前端加解密工具
需要安装yarn add crypto-js
import CryptoJS from "crypto-js";
let aesKey = "sQPoC/1do9BZMkg8I5c09A==";
/**
* 加密Aes
*/
export const encryptedCom = (data) => {
let key = CryptoJS.enc.Base64.parse(aesKey);
let encrypted = CryptoJS.AES.encrypt(data, key, {
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7,
});
return encrypted.ciphertext.toString(CryptoJS.enc.Base64);
};
/**
* 解密Aes
*/
export const decryptedCom = (data) => {
let key = CryptoJS.enc.Base64.parse(aesKey);
let decrypted = CryptoJS.AES.decrypt(data, key, {
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7,
});
return decrypted.toString(CryptoJS.enc.Utf8);
};
使用方式
import { encryptedCom, decryptedCom } from "@/utils/cryptoUtil";
// 加密
if (config.method === "post" || config.method === "put") {
if (config.headers["Content-Type"].includes("application/json")) {
config.data = encryptedCom(JSON.stringify(config.data));
}
}
// 解密
if (res.config.method === "post" || res.config.method === "put") {
if (res.config.headers["Content-Type"].includes("application/json")) {
res.data = JSON.parse(decryptedCom(res.data));
console.log(res.data);
}
}
后端相关工具

加解密工具类
public class AesUtil {
private static final String key = "sQPoC/1do9BZMkg8I5c09A==";
private static final String ALGORITHM = "AES/ECB/PKCS5Padding";
public static String encrypt(String plaintext) {
try {
byte[] keyBytes = Base64.getDecoder().decode(key);
SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES");
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, keySpec);
byte[] encryptedBytes = cipher.doFinal(plaintext.getBytes(StandardCharsets.UTF_8));
return Base64.getEncoder().encodeToString(encryptedBytes);
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
public static String decrypt(String cipherText) {
try {
byte[] keyBytes = Base64.getDecoder().decode(key);
SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES");
byte[] cipherBytes = Base64.getDecoder().decode(cipherText);
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, keySpec);
byte[] decryptedBytes = cipher.doFinal(cipherBytes);
return new String(decryptedBytes, StandardCharsets.UTF_8);
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
}
重写请求类
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.StringReader;
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
public class WrapperRequest extends HttpServletRequestWrapper {
private final String requestBody;
HttpServletRequest req;
public WrapperRequest(HttpServletRequest request, String requestBody) {
super(request);
this.requestBody = requestBody;
this.req = request;
}
@Override
public BufferedReader getReader() {
return new BufferedReader(new StringReader(requestBody));
}
@Override
public ServletInputStream getInputStream() throws IOException {
return new ServletInputStream() {
private final InputStream in = new ByteArrayInputStream(requestBody.getBytes(req.getCharacterEncoding()));
@Override
public int read() throws IOException {
return in.read();
}
@Override
public boolean isFinished() {
return false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener readListener) {
}
};
}
}
重写响应类
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import javax.servlet.ServletOutputStream;
import javax.servlet.WriteListener;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
public class WrapperResponse extends HttpServletResponseWrapper {
private final ByteArrayOutputStream buffer;
private final ServletOutputStream out;
private final PrintWriter writer;
public WrapperResponse(HttpServletResponse resp) throws IOException {
super(resp);
// 真正存储数据的流
buffer = new ByteArrayOutputStream();
out = new WrapperOutputStream(buffer);
writer = new PrintWriter(new OutputStreamWriter(buffer, this.getCharacterEncoding()));
}
@Override
public ServletOutputStream getOutputStream() {
return out;
}
@Override
public PrintWriter getWriter() {
return writer;
}
@Override
public void flushBuffer() throws IOException {
if (out != null) {
out.flush();
}
if (writer != null) {
writer.flush();
}
}
@Override
public void reset() {
buffer.reset();
}
public byte[] getResponseData() throws IOException {
flushBuffer();
return buffer.toByteArray();
}
private static class WrapperOutputStream extends ServletOutputStream {
private final ByteArrayOutputStream bos;
public WrapperOutputStream(ByteArrayOutputStream stream) {
bos = stream;
}
@Override
public void write(int b) {
bos.write(b);
}
@Override
public void write(byte[] b) {
bos.write(b, 0, b.length);
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setWriteListener(WriteListener writeListener) {
}
}
}
基于过滤器进行拦截
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.BufferedReader;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Objects;
public class ResponseDataFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest requests = (HttpServletRequest) request;
// 请求方式
String method = requests.getMethod();
System.out.println("请求方式为:" + method + ",请求类型为:" + requests.getContentType());
// 只对POST、put请求加解密
if ((Objects.equals("POST", method) || Objects.equals("PUT", method)) && requests.getContentType().contains("application/json")) {
String requestBody = getRequestBody(requests);
System.out.println(requestBody);
String requestBodyMw = AesUtil.decrypt(requestBody);
System.out.println("解密请求数据:"+requestBodyMw);
WrapperRequest wrapRequest = new WrapperRequest( (HttpServletRequest) request, requestBodyMw);
WrapperResponse wrapResponse = new WrapperResponse((HttpServletResponse) response);
chain.doFilter(wrapRequest, wrapResponse);
byte[] data = wrapResponse.getResponseData();
System.out.println("原始返回数据: " + new String(data, StandardCharsets.UTF_8));
String responseBodyMw = AesUtil.encrypt(new String(data, StandardCharsets.UTF_8));
System.out.println("加密返回数据: " + responseBodyMw);
assert responseBodyMw != null;
response.getOutputStream().write(responseBodyMw.getBytes());
} else {
chain.doFilter(request, response);
}
}
@Override
public void destroy() {
}
private String getRequestBody(HttpServletRequest req) {
try {
BufferedReader reader = req.getReader();
StringBuilder sb = new StringBuilder();
String line;
while ((line = reader.readLine()) != null) {
sb.append(line);
}
return sb.toString();
} catch (IOException e) {
System.out.println("请求体读取失败"+e.getMessage());
}
return "";
}
}
注册
在启动类中注册
@Bean
public FilterRegistrationBean requestDataFilter() {
FilterRegistrationBean registration = new FilterRegistrationBean();
//自己的过滤器叫什么名字就写上什么名字
registration.setFilter(new ResponseDataFilter());
registration.addUrlPatterns("/*");
registration.setName("responseDataFilter");
//过滤器的顺序,数字越小,越先执行,反之亦然
registration.setOrder(FilterRegistrationBean.LOWEST_PRECEDENCE);
return registration;
}