WebSocket Sec Key 加密规则

示例

请求头

GET ws://192.168.1.2:20000/test/ws/testusername HTTP/1.1
Host: 192.168.1.2:20000
Connection: Upgrade
Pragma: no-cache
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36 Edg/89.0.774.77
Upgrade: websocket
Origin: http://192.168.1.2:20000
Sec-WebSocket-Version: 13
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6
Sec-WebSocket-Key: 0+QwLgygNnGVJniN7Qn9Bw==
Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits

响应头

HTTP/1.1 101
Upgrade: websocket
Connection: upgrade
Sec-WebSocket-Accept: njBND6LKlpJ6v6cwSduscenP/tI=
Sec-WebSocket-Extensions: permessage-deflate;client_max_window_bits=15
Date: Sat, 24 Apr 2021 13:33:36 GMT

加密规则

算法中用到的固定字符串258EAFA5-E914-47DA-95CA-C5AB0DC85B11。

请求头Sec-WebSocket-Key是base64编码后的字符串，加上固定字符串258EAFA5-E914-47DA-95CA-C5AB0DC85B11，生成的十六进制sha1字符串

等于

响应头Sec-WebSocket-Accept是base64解码后的字符串，再编码为十六进制字符串。

import org.apache.commons.codec.DecoderException;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;

public class Test {

    public static void main(String[] args) throws DecoderException {

        String s = DigestUtils.sha1Hex("0+QwLgygNnGVJniN7Qn9Bw==258EAFA5-E914-47DA-95CA-C5AB0DC85B11");
        System.out.println(s); // 9e304d0fa2ca96927abfa73049dbac71e9cffed2

        byte[] bytes = Base64.decodeBase64("njBND6LKlpJ6v6cwSduscenP/tI=");
        System.out.println(Hex.encodeHexString(bytes)); // 9e304d0fa2ca96927abfa73049dbac71e9cffed2

        byte[] bytes1 = Hex.decodeHex("9e304d0fa2ca96927abfa73049dbac71e9cffed2");
        System.out.println(Base64.encodeBase64String(bytes1)); // njBND6LKlpJ6v6cwSduscenP/tI=

    }

}