logo 范 · 拾光录
网址收集 关于作者 Github Gitee
杂文随笔4
Hexo博客:基础使用Hexo博客:Next主题Hexo博客:Next进阶使用Hexo博客:Next高级配置
前端编程3
前端基础知识16
UniApp15
Vue框架19
Java编程7
Java基础知识14
SpringBoot31
SpringMVC14
MyBatis8
SpringCloud15
RocketMQ1
MyCat1
数据库4
MySQL6
Redis7
MongoDB10
H21
Java技术栈4
知识整理分布式锁的实现方案MySQL事务MySQL的锁
软件工具箱14
IDEAGitMavenGradleNginx安装Nginx配置JMeter压测OllamaPicGoRustFSVSCodeDockerObsidianObs录制
Linux知识11
树莓派安装及使用ArchLinux:常用软件ArchLinux:基础系统安装ArchLinux:深度优化ArchLInux:图形化界面安装ArchLinux:Nirifrp内网穿透Jar启动脚本Linux常用命令VirtualBox安装CentOSVirtualBox安装Ubuntu
Python编程6
Python基础知识Python语法yolo目标检测OpenCV的使用及树莓派平台condauv
创意设计2
Blender:入门知识UI设计基础知识
AI相关9
Claude CodeHermes AgentOpenAI基本使用OpenAI工具调用OpenAI记忆管理OpenAI推理执行OpenAI开发框架Langchainllama.cpp

前端加解密工具

需要安装yarn add crypto-js

import CryptoJS from "crypto-js";

let aesKey = "sQPoC/1do9BZMkg8I5c09A==";

/**
 * 加密Aes
 */
export const encryptedCom = (data) => {
  let key = CryptoJS.enc.Base64.parse(aesKey);
  let encrypted = CryptoJS.AES.encrypt(data, key, {
    mode: CryptoJS.mode.ECB,
    padding: CryptoJS.pad.Pkcs7,
  });
  return encrypted.ciphertext.toString(CryptoJS.enc.Base64);
};

/**
 * 解密Aes
 */
export const decryptedCom = (data) => {
  let key = CryptoJS.enc.Base64.parse(aesKey);
  let decrypted = CryptoJS.AES.decrypt(data, key, {
    mode: CryptoJS.mode.ECB,
    padding: CryptoJS.pad.Pkcs7,
  });
  return decrypted.toString(CryptoJS.enc.Utf8);
};

使用方式

import { encryptedCom, decryptedCom } from "@/utils/cryptoUtil";

// 加密
if (config.method === "post" || config.method === "put") {
  if (config.headers["Content-Type"].includes("application/json")) {
    config.data = encryptedCom(JSON.stringify(config.data));
  }
}

// 解密
if (res.config.method === "post" || res.config.method === "put") {
  if (res.config.headers["Content-Type"].includes("application/json")) {
    res.data = JSON.parse(decryptedCom(res.data));
    console.log(res.data);
  }
}

后端相关工具

加解密工具类

public class AesUtil {

    private static final String key = "sQPoC/1do9BZMkg8I5c09A==";

    private static final String ALGORITHM = "AES/ECB/PKCS5Padding";

    public static String encrypt(String plaintext) {
        try {
            byte[] keyBytes = Base64.getDecoder().decode(key);
            SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES");
            Cipher cipher = Cipher.getInstance(ALGORITHM);
            cipher.init(Cipher.ENCRYPT_MODE, keySpec);
            byte[] encryptedBytes = cipher.doFinal(plaintext.getBytes(StandardCharsets.UTF_8));
            return Base64.getEncoder().encodeToString(encryptedBytes);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public static String decrypt(String cipherText) {
        try {
            byte[] keyBytes = Base64.getDecoder().decode(key);
            SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES");
            byte[] cipherBytes = Base64.getDecoder().decode(cipherText);
            Cipher cipher = Cipher.getInstance(ALGORITHM);
            cipher.init(Cipher.DECRYPT_MODE, keySpec);
            byte[] decryptedBytes = cipher.doFinal(cipherBytes);
            return new String(decryptedBytes, StandardCharsets.UTF_8);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

}

重写请求类

import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.StringReader;
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;

public class WrapperRequest extends HttpServletRequestWrapper {

    private final String requestBody;
    HttpServletRequest req;

    public WrapperRequest(HttpServletRequest request, String requestBody) {
        super(request);
        this.requestBody = requestBody;
        this.req = request;
    }

    @Override
    public BufferedReader getReader() {
        return new BufferedReader(new StringReader(requestBody));
    }

    @Override
    public ServletInputStream getInputStream() throws IOException {
        return new ServletInputStream() {
            
            private final InputStream in = new ByteArrayInputStream(requestBody.getBytes(req.getCharacterEncoding()));

            @Override
            public int read() throws IOException {
                return in.read();
            }

            @Override
            public boolean isFinished() {
                return false;
            }

            @Override
            public boolean isReady() {
                return false;
            }

            @Override
            public void setReadListener(ReadListener readListener) {
            }
        };
    }
    
}

重写响应类

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import javax.servlet.ServletOutputStream;
import javax.servlet.WriteListener;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;

public class WrapperResponse extends HttpServletResponseWrapper {

    private final ByteArrayOutputStream buffer;
    private final ServletOutputStream out;
    private final PrintWriter writer;

    public WrapperResponse(HttpServletResponse resp) throws IOException {
        super(resp);
        // 真正存储数据的流
        buffer = new ByteArrayOutputStream();
        out = new WrapperOutputStream(buffer);
        writer = new PrintWriter(new OutputStreamWriter(buffer, this.getCharacterEncoding()));
    }

    @Override
    public ServletOutputStream getOutputStream() {
        return out;
    }

    @Override
    public PrintWriter getWriter() {
        return writer;
    }

    @Override
    public void flushBuffer() throws IOException {
        if (out != null) {
            out.flush();
        }
        if (writer != null) {
            writer.flush();
        }
    }

    @Override
    public void reset() {
        buffer.reset();
    }

    public byte[] getResponseData() throws IOException {
        flushBuffer();
        return buffer.toByteArray();
    }

    private static class WrapperOutputStream extends ServletOutputStream {
        private final ByteArrayOutputStream bos;

        public WrapperOutputStream(ByteArrayOutputStream stream) {
            bos = stream;
        }

        @Override
        public void write(int b) {
            bos.write(b);
        }

        @Override
        public void write(byte[] b) {
            bos.write(b, 0, b.length);
        }

        @Override
        public boolean isReady() {
            return false;
        }

        @Override
        public void setWriteListener(WriteListener writeListener) {
        }
    }

}

基于过滤器进行拦截

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.BufferedReader;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Objects;

public class ResponseDataFilter implements Filter {

    @Override
    public void init(FilterConfig filterConfig) {
    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest requests =  (HttpServletRequest) request;
        // 请求方式
        String method = requests.getMethod();
        System.out.println("请求方式为:" + method + ",请求类型为:" + requests.getContentType());
        // 只对POST、put请求加解密
        if ((Objects.equals("POST", method) || Objects.equals("PUT", method)) && requests.getContentType().contains("application/json")) {

            String requestBody = getRequestBody(requests);
            System.out.println(requestBody);
            String requestBodyMw = AesUtil.decrypt(requestBody);
            System.out.println("解密请求数据:"+requestBodyMw);
            WrapperRequest wrapRequest = new WrapperRequest( (HttpServletRequest) request, requestBodyMw);
            WrapperResponse wrapResponse = new WrapperResponse((HttpServletResponse) response);
            chain.doFilter(wrapRequest, wrapResponse);
            byte[] data = wrapResponse.getResponseData();
            System.out.println("原始返回数据: " + new String(data, StandardCharsets.UTF_8));
            String responseBodyMw = AesUtil.encrypt(new String(data, StandardCharsets.UTF_8));
            System.out.println("加密返回数据: " + responseBodyMw);
            assert responseBodyMw != null;
            response.getOutputStream().write(responseBodyMw.getBytes());
        } else {
            chain.doFilter(request, response);
        }
    }

    @Override
    public void destroy() {
    }

    private String getRequestBody(HttpServletRequest req) {
        try {
            BufferedReader reader = req.getReader();
            StringBuilder sb = new StringBuilder();
            String line;
            while ((line = reader.readLine()) != null) {
                sb.append(line);
            }
            return sb.toString();
        } catch (IOException e) {
            System.out.println("请求体读取失败"+e.getMessage());
        }
        return "";
    }

}

注册

在启动类中注册

 @Bean
public FilterRegistrationBean requestDataFilter() {
    FilterRegistrationBean registration = new FilterRegistrationBean();
    //自己的过滤器叫什么名字就写上什么名字
    registration.setFilter(new ResponseDataFilter());
    registration.addUrlPatterns("/*");
    registration.setName("responseDataFilter");
    //过滤器的顺序,数字越小,越先执行,反之亦然
    registration.setOrder(FilterRegistrationBean.LOWEST_PRECEDENCE);
    return registration;
}
前端加解密工具
后端相关工具
加解密工具类
重写请求类
重写响应类
基于过滤器进行拦截
注册