AJAX+REA实现前后台数据交互的加密解密
1、创建js文件Encryption.js
/**
* 加密解密
*/
/** RSA加密用 生成key */
function bodyRSA(){
/** 1024位的key参数写130,2014位的key参数写260 */
setMaxDigits(130);
/** ajax 调用后台方法,取回公钥 */
var keyR ;
$.ajax({
url: "/GHGL/Key/pk",//请求后台的url,本例是springMVC框架
type: "post",
cache: false,
async : false,
dataType: "text",
success: function (data)
{
keyR = data;
},
error:function (XMLHttpRequest, textStatus, errorThrown) {
alert("与服务器连接失败!");
}
});
/** RSAKeyPair 函数三个参数:加密指数、解密指数、系数 */
return new RSAKeyPair("10001","",keyR);
}
/** AES加密用 随机生成key和iv */
function randomString() {
var chars=‘ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789‘;
var length= chars.length;
var pwd=‘‘;
for(var i = 0; i < 16 ;i++){
pwd += chars.charAt(Math.floor(Math.random() * length));
}
return pwd;
}
/**
* AES加密
* @param data
* @param key
* @param iv
* @returns
*/
function getAesString(data,key,iv){
var key = CryptoJS.enc.Utf8.parse(key);
var iv = CryptoJS.enc.Utf8.parse(iv);
var encrypted = CryptoJS.AES.encrypt(data,key,
{
iv:iv,
mode:CryptoJS.mode.CBC,
padding:CryptoJS.pad.Pkcs7
});
return encrypted.toString();
}
/**
* AES解密
* @param encrypted
* @param key
* @param iv
* @returns
*/
function getDAesString(encrypted,key,iv){
var key = CryptoJS.enc.Utf8.parse(key);
var iv = CryptoJS.enc.Utf8.parse(iv);
var decrypted = CryptoJS.AES.decrypt(encrypted,key,
{
iv:iv,
mode:CryptoJS.mode.CBC,
padding:CryptoJS.pad.Pkcs7
});
return decodeURIComponent(decrypted.toString(CryptoJS.enc.Utf8)).replace("+", " ");
}2、ajax请求后台的java类(1)
package com.djzh.basicdata.controller;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import com.djzh.common.utils.EncryptionDecryption;
/**
* 获取RSA密钥文件中的公钥
* @author : hanlin
* @date : 2017年2月3日 下午3:32:31
* @version : 1.0
*/
@Controller
@RequestMapping("/Key")
public class PublicKeyController {
/**
* 获取RSA密钥文件中的公钥
* @return String类型
*/
@RequestMapping("/pk")
@ResponseBody
public String getPublicKey(){
/** 实例化加密解密工具类*/
EncryptionDecryption ed = new EncryptionDecryption();
return ed.getPublicKey();
}
}3、ajax请求后台的java类(2)--rea加解密的工具类
EncryptionDecryption.java
package com.djzh.common.utils;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
/**
* rsa aes 加密解密工具类
* Title: EncryptionDecryption
* Company: djzh
* @author hanlin
* @date 2017年1月17日 上午11:02:50
*/
public class EncryptionDecryption {
/** 密钥文件存储位置 */
private static String RSAKeyStore = "C:/RSAKey.txt";//在这个位置放这个文件
/**
* 日志记录器
*/
public static Logger logger = Logger.getLogger(EncryptionDecryption.class);
/**
* AES加密
* @param content 明文
* @param keyBytes 秘钥
* @param iv 偏移量
* @return
*/
public static String AES_CBC_Encrypt(String content, byte[] keyBytes, byte[] iv){
try{
SecretKeySpec key = new SecretKeySpec(keyBytes, "AES");
Cipher cipher=Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv));
content = URLEncoder.encode(content,"UTF-8"); //用url编码
byte[] result=cipher.doFinal(content.getBytes()); //加密
return new String(Base64.encodeBase64(result),"UTF-8");
}catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
} catch (InvalidAlgorithmParameterException e) {
e.printStackTrace();
}
return null;
}
/**
* AES解密
* @param content 密文
* @param keyBytes 秘钥
* @param iv 偏移量
* @return
*/
public static String AES_CBC_Decrypt(String content, byte[] keyBytes, byte[] iv){
try{
content = content.replaceAll(" ", "+");
byte[] decryptBaseData=Base64.decodeBase64(content.getBytes("utf-8"));
SecretKeySpec key = new SecretKeySpec(keyBytes, "AES");
Cipher cipher=Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv));
byte[] result=cipher.doFinal(decryptBaseData);
return URLDecoder.decode(new String(result),"utf-8");
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
} catch (InvalidAlgorithmParameterException e) {
e.printStackTrace();
}
return null;
}
/**
* 字符串转为 byte[]
* @param hexString
* @return
*/
public static byte[] hexStringToBytes(String hexString) {
if (hexString == null || hexString.equals("")) {
return null;
}
hexString = hexString.toUpperCase();
int length = hexString.length() / 2;
char[] hexChars = hexString.toCharArray();
byte[] d = new byte[length];
for (int i = 0; i < length; i++) {
int pos = i * 2;
d[i] = (byte) (charToByte(hexChars[pos]) << 4 | charToByte(hexChars[pos + 1]));
}
return d;
}
/**
* Convert char to byte
* @param c char
* @return byte
*/
private static byte charToByte(char c) {
return (byte) "0123456789ABCDEF".indexOf(c);
}
/**
* 解密由RSA加密的AES的key 和 iv
* @param para
* @return
* @throws Exception
*/
public static byte[] getValue(String param) throws Exception{
byte[] trueValue = null;
try {
if(!param.equals("") && param != null){
byte[] KeyB = hexStringToBytes(param);
KeyB = decrypt(getKeyPair().getPrivate(),KeyB);
StringBuffer sbKey = new StringBuffer();
sbKey.append(new String(KeyB));
param = sbKey.reverse().toString();
trueValue = URLDecoder.decode(param,"UTF-8").getBytes();
}
} catch (Exception e) {
//重要参数值
logger.error("传入参数:" + "param: " + param);
//异常说明
logger.error("解密由RSA加密的AES的key 和 iv 失败,可能前台传入的aKey或者aIv为空");
e.printStackTrace();
}
return trueValue;
}
/**
* 获取密钥文件中的公钥
* @return
*/
public String getPublicKey(){
Object publicKey = null;
String publicKEY = null;
try {
publicKey = getKeyPair().getPublic();
publicKEY = (String) publicKey.toString().subSequence(37, 293);
} catch (Exception e) {
e.printStackTrace();
}
return publicKEY;
}
/**
* RSA 生成密钥对
* @return
* @throws Exception
*/
public static KeyPair generateKeyPair() throws Exception {
try {
KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA",
new org.bouncycastle.jce.provider.BouncyCastleProvider());
final int KEY_SIZE = 1024;
keyPairGen.initialize(KEY_SIZE, new SecureRandom());
KeyPair keyPair = keyPairGen.generateKeyPair();
FileOutputStream fos = new FileOutputStream(RSAKeyStore);
ObjectOutputStream oos = new ObjectOutputStream(fos);
oos.writeObject(keyPair);
oos.close();
fos.close();
return keyPair;
} catch (Exception e) {
throw new Exception(e.getMessage());
}
}
/**
* 获取密钥对
* @return
* @throws Exception
*/
public static KeyPair getKeyPair() throws Exception {
FileInputStream fis = new FileInputStream(RSAKeyStore);
ObjectInputStream oos = new ObjectInputStream(fis);
KeyPair kp = (KeyPair) oos.readObject();
oos.close();
fis.close();
return kp;
}
/**
* 解密
* @param pk
* @param raw
* @return
* @throws Exception
*/
@SuppressWarnings("static-access")
private static byte[] decrypt(PrivateKey pk, byte[] raw) throws Exception {
try {
Cipher cipher = Cipher.getInstance("RSA",
new org.bouncycastle.jce.provider.BouncyCastleProvider());
cipher.init(cipher.DECRYPT_MODE, pk);
int blockSize = cipher.getBlockSize();
ByteArrayOutputStream bout = new ByteArrayOutputStream(64);
int j = 0;
while (raw.length - j * blockSize > 0) {
bout.write(cipher.doFinal(raw, j * blockSize, blockSize));
j++;
}
return bout.toByteArray();
} catch (Exception e) {
throw new Exception(e.getMessage());
}
}
}4、在某个盘的位置放这个文件,上面代码里调用了。见附件
C:/RSAKey.txt
5、在JSP页面导入Encryption.js,通过ajax进行加密请求
function dataAjaxRefer(){
//筛选条件的参数进行加密
var keyRSA = bodyRSA(); //生成RSA加密用的key
var key = randomString();//随机生成AES的key 和 iv
var iv = randomString();
var aKey = encryptedString(keyRSA, encodeURIComponent(key)); //RSA加密AES的key
var aIv = encryptedString(keyRSA, encodeURIComponent(iv)); //RSA加密AES的iv
var select1=$("#jffpqh").val();//参数1
var selectText1_ = getAesString(encodeURIComponent(select1),key,iv); //AES参数内容1
//筛选条件的参数
var data={
jffpqh:selectText1_, //参数1
aKey:aKey,
aIv:aIv
}
//console.log(data)
$.ajax({
type:"post",
url:"/GHGL/Distribution/showFundsTerm",//请求的url,本例为springMVC框架
async:true,
data:data,
dataType:"json",
success:function(data){
var decryptedStr = getDAesString(data,key,iv);//解密
}
},
error: function(XMLHttpRequest, textStatus, errorThrown) {
alert(XMLHttpRequest.status);
alert(XMLHttpRequest.readyState);
alert(textStatus);
},
complete: function(XMLHttpRequest, textStatus) {
this; // 调用本次AJAX请求时传递的options参数
}
});
}6、总结: 首先创建js文件,里面包含生成加密解密的 key 和iv、加密方法、机密方法,然后在后台写好相应的生成key,IV的工具类,工具类会读取 rsa.txt文件,然后通过js调用ajax进行加密查询,这是项目中用到的,所以给大家分享一下,希望能给大家提供帮助。
本文出自 “听雨盼永恒” 博客,请务必保留此出处http://yongguang.blog.51cto.com/9153118/1902061
原文地址:http://yongguang.blog.51cto.com/9153118/1902061
