[
https://issues.apache.org/jira/browse/KYLIN-5644?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Xiaoxiang Yu resolved KYLIN-5644.
---------------------------------
Resolution: Fixed
> fix diag api security, encryption changed from base64 to AES
> ------------------------------------------------------------
>
> Key: KYLIN-5644
> URL: https://issues.apache.org/jira/browse/KYLIN-5644
> Project: Kylin
> Issue Type: Bug
> Components: REST Service, Security
> Affects Versions: 5.0-alpha
> Reporter: Zhiting Guo
> Assignee: Zhiting Guo
> Priority: Major
> Fix For: 5.0-beta
>
>
> *dev design*
> Continue to develop along the existing logic, adjust Base64 encryption to AES
> encryption, encryption & decryption algorithm multiplexing has been
> implemented as follows:
> Encryption: org.apache.kylin.common.util.EncryptUtil#encrypt(String
> strToEncrypt)
> Decryption: org.apache.kylin.common.util.EncryptUtil#decrypt(String
> strToDecrypt)
> Because there will be special characters after AES encryption, such as: +,
> when API parameters are passed, they will be recognized as spaces, resulting
> in subsequent errors.
> So here is the adjustment, the encryption algorithm is changed to: first
> encrypt with EncryptUtil#encrypt and then encrypt twice with Base64, and the
> decryption algorithm is the same: first decrypt with Base64 and then decrypt
> twice with EncryptUtil#decrypt.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
