前后端aes加解密

由于项目改变了加密规则,由原来的三段式加密改为单纯的AES加密,外加MD5验签。所以对加密函数,进行了重写。

后台java代码
  1. 加密

    public static String encryptAES(String data,String key) throws Exception {
        KeyGenerator kgen = KeyGenerator.getInstance("AES");
        SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
        secureRandom.setSeed(key.getBytes());
        kgen.init(128, secureRandom);
        SecretKey skey = kgen.generateKey();
        byte[] raw = skey.getEncoded();
        SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
        Cipher cipher = Cipher.getInstance("AES");
        cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
    
        logger.info("???????? string:" + data);
        byte[] encryptedData = cipher.doFinal(data.getBytes("UTF-8"));
    
        String hexStr = Base64.encodeBase64String(encryptedData);
        logger.info("?????ase64?版?: hexStr:" + hexStr);
        return hexStr;
    }
    
  2. 解密

    public static String decryptAES(String data,String key)throws Exception {
        KeyGenerator kgen = KeyGenerator.getInstance("AES");
        //kgen.init(128, new SecureRandom(key.getBytes()));
        SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
        secureRandom.setSeed(key.getBytes());
        kgen.init(128, secureRandom);
    
        SecretKey skey = kgen.generateKey();
        byte[] raw = skey.getEncoded();
        SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
        Cipher cipher = Cipher.getInstance("AES");
        cipher.init(Cipher.DECRYPT_MODE, skeySpec);
    
        logger.info("瑙e?????? string:" + data);
        byte[] decryptedData = cipher.doFinal(Base64.decodeBase64(data));
        String respStr = new String(decryptedData,"UTF-8");
        logger.info("瑙e?????? string:" + respStr);
        return respStr;
    }
    
  3. MD5

    public static String getSingByMD5(String data,String key)throws Exception{
        String enStr = data + "|" + key ;
        String signature = MD5.digestBase64(enStr);
        return signature;
    }
    
前端js代码

前端使用cryptojs加密库

由于之前对加密算法不是很了解,并且项目内的Key并非直接使用,所以在处理KEY的问题上花费了较多的时间。
1. SHA1PRNG
java里可以是经过这个算法处理过的,在前端处理过程中,我们要把原始秘钥经过两次sha1加密,最后取其字符串前32位。
2. 加密

    function encrypt(data,key) {
      var realKey = getKey(key);
      var encrypt = CryptoJS.AES.encrypt(data, CryptoJS.enc.Hex.parse(realKey), {
        mode: CryptoJS.mode.ECB,
        padding: CryptoJS.pad.Pkcs7
      });
      return encrypt.ciphertext.toString(CryptoJS.enc.Base64);
    }

3. 解密

    function decrypt(data,key) {
      var realKey = getKey(key);
      var decrypt = CryptoJS.AES.decrypt({
        ciphertext: CryptoJS.enc.Base64.parse(data)
      }, CryptoJS.enc.Hex.parse(realKey), {
        mode: CryptoJS.mode.ECB,
        padding: CryptoJS.pad.Pkcs7
      });
      return decrypt.toString(CryptoJS.enc.Utf8);
    }
  1. 处理key

    function getKey(key) {
      var realKey = CryptoJS.SHA1(key);
      realKey = CryptoJS.SHA1(realKey).toString().substring(0, 32); //真正的key
      return realKey;
    }
    
  2. MD5

    function createMD5(data,key) {
      var str = data+'|'+key;
      var md5Str = CryptoJS.MD5(str).toString(CryptoJS.enc.Base64);
      return md5Str;
    }
    
nodejs对应代码

在node中使用自带的crypto库

//配置秘钥
let getkey=()=>"******";
let md5key=()=>"******";

// 加密
let encrypt = (data)=>{
  let key = realKey();
  let crypted='';
  let cipher = crypto.createCipheriv('aes-128-ecb', key, "");
  crypted = cipher.update(data, 'utf8', 'binary');
  crypted += cipher.final('binary');
  crypted = new Buffer(crypted, 'binary').toString('base64');
  return crypted;
}

// 解密
let decrypt=(data)=>{
  let key = realKey();
  let decipher = crypto.createDecipheriv('aes-128-ecb', key,"");
  const buf1 = new Buffer(data,"base64").toString('hex');
  let decrypted = decipher.update(buf1, 'hex', 'utf8');
  decrypted += decipher.final('utf8');
  return decrypted;
}

// 获取key
let realKey=()=>{
  let key = getkey();
  let keysha1 = crypto.createHash('sha1').update(key).digest('buffer');
  let realkey = crypto.createHash('sha1').update(keysha1).digest('hex').substring(0,32);
  return new Buffer(realkey,'hex');
}

let encryptmd5=(data)=>{
  let key = md5key();
  let str = data+"|"+key;
  let md5str = crypto.createHash('md5')
                .update(str)
                .digest('base64');
  return md5str;
}

module.exports = {
  encrypt,
  decrypt,
  encryptmd5
};
  • 2
    点赞
  • 5
    收藏
    觉得还不错? 一键收藏
  • 5
    评论
评论 5
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值