網站密碼明文傳輸解決方案js+java

原創 六年级叔叔 2019-03-07 14:44

解決密碼明文傳輸的方案,基本有兩種解決方案

1,將項目網站全站升級爲https協議(如果要更謹慎,還需要加密)。

2,將密碼進行加密後,在後臺解密。

因項目升級https時間週期太長。將暫時替代方案改爲RSA加密解密方式:

最簡單的方案,前端加密,後端解密。未涉及到私鑰簽名等驗證。但工具類內提供方法,相信各位一看即懂。

1,前端js引入jsencrypt.js(官網有下載資源。可免費下載(但不兼容ie瀏覽器,在ie9以下使用會導致js報錯SCRIPT1010,具體原因可自行google或百度)。本博客下載資源內有兼容IE的版本,有需要的小夥伴可以下載)。

2,在前端js中使用方法:

    var passWord = document.getElementById("j_password");
    //密碼RSA加密
    var encrypt = new JSEncrypt();
    encrypt.setPublicKey("MIGfMA0GC4351345135134534");//此處爲RSA公鑰
    var passwordRSA = encrypt.encrypt(passWord.value);

3,將密碼密文傳輸後臺

4,後臺java的工具類

注:公鑰私鑰可以根據本工具類的initkey()方法生成。生成後將公鑰私鑰存儲,具體存儲看各位自己需求

/**
 * @Auther: pluto
 * @Date: 2019/2/27 10:09
 * @Description: RSAutil
 */
public class RSAUtils {
    private static Log log = LogFactory.getLog(RSAUtils.class);
    private static final String KEYALGORITHM = "RSA";
    private static final String SIGNATUREALGORITHM = "MD5withRSA";

    private static final String PUBLICKEY = "RSAPublicKey";
    private static final String PRIVATEKEY = "RSAPrivateKey";

    //rsa私鑰  或者可從配置文件讀取。
    public static final String DECRYPTPRIVATEKEY = "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAIMzJa4oZpQcPhRDTIaWnF4olSaeGt5oV0XFwoeeSK+FZ3lc4N34523tdfasgba";

    private RSAUtils(){super();}

    public static byte[] decryptBASE64(String key) {
        Base64 base64 = new Base64();
        return base64.decode(key);
    }

    public static String encryptBASE64(byte[] bytes) {
        Base64 base64 = new Base64();
        return base64.encodeToString(bytes);
    }

    /**
     *
     *
     * @param data
     *
     * @param privateKey
     *
     * @return
     * @throws Exception
     */
    public static String sign(byte[] data, String privateKey){
        try {

            byte[] keyBytes = decryptBASE64(privateKey);

            PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);

            KeyFactory keyFactory = KeyFactory.getInstance(KEYALGORITHM);

            PrivateKey priKey = keyFactory.generatePrivate(pkcs8KeySpec);

            Signature signature = Signature.getInstance(SIGNATUREALGORITHM);
            signature.initSign(priKey);
            signature.update(data);
            return encryptBASE64(signature.sign());
        }catch (Exception e){
            log.error("RSAUtilsSignError");
            return "";
        }
    }

    /**
     *
     *
     * @param data
     *
     * @param publicKey
     *
     * @param sign
     *
     * @return
     * @throws Exception
     */
    public static boolean verify(byte[] data, String publicKey, String sign){
        try {

            byte[] keyBytes = decryptBASE64(publicKey);

            X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);

            KeyFactory keyFactory = KeyFactory.getInstance(KEYALGORITHM);

            PublicKey pubKey = keyFactory.generatePublic(keySpec);
            Signature signature = Signature.getInstance(SIGNATUREALGORITHM);
            signature.initVerify(pubKey);
            signature.update(data);

            return signature.verify(decryptBASE64(sign));
        }catch (Exception e){
            log.error("RSAUtilsVerifySignError");
            return false;
        }
    }

    public static byte[] decryptByPrivateKey(byte[] data, String key){
        try {

            byte[] keyBytes = decryptBASE64(key);

            PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
            KeyFactory keyFactory = KeyFactory.getInstance(KEYALGORITHM);
            Key privateKey = keyFactory.generatePrivate(pkcs8KeySpec);

            Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
            cipher.init(Cipher.DECRYPT_MODE, privateKey);
            return cipher.doFinal(data);
        }catch (Exception e){
            log.error("RSAUtilsPrivateKeyDecryptError");
            return new byte[0];
        }
    }

    /**
     *
     * @param data
     * @param key
     * @return
     * @throws Exception
     */
    public static byte[] decryptByPrivateKey(String data, String key){
        return decryptByPrivateKey(decryptBASE64(data), key);
    }

    /**
     *
     * @param data
     * @param key
     * @return
     * @throws Exception
     */
    public static byte[] decryptByPublicKey(byte[] data, String key){
        try {

            byte[] keyBytes = decryptBASE64(key);

            X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
            KeyFactory keyFactory = KeyFactory.getInstance(KEYALGORITHM);
            Key publicKey = keyFactory.generatePublic(x509KeySpec);

            Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
            cipher.init(Cipher.DECRYPT_MODE, publicKey);
            return cipher.doFinal(data);
        }catch (Exception e){
            log.error("RSAUtilsPublicKeyDecryptError");
            return new byte[0];
        }

    }

    /**
     *
     * @param data
     * @param key
     * @return
     * @throws Exception
     */
    public static byte[] encryptByPublicKey(String data, String key) {
        try {

            byte[] keyBytes = decryptBASE64(key);

            X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
            KeyFactory keyFactory = KeyFactory.getInstance(KEYALGORITHM);
            Key publicKey = keyFactory.generatePublic(x509KeySpec);

            Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
            cipher.init(Cipher.ENCRYPT_MODE, publicKey);
            return cipher.doFinal(data.getBytes());
        }catch (Exception e){
            log.error("RSAUtilsPublicKeyEncryptError");
            return new byte[0];
        }
    }

    /**
     *
     * @param data
     * @param key
     * @return
     * @throws Exception
     */
    public static byte[] encryptByPrivateKey(byte[] data, String key){
        try {

            byte[] keyBytes = decryptBASE64(key);

            PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
            KeyFactory keyFactory = KeyFactory.getInstance(KEYALGORITHM);
            Key privateKey = keyFactory.generatePrivate(pkcs8KeySpec);

            Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
            cipher.init(Cipher.ENCRYPT_MODE, privateKey);
            return cipher.doFinal(data);
        }catch (Exception e){
            log.error("RSAUtilsPrivateKeyEncryptError");
            return new byte[0];
        }
    }

    /**
     *
     * @param keyMap
     * @return
     * @throws Exception
     */
    public static String getPrivateKey(Map<String, Key> keyMap){
        if(keyMap != null){
            Key key = keyMap.get(PRIVATEKEY);
            return encryptBASE64(key.getEncoded());
        }else{
            return "";
        }
    }

    /**
     *
     * @param keyMap
     * @return
     * @throws Exception
     */
    public static String getPublicKey(Map<String, Key> keyMap){
        if(keyMap != null){
            Key key = keyMap.get(PUBLICKEY);
            return encryptBASE64(key.getEncoded());
        }else {
            return "";
        }
    }

    /**
     *
     * @return
     * @throws Exception
     */
    public static Map<String, Key> initKey(){
        try {
            KeyPairGenerator keyPairGen = KeyPairGenerator
                    .getInstance(KEYALGORITHM);
            keyPairGen.initialize(2048);
            KeyPair keyPair = keyPairGen.generateKeyPair();
            Map<String, Key> keyMap = new HashMap(2);
            keyMap.put(PUBLICKEY, keyPair.getPublic());
            keyMap.put(PRIVATEKEY, keyPair.getPrivate());
            return keyMap;
        } catch (NoSuchAlgorithmException e) {
            log.error("RSAUtilsInitKeyError");
            return null;
        }
    }
}

5,接取並解密

注:若爲ajax傳輸,可不必轉碼,若form表單形式提交,js會自動轉碼,後臺需要解碼。(也可統一解碼,畢竟沒什麼影響)

代碼如下:

		String pass=request.getParameter("pass");
		//此處進行密碼的解密 begin
		try {
			pass = URLDecoder.decode(pass,"UTF-8").replace(' ', '+');
		} catch (UnsupportedEncodingException e1) {
			return new ModelAndView(this.getErrorView());
		}
		byte[] decryptData = RSAUtils.decryptByPrivateKey(pass,RSAUtils.DECRYPTPRIVATEKEY);
		String decryptPas = "";
		if(decryptData.length == 0){
			return new ModelAndView(this.getErrorView());
		}else{
			decryptPas = new String(decryptData);
		}
		//此處進行密碼的解密 end

獲取到解密後的密碼走正常的業務流程即可!

 

發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章

w3a45y6trr etrd

rejesaw280 2022-06-18 12:53:13

Skincell Advanced Review - Have you read the ingredients, benefits and side effects?

pjhjakhfj 2022-06-17 14:40:48

GOODMAN增大丸三大效果

LouisRodgers5773 2022-06-17 11:07:57

光年动画电影简介:为什么在阿联酋被禁?

dimyatiel84 2022-06-17 04:56:34

Logging While Drilling Market Research Report and Forecast to 2030

deepak.s.msg 2022-06-15 20:58:58

MetaboFix (2022 Update) Ingredients Benefits Side Effects Price?

gnjdjgga 2022-06-15 13:22:56

VIDEA Teljes film Magyar

firdauskomarove 2022-06-15 13:00:49

壯陽藥誤區你是否有正確使用壯陽藥?

LouisRodgers5773 2022-06-14 11:46:37

男人如何日常保健?做好這些事....

SteveSapp9 2022-10-14 16:18:29

長期服用“西地那非”會上癮嗎?停藥會有副作用嗎?

LouisRodgers5773 2022-06-21 16:23:47

陽痿的症狀表現有哪些?這兩種症狀表現要區分

mugiseki2710 2022-06-17 16:21:32

Semiconductor Industry Landscape Market Trends, Growth Analysis to 2030

chhidami.a.msg 2022-06-16 20:30:07

紀念鄭成功收複台灣360周年大會在福建南安舉行

mugiseki2710 2022-06-15 17:23:15

必利勁藥效時間多長呢?

LouisRodgers5773 2022-06-14 12:05:47

樂威壯購買需要處方箋嗎

LouisRodgers5773 2022-06-14 11:29:16