]
+ w[j] + k[j / 20 | 0] | 0, m[1] = rol(m[1], 30), m.pop(),
m.unshift(t);
for (j = 0; j < 5; j++)
m[j] = m[j] + o[j] | 0;
}
;
t = new DataView(new Uint32Array(m).buffer);
for (var i = 0; i < 5; i++)
m[i] = t.getUint32(i << 2);
var hex = Array.prototype.map.call(
new Uint8Array(new Uint32Array(m).buffer), function(e) {
return (e < 16 ? "0" : "") + e.toString(16);
}).join("");
return hex.toUpperCase();
}
function encodeUTF8(s) {
var i, r = [], c, x;
for (i = 0; i < s.length; i++)
if ((c = s.charCodeAt(i)) < 0x80)
r.push(c);
else if (c < 0x800)
r.push(0xC0 + (c >> 6 & 0x1F), 0x80 + (c & 0x3F));
else {
if ((x = c ^ 0xD800) >> 10 == 0) // 对四字节UTF-16转换为Unicode
c = (x << 10) + (s.charCodeAt(++i) ^ 0xDC00) + 0x10000, r.push(
0xF0 + (c >> 18 & 0x7), 0x80 + (c >> 12 & 0x3F));
else
r.push(0xE0 + (c >> 12 & 0xF));
r.push(0x80 + (c >> 6 & 0x3F), 0x80 + (c & 0x3F));
}
;
return r;
}
html使用:
<script type="text/javaScript">
function sha1(){
//定义初始信息
var initInfo="要加密的字符串";
//获取摘要
var shaMessageCode=SHA1(initInfo);
alert(shaMessageCode);
}
</script>
后台java计算比对摘要信息,确定传输的信息是否完整,方法如下:
import java.security.MessageDigest;
public class SHA1Util {
//取加盐值 随意定义盐值,与前台保持一致
private static String SHA_SECRET = "1qaz!QAZ";
/**
* @Comment SHA1实现
* @Author Ron
* @Date 2017年9月13日 下午3:30:36
* @return
*/
public static String shaEncode(StringBuffer inStr) throws Exception {
//加盐值
inStr.append(SHA_SECRET);
MessageDigest sha = null;
try {
sha = MessageDigest.getInstance("SHA1");
} catch (Exception e) {
System.out.println(e.toString());
e.printStackTrace();
return "";
}
byte[] byteArray = inStr.toString().getBytes("UTF-8");
byte[] md5Bytes = sha.digest(byteArray);
StringBuffer hexValue = new StringBuffer();
for (int i = 0; i < md5Bytes.length; i++) {
int val = ((int) md5Bytes[i]) & 0xff;
if (val < 16) {
hexValue.append("0");
}
hexValue.append(Integer.toHexString(val));
}
return hexValue.toString().toUpperCase();
}
public static void main(String args[]) throws Exception {
StringBuffer str = new StringBuffer("美国2019-07-012019-07-31");
System.out.println("原始:" + str);
System.out.println("SHA后:" + shaEncode(str));
}
}
输出:原始:美国2019-07-012019-07-31
SHA后:B68399AF967F5F27ACFBD83FDF2026A8F33EB9DC