Jasypt 加密 - 加密时删除斜线
Jasypt encryption - remove slash when encrypting
我目前正在使用 jasypt 作为我的加密工具,问题是一旦一个词被加密,它会产生“/”,我想避免在我的加密中使用斜线。原因是我在 url.
中使用它
因此,例如 jasypt 生成此加密文本:
String encryptedText = "/O0sJjPUFgRGfND1TpHrkbyCalgY/rSpE8nhJ/wYjYY=";
我会把这个附加到我的 link..
例如:
String.format("%s%s", "youtube.com/videos/", encryptedText);
这会将我重定向到另一个 link,因此它不会转到视频部分,而是转到 /O0sJjPUFgRGfND1TpHrkbyCalgY
这是我的代码:
public class EncryptionUtil {
public static final String ENCRYPTION_KEY = "test-encryption";
private static final String EMPTY_KEY_OR_TEXT = "Decryption key and text must not be empty.";
public static String decrypt(final String encryptedText) {
if (StringUtils.isAnyBlank(encryptedText)) {
throw new ApiErrorException(EMPTY_KEY_OR_TEXT);
}
try {
final char[] keyCharArray = ENCRYPTION_KEY.toCharArray();
final BasicTextEncryptor textEncryptor = new BasicTextEncryptor();
textEncryptor.setPasswordCharArray(keyCharArray);
return textEncryptor.decrypt(encryptedText);
} catch (EncryptionOperationNotPossibleException e) {
throw new ApiErrorException(e.getMessage());
}
}
public static String encrypt(final String plaintext) {
if (StringUtils.isAnyBlank(plaintext)) {
throw new ApiErrorException(EMPTY_KEY_OR_TEXT);
}
final char[] keyCharArray = ENCRYPTION_KEY.toCharArray();
final BasicTextEncryptor textEncryptor = new BasicTextEncryptor();
textEncryptor.setPasswordCharArray(keyCharArray);
return textEncryptor.encrypt(plaintext);
}
}
这是我的 spring 控制器:
@GetMapping("/profile/client-users/{userId}")
public ModelAndView getAccountAccess(
@PathVariable String userId, ModelMap modelMap) {
userId = EncryptionUtil.decrypt(userId);
}
第一个(不好的)方法是允许 url 中的斜杠字符,就像下面的线程
但我认为使用 base64 编码您的加密文本似乎是一种不那么扭曲的方式。
而base64编码真的很适合这个
Base64 encoding can be helpful when fairly lengthy identifying
information is used in an HTTP environment. For example, a database
persistence framework for Java objects might use Base64 encoding to
encode a relatively large unique id (generally 128-bit UUIDs) into a
string for use as an HTTP parameter in HTTP forms or HTTP GET URLs
Quoted from: https://en.wikipedia.org/wiki/Base64
使用以下内容对您的加密文本进行编码:
String encryptedText = "/O0sJjPUFgRGfND1TpHrkbyCalgY/rSpE8nhJ/wYjYY=";
String encryptedTextAndEncoded = new String(java.util.Base64.getEncoder().encode(encryptedText.getBytes()));
try {
// Using standard Base64 in URL requires encoding of '+', '/' and '='
encryptedTextAndEncoded = URLEncoder.encode(encryptedTextAndEncoded, "UTF-8");
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
String.format("%s%s", "youtube.com/videos/", encryptedTextAndEncoded);
结果 url 将是:
youtube.com/videos/L08wc0pqUFVGZ1JHZk5EMVRwSHJrYnlDYWxnWS9yU3BFOG5oSi93WWpZWT0%3D
这是完全有效的 url
然后,服务器端,您将在使用之前解码字符串:
@GetMapping("/profile/client-users/{userId}")
public ModelAndView getAccountAccess(
@PathVariable String userId, ModelMap modelMap) {
String decoded = new String(java.util.Base64.getDecoder().decode(userId.getBytes()));
userId = EncryptionUtil.decrypt(decoded);
}
我目前正在使用 jasypt 作为我的加密工具,问题是一旦一个词被加密,它会产生“/”,我想避免在我的加密中使用斜线。原因是我在 url.
中使用它因此,例如 jasypt 生成此加密文本:
String encryptedText = "/O0sJjPUFgRGfND1TpHrkbyCalgY/rSpE8nhJ/wYjYY=";
我会把这个附加到我的 link..
例如:
String.format("%s%s", "youtube.com/videos/", encryptedText);
这会将我重定向到另一个 link,因此它不会转到视频部分,而是转到 /O0sJjPUFgRGfND1TpHrkbyCalgY
这是我的代码:
public class EncryptionUtil {
public static final String ENCRYPTION_KEY = "test-encryption";
private static final String EMPTY_KEY_OR_TEXT = "Decryption key and text must not be empty.";
public static String decrypt(final String encryptedText) {
if (StringUtils.isAnyBlank(encryptedText)) {
throw new ApiErrorException(EMPTY_KEY_OR_TEXT);
}
try {
final char[] keyCharArray = ENCRYPTION_KEY.toCharArray();
final BasicTextEncryptor textEncryptor = new BasicTextEncryptor();
textEncryptor.setPasswordCharArray(keyCharArray);
return textEncryptor.decrypt(encryptedText);
} catch (EncryptionOperationNotPossibleException e) {
throw new ApiErrorException(e.getMessage());
}
}
public static String encrypt(final String plaintext) {
if (StringUtils.isAnyBlank(plaintext)) {
throw new ApiErrorException(EMPTY_KEY_OR_TEXT);
}
final char[] keyCharArray = ENCRYPTION_KEY.toCharArray();
final BasicTextEncryptor textEncryptor = new BasicTextEncryptor();
textEncryptor.setPasswordCharArray(keyCharArray);
return textEncryptor.encrypt(plaintext);
}
}
这是我的 spring 控制器:
@GetMapping("/profile/client-users/{userId}")
public ModelAndView getAccountAccess(
@PathVariable String userId, ModelMap modelMap) {
userId = EncryptionUtil.decrypt(userId);
}
第一个(不好的)方法是允许 url 中的斜杠字符,就像下面的线程
但我认为使用 base64 编码您的加密文本似乎是一种不那么扭曲的方式。 而base64编码真的很适合这个
Base64 encoding can be helpful when fairly lengthy identifying information is used in an HTTP environment. For example, a database persistence framework for Java objects might use Base64 encoding to encode a relatively large unique id (generally 128-bit UUIDs) into a string for use as an HTTP parameter in HTTP forms or HTTP GET URLs
Quoted from: https://en.wikipedia.org/wiki/Base64
使用以下内容对您的加密文本进行编码:
String encryptedText = "/O0sJjPUFgRGfND1TpHrkbyCalgY/rSpE8nhJ/wYjYY=";
String encryptedTextAndEncoded = new String(java.util.Base64.getEncoder().encode(encryptedText.getBytes()));
try {
// Using standard Base64 in URL requires encoding of '+', '/' and '='
encryptedTextAndEncoded = URLEncoder.encode(encryptedTextAndEncoded, "UTF-8");
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
String.format("%s%s", "youtube.com/videos/", encryptedTextAndEncoded);
结果 url 将是:
youtube.com/videos/L08wc0pqUFVGZ1JHZk5EMVRwSHJrYnlDYWxnWS9yU3BFOG5oSi93WWpZWT0%3D
这是完全有效的 url
然后,服务器端,您将在使用之前解码字符串:
@GetMapping("/profile/client-users/{userId}")
public ModelAndView getAccountAccess(
@PathVariable String userId, ModelMap modelMap) {
String decoded = new String(java.util.Base64.getDecoder().decode(userId.getBytes()));
userId = EncryptionUtil.decrypt(decoded);
}