接口加密传输设计及AES加解密代码DEMO
接口加密的方案设计:可以将请求的json字符串aes加密,通过params字段传输,
接口服务端接收到参数,先解密,然后转换成对象。
继续业务逻辑的处理。
(另外一种方案是:针对敏感字段aes加密,服务接收端对敏感字段来解密处理)
RequestVo对象:
private String params;
private String sign;
伪代码
String encrypt = requestVo.getParams();
RealReqVO realReqVO = new RealReqVO();
String decryptJson = decryt(encrypt,key);
//json转换为对象
realReqVO = JSON.parseObject(decryptJson,ReceiveReqVO.class);
log.info("数据接口(解密后),入参:{}", JSON.toJSONString(realReqVO));
if(StringUtils.isBlank(realReqVO.getSign())){
realReqVO.setSign(request.getSign());
}
//对sign简单处理是:能否aes解密成功~
validateSign(request.getSign(), key);
以下是AES加解密的DEMO
import org.apache.commons.codec.binary.Base64;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
public class DesTest {
public static String decryt(String input, String key) {
byte[] output = null;
String res = "";
try {
SecretKeySpec skey = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, skey);
output = cipher.doFinal(Base64.decodeBase64(input.getBytes()));
return new String(output,StandardCharsets.UTF_8);
} catch (Exception e) {
e.printStackTrace();
}
return "";
}
public static String encrypt(String input, String key) {
String res = "";
try {
SecretKeySpec skey = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, skey);
byte[] output = cipher.doFinal(input.getBytes());
res = Base64.encodeBase64String(output);
} catch (Exception e) {
e.printStackTrace();
}
return res;
}
public static void main(String[] args) throws Exception {
//Input length must be multiple of 16 when decrypting with padded cipher
//AES解密报错,Input length must be multiple of 16 when decrypting with padded cipher
//加密方案及AES加密,需要同一个key。 或者是AES密文被修改,无法解密。
//AES解密报错,Input length must be multiple of 16 when decrypting with padded cipher
//具体解决就是:在解密前再转一次编码,基本就能解决这一报错问题。
//原因分析:前端enCode在后端解析失败,最后的%3D无法解析,导致偏移向量对应不上,报错
//String un="8RKHWcE11foCm2%2BaEuFG6w%3D%3D";
//String pd="TQafftXrh8aXYNFJcPgw1w%3D%3D";
//先转编码!!!
//String ufUserName = URLDecoder.decode(un, "UTF-8");
//String ufPassWord = URLDecoder.decode(pd, "UTF-8");
//此时里面的%3D 解析成了=
//8RKHWcE11foCm2%2BaEuFG6w==
//TQafftXrh8aXYNFJcPgw1w==
//然后再去解密
//Invalid AES key length: 7 bytes
String key = "testKeytestKeytestKeytestKey1234"; //32位长度
String content = "{10086}";
String encrypt = encrypt(content, key);
System.out.println("encrypt=" + encrypt);
String decrypt = decryt(encrypt, key);
System.out.println("decrypt=" + decrypt);
}
}
标签:加密传输,AES,encrypt,String,DEMO,解密,cipher,key From: https://www.cnblogs.com/oktokeep/p/18148593