本篇文章的所有操作都是在jsp页面上进行的,完全与后台分离
part 1:加密方式
这个加密方式网上基本都有很多人总结,我在此也就抛砖引玉一下;
1、base64加密
在页面中引入base64.js文件,调用方法为:
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>base64加密</title>
<script type="text/javascript" src="base64.js"></script>
<script type="text/javascript">
var b = new Base64();
var str = b.encode("admin:admin");
alert("base64 encode:" + str);
//解密
str = b.decode(str);
alert("base64 decode:" + str);
</script>
</head>
<body>
</body>
</html>
2、md5加密
在页面中引用md5.js文件,调用方法为
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>md5加密</title>
<script type="text/ecmascript" src="md5.js"></script>
<script type="text/javascript">
var hash = hex_md5("123dafd");
alert(hash)
</script>
</head>
<body>
</body>
</html>
3、sha1加密
据说这是最安全的加密
页面中引入sha1.js,调用方法为
<!DOCTYPE HTML> <html> <head> <meta charset="utf-8"> <title>sha1加密</title> <script type="text/ecmascript" src="sha1.js"></script> <script type="text/javascript"> var sha = hex_sha1('mima123465') alert(sha) </script> </head> <body> </body> </html>
part 2:加密以及解密
md5.js只能实现加密功能,但是如果你从cookie中把密码取出来想解密的时候就尴尬了,所以此处我推荐两种密码加密又能解密的方法
1.Base64.js
废话不说,直接看代码(此处包括如何在jsp页面往cookie中保存用户名和密码)
<script>
//step 1:当鼠标点击复选框时,创建一个持久化的cookie
var userName=null;
var passWord=null;
//限制为:鼠标点击登录时判断:
$("#accLogBut").click(function(){
/* 将登录按钮置灰 */
//如果被选中状态,则创建cookie
if($('input[type=checkbox]').is(':checked')){
passWord = $('#passWord').val();
//创建cookie,并将用户名和密码保存进去,密码采用base64加密以及解密
$.cookie('userName',$('#userName').val(), { expires: 7});
$.cookie('passWord',$.base64.encode(passWord),{ expires: 7});
}else{
//如果复选框没有被选中,则删除cookie
$.cookie('userName', "");
$.cookie('passWord', "");
}
});
//页面每次被加载的时候,都把cookie中的值取出来,然后存放到对应的文本框中
$(function(){
var userName=$.cookie('userName');
var passWord=$.cookie('passWord');
$("#userName").val(userName);
$("#passWord").val($.base64.decode(passWord));
if(userName!=null&&userName!=""&&passWord!=null&&passWord!=""){
$("#rememberPassword").attr("checked",true);
}
});
</script>
<!-- 登录时记住密码结束-->
主要用到上面的两种方法:$.base64.encode(str)加密字符串
$.base64.decode(str)解密字符串
2.这是jquery插件库中的一种比较轻量级的加密解密过程
名字叫做DES
前端采用谷歌的crypto-js
直接上代码
前端需要引入的js
<script type="text/javascript" src="js/jquery.min.js" ></script> <script type="text/javascript" src="js/tripledes.js" ></script> <script type="text/javascript" src="js/mode-ecb.js" ></script>
关键方法
DES加密
// DES加密 function encryptByDES(message, key) { var keyHex = CryptoJS.enc.Utf8.parse(key); var encrypted = CryptoJS.DES.encrypt(message, keyHex, { mode: CryptoJS.mode.ECB, padding: CryptoJS.pad.Pkcs7 }); return encrypted.toString(); }
我们对helloworld进行DES加密,key设置为12345678
加密后的结果为
ovATL3QOQmKh0WiTqhkSbg==
后台采用java版本的DES解密
java版的DES工具类
DESUtil.java
import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.security.spec.InvalidKeySpecException; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import javax.crypto.SecretKey; import javax.crypto.SecretKeyFactory; import javax.crypto.spec.DESKeySpec; /** * DES加解密工具类 * */ public class DESUtil { private static final String DES_ALGORITHM = "DES"; /** * DES加密 * * @param plainData 原始字符串 * @param secretKey 加密密钥 * @return 加密后的字符串 * @throws Exception */ public static String encryption(String plainData, String secretKey) throws Exception { Cipher cipher = null; try { cipher = Cipher.getInstance(DES_ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, generateKey(secretKey)); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (NoSuchPaddingException e) { e.printStackTrace(); } catch (InvalidKeyException e) { } try { // 为了防止解密时报javax.crypto.IllegalBlockSizeException: Input length must // be multiple of 8 when decrypting with padded cipher异常, // 不能把加密后的字节数组直接转换成字符串 byte[] buf = cipher.doFinal(plainData.getBytes()); return Base64Utils.encode(buf); } catch (IllegalBlockSizeException e) { e.printStackTrace(); throw new Exception("IllegalBlockSizeException", e); } catch (BadPaddingException e) { e.printStackTrace(); throw new Exception("BadPaddingException", e); } } /** * DES解密 * @param secretData 密码字符串 * @param secretKey 解密密钥 * @return 原始字符串 * @throws Exception */ public static String decryption(String secretData, String secretKey) throws Exception { Cipher cipher = null; try { cipher = Cipher.getInstance(DES_ALGORITHM); cipher.init(Cipher.DECRYPT_MODE, generateKey(secretKey)); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); throw new Exception("NoSuchAlgorithmException", e); } catch (NoSuchPaddingException e) { e.printStackTrace(); throw new Exception("NoSuchPaddingException", e); } catch (InvalidKeyException e) { e.printStackTrace(); throw new Exception("InvalidKeyException", e); } try { byte[] buf = cipher.doFinal(Base64Utils.decode(secretData.toCharArray())); return new String(buf); } catch (IllegalBlockSizeException e) { e.printStackTrace(); throw new Exception("IllegalBlockSizeException", e); } catch (BadPaddingException e) { e.printStackTrace(); throw new Exception("BadPaddingException", e); } } /** * 获得秘密密钥 * * @param secretKey * @return * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException * @throws InvalidKeyException */ private static SecretKey generateKey(String secretKey) throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException { SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(DES_ALGORITHM); DESKeySpec keySpec = new DESKeySpec(secretKey.getBytes()); keyFactory.generateSecret(keySpec); return keyFactory.generateSecret(keySpec); } static private class Base64Utils { static private char[] alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=" .toCharArray(); static private byte[] codes = new byte[256]; static { for (int i = 0; i < 256; i++) codes[i] = -1; for (int i = 'A'; i <= 'Z'; i++) codes[i] = (byte) (i - 'A'); for (int i = 'a'; i <= 'z'; i++) codes[i] = (byte) (26 + i - 'a'); for (int i = '0'; i <= '9'; i++) codes[i] = (byte) (52 + i - '0'); codes['+'] = 62; codes['/'] = 63; } /** * 将原始数据编码为base64编码 */ static private String encode(byte[] data) { char[] out = new char[((data.length + 2) / 3) * 4]; for (int i = 0, index = 0; i < data.length; i += 3, index += 4) { boolean quad = false; boolean trip = false; int val = (0xFF & (int) data[i]); val <<= 8; if ((i + 1) < data.length) { val |= (0xFF & (int) data[i + 1]); trip = true; } val <<= 8; if ((i + 2) < data.length) { val |= (0xFF & (int) data[i + 2]); quad = true; } out[index + 3] = alphabet[(quad ? (val & 0x3F) : 64)]; val >>= 6; out[index + 2] = alphabet[(trip ? (val & 0x3F) : 64)]; val >>= 6; out[index + 1] = alphabet[val & 0x3F]; val >>= 6; out[index + 0] = alphabet[val & 0x3F]; } return new String(out); } /** * 将base64编码的数据解码成原始数据 */ static private byte[] decode(char[] data) { int len = ((data.length + 3) / 4) * 3; if (data.length > 0 && data[data.length - 1] == '=') --len; if (data.length > 1 && data[data.length - 2] == '=') --len; byte[] out = new byte[len]; int shift = 0; int accum = 0; int index = 0; for (int ix = 0; ix < data.length; ix++) { int value = codes[data[ix] & 0xFF]; if (value >= 0) { accum <<= 6; shift += 6; accum |= value; if (shift >= 8) { shift -= 8; out[index++] = (byte) ((accum >> shift) & 0xff); } } } if (index != out.length) throw new Error("miscalculated data length!"); return out; } } }