diff --git a/server/src/main/config/application.properties b/server/src/main/config/application.properties index c7048d4..b554242 100644 --- a/server/src/main/config/application.properties +++ b/server/src/main/config/application.properties @@ -162,9 +162,9 @@ beian = ${KK_BEIAN:default} #禁止上传类型 prohibit = ${KK_PROHIBIT:exe,dll,dat} #启用验证码删除文件 默认关闭 -delete.captcha= ${KK_DELETE_CAPTCHA:true} +delete.captcha= ${KK_DELETE_CAPTCHA:false} #删除密码 -#delete.password = ${KK_DELETE_PASSWORD:123456} +delete.password = ${KK_DELETE_PASSWORD:123456} #删除 转换后OFFICE、CAD、TIFF、压缩包源文件 默认开启 节约磁盘空间 delete.source.file = ${KK_DELETE_SOURCE_FILE:true} #首页初始化加载第一页 @@ -188,11 +188,20 @@ cad.timeout =${KK_CAD_TIMEOUT:90} #Cad转换线程设置 cad.thread =${KK_CAD_THREAD:5} -#??????token,weiweiw,2024.5.17 +#if enable token verification?weiweiw,2024.5.17 token.enable=${KK_TOKEN_ENABLE:true} -#???? +#Unit, unit is minute token.expire.time=${KK_TOKEN_EXPIRE_TIME:10} - +#???? +aes.key.algorithm=${KK_AESKEY_ALGORITHM:AES} +#??????????? +aes.cipher.algorithm=${KK_AESKEY_CIPHER_ALGORITHM:AES/CBC/PKCS7Padding} +#????? +aes.encryption.provider = ${KK_AESKEY_ENCRYPTION_PROVIDER:BC} +#?? +aes.key=${KK_AESKEY_KEY:zhgd@bonus@zhgd@bonus@1234567890} +#??? +aes.iv=${KK_AESKEY_IV:1234567812345678} diff --git a/server/src/main/java/cn/keking/config/ConfigConstants.java b/server/src/main/java/cn/keking/config/ConfigConstants.java index 143947b..17aa0b4 100644 --- a/server/src/main/java/cn/keking/config/ConfigConstants.java +++ b/server/src/main/java/cn/keking/config/ConfigConstants.java @@ -67,8 +67,14 @@ public class ConfigConstants { private static String homePagination; private static String homePageSize; private static String homeSearch; + //added by weiweiw 2024.5.17 private static Boolean tokenEnable; private static int tokenExpireTime; + private static String aesKeyAlgorithm; + private static String aesCipheAlgorithm; + private static String aesEncrptionProvider; + private static String aesKey; + private static String aesIv; public static final String DEFAULT_CACHE_ENABLED = "true"; public static final String DEFAULT_TXT_TYPE = "txt,html,htm,asp,jsp,xml,json,properties,md,gitignore,log,java,py,c,cpp,sql,sh,bat,m,bas,prg,cmd,xbrl"; @@ -104,7 +110,7 @@ public class ConfigConstants { public static final String DEFAULT_OFFICE_MAXIMAQERESOLUTION = "150"; public static final String DEFAULT_OFFICE_EXPORTBOOKMARKS = "true"; public static final String DEFAULT_OFFICE_EXPORTNOTES = "true"; - public static final String DEFAULT_OFFICE_EOCUMENTOPENPASSWORDS = "true"; + public static final String DEFAULT_OFFICE_EOCUMENTOPENPASSWORDS = null; public static final String DEFAULT_HOME_PAGENUMBER = "1"; public static final String DEFAULT_HOME_PAGINATION = "true"; public static final String DEFAULT_HOME_PAGSIZE = "15"; @@ -771,4 +777,57 @@ public class ConfigConstants { public static void setTokenExpireTimeValue(int tokenExpireTime){ConfigConstants.tokenExpireTime = tokenExpireTime;} + public static String getAesKey() { + return aesKey; + } + + @Value("${aes.key:}") + public void setAesKey(String aesKeyValue) { + setAesKeyValue(aesKeyValue); + } + + public static void setAesKeyValue(String aesKeyValue){ConfigConstants.aesKey = aesKeyValue;} + + public static String getAesIv() { + return aesIv; + } + + @Value("${aes.iv:}") + public void setAesIv(String aesIvValue) { + setAesIvValue(aesIvValue); + } + + public static void setAesIvValue(String aesIvValue){ConfigConstants.aesIv = aesIvValue;} + + public static String getKeyAlgorithm(){return aesKeyAlgorithm;} + + @Value("${aes.key.algorithm:}") + public void setKeyAlgorithm(String keyAlgorithm) { + setKeyAlgorithmValue(keyAlgorithm); + } + + public static void setKeyAlgorithmValue(String keyAlgorithm){ConfigConstants.aesKeyAlgorithm = keyAlgorithm;} + + + public static String getCipherAlgorithm(){return aesCipheAlgorithm;} + + @Value("${aes.cipher.algorithm:}") + public void setCipherAlgorithm(String cipheAlgorithm) { + setCipherAlgorithmValue(cipheAlgorithm); + } + + public static void setCipherAlgorithmValue(String cipheAlgorithm){ConfigConstants.aesCipheAlgorithm = cipheAlgorithm;} + + + public static String getEncryptionProvider(){ + return aesEncrptionProvider;} + + @Value("${aes.encryption.provider:}") + public void setEncryptionProvider(String encryptionProvider) { + setEncryptionProviderValue(encryptionProvider); + } + + public static void setEncryptionProviderValue(String encryptionProvider){ + ConfigConstants.aesEncrptionProvider = encryptionProvider;} + } diff --git a/server/src/main/java/cn/keking/utils/AesCbcUtils.java b/server/src/main/java/cn/keking/utils/AesCbcUtils.java new file mode 100644 index 0000000..f8f067c --- /dev/null +++ b/server/src/main/java/cn/keking/utils/AesCbcUtils.java @@ -0,0 +1,121 @@ +package cn.keking.utils; + +import cn.keking.config.ConfigConstants; +import org.apache.commons.codec.binary.Base64; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import javax.crypto.Cipher; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; +import java.security.Security; + +/** + * + * AES加密工具类 + * @author HeiZi + */ +public class AesCbcUtils { + + private static final Logger logger = LoggerFactory.getLogger(AesCbcUtils.class); + //使用AES-256-CBC加密模式,key需要为16位,key和iv可以相同! +// /** +// * 密钥算法 +// */ +// private static final String KEY_ALGORITHM = "AES"; +// +// /** +// * 加密/解密算法 / 工作模式 / 填充方式 +// * Java 6支持PKCS5Padding填充方式 +// * Bouncy Castle支持PKCS7Padding填充方式 +// */ +// private static final String CIPHER_ALGORITHM = "AES/CBC/PKCS7Padding"; + /** + * 编码格式导出 + */ + public static final String ENCODING = "utf-8"; + + static { + //如果是PKCS7Padding填充方式,则必须加上下面这行 + Security.addProvider(new BouncyCastleProvider()); + } + + /** + * AES加密 + *(CBC模式) + * @param source 源字符串 + * @param + * @throws Exception + * @return 加密后的密文 + */ + public static String encrypt(String source ) { + try{ + String key_algorithm = ConfigConstants.getKeyAlgorithm(); + String cipher_algorithm = ConfigConstants.getCipherAlgorithm(); + String encryptionProvider = ConfigConstants.getEncryptionProvider(); + + String key= ConfigConstants.getAesKey(); + byte[] sourceBytes = source.getBytes(ENCODING); + byte[] keyBytes = key.getBytes(ENCODING); + Cipher cipher = Cipher.getInstance(cipher_algorithm, encryptionProvider); + IvParameterSpec iv = new IvParameterSpec(ConfigConstants.getAesIv().getBytes(ENCODING)); + cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(keyBytes, key_algorithm), iv); + byte[] decrypted = cipher.doFinal(sourceBytes); + return Base64.encodeBase64String(decrypted); + }catch (Exception e){ + logger.error(e.toString(),e); + System.out.println(e.toString()); + } + return null; + } + +// public static void main(String[] args) { +// // String json=""; +// long timestamp = System.currentTimeMillis(); +// // 2. 时间戳转字符串 +// String timestampStr = Long.toString(timestamp); +// //String json="{\"username\":\"guest\",\"password\":\"admin@123\"}"; +// String data=encrypt(timestampStr); +// System.err.println(data); +// +// String originalStr = decrypt(data); +// System.err.println(originalStr); +// +// } + + /** + * AES解密 + *(CBC模式) + * @param data 加密后的密文 + * @param + * @throws Exception + * @return 源字符串 + */ + public static String decrypt(String data) { + try{ + String key_algorithm = ConfigConstants.getKeyAlgorithm(); + String cipher_algorithm = ConfigConstants.getCipherAlgorithm(); + String encryptionProvider = ConfigConstants.getEncryptionProvider(); + + String encryptStr=""; + if(!data.isEmpty()){ + //if(StringHelper.isNotEmpty(data)){ + encryptStr=data.replace(" ","+"); + } + String key=ConfigConstants.getAesKey(); + byte[] sourceBytes = Base64.decodeBase64(encryptStr); + byte[] keyBytes = key.getBytes(ENCODING); + Cipher cipher = Cipher.getInstance(cipher_algorithm, encryptionProvider); + IvParameterSpec iv = new IvParameterSpec(ConfigConstants.getAesIv().getBytes(ENCODING)); + cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(keyBytes, key_algorithm), iv); + byte[] decoded = cipher.doFinal(sourceBytes); + return new String(decoded, ENCODING); + }catch (Exception e){ + logger.info("------------------->请求加密参数不正确"); + logger.error(e.toString(),e); + } + return null; + } + +}