介面加密傳輸設計及AES加解密程式碼DEMO

oktokeep發表於2024-04-21
加密解密

介面加密傳輸設計及AES加解密程式碼DEMO

介面加密的方案設計:可以將請求的json字串aes加密,透過params欄位傳輸,
介面服務端接收到引數,先解密,然後轉換成物件。
繼續業務邏輯的處理。
(另外一種方案是:針對敏感欄位aes加密,服務接收端對敏感欄位來解密處理)

RequestVo物件:

    private String params;
    private String sign;

虛擬碼

String encrypt = requestVo.getParams();
    RealReqVO realReqVO = new RealReqVO();
    String decryptJson = decryt(encrypt,key);
    //json轉換為物件
    realReqVO = JSON.parseObject(decryptJson,ReceiveReqVO.class);
    log.info("資料介面(解密後),入參:{}", JSON.toJSONString(realReqVO));
    if(StringUtils.isBlank(realReqVO.getSign())){
        realReqVO.setSign(request.getSign());
    }
    //對sign簡單處理是:能否aes解密成功~
    validateSign(request.getSign(), key);

以下是AES加解密的DEMO

import org.apache.commons.codec.binary.Base64;

import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;

public class DesTest {
    public static String decryt(String input, String key) {
        byte[] output = null;
        String res = "";
        try {
            SecretKeySpec skey = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES");
            Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
            cipher.init(Cipher.DECRYPT_MODE, skey);
            output = cipher.doFinal(Base64.decodeBase64(input.getBytes()));
            return new String(output,StandardCharsets.UTF_8);
        } catch (Exception e) {
            e.printStackTrace();
        }
        return "";
    }

    public static String encrypt(String input, String key) {
        String res = "";
        try {
            SecretKeySpec skey = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES");
            Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
            cipher.init(Cipher.ENCRYPT_MODE, skey);
            byte[] output = cipher.doFinal(input.getBytes());
            res = Base64.encodeBase64String(output);
        } catch (Exception e) {
            e.printStackTrace();
        }
        return res;
    }

    public static void main(String[] args) throws Exception {
        //Input length must be multiple of 16 when decrypting with padded cipher
        //AES解密報錯,Input length must be multiple of 16 when decrypting with padded cipher    
        //加密方案及AES加密,需要同一個key。 或者是AES密文被修改,無法解密。
        //AES解密報錯,Input length must be multiple of 16 when decrypting with padded cipher
        //具體解決就是:在解密前再轉一次編碼,基本就能解決這一報錯問題。
     //原因分析:前端enCode在後端解析失敗,最後的%3D無法解析,導致偏移向量對應不上,報錯
        //String un="8RKHWcE11foCm2%2BaEuFG6w%3D%3D";
        //String pd="TQafftXrh8aXYNFJcPgw1w%3D%3D";
        //先轉編碼!!!
        //String ufUserName = URLDecoder.decode(un, "UTF-8");
        //String ufPassWord = URLDecoder.decode(pd, "UTF-8");
        //此時裡面的%3D 解析成了=
        //8RKHWcE11foCm2%2BaEuFG6w==
        //TQafftXrh8aXYNFJcPgw1w==        
        //然後再去解密


        //Invalid AES key length: 7 bytes
        String key = "testKeytestKeytestKeytestKey1234"; //32位長度

        String content = "{10086}";
        String encrypt = encrypt(content, key);
        System.out.println("encrypt=" + encrypt);
        String decrypt = decryt(encrypt, key);
        System.out.println("decrypt=" + decrypt);
    }

}

相關文章