Spring Cloud Config对称密钥
作者:互联网
我使用Spring Cloud Config Server设置了一个简单的项目,我试图简单地加密和解密一些值.我使用以下带有Spring Boot的pom.xml将项目创建为Spring Starter项目.
的pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.oreilly.cloud</groupId>
<artifactId>spring-microservices-config-server6</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>jar</packaging>
<name>spring-microservices-config-server6</name>
<description>Demo project for Spring Boot</description>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.4.2.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-config-server</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>Camden.SR2</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
从那里我修改了主要的Spring Boot Application类来添加@EnableConfigServer注释,如下所示:
@SpringBootApplication
@EnableConfigServer
public class SpringMicroservicesConfigServer6Application {
public static void main(String[] args) {
SpringApplication.run(SpringMicroservicesConfigServer6Application.class, args);
}
}
在我的application.properties文件中,我指向一个git存储库,设置服务器端口并使用encrypt.key启用对称密钥加密,如下所示:
server.port=8888
spring.cloud.config.server.git.uri=C:/Users/training/Desktop/sts-workspace/configuration
encrypt.key=secret
接下来我打开一个bash shell并加密一些数据:
$curl http://localhost:8888/encrypt -d Kevin
产生价值:
`315ca5592635e4f65e0a0278cd08f74b5cef27e8379bd0e0d81d08c9ed8fbac161d`
如果我尝试使用以下方法解密该值:
$curl localhost:8888/decrypt --data-urlencode 315ca5592635e4f65e0a0278cd08f74cef27e8379bd0e0d81d08c9ed8fbac161d
我收到以下错误:
276description":"Text not encrypted with this key","status":"INVALID"}
我不明白为什么这个简单的场景几乎没有开箱即用.手动需要非常小的配置,我想知道这是否是配置服务器的问题?有人可以帮忙吗?
解决方法:
我刚刚发现了发生了什么:
$curl -X POST localhost:8888/encrypt -d FOO
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 67 100 64 100 3 4000 187 --:--:-- --:--:-- --:--:-- 4000e474cd78d6c18e0e5395e67a3bc0865a75077650e91d2249d460e91d6989ce87
我把4000e474cd78d6c18e0e5395e67a3bc0865a75077650e91d2249d460e91d6989ce87作为加密文本,它不起作用.
问题是当前速度列正好在响应之前,所以我们使用它就好像它是响应的一部分.
实际加密文本是,删除当前速度:e474cd78d6c18e0e5395e67a3bc0865a75077650e91d2249d460e91d6989ce87
$curl localhost:8888/decrypt -d e474cd78d6c18e0e5395e67a3bc0865a75077650e91d2249d460e91d6989ce87
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 67 100 3 100 64 187 4000 --:--:-- --:--:-- --:--:-- 4000FOO
标签:spring,spring-cloud-2,spring-cloud-config 来源: https://codeday.me/bug/20190623/1266897.html