zoukankan      html  css  js  c++  java
  • 前后端分离密码登陆加密RSA方案(java后端)

    前言:密码加密有很多种方案,这里不做过多讨论,本篇文章是基于RSA加密实现。

    首先在前端工程中需要引入加密js: "jsencrypt": "2.3.1",(注意单独导入可能报错,可以删除整个node_modules,然后重新npm install)

    然后在登陆提交表单的地方代码修改如下:

    // 引入js
    import {JSEncrypt} from 'jsencrypt'
    
     // 提交表单方法
          dataFormSubmit () {
            this.dataForm.password = this.passwordEncryption(this.dataForm.password + ',' + new Date().getTime())
          this.$http({
                  url: this.$http.adornUrl('/sys/login'),
                  method: 'post',
                  data: this.$http.adornData({
                    'username': this.dataForm.userName,
                    'password': this.dataForm.password,
                    'uuid': this.dataForm.uuid,
                    'captcha': this.dataForm.captcha
                  })
          },
      //密码加密方法
      passwordEncryption (passwordUser) {
        console.log(this.rsaKey + ' ********后台获取公钥********** ')
        let publicKey = this.rsaKey // 从后台获取公钥
        let encryptor = new JSEncrypt()  // 新建JSEncrypt对象
        encryptor.setPublicKey(publicKey)  // 设置公钥
        let passwordEncryp = encryptor.encrypt(passwordUser)  // 对密码进行加密
       console.log(passwordEncryp + ' ****************** ')
        return passwordEncryp
      },
    // 获取公钥的方法
    getRsaKey () {
      this.$http({
        url: this.$http.adornUrl('/sys/login/rsaKey'),
        method: 'get'
      }).then(({data}) => {
        this.rsaKey = data
      })
    }
    

      

     后端工程代码如下

    
    
    //controller 密码加密后用密钥解密
    form.setPassword(AccountSecurityUtils.decrypt(form.getPassword()));

    //AccountSecurityUtils 工具类
    public static final String PUBLIC_KEY = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCsD1gI70BxYujhNw8NpaVKRXkcRofoeUbN9Dj5m3i3h9XAIS6LkjI01L4ieRpTHnMEzoXUY8a2/svDf//xuHuDJlZBNtCXK4DPx5x4zHdUWDjFGpWlMQzhsqQlfs0tkN5gP095g27L0ki/NrRuBpgxP1q2dHKpL37sBF8XNRpedwIDAQAB";

    private static final String PRIVATE_KEY = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKwPWAjvQHFi6OE3Dw2lpUpFeRxGh+h5Rs30OPmbeLeH1cAhLouSMjTUviJ5GlMecwTOhdRjxrb+y8N///G4e4MmVkE20JcrgM/HnHjMd1RYOMUalaUxDOGypCV+zS2Q3mA/T3mDbsvSSL82tG4GmDE/WrZ0cqkvfuwEXxc1Gl53AgMBAAECgYEAogyhgWi0bRYW92Z/yv6julvMQRE8l3sBcJ//uTbwbwqECrw1tkYu+wsTOCyO2pHnCjPoX6zJTziSeMJpMCPsToCm3+EO38Ki/12RSJ51DgSl7C4R8leoFMZAmExQO4L1rVae2dJS80dvfpLeNiquJw4y7xjXIBUYbQfu+mNKHoECQQDic2F3UMm05M1d/POQHqsuMohoDhwVM0N8/SdbA4fpYFFOahMWdmuFclYbkgTwfYBdGMH/UHLsCGWVv8z48jKHAkEAwoMID93DzTsZWqxAoyGDg7GGdNsMPvYErRxwcOVNpdQXv8F7IAXOslLTvJF542dplCCNzLgyupwxMPlMLuZAkQJANpcoHPJt3dz2oTzUnp62F6n49lTIclfsYhpJPYipYBpnH2c0+MpNe1sn5Peblzo6ErdgNSN4wOv5SVN2n2ELywJAGjyiccFwD9bQ7LIfZeG3Y6QmhsylMjjtGIylfhTwDFY3fd4TRZaC8vrJJL5aupnQW/KoLd0KurEm0XxPEmRsgQJARKNghvpoce39bD/BbC2AojY5Ea6afLzW+GllxHGNGkgGu+x3c4PIUDAt8f60021WoENtonEQpEjzbIU5XpefJA==";

    /**
    * 加密数据和秘钥的编码方式
    */
    public static final String UTF_8 = "UTF-8";

    public static final String RSA_ALGORITHM_NO_PADDING = "RSA";

    public static String decrypt(String password) {
    try {
    String getPass = decryptRSADefault(PRIVATE_KEY, password);
    String longtime = StringUtils.substringAfterLast(getPass, ",");
    if ((System.currentTimeMillis() - Long.valueOf(longtime) > 30 * 60 * 1000)) {
            //抛出自定义异常
    throw new MYException("密码超时");
    }
    return StringUtils.substringBeforeLast(getPass, ",");
    } catch (Exception e) {
    if (e instanceof MYException) {
    throw new MYException(e.getMessage());
    }
    log.error("password is :" + password + " 密码解密异常:" + e.getMessage());
    }
    return null;
    }
    public static String decryptRSADefault(String privateKeyStr, String data) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, UnsupportedEncodingException {
    KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM_NO_PADDING);
    byte[] privateKeyArray = privateKeyStr.getBytes();
    byte[] dataArray = data.getBytes();
    PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKeyArray));
    PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);

    Cipher cipher = Cipher.getInstance(RSA_ALGORITHM_NO_PADDING);
    cipher.init(Cipher.DECRYPT_MODE, privateKey);
    return new String(cipher.doFinal(Base64.decodeBase64(dataArray)), UTF_8);
    }


    相关代码参考博客:https://blog.csdn.net/qq_37346607/article/details/85237368

  • 相关阅读:
    Rational Rose 2003 逆向工程转换C++ / VC++ 6.0源代码成UML类图
    用VC实现特定编辑框上对回车键响应
    22.职责链模式
    21.策略模式
    20.状态模式
    19.解释器模式
    18.备忘录模式
    17.中介者模式
    16.观察者模式
    15.迭代器模式
  • 原文地址:https://www.cnblogs.com/liran123/p/10578239.html
Copyright © 2011-2022 走看看