生成deskey生成的des加密密钥一定是8的整数倍的位数
function getrandomstr() { let str = "" let array = [ "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", ]; for (let i = 0; i < 8; i++) { str += array[math.round(math.random() * (array.length - 1))]; } return str;}
生成rsa密钥对rsa密钥对有很多种格式，因为需要和前端算法库互联互通，这里选择的是1024位，padding方式为pksc1
public static map<string, string> createkeyspksc1(int keysize) { // map装载公钥和私钥 map<string, string> keypairmap = new hashmap<string, string>(); try { security.addprovider(new org.bouncycastle.jce.provider.bouncycastleprovider()); securerandom random = new securerandom(); keypairgenerator generator = keypairgenerator.getinstance("rsa", "bc"); generator.initialize(keysize, random); keypair keypair = generator.generatekeypair(); rsapublickey publickey = (rsapublickey) keypair.getpublic(); rsaprivatekey privatekey = (rsaprivatekey) keypair.getprivate(); string publickeystr = new string(base64.encodebase64(publickey.getencoded())); string privatekeystr = new string(base64.encodebase64(privatekey.getencoded())); keypairmap.put("publickey", publickeystr); keypairmap.put("privatekey", privatekeystr); } catch (exception e) { e.printstacktrace(); } // 返回map return keypairmap; }
前端des加密引入crypto.js第三方库
function encryptbydes(message, key) { var keyhex = cryptojs.enc.utf8.parse(key); var encrypted = cryptojs.des.encrypt(message, keyhex, { mode: cryptojs.mode.ecb, padding: cryptojs.pad.pkcs7 }); return encrypted.tostring(); }
前端rsa加密引入jsencrypt,js第三方库
function encryptbyrsa(data, publickey) { var encryptor = new jsencrypt() encryptor.setpublickey(publickey) return encryptor.encrypt(data);; }
后端rsa解密 public static string decryptpksc1(string data, string privatekeystr) { try { security.addprovider(new org.bouncycastle.jce.provider.bouncycastleprovider()); cipher cipher = cipher.getinstance("rsa/none/pkcs1padding", "bc"); rsaprivatekey privatekey = getprivatekeypksc1(privatekeystr); cipher.init(cipher.decrypt_mode, privatekey); return new string(rsasplitcodec(cipher, cipher.decrypt_mode, base64.decodebase64(data), privatekey.getmodulus().bitlength()), charset); } catch (exception e) { throw new runtimeexception("解密字符串[" + data + "]时遇到异常", e); } }
后端des解密 public static string decrypt(string data, string key) throws ioexception, exception { if (data == null) return null; base64decoder decoder = new base64decoder(); byte[] buf = decoder.decodebuffer(data); byte[] bt = decrypt(buf, key.getbytes("utf-8")); return new string(bt, "utf-8"); }
后端自定义拦截器public class xssfilter implements filter, ordered { @override public void init(filterconfig filterconfig) throws servletexception { } @override public void destroy() { } @override public void dofilter(servletrequest request, servletresponse response, filterchain chain) throws ioexception, servletexception { string contenttype = request.getcontenttype(); if (stringutils.isnotblank(contenttype) && contenttype.contains("application/json")) { xssbodyrequestwrapper xssbodyrequestwrapper = new xssbodyrequestwrapper((httpservletrequest) request); chain.dofilter(xssbodyrequestwrapper, response); } else { chain.dofilter(request, response); } } @override public int getorder() { return 9; }}
public class xssbodyrequestwrapper extends httpservletrequestwrapper { private string body; public xssbodyrequestwrapper(httpservletrequest request) { super(request); try{ body = xssscriptutil.handlestring(commonutil.getbodystring(request)); string encrypt = request.getheader("encrypt"); if (!stringutil.isempty(encrypt)) { string privatekey = rsaencryptutil.getsystemdefaultrsaprivatekey(); string desencryptstr = rsaencryptutil.decryptpksc1(encrypt, privatekey); jsonobject obj = jsonobject.parseobject(body); string encryptparam = obj.getstring("encryptparam"); body = desencryptutil.decrypt(encryptparam, desencryptstr); } }catch (exception e){ e.printstacktrace(); } } @override public bufferedreader getreader() throws ioexception { return new bufferedreader(new inputstreamreader(getinputstream())); } @override public servletinputstream getinputstream() throws ioexception { final bytearrayinputstream bais = new bytearrayinputstream(body.getbytes(charset.forname("utf-8"))); return new servletinputstream() { @override public int read() throws ioexception { return bais.read(); } @override public boolean isfinished() { return false; } @override public boolean isready() { return false; } @override public void setreadlistener(readlistener readlistener) { } }; }}
以上就是springboot如何集成数据传输加密的详细内容。