最近在对接公司项目的时候需要在http接口中添加秘钥验证参数,前端使用的是Flex(AS 3.0) 写的客户端,需要调用接口去Java后台做解析验证,由于Flex和Java的同样的加密方式所采用的的加密算法又不相同,所以在验证过程中两端加密出的结果都是不相同的,后来经过在网上查找方案发现,两种语言在decodeBase64的时候算法不一样,后来经过参考 http://jueyue.iteye.com/blog/1830792 这篇文章后,解决了该问题。
Java实现:
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
/*******************************************************************************
* AES加解密算法
使用AES/ECB/PKCS5## 模式加密 key需要为16位。
*/
public class AES {
// 加密
public String Encrypt(String sSrc, String sKey) throws Exception {
if (sKey == null) {
System.out.print("Key为空null");
return null;
}
// 判断Key是否为16位
if (sKey.length() != 16) {
System.out.print("Key长度不是16位");
return null;
}
byte[] raw = sKey.getBytes("UTF-8");
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
SecureRandom random = new SecureRandom();
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, random);
byte[] sa = (sSrc.getBytes("UTF-8"));
for(int i = 0; i < sa.length; i++)
{
System.out.println(sa[i]);
}
byte[] encrypted = cipher.doFinal(sSrc.getBytes());
return Base64.encodeBase64String(encrypted);
}
// 解密
public String Decrypt(String sSrc, String sKey) throws Exception {
try {
// 判断Key是否正确
if (sKey == null) {
System.out.print("Key为空null");
return null;
}
// 判断Key是否为16位
if (sKey.length() != 16) {
System.out.print("Key长度不是16位");
return null;
}
byte[] raw = sKey.getBytes("UTF-8");
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
SecureRandom random = new SecureRandom();
cipher.init(Cipher.DECRYPT_MODE, skeySpec, random);
byte[] encrypted1 = Base64.decodeBase64(sSrc);//先用bAES64解密
try {
byte[] original = cipher.doFinal(encrypted1);
String originalString = new String(original);
return originalString;
} catch (Exception e) {
System.out.println(e.toString());
return null;
}
} catch (Exception ex) {
System.out.println(ex.toString());
return null;
}
}
public static void main(String[] args)
{
try {
AES aes = new AES();
String encryptContent = "HelloWorld";
String key = "RgTw867hqCLAUw==";
String encryptResult = aes.Encrypt(encryptContent, key);
System.out.println("encryptResult = " + encryptResult);
String decryptResult = aes.Decrypt(encryptResult, key);
System.out.println("decryptResult = " + decryptResult);
} catch (Exception e) {
System.out.println(e.getStackTrace());
}
}
}
Flex实现:
private var _k:String = "RgTw867hqCLAUw=="; //加密key 使用的aes-ecb加密模式的key需要是16位
private var _encodeContent:String = "HelloWorld"; //加密内容
private var _encodeMode:String = "aes-ecb"; //加密模式
private var _encodeResult:String; //加密结果
//加密
private function encode():void
{
var kdata:ByteArray = Hex.toArray(Hex.fromString(_k));
var data:ByteArray = Hex.toArray(Hex.fromString(_encodeContent));
var pad:IPad = new PKCS5();
var mode:ICipher = Crypto.getCipher(_encodeMode, kdata, pad);
pad.setBlockSize(mode.getBlockSize());
mode.encrypt(data);
_encodeResult = Base64.encodeByteArray(data);
trace("encodeResult = " + _encodeResult); // 0EsyqzXgW5wYC79Kwt1xBw==
}
//解密
private function decode():void
{
var kdata:ByteArray = Hex.toArray(Hex.fromString(_k));
var decodeData:ByteArray = Base64.decodeToByteArray(_encodeResult);
var pad:IPad = new PKCS5();
var mode:ICipher = Crypto.getCipher(_encodeMode, kdata, pad);
pad.setBlockSize(mode.getBlockSize());
mode.decrypt(decodeData);
var decodeResult:String = Hex.toString(Hex.fromArray(decodeData));
trace("decodeResult = " + decodeResult); // HelloWorld
}
encode();
decode();