用户加解密
This commit is contained in:
parent
1c935c5395
commit
228e983cc5
|
|
@ -0,0 +1,136 @@
|
|||
package com.bonus.sgzb.system.config;
|
||||
|
||||
/**
|
||||
* @Author ma_sh
|
||||
* @create 2024/5/24 19:08
|
||||
*/
|
||||
|
||||
import javax.crypto.Cipher;
|
||||
import java.security.KeyFactory;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.PublicKey;
|
||||
import java.security.spec.PKCS8EncodedKeySpec;
|
||||
import java.security.spec.X509EncodedKeySpec;
|
||||
import java.util.Base64;
|
||||
|
||||
public class RsaUtil {
|
||||
|
||||
//签名算法名称
|
||||
private static final String RSA_KEY_ALGORITHM = "RSA";
|
||||
|
||||
//RSA密钥长度,默认密钥长度是1024,密钥长度必须是64的倍数,在512到65536位之间,不管是RSA还是RSA2长度推荐使用2048
|
||||
private static final int KEY_SIZE = 2048;
|
||||
|
||||
/**
|
||||
* 公钥加密(用于数据加密)
|
||||
*
|
||||
* @param data 加密前的字符串
|
||||
* @param publicKeyStr base64编码后的公钥
|
||||
* @return base64编码后的字符串
|
||||
* @throws Exception
|
||||
*/
|
||||
public static String encryptByPublicKey(String data, String publicKeyStr) throws Exception {
|
||||
//Java原生base64解码
|
||||
byte[] pubKey = Base64.getDecoder().decode(publicKeyStr);
|
||||
//创建X509编码密钥规范
|
||||
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(pubKey);
|
||||
//返回转换指定算法的KeyFactory对象
|
||||
KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM);
|
||||
//根据X509编码密钥规范产生公钥对象
|
||||
PublicKey publicKey = keyFactory.generatePublic(x509KeySpec);
|
||||
//根据转换的名称获取密码对象Cipher(转换的名称:算法/工作模式/填充模式)
|
||||
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
|
||||
//用公钥初始化此Cipher对象(加密模式)
|
||||
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
|
||||
//对数据加密
|
||||
byte[] encrypt = cipher.doFinal(data.getBytes());
|
||||
//返回base64编码后的字符串
|
||||
return Base64.getEncoder().encodeToString(encrypt);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* 私钥解密(用于数据解密)
|
||||
*
|
||||
* @param data 解密前的字符串
|
||||
* @param privateKeyStr 私钥
|
||||
* @return 解密后的字符串
|
||||
* @throws Exception
|
||||
*/
|
||||
public static String decryptByPrivateKey(String data, String privateKeyStr) throws Exception {
|
||||
//Java原生base64解码
|
||||
byte[] priKey = Base64.getDecoder().decode(privateKeyStr);
|
||||
//创建PKCS8编码密钥规范
|
||||
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(priKey);
|
||||
//返回转换指定算法的KeyFactory对象
|
||||
KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM);
|
||||
//根据PKCS8编码密钥规范产生私钥对象
|
||||
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
|
||||
//根据转换的名称获取密码对象Cipher(转换的名称:算法/工作模式/填充模式)
|
||||
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
|
||||
//用私钥初始化此Cipher对象(解密模式)
|
||||
cipher.init(Cipher.DECRYPT_MODE, privateKey);
|
||||
//对数据解密
|
||||
byte[] decrypt = cipher.doFinal(Base64.getDecoder().decode(data));
|
||||
//返回字符串
|
||||
return new String(decrypt);
|
||||
}
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* 私钥加密(用于数据签名)
|
||||
*
|
||||
* @param data 加密前的字符串
|
||||
* @param privateKeyStr base64编码后的私钥
|
||||
* @return base64编码后后的字符串
|
||||
* @throws Exception
|
||||
*/
|
||||
public static String encryptByPrivateKey(String data, String privateKeyStr) throws Exception {
|
||||
//Java原生base64解码
|
||||
byte[] priKey = Base64.getDecoder().decode(privateKeyStr);
|
||||
//创建PKCS8编码密钥规范
|
||||
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(priKey);
|
||||
//返回转换指定算法的KeyFactory对象
|
||||
KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM);
|
||||
//根据PKCS8编码密钥规范产生私钥对象
|
||||
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
|
||||
//根据转换的名称获取密码对象Cipher(转换的名称:算法/工作模式/填充模式)
|
||||
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
|
||||
//用私钥初始化此Cipher对象(加密模式)
|
||||
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
|
||||
//对数据加密
|
||||
byte[] encrypt = cipher.doFinal(data.getBytes());
|
||||
//返回base64编码后的字符串
|
||||
return Base64.getEncoder().encodeToString(encrypt);
|
||||
}
|
||||
|
||||
/**
|
||||
* 公钥解密(用于数据验签)
|
||||
*
|
||||
* @param data 解密前的字符串
|
||||
* @param publicKeyStr base64编码后的公钥
|
||||
* @return 解密后的字符串
|
||||
* @throws Exception
|
||||
*/
|
||||
public static String decryptByPublicKey(String data, String publicKeyStr) throws Exception {
|
||||
//Java原生base64解码
|
||||
byte[] pubKey = Base64.getDecoder().decode(publicKeyStr);
|
||||
//创建X509编码密钥规范
|
||||
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(pubKey);
|
||||
//返回转换指定算法的KeyFactory对象
|
||||
KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM);
|
||||
//根据X509编码密钥规范产生公钥对象
|
||||
PublicKey publicKey = keyFactory.generatePublic(x509KeySpec);
|
||||
//根据转换的名称获取密码对象Cipher(转换的名称:算法/工作模式/填充模式)
|
||||
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
|
||||
//用公钥初始化此Cipher对象(解密模式)
|
||||
cipher.init(Cipher.DECRYPT_MODE, publicKey);
|
||||
//对数据解密
|
||||
byte[] decrypt = cipher.doFinal(Base64.getDecoder().decode(data));
|
||||
//返回字符串
|
||||
return new String(decrypt);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
|
@ -8,6 +8,7 @@ import javax.crypto.spec.SecretKeySpec;
|
|||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import com.bonus.sgzb.common.core.utils.StringUtils;
|
||||
import com.bonus.sgzb.system.config.RsaUtil;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.validation.annotation.Validated;
|
||||
import org.springframework.web.bind.annotation.DeleteMapping;
|
||||
|
|
@ -38,6 +39,7 @@ import com.bonus.sgzb.system.service.ISysConfigService;
|
|||
@RequestMapping("/config")
|
||||
public class SysConfigController extends BaseController
|
||||
{
|
||||
private final String publicKey = "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKoR8mX0rGKLqzcWmOzbfj64K8ZIgOdHnzkXSOVOZbFu/TJhZ7rFAN+eaGkl3C4buccQd/EjEsj9ir7ijT7h96MCAwEAAQ==";
|
||||
private final String CONFIG_KEY = "sys.user.initPassword";
|
||||
@Autowired
|
||||
private ISysConfigService configService;
|
||||
|
|
@ -52,15 +54,7 @@ public class SysConfigController extends BaseController
|
|||
List<SysConfig> list = configService.selectConfigList(config);
|
||||
for (SysConfig sysConfig : list) {
|
||||
if (CONFIG_KEY.equals(sysConfig.getConfigKey()) && StringUtils.isNotBlank(sysConfig.getConfigValue())) {
|
||||
// 定义密钥
|
||||
String key = "CCNWrpassWordKey";
|
||||
SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES");
|
||||
// 使用ECB模式简化示例,实际推荐CBC
|
||||
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
|
||||
cipher.init(Cipher.ENCRYPT_MODE, keySpec);
|
||||
String data = sysConfig.getConfigValue();
|
||||
byte[] encryptedBytes = cipher.doFinal(data.getBytes(StandardCharsets.UTF_8));
|
||||
String configValue = Base64.getEncoder().encodeToString(encryptedBytes);
|
||||
String configValue = RsaUtil.encryptByPublicKey(sysConfig.getConfigValue(), publicKey);
|
||||
sysConfig.setConfigValue(configValue);
|
||||
}
|
||||
}
|
||||
|
|
@ -94,14 +88,7 @@ public class SysConfigController extends BaseController
|
|||
{
|
||||
String configByKey = configService.selectConfigByKey(configKey);
|
||||
if (CONFIG_KEY.equals(configKey) && StringUtils.isNotBlank(configByKey)) {
|
||||
// 定义密钥
|
||||
String key = "CCNWrpassWordKey";
|
||||
SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES");
|
||||
// 使用ECB模式简化示例,实际推荐CBC
|
||||
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
|
||||
cipher.init(Cipher.ENCRYPT_MODE, keySpec);
|
||||
byte[] encryptedBytes = cipher.doFinal(configByKey.getBytes(StandardCharsets.UTF_8));
|
||||
String configValue = Base64.getEncoder().encodeToString(encryptedBytes);
|
||||
String configValue = RsaUtil.encryptByPublicKey(configByKey, publicKey);
|
||||
return AjaxResult.success(configValue);
|
||||
}
|
||||
return AjaxResult.success(configByKey);
|
||||
|
|
|
|||
Loading…
Reference in New Issue