Last encoded character (before the paddings if any) is a valid base 64 alphabet but not a possible value. Expected the discarded bits to be zero. 异常

[ronger-x]

简要描述

升级 commons-codec 至 1.13 版本后，加解密时出现 java.lang.IllegalArgumentException: Last encoded character (before the paddings if any) is a valid base 64 alphabet but not a possible value. Expected the discarded bits to be zero. 异常

问题原因

commons-codec 在 1.13 版本引入了 validateCharacter 方法,来验证在上下文中是否可以解码最后的尾随字符,微信生成的 EncodingAESKey 无法通过校验

/**
     * Validates whether decoding the final trailing character is possible in the context
     * of the set of possible base 64 values.
     *
     * <p>The character is valid if the lower bits within the provided mask are zero. This
     * is used to test the final trailing base-64 digit is zero in the bits that will be discarded.
     *
     * @param emptyBitsMask The mask of the lower bits that should be empty
     * @param context the context to be used
     *
     * @throws IllegalArgumentException if the bits being checked contain any non-zero value
     */
    private static void validateCharacter(final int emptyBitsMask, final Context context) {
        if ((context.ibitWorkArea & emptyBitsMask) != 0) {
            throw new IllegalArgumentException(
                "Last encoded character (before the paddings if any) is a valid base 64 alphabet but not a possible value. " +
                "Expected the discarded bits to be zero.");
        }
    }

解决方法

使用 commons-codec 加密 32 位字符(我是用的 UUID 生成 ID 后去除 -) 生成一个 EncodingAESKey 替换微信生成的 EncodingAESKey

Base64.encodeBase64String(UUID.randomUUID().toString().replaceAll("-","").getBytes());  

commons-codec 加密 32 位字符串得到一个 44 位字符串,去除末尾等号得到 43 位EncodingAESKey

[ronger-x]

老版本没有问题, commons-codec 在 1.13 版本引入了 validateCharacter 方法,来验证在上下文中是否可以解码最后的尾随字符,微信生成的 EncodingAESKey 无法通过校验

/**
     * Validates whether decoding the final trailing character is possible in the context
     * of the set of possible base 64 values.
     *
     * <p>The character is valid if the lower bits within the provided mask are zero. This
     * is used to test the final trailing base-64 digit is zero in the bits that will be discarded.
     *
     * @param emptyBitsMask The mask of the lower bits that should be empty
     * @param context the context to be used
     *
     * @throws IllegalArgumentException if the bits being checked contain any non-zero value
     */
    private static void validateCharacter(final int emptyBitsMask, final Context context) {
        if ((context.ibitWorkArea & emptyBitsMask) != 0) {
            throw new IllegalArgumentException(
                "Last encoded character (before the paddings if any) is a valid base 64 alphabet but not a possible value. " +
                "Expected the discarded bits to be zero.");
        }
    }

[ronger-x]

谢谢指出，其实文档是 wiki，人人可编辑。
能否指出你用老版本所产生的异常内容？方便写入文档中。

已更新文档!

[binarywang]

感谢

[binarywang]

https://developers.weixin.qq.com/community/develop/doc/000e44168b41c07008c965c7450800

[binarywang]

最新版已经去掉对commons-codec的依赖，欢迎使用新版本

[qiaozhiqma]

新版本在哪啊

[binarywang]

新版本在哪啊

看首页版本号，maven仓库里的