背景:Vue对参数进行加密,对响应进行解密。Java对参数进行解密,对响应进行解密。不拦截文件上传类请求、GET请求。
【1】前端配置
安装crypto
npm install crypto-js
编写加解密工具类encrypt.js
import CryptoJS from 'crypto-js'
const KEY = CryptoJS.enc.Utf8.parse('0123456789123456')
const IV = CryptoJS.enc.Utf8.parse('0123456789123456')
// 加密函数
export function encryptData(data) {
const encrypted = CryptoJS.AES.encrypt(
data,
KEY,
{
iv: IV,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
// padding: CryptoJS.pad.Pkcs7
}
)
return encrypted.toString()
}
// 解密函数
export function decryptData(data) {
const decrypted = CryptoJS.AES.decrypt(
data,
KEY,
{
iv: IV,
mode: CryptoJS.mode.CBC,
// padding: CryptoJS.pad.NoPadding
padding: CryptoJS.pad.Pkcs7
}
)
return CryptoJS.enc.Utf8.stringify(decrypted)
}
axios对请求和响应进行处理
对请求进行参数加密:
// 对非文件上传/下载请求的参数进行加密
if (!request.url.includes('file')) {
if (request.method.toLowerCase() === 'post' || request.method.toLowerCase() === 'put') {
let reqParams = {}
reqParams.params=encryptData(request.data)
request.data = Qs.stringify(reqParams)
}
}
对响应进行参数解密:
let checkData=response.data
// 去除换行符
// checkData=checkData.replace(/(\r\n|\n|\r)/gm, '')
//去除空格
// checkData = checkData.replace(/\s/g,'')
let resData = decryptData(checkData)
// SyntaxError: Unexpected non-whitespace character after JSON at position 283 (line 1 column 284)
resData=resData.replace(/[^\x20-\x7E\u4E00-\u9FFF]+/g, "");
response.data = JSON.parse(resData.trim());
【2】后端配置
AesUtil 加解密工具类
public class AesUtil {
/***
* key和iv值可以随机生成
*/
private static final String KEY = "0123456789123456";
private static final String IV = "0123456789123456";
/***
* 加密
* @param data 要加密的数据
* @return encrypt
*/
public static String encrypt(String data){
return encrypt(data, KEY, IV);
}
/***
* param data 需要解密的数据
* 调用desEncrypt()方法
*/
public static String desEncrypt(String data){
return desEncrypt(data, KEY, IV);
}
/**
* 加密方法
* @param data 要加密的数据
* @param key 加密key
* @param iv 加密iv
* @return 加密的结果
*/
private static String encrypt(String data, String key, String iv){
try {
//"算法/模式/补码方式"NoPadding PkcsPadding
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
// Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
int blockSize = cipher.getBlockSize();
byte[] dataBytes = data.getBytes();
int plaintextLength = dataBytes.length;
if (plaintextLength % blockSize != 0) {
plaintextLength = plaintextLength + (blockSize - (plaintextLength % blockSize));
}
byte[] plaintext = new byte[plaintextLength];
System.arraycopy(dataBytes, 0, plaintext, 0, dataBytes.length);
SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");
IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes());
cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec);
byte[] encrypted = cipher.doFinal(plaintext);
return new Base64().encodeToString(encrypted);
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
/**
* 解密方法
* @param data 要解密的数据
* @param key 解密key
* @param iv 解密iv
* @return 解密的结果
*/
private static String desEncrypt(String data, String key, String iv){
try {
byte[] encrypted1 = new Base64().decode(data);
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
// Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(), "AES");
IvParameterSpec ivSpec = new IvParameterSpec(iv.getBytes());
cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);
byte[] original = cipher.doFinal(encrypted1);
return new String(original).trim();
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
}
使用过滤器对请求进行解密、响应进行加密,参考博文:修改Request与Response中的内容
