filter aes加密
Java接口加密:可以對請求參數、響應參數加密
加密的兩種方法推薦
1、使用過濾器加密filter
AES加密
/**
* 過濾器攔截請求,實作加密解密功能
* @author samxie
* @version 1.0
* @date 2022/5/6 18:13
* @Component 将此Filter交給Spring容器管理
* @WebFilter 通過WebFilter進行Filter聲明,這樣容器在進行部署的時候就會處理該Filter
*
*/
@SuppressWarnings("PMD")
//CHECKSTYLE:OFF
@Slf4j
@Component
public class EncryptFilter implements Filter {
//LTAI4FzVG1h.....密文
@Value("${gateway.secret.key}")
private String aesKey;
//屏蔽的環境:local,dev
@Value("${env.encrypt.profile}")
private String encryptProfile;
@Resource
private Environment environment;
//屏蔽的url
private String[] ignoreUrl = new String[] {
"/v1/saas/login",
"/v1/saas/sendLoginSms",
//自己加
};
private AntPathMatcher antPathMatcher = new AntPathMatcher();
@Override
public void init(FilterConfig filterConfig) throws ServletException {
// Auto-generated method stub
}
/**
* 有錯誤相應傳回-44
*
* @param response
* @throws IOException
*/
private void getFailResponse(HttpServletResponse response) throws IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = null;
out = response.getWriter();
//加密後的錯誤消息 {"code":0,"data":"系統繁忙,請稍後再試","ok":true}
String errorMessage
= "D9CHXXPAM3SIJmYEyF6QUQhEqfHJldkVqXf4th3Ev7DuagxdHgt5MsRVphBYi7yHTihZmKhKv3YYwAf1Dk77PA==";
out.write(JSONObject.toJSONString(errorMessage));
out.flush();
out.close();
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) {
HttpServletRequest httpRequest = (HttpServletRequest)request;
HttpServletResponse httpResponse = (HttpServletResponse)response;
// 過濾請求:路徑
boolean flag = isIgnore(httpRequest, ignoreUrl);
// 環境過濾
String env = environment.getProperty("spring.profiles.active");
//local dev test
String profile = encryptProfile;
if (null != env && profile.contains(env)) {
flag = true;
}
if(flag) {
try {
chain.doFilter(httpRequest, httpResponse);
} catch (IOException e) {
log.error("e:{}", e);
} catch (ServletException e) {
log.error("e:{}", e);
}
} else {
try {
//響應處理 包裝響應對象 res 并緩存響應資料
ResponseWrapper responseWrapper = new ResponseWrapper((HttpServletResponse) response);
//執行業務邏輯 交給下一個過濾器或servlet處理
chain.doFilter(request, responseWrapper);
byte[] resData = responseWrapper.getResponseData();
//設定響應内容格式,防止解析響應内容時出錯
responseWrapper.setContentType("text/plain;charset=UTF-8");
//加密響應封包并響應
String encryptBASE64 = AesEncryptUtils.encrypt(new String(resData), aesKey);
PrintWriter out = response.getWriter();
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
out.write(JSONObject.toJSONString(encryptBASE64));
//out.print(encryptBASE64);
out.flush();
out.close();
} catch(Exception e) {
try {
getFailResponse((HttpServletResponse)response);
} catch (IOException ioException) {
ioException.printStackTrace();
}
log.error("加密異常資訊 ", e);
}
}
}
@Override
public void destroy() {
// Auto-generated method stub
}
/**
* 哪些路徑不處理
* @param request
* @param strArr
* @return
*/
public boolean isIgnore(HttpServletRequest request, String[] strArr) {
String path = request.getRequestURI();
for(String ignore : strArr) {
boolean match = antPathMatcher.match(ignore, path);
if (match) {
return true;
}
}
return false;
}
}
//CHECKSTYLE:OFF
/**
* aes加密解密
*/
public class AesEncryptUtils {
//參數分别代表 算法名稱/加密模式/資料填充方式
private static String algorithmstr = "AES/ECB/PKCS5Padding";
public static String getAlgorithmstr() {
return algorithmstr;
}
/**
* 加密
* @param content 加密的字元串
* @param encryptKey key值
* @return
*/
public static String encrypt(String content, String encryptKey) throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128);
Cipher cipher = Cipher.getInstance(algorithmstr);
cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(encryptKey.getBytes(), "AES"));
byte[] b = cipher.doFinal(content.getBytes("utf-8"));
return Base64.encodeBase64String(b);
}
/**
* 解密
* @param encryptStr 解密的字元串
* @param decryptKey 解密的key值
* @return
*/
public static String decrypt(String encryptStr, String decryptKey) throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128);
Cipher cipher = Cipher.getInstance(algorithmstr);
cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(decryptKey.getBytes(), "AES"));
byte[] encryptBytes = Base64.decodeBase64(encryptStr);
byte[] decryptBytes = cipher.doFinal(encryptBytes);
return new String(decryptBytes);
}
}