接口加密传输设计及AES加解密代码DEMO

接口加密传输设计及AES加解密代码DEMO

接口加密的方案设计:可以将请求的json字符串aes加密,通过params字段传输,
接口服务端接收到参数,先解密,然后转换成对象。
继续业务逻辑的处理。
(另外一种方案是:针对敏感字段aes加密,服务接收端对敏感字段来解密处理)

RequestVo对象:

    private String params;
    private String sign;

伪代码

String encrypt = requestVo.getParams();
    RealReqVO realReqVO = new RealReqVO();
    String decryptJson = decryt(encrypt,key);
    //json转换为对象
    realReqVO = JSON.parseObject(decryptJson,ReceiveReqVO.class);
    log.info("数据接口(解密后),入参:{}", JSON.toJSONString(realReqVO));
    if(StringUtils.isBlank(realReqVO.getSign())){
        realReqVO.setSign(request.getSign());
    }
    //对sign简单处理是:能否aes解密成功~
    validateSign(request.getSign(), key);

以下是AES加解密的DEMO

import org.apache.commons.codec.binary.Base64;

import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;

public class DesTest {
    public static String decryt(String input, String key) {
        byte[] output = null;
        String res = "";
        try {
            SecretKeySpec skey = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES");
            Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
            cipher.init(Cipher.DECRYPT_MODE, skey);
            output = cipher.doFinal(Base64.decodeBase64(input.getBytes()));
            return new String(output,StandardCharsets.UTF_8);
        } catch (Exception e) {
            e.printStackTrace();
        }
        return "";
    }

    public static String encrypt(String input, String key) {
        String res = "";
        try {
            SecretKeySpec skey = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES");
            Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
            cipher.init(Cipher.ENCRYPT_MODE, skey);
            byte[] output = cipher.doFinal(input.getBytes());
            res = Base64.encodeBase64String(output);
        } catch (Exception e) {
            e.printStackTrace();
        }
        return res;
    }

    public static void main(String[] args) throws Exception {
        //Input length must be multiple of 16 when decrypting with padded cipher
        //AES解密报错,Input length must be multiple of 16 when decrypting with padded cipher    
        //加密方案及AES加密,需要同一个key。 或者是AES密文被修改,无法解密。
        //AES解密报错,Input length must be multiple of 16 when decrypting with padded cipher
        //具体解决就是:在解密前再转一次编码,基本就能解决这一报错问题。
     //原因分析:前端enCode在后端解析失败,最后的%3D无法解析,导致偏移向量对应不上,报错
        //String un="8RKHWcE11foCm2%2BaEuFG6w%3D%3D";
        //String pd="TQafftXrh8aXYNFJcPgw1w%3D%3D";
        //先转编码!!!
        //String ufUserName = URLDecoder.decode(un, "UTF-8");
        //String ufPassWord = URLDecoder.decode(pd, "UTF-8");
        //此时里面的%3D 解析成了=
        //8RKHWcE11foCm2%2BaEuFG6w==
        //TQafftXrh8aXYNFJcPgw1w==        
        //然后再去解密


        //Invalid AES key length: 7 bytes
        String key = "testKeytestKeytestKeytestKey1234"; //32位长度

        String content = "{10086}";
        String encrypt = encrypt(content, key);
        System.out.println("encrypt=" + encrypt);
        String decrypt = decryt(encrypt, key);
        System.out.println("decrypt=" + decrypt);
    }

}

 

posted on 2024-04-21 09:24  oktokeep  阅读(15)  评论(0编辑  收藏  举报

Powered by: 博客园 Copyright © 2024 oktokeep
Powered by .NET 8.0 on Kubernetes