前言:
现在咱们对“jquerybase64加密解密”大概比较着重,看官们都需要了解一些“jquerybase64加密解密”的相关知识。那么小编在网络上汇集了一些关于“jquerybase64加密解密””的相关文章,希望各位老铁们能喜欢,咱们一起来学习一下吧!背景
网站被扫描出了漏洞,主要就是登录没有给密码加密,这篇文章来介绍下使用RSA加密密码。
RSA算法
RSA加密算法采用了公钥加密和私钥解密的方式,其核心原理是基于大数分解的困难性。具体原理如下:
选择两个大素数p和q,并计算它们的乘积n。计算欧拉函数phi(n) = (p-1)(q-1)。选择一个整数e,使得1<e<phi(n),且e与phi(n)互质。计算e关于phi(n)的模反元素d,即满足ed ≡ 1 (mod phi(n))。公钥为(n, e),私钥为(n, d)。
生成一对公钥私钥,公钥用于加密数据,在前端使用,私钥用于解密数据,在后端使用。
使用
运行如下方法,产生一对公私钥
public static Map<String,String> GeneratorKey() throws Exception {KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(RSA);keyPairGen.initialize(KEY_SIZE, new SecureRandom());KeyPair keyPair = keyPairGen.generateKeyPair();// 生成秘钥对RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate(); // 得到私钥RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); // 得到公钥// base64转码String publicKeyString = new String(Base64.getEncoder().encodeToString(publicKey.getEncoded()));String privateKeyString = new String(Base64.getEncoder().encodeToString((privateKey.getEncoded())));Map<String,String> keyMap = new HashMap<>();keyMap.put(RSA_PUBLIC_KEY, publicKeyString); // 公钥keyMap.put(RSA_PRIVATE_KEY, privateKeyString); // 私钥return keyMap;}前段引入jquery和jsencrypt
<script src="<%=basePath%>admin/js/jquery.min.js?v=2.1.4"></script><script src="<%=basePath%>admin/js/jsencrypt.min.js"></script>
Form表单
<form class="m-t" role="form" action="<%=basePath%>adminCommerceInfoAction/adminLogin" method="post"><div class="form-group"><input name="username" type="text" class="form-control_login uname_b singup_input" placeholder="请输入用户名" required="请输入用户名"></div><div class="form-group"><input name="pwd" type="password" class="form-control_login pword_b singup_input" autocomplete="off" placeholder="请输入密码" required="请输入密码"></div><button type="button" onclick="adminLogin()" class="btn btn-primary block full-width m-b" style="margin-top: 30px;">登 录</button></form>
加密代码
<script type="text/javascript">function adminLogin(){//公钥var public_key = '-----BEGIN RSA PUBLIC KEY-----MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANhmIu8ivzOpXpKGsqWoztzBYDvlm8c05THdG5g9Bp62323423423gi7dvN5uOIpxie9qfRBxUK9tcJQvO5WLKqbEECAwEAAQ==-----END RSA PUBLIC KEY-----';var password = $(".m-t input[name='pwd']").val();//使用公钥加密var encrypt = new JSEncrypt();encrypt.setPublicKey(public_key);var enpass = encrypt.encrypt(password);$(".m-t input[name='pwd']").val(enpass);$(".m-t").submit();}</script>后端@RequestMapping(value = "/adminLogin",method = RequestMethod.POST)public String adminLogin(HttpServletRequest request,String username, String pwd,Model model) {//RSA私钥String privateKey = "MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEA2GYi7yK/M6lekoaypajO3MFgO+WbxzTlMd0bmD0Gnoj1WnC9uCLt283m44inGJ72p9EHFQr21wlC87lYsqpsQQIDAQABAkBdnPmZ1789GxTlcE3SKk+q4iC+aJrWN4S66HrqhePaKnubFjZNFmGpmn8GdlfeRQujBRsPE0802JUkmFaTVPHRAiEA9evofkfMxn24r5y8kxvnfgSfqYL4d0H7ms0CIQDhRH3jJNemg+OhLHgZfTjMsXYGrwtkp8o1NaZi1EZ/RQIgH1ro1dEJxvURk+Q6NbyrwnfrKENm2/tQ8CgGzg3XqrECIESnAAqqnsJTrZrgF5YFELtpVgQBcuJxNHH08Mlr0jRVAiEAvDZKSTy9kawCf4j6fyzwBZ5kzokP9aISiOi/Enoxd7g=";//解密密码String decrypt = "";try {decrypt = RSAUtils.decrypt(pwd, privateKey);} catch (Exception e) {e.printStackTrace();}查询用户是否存在CommerceInfo user = commeInfoService.findCommerceInfoByUsernameAndPwd(username, decrypt);}RSA工具类public class RSAUtils {public static final String RSA = "RSA";/*** @Fields KEY_SIZE : 密钥长度 长度越长速度越慢*/public static final int KEY_SIZE = 512;private final static String RSA_PUBLIC_KEY = "public";private final static String RSA_PRIVATE_KEY = "private";/*** 生成一对公私钥*/public static Map<String,String> GeneratorKey() throws Exception {KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(RSA);keyPairGen.initialize(KEY_SIZE, new SecureRandom());KeyPair keyPair = keyPairGen.generateKeyPair();// 生成秘钥对RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate(); // 得到私钥RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); // 得到公钥// base64转码String publicKeyString = new String(Base64.getEncoder().encodeToString(publicKey.getEncoded()));String privateKeyString = new String(Base64.getEncoder().encodeToString((privateKey.getEncoded())));Map<String,String> keyMap = new HashMap<>();keyMap.put(RSA_PUBLIC_KEY, publicKeyString); // 公钥keyMap.put(RSA_PRIVATE_KEY, privateKeyString); // 私钥return keyMap;}/*** 公钥加密* create by ly on 2024/1/31* @param [encryptData 待加密数据, publicKey base64编码的公钥]* @return*/public static String encrypt(String encryptData, String publicKey) throws Exception {try {// base64编码的公钥byte[] decoded = Base64.getDecoder().decode(publicKey);//获取公钥对象//X509EncodedKeySpec公钥规格Key pubKey = KeyFactory.getInstance(RSA).generatePublic(new X509EncodedKeySpec(decoded));// 初始化加密器Cipher cipher = Cipher.getInstance(RSA);cipher.init(Cipher.ENCRYPT_MODE, pubKey);String outStr = Base64.getEncoder().encodeToString(cipher.doFinal(encryptData.getBytes()));return outStr;} catch (Exception e) {e.printStackTrace();throw new Exception("加密失败:", e);}}/*** 私钥解密* create by ly on 2024/1/31* @param [decryptData base64数据, privateKey base64编码的私钥]* @return*/public static String decrypt(String decryptData, String privateKey) throws Exception {// 64位解码 加密后的字符串byte[] inputByte = Base64.getDecoder().decode(decryptData);byte[] decoded = Base64.getDecoder().decode(privateKey);//获取私钥对象//PKCS8EncodedKeySpec私钥规格Key priKey = KeyFactory.getInstance(RSA).generatePrivate(new PKCS8EncodedKeySpec(decoded));//初始化加密器Cipher cipher = Cipher.getInstance(RSA);cipher.init(Cipher.DECRYPT_MODE, priKey);String decryptStr = new String(cipher.doFinal(inputByte));return decryptStr;}}希望大家多多点赞支持,感谢!
版权声明:
本站文章均来自互联网搜集,如有侵犯您的权益,请联系我们删除,谢谢。
标签: #jquerybase64加密解密
