The encryption and decryption parties use the same key. The key cannot be transmitted over the network to avoid interception. For transmission, the key must be asymmetrically encrypted and encrypted again.

NPM install crypto-js
2. Create the Util utility class
Parse ("1234123412ABCDEF"); import CryptoJS from 'crypto-js' const key = cryptojs.enc.utf8.parse ("1234123412ABCDEF"); // Hexadecimal number as key const iv = cryptojs.enc.utf8.parse ('ABCDEF1234123412'); Function Decrypt(word) {let Decrypt = cryptojs.aes. Decrypt(restoreBase64,key,{ iv:iv, mode:CryptoJS.mode.CBC, padding:CryptoJS.pad.Pkcs7 }); // Convert decrypted object to UTF8 string let decryptedStr = decrypt.tostring (cryptojs.enc.utf8); // Return decryptedstr.toString (); } // Encrypt method function Encrypt(word){let SRCS = cryptojs.enc.utf8.parse (word); //CipherOption, some options for encryption: / / mode: encryption mode, value (CBC, CFB, CTR, CTRGladman OFB, ECB), in CryptoJS. Mode under the object / / padding: filling way, Value (Pkcs7, Ansix923 Iso10126, ZeroPadding, NoPadding), are CryptoJS. Pad under the object / / iv: offset, mode = = = the ECB, Encrypt (SRCS,key,{iv:iv, mode: cryptojs.mode. CBC, padding:CryptoJS.pad.Pkcs7 }); . / / will return result base64 encryption encrypted ciphertext. ToString (CryptoJS. Enc. Base64); } export {Decrypt,Encrypt}Copy the code
3, use,
import {Encrypt} from ".. /.. /utils/secret"; Var userName = Encrypt(this.username)// Encrypt the userName var userPassword = Encrypt(this.password)// Encrypt the userPassword console.log(' after encryption: ',userName) console.log(' encrypted: ',userPassword)Copy the code
4, AES corresponding method
function uuid(len, radix) { var chars = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'.split(''); var uuid = [], i; radix = radix || chars.length; if (len) { // Compact form for (i = 0; i < len; i++) uuid[i] = chars[0 | Math.random()*radix]; } else { // rfc4122, version 4 form var r; // rfc4122 requires these characters uuid[8] = uuid[13] = uuid[18] = uuid[23] = '-'; uuid[14] = '4'; // Fill in random data. At I ==19 set the high bits of clock sequence as // per RFC4122, sec.4.1.5 for (I = 0; i < 36; i++) { if (! uuid[i]) { r = 0 | Math.random()*16; uuid[i] = chars[(i == 19) ? (r & 0x3) | 0x8 : r]; } } } return uuid.join(''); } export const getKey = () => {return uuid(16,16); }; export function AESEnc(key,content) { var key = CryptoJS.enc.Utf8.parse(key); Var SRCS = cryptojs.enc.utf8.parse (content); var encrypted = CryptoJS.AES.encrypt(srcs, key, { iv: iv,mode:CryptoJS.mode.CBC}); return encrypted.toString(); } export function AESDec(key,content) { var key = CryptoJS.enc.Utf8.parse(key); // Var decrypted = cryptojs.aes.decrypt (content, key); return decrypted.toString(CryptoJS.enc.Utf8); }Copy the code
5. Add RSA to transmit AES secret keys
// rsaHelper.js import JsEncrypt from 'jsencrypt/bin/jsencrypt' import { getKey, AESEnc, AESDec } from './lib/aes' export const rsaEncode = (string = '') => { // const RSA = new const publicKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCRQZ5O/AOAjeYAaSFf6Rjhqovws78I716I9oGF7WxCIPmcaUa1YuyLOncCCuPsaw69+RMWjdbOBp8hd4P PM/d4mKTOVEYUE0SfxhhDTZaM5CzQEUXUyXy7icQTGR5wBjrbjU1yHCKOf5PJJZZQWB06husSFZ40TdL7FdlBpZ1u1QIDAQAB"; const encrypt = new JsEncrypt.JSEncrypt(); encrypt.setPublicKey(publicKey); return encrypt.encrypt(string); } export const createKey = () => (getKey()); export const AES_ENCODE = (key, string = '') => { if (! string) throw new Error('encry content is required'); return AESEnc(key, string); } export const AES_DECODE = (key, string = '') => { if (! string) throw new Error('encry content is required'); return AESDec(key, string); } // import {rsaEncode, AES_ENCODE, createKey} from '@/utils/rsaHelper'; // rsaEncode, AES_ENCODE, createKey // const key = createKey(); // const data = { // username: this.addData.userName, // password: AES_ENCODE(key, this.addData.passWord), // rsaEncryptKey: rsaEncode(key), // }Copy the code
6. Summary login processing logic (RSA + AES)
  1. The server generates public and private keys
  2. Install crypto-js or download the AES file directly from Google
  3. Each login obtains the hexadecimal random number and hexadecimal offset required for AES encryption using its own encapsulated UUID method

Offset can be customized write dead

  1. Use AES encryption as the password parameter
  2. Install jsencrypt
  3. The public key obtained from the server encrypts the AES private key in RSA mode, and then sends the rsaEncryptKey to the server
  4. After obtaining the parameters, the server parses the private key required by AES and decodes the PASSWORD field aes