接口加密传输设计及AES加解密代码DEMO

接口加密传输设计及AES加解密代码DEMO

接口加密的方案设计：可以将请求的json字符串aes加密，通过params字段传输，
接口服务端接收到参数，先解密，然后转换成对象。
继续业务逻辑的处理。
（另外一种方案是：针对敏感字段aes加密，服务接收端对敏感字段来解密处理）

RequestVo对象：

    private String params;
    private String sign;

伪代码

String encrypt = requestVo.getParams();
    RealReqVO realReqVO = new RealReqVO();
    String decryptJson = decryt(encrypt,key);
    //json转换为对象
    realReqVO = JSON.parseObject(decryptJson,ReceiveReqVO.class);
    log.info("数据接口(解密后)，入参：{}", JSON.toJSONString(realReqVO));
    if(StringUtils.isBlank(realReqVO.getSign())){
        realReqVO.setSign(request.getSign());
    }
    //对sign简单处理是：能否aes解密成功~
    validateSign(request.getSign(), key);

以下是AES加解密的DEMO

import org.apache.commons.codec.binary.Base64;

import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;

public class DesTest {
    public static String decryt(String input, String key) {
        byte[] output = null;
        String res = "";
        try {
            SecretKeySpec skey = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES");
            Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
            cipher.init(Cipher.DECRYPT_MODE, skey);
            output = cipher.doFinal(Base64.decodeBase64(input.getBytes()));
            return new String(output,StandardCharsets.UTF_8);
        } catch (Exception e) {
            e.printStackTrace();
        }
        return "";
    }

    public static String encrypt(String input, String key) {
        String res = "";
        try {
            SecretKeySpec skey = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES");
            Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
            cipher.init(Cipher.ENCRYPT_MODE, skey);
            byte[] output = cipher.doFinal(input.getBytes());
            res = Base64.encodeBase64String(output);
        } catch (Exception e) {
            e.printStackTrace();
        }
        return res;
    }

    public static void main(String[] args) throws Exception {
        //Input length must be multiple of 16 when decrypting with padded cipher
        //AES解密报错，Input length must be multiple of 16 when decrypting with padded cipher
        //加密方案及AES加密，需要同一个key。 或者是AES密文被修改，无法解密。
        //AES解密报错，Input length must be multiple of 16 when decrypting with padded cipher
        //具体解决就是：在解密前再转一次编码，基本就能解决这一报错问题。
　　　　　//原因分析：前端enCode在后端解析失败，最后的%3D无法解析，导致偏移向量对应不上，报错
        //String un="8RKHWcE11foCm2%2BaEuFG6w%3D%3D";
        //String pd="TQafftXrh8aXYNFJcPgw1w%3D%3D";
        //先转编码!!!
        //String ufUserName = URLDecoder.decode(un, "UTF-8");
        //String ufPassWord = URLDecoder.decode(pd, "UTF-8");
        //此时里面的%3D 解析成了=
        //8RKHWcE11foCm2%2BaEuFG6w==
        //TQafftXrh8aXYNFJcPgw1w==
        //然后再去解密

        //Invalid AES key length: 7 bytes
        String key = "testKeytestKeytestKeytestKey1234"; //32位长度

        String content = "{10086}";
        String encrypt = encrypt(content, key);
        System.out.println("encrypt=" + encrypt);
        String decrypt = decryt(encrypt, key);
        System.out.println("decrypt=" + decrypt);
    }

}