filter aes加密
Java接口加密:可以对请求参数、响应参数加密
加密的两种方法推荐
1、使用过滤器加密filter
AES加密
/**
* 过滤器拦截请求,实现加密解密功能
* @author samxie
* @version 1.0
* @date 2022/5/6 18:13
* @Component 将此Filter交给Spring容器管理
* @WebFilter 通过WebFilter进行Filter声明,这样容器在进行部署的时候就会处理该Filter
*
*/
@SuppressWarnings("PMD")
//CHECKSTYLE:OFF
@Slf4j
@Component
public class EncryptFilter implements Filter {
//LTAI4FzVG1h.....密文
@Value("${gateway.secret.key}")
private String aesKey;
//屏蔽的环境:local,dev
@Value("${env.encrypt.profile}")
private String encryptProfile;
@Resource
private Environment environment;
//屏蔽的url
private String[] ignoreUrl = new String[] {
"/v1/saas/login",
"/v1/saas/sendLoginSms",
//自己加
};
private AntPathMatcher antPathMatcher = new AntPathMatcher();
@Override
public void init(FilterConfig filterConfig) throws ServletException {
// Auto-generated method stub
}
/**
* 有错误相应返回-44
*
* @param response
* @throws IOException
*/
private void getFailResponse(HttpServletResponse response) throws IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = null;
out = response.getWriter();
//加密后的错误消息 {"code":0,"data":"系统繁忙,请稍后再试","ok":true}
String errorMessage
= "D9CHXXPAM3SIJmYEyF6QUQhEqfHJldkVqXf4th3Ev7DuagxdHgt5MsRVphBYi7yHTihZmKhKv3YYwAf1Dk77PA==";
out.write(JSONObject.toJSONString(errorMessage));
out.flush();
out.close();
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) {
HttpServletRequest httpRequest = (HttpServletRequest)request;
HttpServletResponse httpResponse = (HttpServletResponse)response;
// 过滤请求:路径
boolean flag = isIgnore(httpRequest, ignoreUrl);
// 环境过滤
String env = environment.getProperty("spring.profiles.active");
//local dev test
String profile = encryptProfile;
if (null != env && profile.contains(env)) {
flag = true;
}
if(flag) {
try {
chain.doFilter(httpRequest, httpResponse);
} catch (IOException e) {
log.error("e:{}", e);
} catch (ServletException e) {
log.error("e:{}", e);
}
} else {
try {
//响应处理 包装响应对象 res 并缓存响应数据
ResponseWrapper responseWrapper = new ResponseWrapper((HttpServletResponse) response);
//执行业务逻辑 交给下一个过滤器或servlet处理
chain.doFilter(request, responseWrapper);
byte[] resData = responseWrapper.getResponseData();
//设置响应内容格式,防止解析响应内容时出错
responseWrapper.setContentType("text/plain;charset=UTF-8");
//加密响应报文并响应
String encryptBASE64 = AesEncryptUtils.encrypt(new String(resData), aesKey);
PrintWriter out = response.getWriter();
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
out.write(JSONObject.toJSONString(encryptBASE64));
//out.print(encryptBASE64);
out.flush();
out.close();
} catch(Exception e) {
try {
getFailResponse((HttpServletResponse)response);
} catch (IOException ioException) {
ioException.printStackTrace();
}
log.error("加密异常信息 ", e);
}
}
}
@Override
public void destroy() {
// Auto-generated method stub
}
/**
* 哪些路径不处理
* @param request
* @param strArr
* @return
*/
public boolean isIgnore(HttpServletRequest request, String[] strArr) {
String path = request.getRequestURI();
for(String ignore : strArr) {
boolean match = antPathMatcher.match(ignore, path);
if (match) {
return true;
}
}
return false;
}
}
//CHECKSTYLE:OFF
工具类
/**
* aes加密解密
*/
public class AesEncryptUtils {
//参数分别代表 算法名称/加密模式/数据填充方式
private static String algorithmstr = "AES/ECB/PKCS5Padding";
public static String getAlgorithmstr() {
return algorithmstr;
}
/**
* 加密
* @param content 加密的字符串
* @param encryptKey key值
* @return
*/
public static String encrypt(String content, String encryptKey) throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128);
Cipher cipher = Cipher.getInstance(algorithmstr);
cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(encryptKey.getBytes(), "AES"));
byte[] b = cipher.doFinal(content.getBytes("utf-8"));
return Base64.encodeBase64String(b);
}
/**
* 解密
* @param encryptStr 解密的字符串
* @param decryptKey 解密的key值
* @return
*/
public static String decrypt(String encryptStr, String decryptKey) throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128);
Cipher cipher = Cipher.getInstance(algorithmstr);
cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(decryptKey.getBytes(), "AES"));
byte[] encryptBytes = Base64.decodeBase64(encryptStr);
byte[] decryptBytes = cipher.doFinal(encryptBytes);
return new String(decryptBytes);
}
}
2、使用aop面向切面加密
filter aes加密是拦截器加密,而aop是面向切面方式加密,两者都可以实现不同程度的加密。