1 AES加密算法在项目中的运用总结
1.1 背景
由于老系统框架较旧,新的模块采用springboot开发。 但是页面得挂载在老系统上。老系统页面利用iframe挂载子系统。
子系统的用户信息来源于老系统登录的用户。
老系统与子系统如何进行数据传输,如何保证数据安全,这个是个关键。
1.2 思路
- 先定义好老盐、密码
- 之后通过用户id取值+盐+字符串组成16位新盐
- 之后新盐+明文 加密生成token
- 子系统获取token,利用老盐解密,生成明文,明文与之前的明文相等则校验成功
1.3 代码分享-AESUtil加密类
public class AESUtil {
private static final String KEY_ALGORITHM = "AES";
private static final String DEFAULT_CIPHER_ALGORITHM = "AES/CBC/PKCS5Padding";//默认的加密算法
/**
* 加密
* 最终的salt必须为16位
* @param data 待加密数据
* @param salt
* @return
* @ throws Exception
*/
public static String encryptAES(String data, String salt) throws Exception {
byte [] key = salt.getBytes(" UTF-8 ");
Cipher cipher = getCipher(Cipher.ENCRYPT_MODE, key, key);
byte[] decryptData = data.getBytes();
byte[] decrypt = cipher.doFinal(decryptData);
return new BASE64Encoder().encode(decrypt);//y引入appache
}
public static Cipher getCipher(int mode, byte[] key, byte[] iv) throws Exception{
Cipher cipher = Cipher. getInstance (DEFAULT_CIPHER_ALGORITHM);
SecretKeySpec secretKeySpec = new SecretKeySpec(key, KEY_ALGORITHM);
cipher.init(mode, secretKeySpec, new IvParameterSpec(iv));
return cipher;
}
/**
* 解密
* @param data 加密数据
* @param original 原始待加密数据
* @param salt
* @return
* @throws Exception
*/
public static String decryptAES(String data, String original, String salt) throws Exception {
byte[] key = salt.getBytes("UTF-8");
Cipher cipher = getCipher(Cipher.DECRYPT_MODE, key, key);
//执行操作
byte[] result = cipher.doFinal(new BASE64Decoder().decodeBuffer(data));
return new String(result, "UTF-8");
}
}
1.4 代码分享-DecryptAESUtil加密类
@SuppressWarnings("restriction")
public class DecryptAESUtil {
private static Cipher getCipher(byte[] key, byte[] iv) throws Exception {
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
SecretKeySpec secretKeySpec = new SecretKeySpec(key, "AES");
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, new IvParameterSpec(iv));
return cipher;
}
/**
* 解密
*
* @param data 加密数据
* @param original 原始待加密数据
* @param salt 盐
* @return {String}
*/
public static String decryptAES(String data, String original, String salt) {
try {
while (original.length() < 6) {
original += "0";
}
int len = original.length();
//组成16位盐
salt = original.substring(len - 6, len - 4) + "^@$$@^" + salt;
byte[] key = salt.getBytes(StandardCharsets.UTF_8);
Cipher cipher = getCipher(key, key);
//执行操作
byte[] result = cipher.doFinal(new BASE64Decoder().decodeBuffer(data));
String[] str = new String(result, StandardCharsets.UTF_8).split("@");
// 如果userId 小于6, 则判断尾数是不是0 , 是0 就去掉
if (!original.equals(str[0])) {
return "";
}
return str[1];
} catch (Exception e) {
throw new RuntimeException(e.toString());
}
}
}
1.4 代码分享-简单测试
@Test
public void test13() throws Exception {
String salt = "sddm-sai";
String salt1 = "sddm-sai";
String password = "startdm-settlement-invoice";
String userid = "USR20160309141711599155721";
int len = userid.length();
if(len < 6){
int i = 6 - len;
while(i > 0){
userid += "0";
i--;
}
len = 6;
}
String substring = userid.substring(len - 6, len - 4);
//组成16位盐 身份证2位 + 字符串6位 + salt8位
salt = substring + "^@$$@^" +salt;
//加密 用户id+"@"+密码 , 盐
String token = AESUtil.encryptAES(userid + "@" + password, salt);
System.out.println("加密后:"+ token);
System.out.println("解密====");
String s = DecryptAESUtil.decryptAES(token, userid, salt1);
System.out.println("解密后:"+ s);
加密前userid@password : USR20160309141711599155721@startdm-settlement-invoice
加密后:VdEq0I05B3FpfDkEtVvbakrLHbZELgOUnwouUd0wl2TdIai1KxhEGtgsMhHdnIEjI2K5Sp+ds2pF
Xo3RbatdmQ==
解密中ing
解密后输出password:startdm-settlement-invoice
2 热部署在项目中的运用总结
2.1 引入pom
<!--热部署-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<optional>true</optional>
</dependency>
2.2 配置文件
spring.devtools. restart .enabled=true
spring.devtools.restart.additional-paths= src/main/java
spring.devtools.exclude=WEB-INF/**
spring.freemarker.cache=false
2.3 开启自动编译
2.4 ctrl+shift+alt+/ 选择registry
2.5 设置项目启动加载方式
