From 4db960c1d65f82fc5fba54745e6578ae6bc5aa07 Mon Sep 17 00:00:00 2001 From: mashuai Date: Sat, 25 May 2024 16:28:54 +0800 Subject: [PATCH] =?UTF-8?q?=E7=9B=98=E7=82=B9=E5=85=A5=E5=BA=93,=E7=94=A8?= =?UTF-8?q?=E6=88=B7=E5=8A=A0=E8=A7=A3=E5=AF=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../sgzb/auth/controller/TokenController.java | 25 +--- .../com/bonus/sgzb/auth/utils/RsaUtil.java | 133 ++++++++++++++++++ .../sgzb/material/domain/MachIneDto.java | 26 +++- .../sgzb/material/domain/SavePutInfoDto.java | 8 +- .../InventoryAndWarehousingServiceImpl.java | 101 +++++++++---- .../com/bonus/sgzb/system/config/RsaUtil.java | 133 ++++++++++++++++++ .../controller/SysConfigController.java | 25 +++- 7 files changed, 393 insertions(+), 58 deletions(-) create mode 100644 sgzb-auth/src/main/java/com/bonus/sgzb/auth/utils/RsaUtil.java create mode 100644 sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/config/RsaUtil.java diff --git a/sgzb-auth/src/main/java/com/bonus/sgzb/auth/controller/TokenController.java b/sgzb-auth/src/main/java/com/bonus/sgzb/auth/controller/TokenController.java index 67de76b8..f9f9f5ca 100644 --- a/sgzb-auth/src/main/java/com/bonus/sgzb/auth/controller/TokenController.java +++ b/sgzb-auth/src/main/java/com/bonus/sgzb/auth/controller/TokenController.java @@ -1,14 +1,12 @@ package com.bonus.sgzb.auth.controller; import javax.annotation.Resource; -import javax.crypto.Cipher; -import javax.crypto.spec.IvParameterSpec; -import javax.crypto.spec.SecretKeySpec; import javax.servlet.http.HttpServletRequest; import com.bonus.sgzb.auth.form.*; import com.bonus.sgzb.auth.service.NwRegisterService; import com.bonus.sgzb.auth.service.NwUserLoginService; +import com.bonus.sgzb.auth.utils.RsaUtil; import com.bonus.sgzb.common.core.constant.CacheConstants; import com.bonus.sgzb.common.core.web.domain.AjaxResult; import com.bonus.sgzb.common.redis.service.RedisService; @@ -26,8 +24,6 @@ import com.bonus.sgzb.common.security.service.TokenService; import com.bonus.sgzb.common.security.utils.SecurityUtils; import com.bonus.sgzb.system.api.model.LoginUser; -import java.nio.charset.StandardCharsets; -import java.util.Base64; import java.util.Map; /** @@ -38,6 +34,9 @@ import java.util.Map; @RestController @Slf4j public class TokenController { + + private final String privateKey = "MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAqhHyZfSsYourNxaY7Nt+PrgrxkiA50efORdI5U5lsW79MmFnusUA355oaSXcLhu5xxB38SMSyP2KvuKNPuH3owIDAQABAkAfoiLyL+Z4lf4Myxk6xUDgLaWGximj20CUf+5BKKnlrK+Ed8gAkM0HqoTt2UZwA5E2MzS4EI2gjfQhz5X28uqxAiEA3wNFxfrCZlSZHb0gn2zDpWowcSxQAgiCstxGUoOqlW8CIQDDOerGKH5OmCJ4Z21v+F25WaHYPxCFMvwxpcw99EcvDQIgIdhDTIqD2jfYjPTY8Jj3EDGPbH2HHuffvflECt3Ek60CIQCFRlCkHpi7hthhYhovyloRYsM+IS9h/0BzlEAuO0ktMQIgSPT3aFAgJYwKpqRYKlLDVcflZFCKY7u3UP8iWi1Qw0Y="; + @Autowired private TokenService tokenService; @@ -59,21 +58,7 @@ public class TokenController { //web端登录 @PostMapping("login") public R login(@RequestBody LoginBody form) throws Exception { - // 定义密钥 - String key = "CCCQrpassWordKey"; - byte[] encryptedBytes = Base64.getDecoder().decode(form.getPassword()); - byte[] iv = new byte[16]; - System.arraycopy(encryptedBytes, 0, iv, 0, iv.length); - - byte[] cipherText = new byte[encryptedBytes.length - iv.length]; - System.arraycopy(encryptedBytes, iv.length, cipherText, 0, cipherText.length); - - SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES"); - Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); - cipher.init(Cipher.DECRYPT_MODE, keySpec, new IvParameterSpec(iv)); - - byte[] decryptedBytes = cipher.doFinal(cipherText); - String decryptedData = new String(decryptedBytes, StandardCharsets.UTF_8); + String decryptedData = RsaUtil.decryptByPrivateKey(form.getPassword(), privateKey); // 用户登录 LoginUser userInfo = sysLoginService.login(form.getUsername(), decryptedData); String uuid = form.getUuid(); diff --git a/sgzb-auth/src/main/java/com/bonus/sgzb/auth/utils/RsaUtil.java b/sgzb-auth/src/main/java/com/bonus/sgzb/auth/utils/RsaUtil.java new file mode 100644 index 00000000..d74ee307 --- /dev/null +++ b/sgzb-auth/src/main/java/com/bonus/sgzb/auth/utils/RsaUtil.java @@ -0,0 +1,133 @@ +package com.bonus.sgzb.auth.utils; + +import javax.crypto.Cipher; +import java.security.KeyFactory; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.spec.PKCS8EncodedKeySpec; +import java.security.spec.X509EncodedKeySpec; +import java.util.Base64; + +/** + * @Author ma_sh + * @create 2024/5/25 16:07 + */ +public class RsaUtil { + //签名算法名称 + private static final String RSA_KEY_ALGORITHM = "RSA"; + + //RSA密钥长度,默认密钥长度是1024,密钥长度必须是64的倍数,在512到65536位之间,不管是RSA还是RSA2长度推荐使用2048 + private static final int KEY_SIZE = 2048; + + /** + * 公钥加密(用于数据加密) + * + * @param data 加密前的字符串 + * @param publicKeyStr base64编码后的公钥 + * @return base64编码后的字符串 + * @throws Exception + */ + public static String encryptByPublicKey(String data, String publicKeyStr) throws Exception { + //Java原生base64解码 + byte[] pubKey = Base64.getDecoder().decode(publicKeyStr); + //创建X509编码密钥规范 + X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(pubKey); + //返回转换指定算法的KeyFactory对象 + KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM); + //根据X509编码密钥规范产生公钥对象 + PublicKey publicKey = keyFactory.generatePublic(x509KeySpec); + //根据转换的名称获取密码对象Cipher(转换的名称:算法/工作模式/填充模式) + Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); + //用公钥初始化此Cipher对象(加密模式) + cipher.init(Cipher.ENCRYPT_MODE, publicKey); + //对数据加密 + byte[] encrypt = cipher.doFinal(data.getBytes()); + //返回base64编码后的字符串 + return Base64.getEncoder().encodeToString(encrypt); + } + + + /** + * 私钥解密(用于数据解密) + * + * @param data 解密前的字符串 + * @param privateKeyStr 私钥 + * @return 解密后的字符串 + * @throws Exception + */ + public static String decryptByPrivateKey(String data, String privateKeyStr) throws Exception { + //Java原生base64解码 + byte[] priKey = Base64.getDecoder().decode(privateKeyStr); + //创建PKCS8编码密钥规范 + PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(priKey); + //返回转换指定算法的KeyFactory对象 + KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM); + //根据PKCS8编码密钥规范产生私钥对象 + PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec); + //根据转换的名称获取密码对象Cipher(转换的名称:算法/工作模式/填充模式) + Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); + //用私钥初始化此Cipher对象(解密模式) + cipher.init(Cipher.DECRYPT_MODE, privateKey); + //对数据解密 + byte[] decrypt = cipher.doFinal(Base64.getDecoder().decode(data)); + //返回字符串 + return new String(decrypt); + } + + + + /** + * 私钥加密(用于数据签名) + * + * @param data 加密前的字符串 + * @param privateKeyStr base64编码后的私钥 + * @return base64编码后后的字符串 + * @throws Exception + */ + public static String encryptByPrivateKey(String data, String privateKeyStr) throws Exception { + //Java原生base64解码 + byte[] priKey = Base64.getDecoder().decode(privateKeyStr); + //创建PKCS8编码密钥规范 + PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(priKey); + //返回转换指定算法的KeyFactory对象 + KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM); + //根据PKCS8编码密钥规范产生私钥对象 + PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec); + //根据转换的名称获取密码对象Cipher(转换的名称:算法/工作模式/填充模式) + Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); + //用私钥初始化此Cipher对象(加密模式) + cipher.init(Cipher.ENCRYPT_MODE, privateKey); + //对数据加密 + byte[] encrypt = cipher.doFinal(data.getBytes()); + //返回base64编码后的字符串 + return Base64.getEncoder().encodeToString(encrypt); + } + + /** + * 公钥解密(用于数据验签) + * + * @param data 解密前的字符串 + * @param publicKeyStr base64编码后的公钥 + * @return 解密后的字符串 + * @throws Exception + */ + public static String decryptByPublicKey(String data, String publicKeyStr) throws Exception { + //Java原生base64解码 + byte[] pubKey = Base64.getDecoder().decode(publicKeyStr); + //创建X509编码密钥规范 + X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(pubKey); + //返回转换指定算法的KeyFactory对象 + KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM); + //根据X509编码密钥规范产生公钥对象 + PublicKey publicKey = keyFactory.generatePublic(x509KeySpec); + //根据转换的名称获取密码对象Cipher(转换的名称:算法/工作模式/填充模式) + Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); + //用公钥初始化此Cipher对象(解密模式) + cipher.init(Cipher.DECRYPT_MODE, publicKey); + //对数据解密 + byte[] decrypt = cipher.doFinal(Base64.getDecoder().decode(data)); + //返回字符串 + return new String(decrypt); + } + +} diff --git a/sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/material/domain/MachIneDto.java b/sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/material/domain/MachIneDto.java index 2ab9cc25..366d1962 100644 --- a/sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/material/domain/MachIneDto.java +++ b/sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/material/domain/MachIneDto.java @@ -35,6 +35,12 @@ public class MachIneDto { @ApiModelProperty(value = "机具ID") private Long maId; + /** + * 主键id + */ + @ApiModelProperty(value = "主键id") + private Integer infoId; + /** 设备编号 */ @ApiModelProperty(value = "设备编号") private String maCode; @@ -79,7 +85,7 @@ public class MachIneDto { * 创建者 */ @ApiModelProperty(value = "创建者") - private String creator; + private Long creator; /** * 入库形式 @@ -93,6 +99,18 @@ public class MachIneDto { @ApiModelProperty(value = "备注") private String remarks; + /** + * 单位名称 + */ + @ApiModelProperty(value = "单位名称") + private String unitId; + + /** + * 工程名称 + */ + @ApiModelProperty(value = "工程名称") + private String proId; + /** * 表单备注 */ @@ -105,6 +123,12 @@ public class MachIneDto { @ApiModelProperty(value = "数量") private Double num; + /** + * 数量 + */ + @ApiModelProperty(value = "数量") + private Double totalNum; + /** * 检验人 */ diff --git a/sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/material/domain/SavePutInfoDto.java b/sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/material/domain/SavePutInfoDto.java index cd46450d..9f00f575 100644 --- a/sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/material/domain/SavePutInfoDto.java +++ b/sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/material/domain/SavePutInfoDto.java @@ -86,6 +86,12 @@ public class SavePutInfoDto extends BaseEntity { @ApiModelProperty(value = "单位名称") private String unitId; + /** + * 工程名称 + */ + @ApiModelProperty(value = "工程名称") + private String proId; + /** * 工程名称 */ @@ -96,7 +102,7 @@ public class SavePutInfoDto extends BaseEntity { * 创建者 */ @ApiModelProperty(value = "创建者") - private String creator; + private Long creator; /** * 创建时间 diff --git a/sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/material/service/impl/InventoryAndWarehousingServiceImpl.java b/sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/material/service/impl/InventoryAndWarehousingServiceImpl.java index 28da051c..31af5cac 100644 --- a/sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/material/service/impl/InventoryAndWarehousingServiceImpl.java +++ b/sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/material/service/impl/InventoryAndWarehousingServiceImpl.java @@ -1,5 +1,6 @@ package com.bonus.sgzb.material.service.impl; +import com.bonus.sgzb.common.core.utils.DateUtils; import com.bonus.sgzb.common.core.web.domain.AjaxResult; import com.bonus.sgzb.common.security.utils.SecurityUtils; import com.bonus.sgzb.material.config.ExceptionEnum; @@ -9,13 +10,17 @@ import com.bonus.sgzb.material.domain.SavePutInfoDto; import com.bonus.sgzb.material.mapper.InventoryAndWarehousingMapper; import com.bonus.sgzb.material.service.InventoryAndWarehousingService; import com.bonus.sgzb.material.config.FieldGenerator; +import com.bonus.sgzb.material.vo.GlobalContants; import lombok.extern.slf4j.Slf4j; +import org.apache.commons.collections4.CollectionUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.interceptor.TransactionAspectSupport; +import java.text.SimpleDateFormat; import java.util.*; +import java.util.stream.Collectors; /** * @author hay @@ -39,6 +44,26 @@ public class InventoryAndWarehousingServiceImpl implements InventoryAndWarehousi return inventoryAndWarehousingMapper.getList(bean); } + /** + * 生成code编码 + * @return + */ + public String genderBackCode() { + SimpleDateFormat dateFormat = new SimpleDateFormat("yyyyMMdd"); + Date nowDate = DateUtils.getNowDate(); + String format = dateFormat.format(nowDate); + int taskNum = inventoryAndWarehousingMapper.selectTaskNumByMonth(nowDate) + 1; + String code = ""; + if (taskNum > GlobalContants.NUM1 && taskNum < GlobalContants.NUM2) { + code = "PD" + format + "-00" + taskNum; + } else if (taskNum > GlobalContants.NUM3 && taskNum < GlobalContants.NUM4) { + code = "PD" + format + "-0" + taskNum; + } else { + code = "PD" + format + "-000" + taskNum; + } + return code; + } + /** * 新增入库盘点 * @param dto @@ -49,23 +74,14 @@ public class InventoryAndWarehousingServiceImpl implements InventoryAndWarehousi public AjaxResult savePutInfo(SavePutInfoDto dto) { log.info("新增入库盘点入参dto:{}", dto); Long userId = SecurityUtils.getLoginUser().getUserid(); - dto.setCreator(userId.toString()); - List codeList = new ArrayList<>(); - if (dto.getNum() != null) { - while (codeList.size() < dto.getNum()) { - String code = FieldGenerator.generateField(); - int count = selectByCode(code); - if (count == 0 && !codeList.contains(code)) { - codeList.add(code); - } - } - } + dto.setCreator(userId); + String code = genderBackCode(); int res; try { //1. 判断是数量还是编号入库,保存到不同表 //1.1 如果是编号入库 if (dto.getIsCode()) { - res = insertMaMachineInfo(dto, codeList); + res = insertMaMachineInfo(dto, code); if (res == 0) { log.error("insertMaMachineInfo方法插入异常"); throw new RuntimeException("insertMaMachineInfo方法插入异常"); @@ -78,7 +94,7 @@ public class InventoryAndWarehousingServiceImpl implements InventoryAndWarehousi } } else { //2.插入ma_type_put_in_storage_info表和ma_type_put_in_storage_details表 - res = insertPutInfo(dto); + res = insertPutInfo(dto, code); if (res == 0) { log.error("insertPutInfo方法插入异常"); throw new RuntimeException("insertPutInfo方法插入异常"); @@ -94,25 +110,25 @@ public class InventoryAndWarehousingServiceImpl implements InventoryAndWarehousi } /** - * 根据code从ma_machine表查询是否有数据,去重 + * 编号新增,插入ma_machine、ma_machine_label和ma_label_bind + * @param dto * @param code * @return */ - private int selectByCode(String code) { - return inventoryAndWarehousingMapper.selectByCode(code); - } - - /** - * 编号新增,插入ma_machine、ma_machine_label和ma_label_bind - * @param dto - * @param codeList - * @return - */ - private int insertMaMachineInfo(SavePutInfoDto dto, List codeList) { + private int insertMaMachineInfo(SavePutInfoDto dto, String code) { int res = 0; + if (dto.getNum() != null) { + MachIneDto machIneDto = dto.getMachIneDtoList().get(0); + machIneDto.setCode(code); + machIneDto.setPutInType(dto.getPutInType()); + machIneDto.setCreator(dto.getCreator()); + machIneDto.setNum(dto.getNum()); + machIneDto.setIsCode(dto.getIsCode()); + res += insertInfo(machIneDto); + machIneDto.setInfoId(machIneDto.getId()); + } for (int i = 0; i < dto.getMachIneDtoList().size(); i++) { MachIneDto machIneDto = dto.getMachIneDtoList().get(i); - String code = codeList.get(i); machIneDto.setCode(code); machIneDto.setIsCode(dto.getIsCode()); machIneDto.setTypeId(dto.getTypeId()); @@ -121,11 +137,19 @@ public class InventoryAndWarehousingServiceImpl implements InventoryAndWarehousi machIneDto.setPutInType(dto.getPutInType()); machIneDto.setNum(dto.getNum()); machIneDto.setCheckMan(dto.getCheckMan()); + machIneDto.setUnitId(dto.getUnitId()); + machIneDto.setProId(dto.getProId()); + machIneDto.setInfoId(dto.getMachIneDtoList().get(0).getInfoId()); res += insertMachineInfo(machIneDto); } return res; } + //插入ma_type_put_in_storage_info表,返回主键id + private int insertInfo(MachIneDto machIneDto) { + return inventoryAndWarehousingMapper.saveInfo(machIneDto); + } + /** * 方法抽取,保持到ma_machine、ma_machine_label和ma_label_bind * @param machIneDto @@ -145,11 +169,8 @@ public class InventoryAndWarehousingServiceImpl implements InventoryAndWarehousi * @return */ private int insertTypePutInStorageInfo(MachIneDto machIneDto) { - //插入ma_type_put_in_storage_info表,返回主键id - int res = inventoryAndWarehousingMapper.saveInfo(machIneDto); //ma_type_put_in_storage_details表 - res += inventoryAndWarehousingMapper.saveDetails(machIneDto); - return res; + return inventoryAndWarehousingMapper.saveDetails(machIneDto); } @@ -169,13 +190,31 @@ public class InventoryAndWarehousingServiceImpl implements InventoryAndWarehousi * @param dto * @return */ - private int insertPutInfo(SavePutInfoDto dto) { + private int insertPutInfo(SavePutInfoDto dto, String code) { int res = 0; + Double total = dto.getMachIneDtoList().stream() + .map(MachIneDto::getPutInStoreNum) + .filter(num -> num != null) + .collect(Collectors.summingDouble(Double::doubleValue)); + if (CollectionUtils.isNotEmpty(dto.getMachIneDtoList())) { + MachIneDto machIneDto = dto.getMachIneDtoList().get(0); + machIneDto.setCode(code); + machIneDto.setPutInType(dto.getPutInType()); + machIneDto.setCreator(dto.getCreator()); + machIneDto.setIsCode(dto.getIsCode()); + machIneDto.setTotalNum(total); + res += insertInfo(machIneDto); + machIneDto.setInfoId(machIneDto.getId()); + } for (int i = 0; i < dto.getMachIneDtoList().size(); i++) { MachIneDto machIneDto = dto.getMachIneDtoList().get(i); machIneDto.setCreator(dto.getCreator()); machIneDto.setPutInType(dto.getPutInType()); machIneDto.setRemarks(dto.getRemarks()); + machIneDto.setUnitId(dto.getUnitId()); + machIneDto.setProId(dto.getProId()); + machIneDto.setCode(code); + machIneDto.setInfoId(dto.getMachIneDtoList().get(0).getInfoId()); res += insertTypePutInStorageInfo(machIneDto); //根据类型追加ma_type表里面的num res += updateMaTypeInfo(machIneDto.getTypeId(), machIneDto.getPutInStoreNum()); diff --git a/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/config/RsaUtil.java b/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/config/RsaUtil.java new file mode 100644 index 00000000..f3c3e05a --- /dev/null +++ b/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/config/RsaUtil.java @@ -0,0 +1,133 @@ +package com.bonus.sgzb.system.config; + +import javax.crypto.Cipher; +import java.security.KeyFactory; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.spec.PKCS8EncodedKeySpec; +import java.security.spec.X509EncodedKeySpec; +import java.util.Base64; + +/** + * @Author ma_sh + * @create 2024/5/25 16:07 + */ +public class RsaUtil { + //签名算法名称 + private static final String RSA_KEY_ALGORITHM = "RSA"; + + //RSA密钥长度,默认密钥长度是1024,密钥长度必须是64的倍数,在512到65536位之间,不管是RSA还是RSA2长度推荐使用2048 + private static final int KEY_SIZE = 2048; + + /** + * 公钥加密(用于数据加密) + * + * @param data 加密前的字符串 + * @param publicKeyStr base64编码后的公钥 + * @return base64编码后的字符串 + * @throws Exception + */ + public static String encryptByPublicKey(String data, String publicKeyStr) throws Exception { + //Java原生base64解码 + byte[] pubKey = Base64.getDecoder().decode(publicKeyStr); + //创建X509编码密钥规范 + X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(pubKey); + //返回转换指定算法的KeyFactory对象 + KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM); + //根据X509编码密钥规范产生公钥对象 + PublicKey publicKey = keyFactory.generatePublic(x509KeySpec); + //根据转换的名称获取密码对象Cipher(转换的名称:算法/工作模式/填充模式) + Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); + //用公钥初始化此Cipher对象(加密模式) + cipher.init(Cipher.ENCRYPT_MODE, publicKey); + //对数据加密 + byte[] encrypt = cipher.doFinal(data.getBytes()); + //返回base64编码后的字符串 + return Base64.getEncoder().encodeToString(encrypt); + } + + + /** + * 私钥解密(用于数据解密) + * + * @param data 解密前的字符串 + * @param privateKeyStr 私钥 + * @return 解密后的字符串 + * @throws Exception + */ + public static String decryptByPrivateKey(String data, String privateKeyStr) throws Exception { + //Java原生base64解码 + byte[] priKey = Base64.getDecoder().decode(privateKeyStr); + //创建PKCS8编码密钥规范 + PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(priKey); + //返回转换指定算法的KeyFactory对象 + KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM); + //根据PKCS8编码密钥规范产生私钥对象 + PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec); + //根据转换的名称获取密码对象Cipher(转换的名称:算法/工作模式/填充模式) + Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); + //用私钥初始化此Cipher对象(解密模式) + cipher.init(Cipher.DECRYPT_MODE, privateKey); + //对数据解密 + byte[] decrypt = cipher.doFinal(Base64.getDecoder().decode(data)); + //返回字符串 + return new String(decrypt); + } + + + + /** + * 私钥加密(用于数据签名) + * + * @param data 加密前的字符串 + * @param privateKeyStr base64编码后的私钥 + * @return base64编码后后的字符串 + * @throws Exception + */ + public static String encryptByPrivateKey(String data, String privateKeyStr) throws Exception { + //Java原生base64解码 + byte[] priKey = Base64.getDecoder().decode(privateKeyStr); + //创建PKCS8编码密钥规范 + PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(priKey); + //返回转换指定算法的KeyFactory对象 + KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM); + //根据PKCS8编码密钥规范产生私钥对象 + PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec); + //根据转换的名称获取密码对象Cipher(转换的名称:算法/工作模式/填充模式) + Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); + //用私钥初始化此Cipher对象(加密模式) + cipher.init(Cipher.ENCRYPT_MODE, privateKey); + //对数据加密 + byte[] encrypt = cipher.doFinal(data.getBytes()); + //返回base64编码后的字符串 + return Base64.getEncoder().encodeToString(encrypt); + } + + /** + * 公钥解密(用于数据验签) + * + * @param data 解密前的字符串 + * @param publicKeyStr base64编码后的公钥 + * @return 解密后的字符串 + * @throws Exception + */ + public static String decryptByPublicKey(String data, String publicKeyStr) throws Exception { + //Java原生base64解码 + byte[] pubKey = Base64.getDecoder().decode(publicKeyStr); + //创建X509编码密钥规范 + X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(pubKey); + //返回转换指定算法的KeyFactory对象 + KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM); + //根据X509编码密钥规范产生公钥对象 + PublicKey publicKey = keyFactory.generatePublic(x509KeySpec); + //根据转换的名称获取密码对象Cipher(转换的名称:算法/工作模式/填充模式) + Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); + //用公钥初始化此Cipher对象(解密模式) + cipher.init(Cipher.DECRYPT_MODE, publicKey); + //对数据解密 + byte[] decrypt = cipher.doFinal(Base64.getDecoder().decode(data)); + //返回字符串 + return new String(decrypt); + } + +} diff --git a/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/SysConfigController.java b/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/SysConfigController.java index aa108d8b..356c4035 100644 --- a/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/SysConfigController.java +++ b/sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/SysConfigController.java @@ -2,6 +2,9 @@ package com.bonus.sgzb.system.controller; import java.util.List; import javax.servlet.http.HttpServletResponse; + +import com.bonus.sgzb.common.core.utils.StringUtils; +import com.bonus.sgzb.system.config.RsaUtil; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.DeleteMapping; @@ -32,6 +35,9 @@ import com.bonus.sgzb.system.service.ISysConfigService; @RequestMapping("/config") public class SysConfigController extends BaseController { + private final String publicKey = "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKoR8mX0rGKLqzcWmOzbfj64K8ZIgOdHnzkXSOVOZbFu/TJhZ7rFAN+eaGkl3C4buccQd/EjEsj9ir7ijT7h96MCAwEAAQ=="; + private final String CONFIG_KEY = "sys.user.initPassword"; + @Autowired private ISysConfigService configService; @@ -40,10 +46,15 @@ public class SysConfigController extends BaseController */ @RequiresPermissions("system:config:list") @GetMapping("/list") - public TableDataInfo list(SysConfig config) - { + public TableDataInfo list(SysConfig config) throws Exception { startPage(); List list = configService.selectConfigList(config); + for (SysConfig sysConfig : list) { + if (CONFIG_KEY.equals(sysConfig.getConfigKey()) && StringUtils.isNotBlank(sysConfig.getConfigValue())) { + String configValue = RsaUtil.encryptByPublicKey(sysConfig.getConfigValue(), publicKey); + sysConfig.setConfigValue(configValue); + } + } return getDataTable(list); } @@ -70,9 +81,13 @@ public class SysConfigController extends BaseController * 根据参数键名查询参数值 */ @GetMapping(value = "/configKey/{configKey}") - public AjaxResult getConfigKey(@PathVariable String configKey) - { - return success(configService.selectConfigByKey(configKey)); + public AjaxResult getConfigKey(@PathVariable String configKey) throws Exception { + String configByKey = configService.selectConfigByKey(configKey); + if (CONFIG_KEY.equals(configKey) && StringUtils.isNotBlank(configByKey)) { + String configValue = RsaUtil.encryptByPublicKey(configByKey, publicKey); + return AjaxResult.success(configValue); + } + return success(configByKey); } /**