TA的每日心情 | 无聊 昨天 09:05 |
---|
签到天数: 1050 天 连续签到: 1 天 [LV.10]测试总司令
|
需求
postman使用AES加密算法,加密请求体,然后修改原始body,再发给后端。
实现
具体使用API是如下图,collection_request.js。
有一个update方法,所以在postman前置脚本中增加如下代码:
- /**
- * 加密
- */
- function aesEncrypt(data,secret) {
- const srcs = CryptoJS.enc.Utf8.parse(data);
- // 将密钥做md散列计算,保证密钥长度
- const encrypted = CryptoJS.AES.encrypt(srcs,CryptoJS.MD5(secret), {
- iv: [],
- mode: CryptoJS.mode.ECB,
- padding: CryptoJS.pad.Pkcs7
- });
- return encrypted.toString();
- }
- // 密钥
- const secret = "aXGr7jvD+yq87v9eTIAm0o5LFqAWsPgVmC37fewH";
- console.log(`原始body:${pm.request.body.raw}`)
- // 加密
- let encryptData = aesEncrypt(pm.request.body.raw,secret);
- // 修改请求体
- pm.request.body.update({mode: 'raw',raw:`{"encrypt":"${encryptData}"}`})
- // 修改头
- pm.request.headers.upsert({ key: "Content-Type", value: "application/json"})
- console.log(`真实body:${pm.request.body.raw}`);
复制代码 效果
控制台
后端解密工具类
pom需要引入:
- <dependency>
- <groupId>commons-codec</groupId>
- <artifactId>commons-codec</artifactId>
- <version>1.14</version>
- </dependency>
复制代码 该工具类可以解密前端传来的加密数据:
- //参考引入包
- import org.apache.commons.codec.binary.Base64;
- import javax.crypto.Cipher;
- import javax.crypto.SecretKey;
- import javax.crypto.spec.SecretKeySpec;
- import java.security.MessageDigest;
- public class AesUtils{
- public final static String AES_ALGORITHM = "AES/ECB/PKCS5Padding";
- public final static String AES = "AES";
- public final static String MD5 = "MD5";
- public final static String UTF8 = "UTF-8";
- /**
- * aes ecb 128 加密
- * @param content 明文数据
- * @param secret 密钥(需要做散列计算)
- * [url=home.php?mod=space&uid=26358]@return[/url] base64格式的加密字符串
- */
- public static String aesEncrypt(String content, String secret) throws RuntimeException{
- try {
- MessageDigest md = MessageDigest.getInstance(MD5);
- // 对密钥做MD5散列,保证跨端的密钥长度一致
- SecretKey secretKey = new SecretKeySpec(md.digest(secret.getBytes(UTF8)), AES);
- Cipher cipher = Cipher.getInstance(AES_ALGORITHM);
- // 加密模式
- cipher.init(Cipher.ENCRYPT_MODE, secretKey);
- byte[] cipherBytes = cipher.doFinal(content.getBytes(UTF8));
- String result = Base64.encodeBase64String(cipherBytes);
- return result;
- } catch (Exception e) {
- log.error("AES加密异常",e);
- throw new RuntimeException("AES加密异常",e);
- }
- }
- /**
- * aes ecb 128 解密
- * @param content base64格式的加密字符串
- * @param secret 密钥(需要做散列计算)
- * @return 明文数据
- */
- public static String aesDecrypt(String content, String secret) throws RuntimeException{
- try {
- byte[] dataBytes = Base64.decodeBase64(content);
- MessageDigest md = MessageDigest.getInstance(MD5);
- // 对密钥做MD5散列,保证跨端的密钥长度一致
- SecretKey secretKey = new SecretKeySpec(md.digest(secret.getBytes()), AES);
- Cipher cipher = Cipher.getInstance(AES_ALGORITHM);
- // 解密模式
- cipher.init(Cipher.DECRYPT_MODE, secretKey);
- byte[] plainBytes = cipher.doFinal(dataBytes);
- String result = new String(plainBytes, UTF8);
- return result;
- } catch (Exception e) {
- log.error("AES解密异常",e);
- throw new RuntimeException("AES解密异常",e);
- }
- }
- }
复制代码
|
|