下午好,我目前正在使用 JAVA 和 Quarkus 中的 api,在其中我通过 GET 方法接收 url 中使用 AES 加密的参数,问题是加密带有特殊字符,例如 +/现在读取 url,服务将其作为路径
这是我的 AES 加密代码,即加密和解密方法,我将其用于加密:
package com.tmve.util;
import lombok.NoArgsConstructor;
import javax.crypto.*;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.UnsupportedEncodingException;
import java.security.*;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.util.Arrays;
import java.util.Base64;
@NoArgsConstructor
public class EncryptUtil {
private static byte[] initializationVector = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
private static byte[] key;
private static SecretKeySpec secretKey;
public String encrypt(String input, String key)
throws NoSuchPaddingException, NoSuchAlgorithmException,
InvalidAlgorithmParameterException, InvalidKeyException,
BadPaddingException, IllegalBlockSizeException {
byte[] desKeyData = key.getBytes();
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
SecretKeySpec myKey = new SecretKeySpec(desKeyData, "AES");
IvParameterSpec specie = new IvParameterSpec(initializationVector);
cipher.init(Cipher.ENCRYPT_MODE, myKey, specie);
byte[] cipherText = cipher.doFinal(input.getBytes());
return Base64.getEncoder().encodeToString(cipherText);
}
public String decrypt(String cipherText, String key) throws NoSuchPaddingException, NoSuchAlgorithmException,
InvalidAlgorithmParameterException, InvalidKeyException,
BadPaddingException, IllegalBlockSizeException {
byte[] desKeyData = key.getBytes();
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
SecretKeySpec myKey = new SecretKeySpec(Arrays.copyOf(desKeyData,16), "AES");
IvParameterSpec ivspec = new IvParameterSpec(initializationVector);
cipher.init(Cipher.DECRYPT_MODE, myKey, ivspec);
byte[] plainText = cipher.doFinal(Base64.getDecoder().decode(cipherText));
return new String(plainText);
}
public String decryptAESText2(String cipherText, String key) throws Exception {
setKey(key);
Cipher decipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
IvParameterSpec ivspec = new IvParameterSpec(initializationVector);
decipher.init(Cipher.DECRYPT_MODE, secretKey);
byte[] plainText = decipher.doFinal(Base64.getDecoder().decode(cipherText));
return new String(plainText);
}
public String encryptAESText2(String plainText, String key) throws Exception {
setKey(key);
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
IvParameterSpec specie = new IvParameterSpec(initializationVector);
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
byte[] cipherText = cipher.doFinal(plainText.getBytes("UTF-8"));
return Base64.getEncoder().encodeToString(cipherText);
}
public SecretKey getKeyFromPassword(String password, String salt)
throws NoSuchAlgorithmException, InvalidKeySpecException {
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
KeySpec spec = new PBEKeySpec(password.toCharArray(), salt.getBytes(), 65536, 256);
SecretKey secret = new SecretKeySpec(factory.generateSecret(spec)
.getEncoded(), "AES");
return secret;
}
public String decryptSSOText(String cipherText) throws Exception {
String DEFAULT_KEY = "k2/3kwpEMHKrLgNkYDzs+YVfzXSp9Xyx";
String DEFAULT_IV = "G1oPqIGmVOk=";
byte[] encData = Base64.getDecoder().decode(cipherText.replaceAll("[\n\r]", ""));
byte[] tdesKeyData = Base64.getDecoder().decode(DEFAULT_KEY);
Cipher decipher = Cipher.getInstance("DESede/CBC/PKCS5Padding");
SecretKeySpec myKey = new SecretKeySpec(tdesKeyData, "DESede");
IvParameterSpec ivspec = new IvParameterSpec(Base64.getDecoder().decode(DEFAULT_IV));
decipher.init(Cipher.DECRYPT_MODE, myKey, ivspec);
byte[] plainText = decipher.doFinal(Base64.getDecoder().decode(cipherText));
return new String(plainText);
}
public String EncryptSSOText(String cipherText) throws Exception {
String DEFAULT_KEY = "k2/3kwpEMHKrLgNkYDzs+YVfzXSp9Xyx";
String DEFAULT_IV = "G1oPqIGmVOk=";
byte[] desKeyData = Base64.getDecoder().decode(DEFAULT_KEY);
Cipher decipher = Cipher.getInstance("DESede/CBC/PKCS5Padding");
SecretKeySpec myKey = new SecretKeySpec(desKeyData, "DESede");
IvParameterSpec ivspec = new IvParameterSpec(Base64.getDecoder().decode(DEFAULT_IV));
decipher.init(Cipher.ENCRYPT_MODE, myKey, ivspec);
byte[] plainText = decipher.doFinal(cipherText.getBytes());
return Base64.getEncoder().encodeToString(plainText);
}
private void setKey(String myKey) {
MessageDigest sha = null;
try {
key = myKey.getBytes("UTF-8");
sha = MessageDigest.getInstance("SHA-256");
key = sha.digest(key);
key = Arrays.copyOf(key, 16);
secretKey = new SecretKeySpec(key, "AES");
} catch (NoSuchAlgorithmException | UnsupportedEncodingException e) {
e.printStackTrace();
}
}
public IvParameterSpec generateIv() {
byte[] iv = new byte[16];
new SecureRandom().nextBytes(iv);
return new IvParameterSpec(iv);
}
}
有时数字如下:
WKqxB/qNPQUz6wRbHZrpBQ==
问题在于,当我必须将其传递到如下所示的网址时:
https://10.162.128.94:30000/userProfile/v3.6/users/WKqxB/qNPQUz6wRbHZrpBQ==
上面的内容导致我在暴露我的服务时出现错误,例如通过kubernete和入口,所以我想知道是否还有其他选项,我知道base64编码和解码是一个选项,但我想使用AES
您可以使用一种称为 URL 安全的 base64 编码来代替。这将在生成的 Base64 字符串中使用
-
和 _
而不是 +
和 /
。
查看
java.util.Base64.getUrlEncoder()
和java.util.Base64.getUrlDecoder()
。