The background,
In the network security level protection, the judgment rule is: the name stored in the database + mobile phone number counts as sensitive information, and the simple mobile phone number does not count, and sensitive information needs to be encrypted.
Ii. Development records
2.1 train of thought
First, for sensitive information, mobile phone numbers need to be encrypted. The encryption method needs to be able to echo, so MD5 can be ruled out. And before the password using SM2 asymmetric encryption, the public and private keys to save in the database, obviously more trouble, therefore, here can use symmetric encryption to achieve, use AES symmetric encryption to achieve storage. And then back to the front need to desensitize the phone number, that is, to replace the middle four digits with an asterisk.
2.2 SYMMETRIC AES Encryption
public class AESUtil { private static final String KEY_ALGORITHM = "AES"; private static final String DEFAULT_CIPHER_ALGORITHM = "AES/ECB/PKCS5Padding"; // Can be designed to save to the database or there, and then replace every once in a while, Public static final String appKey = "fa8f92AF-1123-d2RFD-9626-xL2B64481320 "; public static final String appKey =" fa8f92AF-1123-d2RFD-9626-xL2B64481320 "; public static String encrypt(String content, String appKey) { try { Cipher cipher = Cipher.getInstance(DEFAULT_CIPHER_ALGORITHM); Byte [] byteContent = content.getBytes(" utF-8 "); byte[] byteContent = content.getBytes(" utF-8 "); cipher.init(Cipher.ENCRYPT_MODE, getSecretKey(appKey)); Byte [] result = cipher.doFinal(byteContent); byte[] result = cipher.doFinal(byteContent); / / encrypted return Base64. EncodeBase64String (result); } catch (Exception ex) {ex.printStackTrace(); } return null; } public static String decrypt(String content, String appKey) {try {// Instantiate Cipher Cipher = cipher. getInstance(DEFAULT_CIPHER_ALGORITHM); // Initialize with key, set to decryption mode cipher.init(cipher.decrypt_mode, getSecretKey(appKey)); Byte [] result = cipher.dofinal (base64. decodeBase64(content)); byte[] result = cipher.dofinal (base64. decodeBase64(content)); return new String(result, "utf-8"); } catch (Exception ex) { } return ""; } private static SecretKeySpec getSecretKey(String appKey) {private static SecretKeySpec getSecretKey(String appKey) {KeyGenerator kg = null; try { kg = KeyGenerator.getInstance(KEY_ALGORITHM); SecureRandom is implemented with the internal state of the operating system itself, unless the caller calls the setSeed method after the getInstance method; This implementation generates the same key each time on // Windows, but not on Solaris or some Linux systems. Resolve string inconsistency caused by encryption in Linux operating system. SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG"); secureRandom.setSeed(appKey.getBytes()); // AES requires the key length to be 128 kg.init(128, secureRandom); SecretKey = kg.generateKey(); return new SecretKeySpec(secretKey.getEncoded(), KEY_ALGORITHM); // Convert to AES special key} catch (NoSuchAlgorithmException ex) {ex.printStackTrace(); } return null; }}Copy the code
Encryption and decryption judgment:
Encrypt String encryptUserNo = aesutil. encrypt(userNo, aesutil.appKey); Decryption String decryptUserNo = AESUtil. Decrypt (encryptUserNo, AESUtil. AppKey);Copy the code
2.3 Desensitization of mobile phone number
String phone =AESUtil.decrypt(i.getPhone(), AESUtil.appKey); If (ObjectUtil isNotEmpty (phone)) {i. etPhone (new StringBuilder (phone). The replace (3, 7, "* * * *"). The toString ()); }Copy the code
2.4 Verifying the mobile phone numbers of the front and rear ends
The backend:
public static final String phone2 = "^[1][3-8][0-9]{9}$";
public static boolean checkPhone(String phone){
Pattern pattern = Pattern.compile(phone2);
Matcher matcher = pattern.matcher(phone);
if (matcher.matches()) {
return true;
}
return false;
}
Copy the code
Front end:
var phoneReg = new RegExp("^[1][3-8][0-9]{9}$"); else if(! Phonereg.test (user.phone)) {this.$message.error(' phone format is incorrect ')}Copy the code