Shiro CookieRememberMeManager Invalid AES key length
================================
©Copyright 蕃薯耀 2022-04-16
https://www.cnblogs.com/fanshuyao/
一、问题描述
CookieRememberMeManager使用加密setCipherKey报错:
Caused by: java.security.InvalidKeyException: Invalid AES key length: 10 bytes at com.sun.crypto.provider.AESCipher.engineGetKeySize(AESCipher.java:509) at javax.crypto.Cipher.passCryptoPermCheck(Cipher.java:1067) at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1038) at javax.crypto.Cipher.implInit(Cipher.java:805) at javax.crypto.Cipher.chooseProvider(Cipher.java:864) at javax.crypto.Cipher.init(Cipher.java:1396) at javax.crypto.Cipher.init(Cipher.java:1327) at org.apache.shiro.crypto.JcaCipherService.init(JcaCipherService.java:488) ... 118 common frames omitted
二、问题原因
Invalid AES key length: 10 bytes
无效的AES密钥长度:10字节
而AES key要求是16位的
三、解决方案
AES的秘钥一定要是16位秘钥,如:1234567890123456
cookieRememberMeManager.setCipherKey("1234567890123456".getBytes());
四、秘钥加版
将16位的AES key转换成base64,然后再解码,不易直接看出秘钥。
//根据base64加密后的字符串,再解密成字节 cookieRememberMeManager.setCipherKey(Base64.decode("MTIzNDU2Nzg5MDEyMzQ1Ng=="));
(时间宝贵,分享不易,捐赠回馈,^_^)
================================
©Copyright 蕃薯耀 2022-04-16
https://www.cnblogs.com/fanshuyao/
今天越懒,明天要做的事越多。