1.模块安装
npm install crypto-js
2.新建插件secret.js
import CryptoJS from 'crypto-js' // 默认的 KEY 与 iv 如果没有给 const KEY = CryptoJS.enc.Utf8.parse("1234567890123456"); const IV = CryptoJS.enc.Utf8.parse('1234567890123456'); /** * AES加密 :字符串 key iv 返回base64 */ export function Encrypt(word, keyStr, ivStr) { let key = KEY; let iv = IV; if (keyStr) { key = CryptoJS.enc.Utf8.parse(keyStr); iv = CryptoJS.enc.Utf8.parse(ivStr); } let srcs = CryptoJS.enc.Utf8.parse(word); var encrypted = CryptoJS.AES.encrypt(srcs, key, { iv: iv, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.ZeroPadding }); return CryptoJS.enc.Base64.stringify(encrypted.ciphertext); } /** * AES 解密 :字符串 key iv 返回base64 * * @return {string} */ export function Decrypt(word, keyStr, ivStr) { let key = KEY; let iv = IV; if (keyStr) { key = CryptoJS.enc.Utf8.parse(keyStr); iv = CryptoJS.enc.Utf8.parse(ivStr); } let base64 = CryptoJS.enc.Base64.parse(word); let src = CryptoJS.enc.Base64.stringify(base64); let decrypt = CryptoJS.AES.decrypt(src, key, { iv: iv, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.ZeroPadding }); let decryptedStr = decrypt.toString(CryptoJS.enc.Utf8); return decryptedStr.toString(); }
3.login.vue引入加密方法
import {Encrypt} from '../utils/Secret.js'
4.login.vue登录请求发起,对密码参数加密
let param={ username:this.loginForm.username, password:Encrypt(this.loginForm.password) //密码加密 }
5.后端pom.xml
<!--密码解密-->
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.60</version>
</dependency>
6.后端utils–>secretUtil.java
package com.xiaobing.demo01.utils; import org.apache.tomcat.util.codec.binary.Base64; import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; public class PasswordUtil { /*** * key和iv值可以随机生成 */ private static String KEY = "1234567890123456"; private static String IV = "1234567890123456"; /*** * 加密 * @param data 要加密的数据 * @return encrypt */ public static String encrypt(String data){ return encrypt(data, KEY, IV); } /*** * param data 需要解密的数据 * 调用desEncrypt()方法 */ public static String desEncrypt(String data){ return desEncrypt(data, KEY, IV); } /** * 加密方法 * @param data 要加密的数据 * @param key 加密key * @param iv 加密iv * @return 加密的结果 */ private static String encrypt(String data, String key, String iv){ try { //"算法/模式/补码方式"NoPadding PkcsPadding Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding"); int blockSize = cipher.getBlockSize(); byte[] dataBytes = data.getBytes(); int plaintextLength = dataBytes.length; if (plaintextLength % blockSize != 0) { plaintextLength = plaintextLength + (blockSize - (plaintextLength % blockSize)); } byte[] plaintext = new byte[plaintextLength]; System.arraycopy(dataBytes, 0, plaintext, 0, dataBytes.length); SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES"); IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes()); cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec); byte[] encrypted = cipher.doFinal(plaintext); return new Base64().encodeToString(encrypted); } catch (Exception e) { e.printStackTrace(); return null; } } /** * 解密方法 * @param data 要解密的数据 * @param key 解密key * @param iv 解密iv * @return 解密的结果 */ private static String desEncrypt(String data, String key, String iv){ try { byte[] encrypted1 = new Base64().decode(data); Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding"); SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(), "AES"); IvParameterSpec ivSpec = new IvParameterSpec(iv.getBytes()); cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec); byte[] original = cipher.doFinal(encrypted1); return new String(original).trim(); } catch (Exception e) { e.printStackTrace(); return null; } } }
7.登录Controller对前端传来的密码解密(先导入加密工具类)
// PasswordUtil.desEncrypt: 前端传来的加密密码进行解密
User user=userService.loginByInfo(username,
PasswordUtil.desEncrypt(password));
8.亲测后备份吧。感谢大佬原文:https://blog.csdn.net/weixin_43934513/article/details/108982981