盘点入库,用户加解密

sgzb-auth/src/main/java/com/bonus/sgzb/auth/controller/TokenController.java

@@ -1,14 +1,12 @@
 package com.bonus.sgzb.auth.controller;
 
 import javax.annotation.Resource;
-import javax.crypto.Cipher;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
 import javax.servlet.http.HttpServletRequest;
 
 import com.bonus.sgzb.auth.form.*;
 import com.bonus.sgzb.auth.service.NwRegisterService;
 import com.bonus.sgzb.auth.service.NwUserLoginService;
+import com.bonus.sgzb.auth.utils.RsaUtil;
 import com.bonus.sgzb.common.core.constant.CacheConstants;
 import com.bonus.sgzb.common.core.web.domain.AjaxResult;
 import com.bonus.sgzb.common.redis.service.RedisService;
@@ -26,8 +24,6 @@ import com.bonus.sgzb.common.security.service.TokenService;
 import com.bonus.sgzb.common.security.utils.SecurityUtils;
 import com.bonus.sgzb.system.api.model.LoginUser;
 
-import java.nio.charset.StandardCharsets;
-import java.util.Base64;
 import java.util.Map;
 
 /**
@@ -38,6 +34,9 @@ import java.util.Map;
 @RestController
 @Slf4j
 public class TokenController {
+
+    private final String privateKey = "MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAqhHyZfSsYourNxaY7Nt+PrgrxkiA50efORdI5U5lsW79MmFnusUA355oaSXcLhu5xxB38SMSyP2KvuKNPuH3owIDAQABAkAfoiLyL+Z4lf4Myxk6xUDgLaWGximj20CUf+5BKKnlrK+Ed8gAkM0HqoTt2UZwA5E2MzS4EI2gjfQhz5X28uqxAiEA3wNFxfrCZlSZHb0gn2zDpWowcSxQAgiCstxGUoOqlW8CIQDDOerGKH5OmCJ4Z21v+F25WaHYPxCFMvwxpcw99EcvDQIgIdhDTIqD2jfYjPTY8Jj3EDGPbH2HHuffvflECt3Ek60CIQCFRlCkHpi7hthhYhovyloRYsM+IS9h/0BzlEAuO0ktMQIgSPT3aFAgJYwKpqRYKlLDVcflZFCKY7u3UP8iWi1Qw0Y=";
+
     @Autowired
     private TokenService tokenService;
 
@@ -59,21 +58,7 @@ public class TokenController {
     //web端登录
     @PostMapping("login")
     public R<?> login(@RequestBody LoginBody form) throws Exception {
-        // 定义密钥
+        String decryptedData = RsaUtil.decryptByPrivateKey(form.getPassword(), privateKey);
-        String key = "CCCQrpassWordKey";
-        byte[] encryptedBytes = Base64.getDecoder().decode(form.getPassword());
-        byte[] iv = new byte[16];
-        System.arraycopy(encryptedBytes, 0, iv, 0, iv.length);
-
-        byte[] cipherText = new byte[encryptedBytes.length - iv.length];
-        System.arraycopy(encryptedBytes, iv.length, cipherText, 0, cipherText.length);
-
-        SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES");
-        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
-        cipher.init(Cipher.DECRYPT_MODE, keySpec, new IvParameterSpec(iv));
-
-        byte[] decryptedBytes = cipher.doFinal(cipherText);
-        String decryptedData = new String(decryptedBytes, StandardCharsets.UTF_8);
         // 用户登录
         LoginUser userInfo = sysLoginService.login(form.getUsername(), decryptedData);
         String uuid = form.getUuid();

sgzb-auth/src/main/java/com/bonus/sgzb/auth/utils/RsaUtil.java

@@ -0,0 +1,133 @@
+package com.bonus.sgzb.auth.utils;
+
+import javax.crypto.Cipher;
+import java.security.KeyFactory;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+import java.util.Base64;
+
+/**
+ * @Author ma_sh
+ * @create 2024/5/25 16:07
+ */
+public class RsaUtil {
+    //签名算法名称
+    private static final String RSA_KEY_ALGORITHM = "RSA";
+
+    //RSA密钥长度,默认密钥长度是1024,密钥长度必须是64的倍数，在512到65536位之间,不管是RSA还是RSA2长度推荐使用2048
+    private static final int KEY_SIZE = 2048;
+
+    /**
+     * 公钥加密(用于数据加密)
+     *
+     * @param data         加密前的字符串
+     * @param publicKeyStr base64编码后的公钥
+     * @return base64编码后的字符串
+     * @throws Exception
+     */
+    public static String encryptByPublicKey(String data, String publicKeyStr) throws Exception {
+        //Java原生base64解码
+        byte[] pubKey = Base64.getDecoder().decode(publicKeyStr);
+        //创建X509编码密钥规范
+        X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(pubKey);
+        //返回转换指定算法的KeyFactory对象
+        KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM);
+        //根据X509编码密钥规范产生公钥对象
+        PublicKey publicKey = keyFactory.generatePublic(x509KeySpec);
+        //根据转换的名称获取密码对象Cipher（转换的名称：算法/工作模式/填充模式）
+        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
+        //用公钥初始化此Cipher对象（加密模式）
+        cipher.init(Cipher.ENCRYPT_MODE, publicKey);
+        //对数据加密
+        byte[] encrypt = cipher.doFinal(data.getBytes());
+        //返回base64编码后的字符串
+        return Base64.getEncoder().encodeToString(encrypt);
+    }
+
+
+    /**
+     * 私钥解密(用于数据解密)
+     *
+     * @param data          解密前的字符串
+     * @param privateKeyStr 私钥
+     * @return 解密后的字符串
+     * @throws Exception
+     */
+    public static String decryptByPrivateKey(String data, String privateKeyStr) throws Exception {
+        //Java原生base64解码
+        byte[] priKey = Base64.getDecoder().decode(privateKeyStr);
+        //创建PKCS8编码密钥规范
+        PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(priKey);
+        //返回转换指定算法的KeyFactory对象
+        KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM);
+        //根据PKCS8编码密钥规范产生私钥对象
+        PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
+        //根据转换的名称获取密码对象Cipher（转换的名称：算法/工作模式/填充模式）
+        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
+        //用私钥初始化此Cipher对象（解密模式）
+        cipher.init(Cipher.DECRYPT_MODE, privateKey);
+        //对数据解密
+        byte[] decrypt = cipher.doFinal(Base64.getDecoder().decode(data));
+        //返回字符串
+        return new String(decrypt);
+    }
+
+
+
+    /**
+     * 私钥加密(用于数据签名)
+     *
+     * @param data          加密前的字符串
+     * @param privateKeyStr base64编码后的私钥
+     * @return base64编码后后的字符串
+     * @throws Exception
+     */
+    public static String encryptByPrivateKey(String data, String privateKeyStr) throws Exception {
+        //Java原生base64解码
+        byte[] priKey = Base64.getDecoder().decode(privateKeyStr);
+        //创建PKCS8编码密钥规范
+        PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(priKey);
+        //返回转换指定算法的KeyFactory对象
+        KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM);
+        //根据PKCS8编码密钥规范产生私钥对象
+        PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
+        //根据转换的名称获取密码对象Cipher（转换的名称：算法/工作模式/填充模式）
+        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
+        //用私钥初始化此Cipher对象（加密模式）
+        cipher.init(Cipher.ENCRYPT_MODE, privateKey);
+        //对数据加密
+        byte[] encrypt = cipher.doFinal(data.getBytes());
+        //返回base64编码后的字符串
+        return Base64.getEncoder().encodeToString(encrypt);
+    }
+
+    /**
+     * 公钥解密(用于数据验签)
+     *
+     * @param data         解密前的字符串
+     * @param publicKeyStr base64编码后的公钥
+     * @return 解密后的字符串
+     * @throws Exception
+     */
+    public static String decryptByPublicKey(String data, String publicKeyStr) throws Exception {
+        //Java原生base64解码
+        byte[] pubKey = Base64.getDecoder().decode(publicKeyStr);
+        //创建X509编码密钥规范
+        X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(pubKey);
+        //返回转换指定算法的KeyFactory对象
+        KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM);
+        //根据X509编码密钥规范产生公钥对象
+        PublicKey publicKey = keyFactory.generatePublic(x509KeySpec);
+        //根据转换的名称获取密码对象Cipher（转换的名称：算法/工作模式/填充模式）
+        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
+        //用公钥初始化此Cipher对象（解密模式）
+        cipher.init(Cipher.DECRYPT_MODE, publicKey);
+        //对数据解密
+        byte[] decrypt = cipher.doFinal(Base64.getDecoder().decode(data));
+        //返回字符串
+        return new String(decrypt);
+    }
+
+}

sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/material/domain/MachIneDto.java

@@ -35,6 +35,12 @@ public class MachIneDto {
     @ApiModelProperty(value = "机具ID")
     private Long maId;
 
+    /**
+     * 主键id
+     */
+    @ApiModelProperty(value = "主键id")
+    private Integer infoId;
+
     /** 设备编号 */
     @ApiModelProperty(value = "设备编号")
     private String maCode;
@@ -79,7 +85,7 @@ public class MachIneDto {
      * 创建者
      */
     @ApiModelProperty(value = "创建者")
-    private String creator;
+    private Long creator;
 
     /**
      * 入库形式
@@ -93,6 +99,18 @@ public class MachIneDto {
     @ApiModelProperty(value = "备注")
     private String remarks;
 
+    /**
+     * 单位名称
+     */
+    @ApiModelProperty(value = "单位名称")
+    private String unitId;
+
+    /**
+     * 工程名称
+     */
+    @ApiModelProperty(value = "工程名称")
+    private String proId;
+
     /**
      * 表单备注
      */
@@ -105,6 +123,12 @@ public class MachIneDto {
     @ApiModelProperty(value = "数量")
     private Double num;
 
+    /**
+     * 数量
+     */
+    @ApiModelProperty(value = "数量")
+    private Double totalNum;
+
     /**
      * 检验人
      */

sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/material/domain/SavePutInfoDto.java

@@ -86,6 +86,12 @@ public class SavePutInfoDto extends BaseEntity {
     @ApiModelProperty(value = "单位名称")
     private String unitId;
 
+    /**
+     * 工程名称
+     */
+    @ApiModelProperty(value = "工程名称")
+    private String proId;
+
     /**
      * 工程名称
      */
@@ -96,7 +102,7 @@ public class SavePutInfoDto extends BaseEntity {
      * 创建者
      */
     @ApiModelProperty(value = "创建者")
-    private String creator;
+    private Long creator;
 
     /**
      * 创建时间

sgzb-modules/sgzb-material/src/main/java/com/bonus/sgzb/material/service/impl/InventoryAndWarehousingServiceImpl.java

@@ -1,5 +1,6 @@
 package com.bonus.sgzb.material.service.impl;
 
+import com.bonus.sgzb.common.core.utils.DateUtils;
 import com.bonus.sgzb.common.core.web.domain.AjaxResult;
 import com.bonus.sgzb.common.security.utils.SecurityUtils;
 import com.bonus.sgzb.material.config.ExceptionEnum;
@@ -9,13 +10,17 @@ import com.bonus.sgzb.material.domain.SavePutInfoDto;
 import com.bonus.sgzb.material.mapper.InventoryAndWarehousingMapper;
 import com.bonus.sgzb.material.service.InventoryAndWarehousingService;
 import com.bonus.sgzb.material.config.FieldGenerator;
+import com.bonus.sgzb.material.vo.GlobalContants;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.collections4.CollectionUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.transaction.interceptor.TransactionAspectSupport;
 
+import java.text.SimpleDateFormat;
 import java.util.*;
+import java.util.stream.Collectors;
 
 /**
  * @author hay
@@ -39,6 +44,26 @@ public class InventoryAndWarehousingServiceImpl implements InventoryAndWarehousi
         return inventoryAndWarehousingMapper.getList(bean);
     }
 
+    /**
+     * 生成code编码
+     * @return
+     */
+    public String genderBackCode() {
+        SimpleDateFormat dateFormat = new SimpleDateFormat("yyyyMMdd");
+        Date nowDate = DateUtils.getNowDate();
+        String format = dateFormat.format(nowDate);
+        int taskNum = inventoryAndWarehousingMapper.selectTaskNumByMonth(nowDate) + 1;
+        String code = "";
+        if (taskNum > GlobalContants.NUM1 && taskNum < GlobalContants.NUM2) {
+            code = "PD" + format + "-00" + taskNum;
+        } else if (taskNum > GlobalContants.NUM3 && taskNum < GlobalContants.NUM4) {
+            code = "PD" + format + "-0" + taskNum;
+        } else {
+            code = "PD" + format + "-000" + taskNum;
+        }
+        return code;
+    }
+
     /**
      * 新增入库盘点
      * @param dto
@@ -49,23 +74,14 @@ public class InventoryAndWarehousingServiceImpl implements InventoryAndWarehousi
     public AjaxResult savePutInfo(SavePutInfoDto dto) {
         log.info("新增入库盘点入参dto：{}", dto);
         Long userId = SecurityUtils.getLoginUser().getUserid();
-        dto.setCreator(userId.toString());
+        dto.setCreator(userId);
-        List<String> codeList = new ArrayList<>();
+        String code = genderBackCode();
-        if (dto.getNum() != null) {
-            while (codeList.size() < dto.getNum()) {
-                String code = FieldGenerator.generateField();
-                int count = selectByCode(code);
-                if (count == 0 && !codeList.contains(code)) {
-                    codeList.add(code);
-                }
-            }
-        }
         int res;
         try {
             //1. 判断是数量还是编号入库，保存到不同表
             //1.1 如果是编号入库
             if (dto.getIsCode()) {
-                res = insertMaMachineInfo(dto, codeList);
+                res = insertMaMachineInfo(dto, code);
                 if (res == 0) {
                     log.error("insertMaMachineInfo方法插入异常");
                     throw new RuntimeException("insertMaMachineInfo方法插入异常");
@@ -78,7 +94,7 @@ public class InventoryAndWarehousingServiceImpl implements InventoryAndWarehousi
                 }
             } else {
                 //2.插入ma_type_put_in_storage_info表和ma_type_put_in_storage_details表
-                res = insertPutInfo(dto);
+                res = insertPutInfo(dto, code);
                 if (res == 0) {
                     log.error("insertPutInfo方法插入异常");
                     throw new RuntimeException("insertPutInfo方法插入异常");
@@ -94,25 +110,25 @@ public class InventoryAndWarehousingServiceImpl implements InventoryAndWarehousi
     }
 
     /**
-     * 根据code从ma_machine表查询是否有数据，去重
+     * 编号新增，插入ma_machine、ma_machine_label和ma_label_bind
+     * @param dto
      * @param code
      * @return
      */
-    private int selectByCode(String code) {
+    private int insertMaMachineInfo(SavePutInfoDto dto, String code) {
-        return inventoryAndWarehousingMapper.selectByCode(code);
-    }
-
-    /**
-     * 编号新增，插入ma_machine、ma_machine_label和ma_label_bind
-     * @param dto
-     * @param codeList
-     * @return
-     */
-    private int insertMaMachineInfo(SavePutInfoDto dto, List<String> codeList) {
         int res = 0;
+        if (dto.getNum() != null) {
+            MachIneDto machIneDto = dto.getMachIneDtoList().get(0);
+            machIneDto.setCode(code);
+            machIneDto.setPutInType(dto.getPutInType());
+            machIneDto.setCreator(dto.getCreator());
+            machIneDto.setNum(dto.getNum());
+            machIneDto.setIsCode(dto.getIsCode());
+            res += insertInfo(machIneDto);
+            machIneDto.setInfoId(machIneDto.getId());
+        }
         for (int i = 0; i < dto.getMachIneDtoList().size(); i++) {
             MachIneDto machIneDto = dto.getMachIneDtoList().get(i);
-            String code = codeList.get(i);
             machIneDto.setCode(code);
             machIneDto.setIsCode(dto.getIsCode());
             machIneDto.setTypeId(dto.getTypeId());
@@ -121,11 +137,19 @@ public class InventoryAndWarehousingServiceImpl implements InventoryAndWarehousi
             machIneDto.setPutInType(dto.getPutInType());
             machIneDto.setNum(dto.getNum());
             machIneDto.setCheckMan(dto.getCheckMan());
+            machIneDto.setUnitId(dto.getUnitId());
+            machIneDto.setProId(dto.getProId());
+            machIneDto.setInfoId(dto.getMachIneDtoList().get(0).getInfoId());
             res += insertMachineInfo(machIneDto);
         }
         return res;
     }
 
+    //插入ma_type_put_in_storage_info表,返回主键id
+    private int insertInfo(MachIneDto machIneDto) {
+        return inventoryAndWarehousingMapper.saveInfo(machIneDto);
+    }
+
     /**
      * 方法抽取，保持到ma_machine、ma_machine_label和ma_label_bind
      * @param machIneDto
@@ -145,11 +169,8 @@ public class InventoryAndWarehousingServiceImpl implements InventoryAndWarehousi
      * @return
      */
     private int insertTypePutInStorageInfo(MachIneDto machIneDto) {
-        //插入ma_type_put_in_storage_info表,返回主键id
-        int res = inventoryAndWarehousingMapper.saveInfo(machIneDto);
         //ma_type_put_in_storage_details表
-        res += inventoryAndWarehousingMapper.saveDetails(machIneDto);
+        return inventoryAndWarehousingMapper.saveDetails(machIneDto);
-        return res;
     }
 
 
@@ -169,13 +190,31 @@ public class InventoryAndWarehousingServiceImpl implements InventoryAndWarehousi
      * @param dto
      * @return
      */
-    private int insertPutInfo(SavePutInfoDto dto) {
+    private int insertPutInfo(SavePutInfoDto dto, String code) {
         int res = 0;
+        Double total = dto.getMachIneDtoList().stream()
+                .map(MachIneDto::getPutInStoreNum)
+                .filter(num -> num != null)
+                .collect(Collectors.summingDouble(Double::doubleValue));
+        if (CollectionUtils.isNotEmpty(dto.getMachIneDtoList())) {
+            MachIneDto machIneDto = dto.getMachIneDtoList().get(0);
+            machIneDto.setCode(code);
+            machIneDto.setPutInType(dto.getPutInType());
+            machIneDto.setCreator(dto.getCreator());
+            machIneDto.setIsCode(dto.getIsCode());
+            machIneDto.setTotalNum(total);
+            res += insertInfo(machIneDto);
+            machIneDto.setInfoId(machIneDto.getId());
+        }
         for (int i = 0; i < dto.getMachIneDtoList().size(); i++) {
             MachIneDto machIneDto = dto.getMachIneDtoList().get(i);
             machIneDto.setCreator(dto.getCreator());
             machIneDto.setPutInType(dto.getPutInType());
             machIneDto.setRemarks(dto.getRemarks());
+            machIneDto.setUnitId(dto.getUnitId());
+            machIneDto.setProId(dto.getProId());
+            machIneDto.setCode(code);
+            machIneDto.setInfoId(dto.getMachIneDtoList().get(0).getInfoId());
             res += insertTypePutInStorageInfo(machIneDto);
             //根据类型追加ma_type表里面的num
             res += updateMaTypeInfo(machIneDto.getTypeId(), machIneDto.getPutInStoreNum());

sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/config/RsaUtil.java

@@ -0,0 +1,133 @@
+package com.bonus.sgzb.system.config;
+
+import javax.crypto.Cipher;
+import java.security.KeyFactory;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+import java.util.Base64;
+
+/**
+ * @Author ma_sh
+ * @create 2024/5/25 16:07
+ */
+public class RsaUtil {
+    //签名算法名称
+    private static final String RSA_KEY_ALGORITHM = "RSA";
+
+    //RSA密钥长度,默认密钥长度是1024,密钥长度必须是64的倍数，在512到65536位之间,不管是RSA还是RSA2长度推荐使用2048
+    private static final int KEY_SIZE = 2048;
+
+    /**
+     * 公钥加密(用于数据加密)
+     *
+     * @param data         加密前的字符串
+     * @param publicKeyStr base64编码后的公钥
+     * @return base64编码后的字符串
+     * @throws Exception
+     */
+    public static String encryptByPublicKey(String data, String publicKeyStr) throws Exception {
+        //Java原生base64解码
+        byte[] pubKey = Base64.getDecoder().decode(publicKeyStr);
+        //创建X509编码密钥规范
+        X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(pubKey);
+        //返回转换指定算法的KeyFactory对象
+        KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM);
+        //根据X509编码密钥规范产生公钥对象
+        PublicKey publicKey = keyFactory.generatePublic(x509KeySpec);
+        //根据转换的名称获取密码对象Cipher（转换的名称：算法/工作模式/填充模式）
+        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
+        //用公钥初始化此Cipher对象（加密模式）
+        cipher.init(Cipher.ENCRYPT_MODE, publicKey);
+        //对数据加密
+        byte[] encrypt = cipher.doFinal(data.getBytes());
+        //返回base64编码后的字符串
+        return Base64.getEncoder().encodeToString(encrypt);
+    }
+
+
+    /**
+     * 私钥解密(用于数据解密)
+     *
+     * @param data          解密前的字符串
+     * @param privateKeyStr 私钥
+     * @return 解密后的字符串
+     * @throws Exception
+     */
+    public static String decryptByPrivateKey(String data, String privateKeyStr) throws Exception {
+        //Java原生base64解码
+        byte[] priKey = Base64.getDecoder().decode(privateKeyStr);
+        //创建PKCS8编码密钥规范
+        PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(priKey);
+        //返回转换指定算法的KeyFactory对象
+        KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM);
+        //根据PKCS8编码密钥规范产生私钥对象
+        PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
+        //根据转换的名称获取密码对象Cipher（转换的名称：算法/工作模式/填充模式）
+        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
+        //用私钥初始化此Cipher对象（解密模式）
+        cipher.init(Cipher.DECRYPT_MODE, privateKey);
+        //对数据解密
+        byte[] decrypt = cipher.doFinal(Base64.getDecoder().decode(data));
+        //返回字符串
+        return new String(decrypt);
+    }
+
+
+
+    /**
+     * 私钥加密(用于数据签名)
+     *
+     * @param data          加密前的字符串
+     * @param privateKeyStr base64编码后的私钥
+     * @return base64编码后后的字符串
+     * @throws Exception
+     */
+    public static String encryptByPrivateKey(String data, String privateKeyStr) throws Exception {
+        //Java原生base64解码
+        byte[] priKey = Base64.getDecoder().decode(privateKeyStr);
+        //创建PKCS8编码密钥规范
+        PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(priKey);
+        //返回转换指定算法的KeyFactory对象
+        KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM);
+        //根据PKCS8编码密钥规范产生私钥对象
+        PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
+        //根据转换的名称获取密码对象Cipher（转换的名称：算法/工作模式/填充模式）
+        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
+        //用私钥初始化此Cipher对象（加密模式）
+        cipher.init(Cipher.ENCRYPT_MODE, privateKey);
+        //对数据加密
+        byte[] encrypt = cipher.doFinal(data.getBytes());
+        //返回base64编码后的字符串
+        return Base64.getEncoder().encodeToString(encrypt);
+    }
+
+    /**
+     * 公钥解密(用于数据验签)
+     *
+     * @param data         解密前的字符串
+     * @param publicKeyStr base64编码后的公钥
+     * @return 解密后的字符串
+     * @throws Exception
+     */
+    public static String decryptByPublicKey(String data, String publicKeyStr) throws Exception {
+        //Java原生base64解码
+        byte[] pubKey = Base64.getDecoder().decode(publicKeyStr);
+        //创建X509编码密钥规范
+        X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(pubKey);
+        //返回转换指定算法的KeyFactory对象
+        KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM);
+        //根据X509编码密钥规范产生公钥对象
+        PublicKey publicKey = keyFactory.generatePublic(x509KeySpec);
+        //根据转换的名称获取密码对象Cipher（转换的名称：算法/工作模式/填充模式）
+        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
+        //用公钥初始化此Cipher对象（解密模式）
+        cipher.init(Cipher.DECRYPT_MODE, publicKey);
+        //对数据解密
+        byte[] decrypt = cipher.doFinal(Base64.getDecoder().decode(data));
+        //返回字符串
+        return new String(decrypt);
+    }
+
+}

sgzb-modules/sgzb-system/src/main/java/com/bonus/sgzb/system/controller/SysConfigController.java

@@ -2,6 +2,9 @@ package com.bonus.sgzb.system.controller;
 
 import java.util.List;
 import javax.servlet.http.HttpServletResponse;
+
+import com.bonus.sgzb.common.core.utils.StringUtils;
+import com.bonus.sgzb.system.config.RsaUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.DeleteMapping;
@@ -32,6 +35,9 @@ import com.bonus.sgzb.system.service.ISysConfigService;
 @RequestMapping("/config")
 public class SysConfigController extends BaseController
 {
+    private final String publicKey = "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKoR8mX0rGKLqzcWmOzbfj64K8ZIgOdHnzkXSOVOZbFu/TJhZ7rFAN+eaGkl3C4buccQd/EjEsj9ir7ijT7h96MCAwEAAQ==";
+    private final String CONFIG_KEY = "sys.user.initPassword";
+
     @Autowired
     private ISysConfigService configService;
 
@@ -40,10 +46,15 @@ public class SysConfigController extends BaseController
      */
     @RequiresPermissions("system:config:list")
     @GetMapping("/list")
-    public TableDataInfo list(SysConfig config)
+    public TableDataInfo list(SysConfig config) throws Exception {
-    {
         startPage();
         List<SysConfig> list = configService.selectConfigList(config);
+        for (SysConfig sysConfig : list) {
+            if (CONFIG_KEY.equals(sysConfig.getConfigKey()) && StringUtils.isNotBlank(sysConfig.getConfigValue())) {
+                String configValue = RsaUtil.encryptByPublicKey(sysConfig.getConfigValue(), publicKey);
+                sysConfig.setConfigValue(configValue);
+            }
+        }
         return getDataTable(list);
     }
 
@@ -70,9 +81,13 @@ public class SysConfigController extends BaseController
      * 根据参数键名查询参数值
      */
     @GetMapping(value = "/configKey/{configKey}")
-    public AjaxResult getConfigKey(@PathVariable String configKey)
+    public AjaxResult getConfigKey(@PathVariable String configKey) throws Exception {
-    {
+        String configByKey = configService.selectConfigByKey(configKey);
-        return success(configService.selectConfigByKey(configKey));
+        if (CONFIG_KEY.equals(configKey) && StringUtils.isNotBlank(configByKey)) {
+            String configValue = RsaUtil.encryptByPublicKey(configByKey, publicKey);
+            return AjaxResult.success(configValue);
+        }
+        return success(configByKey);
     }
 
     /**