在项目中遇到如下需求:用户在登录时密码经常使用明文传输,在不安全的网络环境下,很容易造成密码泄露,而密码直接存储在数据库中,如果数据泄露,也会造成安全问题。
解决方法:前端给后端传输密码关键信息时,进行加密后再传输,后端解密验证,然后将密码加密后再存储到数据库中。
这里使用了base64和jsencrypt对其加密密码明文问题。如下为引用的base64.js代码内容:
//1.加密解密方法使用:
//1.加密
// var str = '124中文内容';
// var base = new Base64();
// var result = base.encode(str);
// //document.write(result);
// //2.解密
// var result2 = base.decode(result);
// document.write(result2);
// //2.加密、解密算法封装:
function Base64() {
// private property
var _keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
// public method for encoding
this.encode = function (input) {
var output = "";
var chr1, chr2, chr3, enc1, enc2, enc3, enc4;
var i = 0;
input = _utf8_encode(input);
while (i < input.length) {
chr1 = input.charCodeAt(i++);
chr2 = input.charCodeAt(i++);
chr3 = input.charCodeAt(i++);
enc1 = chr1 >> 2;
enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
enc4 = chr3 & 63;
if (isNaN(chr2)) {
enc3 = enc4 = 64;
} else if (isNaN(chr3)) {
enc4 = 64;
}
output = output +
_keyStr.charAt(enc1) + _keyStr.charAt(enc2) +
_keyStr.charAt(enc3) + _keyStr.charAt(enc4);
}
return output;
}
// public method for decoding
this.decode = function (input) {
var output = "";
var chr1, chr2, chr3;
var enc1, enc2, enc3, enc4;
var i = 0;
input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");
while (i < input.length) {
enc1 = _keyStr.indexOf(input.charAt(i++));
enc2 = _keyStr.indexOf(input.charAt(i++));
enc3 = _keyStr.indexOf(input.charAt(i++));
enc4 = _keyStr.indexOf(input.charAt(i++));
chr1 = (enc1 << 2) | (enc2 >> 4);
chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
chr3 = ((enc3 & 3) << 6) | enc4;
output = output + String.fromCharCode(chr1);
if (enc3 != 64) {
output = output + String.fromCharCode(chr2);
}
if (enc4 != 64) {
output = output + String.fromCharCode(chr3);
}
}
output = _utf8_decode(output);
return output;
}
// private method for UTF-8 encoding
var _utf8_encode = function (string) {
string = string.replace(/\r\n/g,"\n");
var utftext = "";
for (var n = 0; n < string.length; n++) {
var c = string.charCodeAt(n);
if (c < 128) {
utftext += String.fromCharCode(c);
} else if((c > 127) && (c < 2048)) {
utftext += String.fromCharCode((c >> 6) | 192);
utftext += String.fromCharCode((c & 63) | 128);
} else {
utftext += String.fromCharCode((c >> 12) | 224);
utftext += String.fromCharCode(((c >> 6) & 63) | 128);
utftext += String.fromCharCode((c & 63) | 128);
}
}
return utftext;
}
// private method for UTF-8 decoding
var _utf8_decode = function (utftext) {
var string = "";
var i = 0;
var c = c1 = c2 = 0;
while ( i < utftext.length ) {
c = utftext.charCodeAt(i);
if (c < 128) {
string += String.fromCharCode(c);
i++;
} else if((c > 191) && (c < 224)) {
c2 = utftext.charCodeAt(i+1);
string += String.fromCharCode(((c & 31) << 6) | (c2 & 63));
i += 2;
} else {
c2 = utftext.charCodeAt(i+1);
c3 = utftext.charCodeAt(i+2);
string += String.fromCharCode(((c & 15) << 12) | ((c2 & 63) << 6) | (c3 & 63));
i += 3;
}
}
return string;
}
}
export default Base64
jsencrypt.js代码内容如下:
import JSEncrypt from 'jsencrypt/bin/jsencrypt.min'
// 密钥对生成 http://web.chacuo.net/netrsakeypair
// const publicKey = 'MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKoR8mX0rGKLqzcWmOzbfj64K8ZIgOdH\n' +
// 'nzkXSOVOZbFu/TJhZ7rFAN+eaGkl3C4buccQd/EjEsj9ir7ijT7h96MCAwEAAQ=='
const publicKey ='MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCQe/BSGAGmket3wie4zFB2tht1CUGsUZ0ly6wWLTp1uumSKBF0n5hwdfJUNrr7uRjL8hkJYYp55h0GtgsOQ2gaiIbmyJZ5enwEQKI4QWdUDw5A8F9FmKFube0TNw4PUX9AL0tBinSMhVNq9uznF5TWHoSPZYO+pjgkXuziv7YjQIDAQAB'
// const privateKey = 'MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAqhHyZfSsYourNxaY\n' +
// '7Nt+PrgrxkiA50efORdI5U5lsW79MmFnusUA355oaSXcLhu5xxB38SMSyP2KvuKN\n' +
// 'PuH3owIDAQABAkAfoiLyL+Z4lf4Myxk6xUDgLaWGximj20CUf+5BKKnlrK+Ed8gA\n' +
// 'kM0HqoTt2UZwA5E2MzS4EI2gjfQhz5X28uqxAiEA3wNFxfrCZlSZHb0gn2zDpWow\n' +
// 'cSxQAgiCstxGUoOqlW8CIQDDOerGKH5OmCJ4Z21v+F25WaHYPxCFMvwxpcw99Ecv\n' +
// 'DQIgIdhDTIqD2jfYjPTY8Jj3EDGPbH2HHuffvflECt3Ek60CIQCFRlCkHpi7hthh\n' +
// 'YhovyloRYsM+IS9h/0BzlEAuO0ktMQIgSPT3aFAgJYwKpqRYKlLDVcflZFCKY7u3\n' +
// 'UP8iWi1Qw0Y='
const privateKey ='MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAMJB78FIYAaaR63fCJ7jMUHa2G3UJQaxRnSXLrBYtOnW66ZIoEXSfmHB18lQ2uvu5GMvyGQlhinnmHQa2Cw5DaBqIhubIlnl6fARAojhBZ1QPDkDwX0WYoW5t7RM3Dg9Rf0AvS0GKdIyFU2r27OcXlNYehI9lg76mOCRe7OK/tiNAgMBAAECgYBSASfHPlhbMTHlMmwfNuWKWWpYIuBmjNujSFcLVsc4l+Pu1GXkU9HKTtxbPejNBJIhVQCRVk3mzr/K87IiKQuY2fBgPt9YqsXul2Nm2NwGOWPdUZbDqLrLS86ZWMIGWUSwQ2DACzKHgg/6/sBk+qim2NKj8AFFHz1qf0jiYDLJAQJBAOp9Kc5xTfRjn/3lR51JcNDLwlUkHPAbMliLuO9xpEgbCgRNblJHRhUvOgjYgkYdIdqR7dsm93yMne33c/i8QGECQQDUE/aQDLalYizv6j+55AuUiS6DDLxosbNd+J2itdofTCK2sdr7JeeCyBYg3LOmVegZm0Jb6JOJWbGdlO0BAretAkBTNYcYUuyuxIuJtUrsbZsy/JtBS0dZjM0YzrwZe+IoFDBBxphXaiNccR3O9cWEy+Gvhgk5s2IvOFbyktT8dxEBAkB0YFwN4hwcFwqnwLiljmFYagru+P8uyEywRWxjTD1crU/jRyfuZ3dqSdfywomGvl92Jb+9ZZwIZALWgVGpG0+lAkAE/gN+2jLgOrBvAk4aeOMlpJWMOQYLLRseKYKInMwuM8/zujM9boZfj7VJnsRhZPJ+7C/q6I8Y9boUxNu93iTz'
// 加密
export function encrypt(txt) {
const encryptor = new JSEncrypt()
encryptor.setPublicKey(publicKey) // 设置公钥
return encryptor.encrypt(txt) // 对数据进行加密
}
// 解密
export function decrypt(txt) {
const encryptor = new JSEncrypt()
encryptor.setPrivateKey(privateKey) // 设置私钥
return encryptor.decrypt(txt) // 对数据进行解密
}
如下图所示,对其密码已进行加密处理: