Bagaimana SpringBoot menyepadukan penyulitan penghantaran data

Jana DESKey

Kunci penyulitan DES yang dijana mesti mempunyai beberapa digit yang merupakan gandaan integral 8

function getRandomStr() {
    let str = ""
    let array = [
        "0",
        "1",
        "2",
        "3",
        "4",
        "5",
        "6",
        "7",
        "8",
        "9",
        "a",
        "b",
        "c",
        "d",
        "e",
        "f",
        "g",
        "h",
        "i",
        "j",
        "k",
        "l",
        "m",
        "n",
        "o",
        "p",
        "q",
        "r",
        "s",
        "t",
        "u",
        "v",
        "w",
        "x",
        "y",
        "z",
        "A",
        "B",
        "C",
        "D",
        "E",
        "F",
        "G",
        "H",
        "I",
        "J",
        "K",
        "L",
        "M",
        "N",
        "O",
        "P",
        "Q",
        "R",
        "S",
        "T",
        "U",
        "V",
        "W",
        "X",
        "Y",
        "Z",
    ];
    for (let i = 0; i < 8; i++) {
        str +=  array[Math.round(Math.random() * (array.length - 1))];
    }
    return str;
}

Jana pasangan kunci RSA

Terdapat banyak RSA format pasangan kunci, kerana ia perlu disambungkan dengan perpustakaan algoritma bahagian hadapan, 1024-bit dipilih di sini, dan kaedah padding ialah PKSC1

    public static Map<String, String> createKeysPKSC1(int keySize) {
        // map装载公钥和私钥
        Map<String, String> keyPairMap = new HashMap<String, String>();
        try {
            Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
            SecureRandom random = new SecureRandom();
            KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", "BC");
            generator.initialize(keySize, random);
            KeyPair keyPair = generator.generateKeyPair();
            RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
            RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
            String publicKeyStr = new String(Base64.encodeBase64(publicKey.getEncoded()));
            String privateKeyStr = new String(Base64.encodeBase64(privateKey.getEncoded()));
            keyPairMap.put("publicKey", publicKeyStr);
            keyPairMap.put("privateKey", privateKeyStr);
        } catch (Exception e) {
            e.printStackTrace();
        }
        // 返回map
        return keyPairMap;
    }

Penyulitan DES bahagian hadapan

Pengenalan pustaka pihak ketiga crypto.js

    function encryptByDES(message, key) {
        var keyHex = CryptoJS.enc.Utf8.parse(key);
        var encrypted = CryptoJS.DES.encrypt(message, keyHex, {
            mode: CryptoJS.mode.ECB,
            padding: CryptoJS.pad.Pkcs7
        });
        return encrypted.toString();
    }

Penyulitan RSA bahagian hadapan

Memperkenalkan jsencrypt, perpustakaan pihak ketiga js

    function encryptByRSA(data, publicKey) {
        var encryptor = new JSEncrypt()
        encryptor.setPublicKey(publicKey)
        return encryptor.encrypt(data);;
    }

Penyahsulitan RSA bahagian belakang

    public static String decryptPKSC1(String data, String privateKeyStr) {
        try {
            Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
            Cipher cipher = Cipher.getInstance("RSA/None/PKCS1Padding", "BC");
            RSAPrivateKey privateKey = getPrivateKeyPKSC1(privateKeyStr);
            cipher.init(Cipher.DECRYPT_MODE, privateKey);
            return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(data), privateKey.getModulus().bitLength()), CHARSET);
        } catch (Exception e) {
            throw new RuntimeException("解密字符串[" + data + "]时遇到异常", e);
        }
    }

Penyahsulitan DES belakang

    public static String decrypt(String data, String key) throws IOException,
            Exception {
        if (data == null)
            return null;
        BASE64Decoder decoder = new BASE64Decoder();
        byte[] buf = decoder.decodeBuffer(data);
        byte[] bt = decrypt(buf, key.getBytes("UTF-8"));
        return new String(bt, "UTF-8");
    }

Pemintas Tersuai Bahagian belakang

public class XSSFilter implements Filter, Ordered {
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
    }
    @Override
    public void destroy() {
    }
    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        String contentType = request.getContentType();
        if (StringUtils.isNotBlank(contentType) && contentType.contains("application/json")) {
            XSSBodyRequestWrapper xssBodyRequestWrapper = new XSSBodyRequestWrapper((HttpServletRequest) request);
            chain.doFilter(xssBodyRequestWrapper, response);
        } else {
            chain.doFilter(request, response);
        }
    }
    @Override
    public int getOrder() {
        return 9;
    }
}

rrree

Atas ialah kandungan terperinci Bagaimana SpringBoot menyepadukan penyulitan penghantaran data. Untuk maklumat lanjut, sila ikut artikel berkaitan lain di laman web China PHP!