网站明文传输漏洞的处理方法:可以在前端对信息进行加密,就算被拦截也只能看到加密后的信息,代码示例如下:package com.owen..util;import java.io.BufferedOutputStream;import jav
网站明文传输漏洞的处理方法:
可以在前端对信息进行加密,就算被拦截也只能看到加密后的信息,代码示例如下:
package com.owen..util;
import java.io.BufferedOutputStream;
import java.io.FileOutputStream;
import java.security.Key;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecreTKEy;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
import com.sun.org.apache.xml.internal.security.utils.Base64;
public class DESedeCoder {
public static final String KEY_ALGoRITHM = "DESede";
public static final String CIPHER_ALGORITHM = "DESede/ECB/PKCS5Padding";
public static byte[] initkey() throws Exception {
// 实例化密钥生成器
KeyGenerator kg = KeyGenerator.getInstance(KEY_ALGORITHM);
// 初始化密钥生成器
kg.init(168);
// 生成密钥
SecretKey secretKey = kg.generateKey();
// 获取二进制密钥编码形式
byte[] key = secretKey.getEncoded();
BufferedOutputStream keystream =
new BufferedOutputStream(new FileOutputStream("DESedeKey.dat"));
keystream.write(key, 0, key.length);
keystream.flush();
keystream.close();
return key;
}
public static Key toKey(byte[] key) throws Exception {
// 实例化Des密钥
DESedeKeySpec dks = new DESedeKeySpec(key);
// 实例化密钥工厂
SecretKeyFactory keyFactory = SecretKeyFactory
.getInstance(KEY_ALGORITHM);
// 生成密钥
SecretKey secretKey = keyFactory.generateSecret(dks);
return secretKey;
}
public static byte[] encrypt(byte[] data, byte[] key) throws Exception {
// 还原密钥
Key k = toKey(key);
// 实例化
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
// 初始化,设置为加密模式
cipher.init(Cipher.ENCRYPT_MODE, k);
// 执行操作
return cipher.doFinal(data);
}
public static byte[] decrypt(byte[] data, byte[] key) throws Exception {
// 欢迎密钥
Key k = toKey(key);
// 实例化
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
// 初始化,设置为解密模式
cipher.init(Cipher.DECRYPT_MODE, k);
// 执行操作
return cipher.doFinal(data);
}
public static void main(String[] args) throws Exception {
String str = "DESede";
System.out.println("原文:" + str);
// 初始化密钥
byte[] key = DESedeCoder.initkey();
System.out.println("密钥:" + Base64.encode(key));
// 加密数据
byte[] data = DESedeCoder.encrypt(str.getBytes(), key);
System.out.println("加密后:" + Base64.encode(data));
// 解密数据
data = DESedeCoder.decrypt(data, key);
System.out.println("解密后:" + new String(data));
}
}
--结束END--
本文标题: 网站明文传输漏洞怎么处理
本文链接: https://www.lsjlt.com/news/115081.html(转载时请注明来源链接)
有问题或投稿请发送至: 邮箱/279061341@qq.com QQ/279061341
下载Word文档到电脑,方便收藏和打印~
2024-05-12
2024-05-12
2024-05-12
2024-05-12
2024-05-12
2024-05-12
2024-05-12
2024-05-12
2024-05-12
2024-05-12
回答
回答
回答
回答
回答
回答
回答
回答
回答
回答
0