yexuejc/yexuejc-springboot
1
0
Fork 0
mirror of https://gitee.com/incloudcode/yexuejc-springboot.git synced 2025-07-15 00:07:28 +08:00
Code Issues Releases Wiki Activity

1.0.7

Browse Source
This commit is contained in:
yexuejc 2018-05-15 15:37:32 +08:00
parent 96c34332bc
commit a1dd4b12ab
13 changed files with 171 additions and 217 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
PARAMS_RSA_DECRYPT_ENCRYPT.md
View File

@ -95,7 +95,13 @@ params.setData(RSA.publicEncrypt(datas, RSA.getPublicKey(properties.getPublicKey
### 配置
1. 服务器配置私钥
```
#配置密钥方式
yexuejc.http.encrypt.private-key=私钥
#配置证书方式:方式二选一,两者都配置会选择配置密钥方式
yexuejc.http.encrypt.private-key-path=/lgfishing.keystore
yexuejc.http.encrypt.private-alias=lgfishing
yexuejc.http.encrypt.private-pwd=lgfishing2018
yexuejc.http.encrypt.encrypt=true //加密默认false
yexuejc.http.encrypt.decrypt=true //解密默认false
```

2
README.md
View File

@ -9,7 +9,7 @@ parent版本封装<br/>
base:功能封装
#### 引用
>yexuejc.springboot.version=1.0.6
>yexuejc.springboot.version=1.0.7
pom.xml
```

10
UPDATE.md
View File

@ -1,7 +1,15 @@
uselaw-base 更新内容
-------------------
#### version 1.0.6 ~~1.0.5~~
#### version 1.0.7
**time** 2018-5-4 09:54:18<br/>
**branch** master <br/>
**update** <br/>
>1. 新增加密证书配置
>2. RSA迁移到[yexuejc-base:1.1.1](https://github.com/yexuejc/yexuejc-base)工程
#
##### version 1.0.6 ~~1.0.5~~
**【change:2018-5-15 09:24:37】** 1.0.5 jitpack打包失败升级版本1.0.6<br/>
**time** 2018-5-4 09:54:18<br/>
**branch** master <br/>

14
pom.xml
View File

@ -5,7 +5,7 @@
<groupId>com.yexuejc.springboot</groupId>
<artifactId>yexuejc-springboot-parent</artifactId>
<version>1.0.6</version>
<version>1.0.7</version>
<packaging>pom</packaging>
<name>${project.artifactId}</name>
@ -35,7 +35,7 @@
<mybatis-spring-boot-starter.version>1.2.0</mybatis-spring-boot-starter.version>
<mybatis.version>3.4.2</mybatis.version>
<yexuejc.base.version>1.1.0</yexuejc.base.version>
<yexuejc.base.version>1.1.1</yexuejc.base.version>
<jjwt.version>0.7.0</jjwt.version>
<fastjson.version>1.1.46</fastjson.version>
<commons-codec.version>1.10</commons-codec.version>
@ -64,11 +64,11 @@
<artifactId>yexuejc-base</artifactId>
<version>${yexuejc.base.version}</version>
</dependency>
<!--<dependency>-->
<!--<groupId>com.yexuejc.base</groupId>-->
<!--<artifactId>yexuejc-base</artifactId>-->
<!--<version>${yexuejc.base.version}</version>-->
<!--</dependency>-->
<dependency>
<groupId>com.yexuejc.base</groupId>
<artifactId>yexuejc-base</artifactId>
<version>${yexuejc.base.version}</version>
</dependency>
<!-- 编码包 说明http://blog.csdn.net/jianggujin/article/details/51149133 -->
<dependency>
<groupId>commons-codec</groupId>

2
yexuejc-springboot-base/pom.xml
View File

@ -9,7 +9,7 @@
<parent>
<groupId>com.yexuejc.springboot</groupId>
<artifactId>yexuejc-springboot-parent</artifactId>
<version>1.0.6</version>
<version>1.0.7</version>
<!-- 本地打包:使用相对关联路径 -->
<!--<relativePath>../../yexuejc</relativePath>-->
</parent>

27
yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/filter/ParamsRequestBodyAdvice.java
View File

@ -1,11 +1,12 @@
package com.yexuejc.springboot.base.filter;
import com.yexuejc.base.encrypt.RSA;
import com.yexuejc.base.encrypt.RSA2;
import com.yexuejc.base.pojo.ParamsPO;
import com.yexuejc.base.util.JsonUtil;
import com.yexuejc.base.util.StrUtil;
import com.yexuejc.springboot.base.exception.GatewayException;
import com.yexuejc.springboot.base.util.LogUtil;
import com.yexuejc.springboot.base.util.RSA;
import org.apache.commons.io.IOUtils;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.core.MethodParameter;
@ -18,10 +19,7 @@ import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdvice;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Type;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.List;
import java.util.Map;
import java.security.interfaces.RSAPrivateKey;
/**
* 请求数据解密
@ -59,10 +57,19 @@ public class ParamsRequestBodyAdvice implements RequestBodyAdvice {
//RSA解密
try {
long t = System.currentTimeMillis();
RSAPrivateKey rsaPrivateKey = null;
if (StrUtil.isEmpty(properties.getPrivateKey())) {
rsaPrivateKey = RSA2.getPrivateKey(
this.getClass().getResource(properties.getPrivateKeyPath()).getFile().toString(),
properties.getPrivateAlias(),
properties.getPrivatePwd());
} else {
rsaPrivateKey = RSA.getPrivateKey(properties.getPrivateKey());
}
String data = new String(
RSA.privateDecrypt(
paramsPO.getData(),
RSA.getPrivateKey(properties.getPrivateKey())
rsaPrivateKey
)
);
//md5 校验
@ -73,15 +80,9 @@ public class ParamsRequestBodyAdvice implements RequestBodyAdvice {
InputStream body = IOUtils.toInputStream(JsonUtil.obj2Json(StrUtil.parseUrlencoded(data)), "UTF-8");
LogUtil.accessLogger.info("解密耗时:{}", System.currentTimeMillis() - t);
return new MyHttpInputMessage(inputMessage.getHeaders(), body);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
throw new GatewayException("data错误");
} catch (InvalidKeySpecException e) {
e.printStackTrace();
throw new GatewayException("data错误");
} catch (Exception e) {
e.printStackTrace();
throw new GatewayException("data错误");
LogUtil.accessLogger.error("解密失败,直接传递参数{}。\n异常信息{}", JsonUtil.obj2Json(paramsPO), e);
}
}
return inputMessage;

22
yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/filter/ParamsResponseBodyAdvice.java
View File

@ -1,10 +1,11 @@
package com.yexuejc.springboot.base.filter;
import com.yexuejc.base.encrypt.RSA;
import com.yexuejc.base.encrypt.RSA2;
import com.yexuejc.base.http.Resps;
import com.yexuejc.base.util.JsonUtil;
import com.yexuejc.base.util.StrUtil;
import com.yexuejc.springboot.base.util.LogUtil;
import com.yexuejc.springboot.base.util.RSA;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.core.MethodParameter;
import org.springframework.http.MediaType;
@ -13,8 +14,7 @@ import org.springframework.http.server.ServerHttpResponse;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.security.interfaces.RSAPrivateKey;
import java.util.List;
import java.util.Map;
@ -69,13 +69,19 @@ public class ParamsResponseBodyAdvice implements ResponseBodyAdvice {
}
resps.setSign(StrUtil.toMD5(data));
try {
RSAPrivateKey rsaPrivateKey = null;
if (StrUtil.isEmpty(properties.getPrivateKey())) {
rsaPrivateKey = RSA2.getPrivateKey(
this.getClass().getResource(properties.getPrivateKeyPath()).getFile().toString(),
properties.getPrivateAlias(),
properties.getPrivatePwd());
} else {
rsaPrivateKey = RSA.getPrivateKey(properties.getPrivateKey());
}
resps.setData(
RSA.privateEncrypt(JsonUtil.obj2Json(resps.getData()), RSA.getPrivateKey(properties.getPrivateKey()))
RSA.privateEncrypt(JsonUtil.obj2Json(resps.getData()), rsaPrivateKey)
);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
LogUtil.accessLogger.error("出参加密错误,进行明文出参{}。\n异常信息{}", JsonUtil.obj2Json(resps), e.getMessage());
} catch (InvalidKeySpecException e) {
} catch (Exception e) {
e.printStackTrace();
LogUtil.accessLogger.error("出参加密错误,进行明文出参{}。\n异常信息{}", JsonUtil.obj2Json(resps), e.getMessage());
}

49
yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/filter/RsaProperties.java
View File

@ -16,10 +16,27 @@ public class RsaProperties {
* 私钥
*/
private String privateKey = "";
/**
* 私钥证书路径默认private.keystore
*/
private String privateKeyPath = "/private.keystore";
/**
* 私钥证书别名
*/
private String privateAlias = "alias";
/**
* 私钥证书密码
*/
private String privatePwd = "password";
/**
* 公钥
*/
private String publicKey = "";
/**
* 公钥证书路径默认public.cer
*/
private String publicKeyPath = "/public.cer";
/**
* 是否解密
*/
@ -42,6 +59,38 @@ public class RsaProperties {
this.decrypt = decrypt;
}
public String getPrivateKeyPath() {
return privateKeyPath;
}
public void setPrivateKeyPath(String privateKeyPath) {
this.privateKeyPath = privateKeyPath;
}
public String getPrivateAlias() {
return privateAlias;
}
public void setPrivateAlias(String privateAlias) {
this.privateAlias = privateAlias;
}
public String getPrivatePwd() {
return privatePwd;
}
public void setPrivatePwd(String privatePwd) {
this.privatePwd = privatePwd;
}
public String getPublicKeyPath() {
return publicKeyPath;
}
public void setPublicKeyPath(String publicKeyPath) {
this.publicKeyPath = publicKeyPath;
}
public boolean isEncrypt() {
return encrypt;
}

177
yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/util/RSA.java
View File

@ -1,177 +0,0 @@
package com.yexuejc.springboot.base.util;
import org.apache.commons.codec.binary.Base64;
import org.apache.tomcat.util.http.fileupload.IOUtils;
import javax.crypto.Cipher;
import java.io.ByteArrayOutputStream;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
public class RSA {
public static final String CHARSET = "UTF-8";
public static final String RSA_ALGORITHM = "RSA";
public static Map<String, String> initKeys(int keySize) {
//为RSA算法创建一个KeyPairGenerator对象
KeyPairGenerator kpg;
try {
kpg = KeyPairGenerator.getInstance(RSA_ALGORITHM);
} catch (NoSuchAlgorithmException e) {
throw new IllegalArgumentException("No such algorithm-->[" + RSA_ALGORITHM + "]");
}
//初始化KeyPairGenerator对象,密钥长度
kpg.initialize(keySize);
//生成密匙对
KeyPair keyPair = kpg.generateKeyPair();
//得到公钥
Key publicKey = keyPair.getPublic();
String publicKeyStr = Base64.encodeBase64URLSafeString(publicKey.getEncoded());
//得到私钥
Key privateKey = keyPair.getPrivate();
String privateKeyStr = Base64.encodeBase64URLSafeString(privateKey.getEncoded());
Map<String, String> keyPairMap = new HashMap<String, String>();
keyPairMap.put("publicKey", publicKeyStr);
keyPairMap.put("privateKey", privateKeyStr);
return keyPairMap;
}
/**
* 得到公钥
*
* @param publicKey 密钥字符串经过base64编码
* @throws Exception
*/
public static RSAPublicKey getPublicKey(String publicKey) throws NoSuchAlgorithmException, InvalidKeySpecException {
//通过X509编码的Key指令获得公钥对象
KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM);
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(Base64.decodeBase64(publicKey));
RSAPublicKey key = (RSAPublicKey) keyFactory.generatePublic(x509KeySpec);
return key;
}
/**
* 得到私钥
*
* @param privateKey 密钥字符串经过base64编码
* @throws Exception
*/
public static RSAPrivateKey getPrivateKey(String privateKey) throws NoSuchAlgorithmException, InvalidKeySpecException {
//通过PKCS#8编码的Key指令获得私钥对象
KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM);
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKey));
RSAPrivateKey key = (RSAPrivateKey) keyFactory.generatePrivate(pkcs8KeySpec);
return key;
}
/**
* 公钥加密
*
* @param data
* @param publicKey
* @return
*/
public static String publicEncrypt(String data, RSAPublicKey publicKey) {
try {
Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, data.getBytes(CHARSET), publicKey.getModulus().bitLength()));
} catch (Exception e) {
throw new RuntimeException("加密字符串[" + data + "]时遇到异常", e);
}
}
/**
* 私钥解密
*
* @param data
* @param privateKey
* @return
*/
public static String privateDecrypt(String data, RSAPrivateKey privateKey) {
try {
Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, privateKey);
return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(data), privateKey.getModulus().bitLength()), CHARSET);
} catch (Exception e) {
throw new RuntimeException("解密字符串[" + data + "]时遇到异常", e);
}
}
/**
* 私钥加密
*
* @param data
* @param privateKey
* @return
*/
public static String privateEncrypt(String data, RSAPrivateKey privateKey) {
try {
Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, data.getBytes(CHARSET), privateKey.getModulus().bitLength()));
} catch (Exception e) {
throw new RuntimeException("加密字符串[" + data + "]时遇到异常", e);
}
}
/**
* 公钥解密
*
* @param data
* @param publicKey
* @return
*/
public static String publicDecrypt(String data, RSAPublicKey publicKey) {
try {
Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, publicKey);
return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(data), publicKey.getModulus().bitLength()), CHARSET);
} catch (Exception e) {
throw new RuntimeException("解密字符串[" + data + "]时遇到异常", e);
}
}
private static byte[] rsaSplitCodec(Cipher cipher, int opmode, byte[] datas, int keySize) {
int maxBlock = 0;
if (opmode == Cipher.DECRYPT_MODE) {
maxBlock = keySize / 8;
} else {
maxBlock = keySize / 8 - 11;
}
ByteArrayOutputStream out = new ByteArrayOutputStream();
int offSet = 0;
byte[] buff;
int i = 0;
try {
while (datas.length > offSet) {
if (datas.length - offSet > maxBlock) {
buff = cipher.doFinal(datas, offSet, maxBlock);
} else {
buff = cipher.doFinal(datas, offSet, datas.length - offSet);
}
out.write(buff, 0, buff.length);
i++;
offSet = i * maxBlock;
}
} catch (Exception e) {
throw new RuntimeException("加解密阀值为[" + maxBlock + "]的数据时发生异常", e);
}
byte[] resultDatas = out.toByteArray();
IOUtils.closeQuietly(out);
return resultDatas;
}
}

57
yexuejc-springboot-base/src/test/java/com/yexuejc/springboot/base/ApplicationTest.java
View File

@ -1,17 +1,22 @@
package com.yexuejc.springboot.base;
import com.yexuejc.base.encrypt.RSA;
import com.yexuejc.base.encrypt.RSA2;
import com.yexuejc.base.pojo.ParamsPO;
import com.yexuejc.base.util.JsonUtil;
import com.yexuejc.base.util.StrUtil;
import com.yexuejc.springboot.base.filter.RsaProperties;
import com.yexuejc.springboot.base.util.RSA;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import java.io.IOException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.util.HashMap;
import java.util.List;
@ -25,6 +30,12 @@ public class ApplicationTest {
@Autowired
RsaProperties properties;
/**
* 客户端加密
*
* @throws InvalidKeySpecException
* @throws NoSuchAlgorithmException
*/
@Test
public void contextLoads() throws InvalidKeySpecException, NoSuchAlgorithmException {
Map map = new HashMap();
@ -50,6 +61,12 @@ public class ApplicationTest {
// "sign":"d46b089cdea6ddbe3a747a27454ae090"}
}
/**
* 客户端解密
*
* @throws InvalidKeySpecException
* @throws NoSuchAlgorithmException
*/
@Test
public void t2() throws InvalidKeySpecException, NoSuchAlgorithmException {
// String strData = "KrlXChF8LE94EEnycvbi8AygpaZiHKaXH_OmC5sGhGQlvYp1arNk6WW7yR7kAWMLugCS5TKf8FIiYXnyuI8vjA";
@ -101,4 +118,42 @@ public class ApplicationTest {
}
/**
* 证书操作
*
* @throws CertificateException
* @throws IOException
* @throws UnrecoverableKeyException
* @throws NoSuchAlgorithmException
* @throws KeyStoreException
*/
@Test
public void file() throws CertificateException, IOException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException {
String publicKey = this.getClass().getResource("/lgfishing.cer").getFile().toString();
String privateKey = this.getClass().getResource("/lgfishing.keystore").getFile().toString();
String privatePwd = "lgfishing2018";
String privateAlias = "lgfishing";
String dataStr = "{\"ret\":\"0\",\"ExpireTime\":\"2015/10/28 23:59:59\",\"rettxt\":\"OK\",\"Token\":\"69296128A59798E2D423D3B1A9F766F4\"}'";
/***************************************************************************************************************************************************************************************************************************************/
//客户端公钥加密
String publicEncryptResult = RSA.publicEncrypt(dataStr, RSA2.getPublicKey(publicKey));
System.out.println(publicEncryptResult);
//服务器私钥解密
String privateDecryptResult = RSA.privateDecrypt(publicEncryptResult, RSA2.getPrivateKey(privateKey, privateAlias, privatePwd));
System.out.println(privateDecryptResult);
/***************************************************************************************************************************************************************************************************************************************/
//服务器端私钥加密
String privateEncryptResult = RSA.privateEncrypt(dataStr, RSA2.getPrivateKey(privateKey, privateAlias, privatePwd));
System.out.println(privateEncryptResult);
//客户端公钥解密
String publicDecryptResult = RSA.publicDecrypt(privateEncryptResult, RSA2.getPublicKey(publicKey));
System.out.println(publicDecryptResult);
}
}

10
yexuejc-springboot-base/src/test/resources/application.properties
View File

@ -5,10 +5,16 @@ security.basic.enabled=false
yexuejc.http.filter.type=0
yexuejc.http.encrypt.private-key=MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAiSo5blJ9-QJ0_QElcy5AaRTq-3oO4lJ8PvIOIt-Xr5SUFODVj3DUbiy6_0bxQYO3NiYHlXPb37UVV3jjlXJsXwIDAQABAkBE0WOJH2hGs93gRl_0vwLf9ffDfkTTdlER_73p70aad3QZRslEkinQH7G5aE_DgBm5m72TCeH-PD2FZ2lwtavBAiEAvnRown5Lpqbl0tN_OUxr_e1u9d_-8dNL_JEETO7BZCECIQC4XtY-18j0bVVLxaXPjKQ00D59yntwObihDNyRK0nAfwIgHPHEGgrnpGQo-Wl7JFIg925mNqfcLxRVsAS6CpcefQECIQCUsLdsmy6QIhTmNRJSXoSXq1KatE_05DhIekzwLs8eFQIgfMawMiu52ZxBI5_pZ7ancQZ6Dsxl45utFqJShzV1pio
yexuejc.http.encrypt.public-key=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAIkqOW5SffkCdP0BJXMuQGkU6vt6DuJSfD7yDiLfl6-UlBTg1Y9w1G4suv9G8UGDtzYmB5Vz29-1FVd445VybF8CAwEAAQ
yexuejc.http.encrypt.encrypt=true
yexuejc.http.encrypt.decrypt=true
#配置密钥方式
#yexuejc.http.encrypt.private-key=MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAiSo5blJ9-QJ0_QElcy5AaRTq-3oO4lJ8PvIOIt-Xr5SUFODVj3DUbiy6_0bxQYO3NiYHlXPb37UVV3jjlXJsXwIDAQABAkBE0WOJH2hGs93gRl_0vwLf9ffDfkTTdlER_73p70aad3QZRslEkinQH7G5aE_DgBm5m72TCeH-PD2FZ2lwtavBAiEAvnRown5Lpqbl0tN_OUxr_e1u9d_-8dNL_JEETO7BZCECIQC4XtY-18j0bVVLxaXPjKQ00D59yntwObihDNyRK0nAfwIgHPHEGgrnpGQo-Wl7JFIg925mNqfcLxRVsAS6CpcefQECIQCUsLdsmy6QIhTmNRJSXoSXq1KatE_05DhIekzwLs8eFQIgfMawMiu52ZxBI5_pZ7ancQZ6Dsxl45utFqJShzV1pio
#yexuejc.http.encrypt.public-key=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAIkqOW5SffkCdP0BJXMuQGkU6vt6DuJSfD7yDiLfl6-UlBTg1Y9w1G4suv9G8UGDtzYmB5Vz29-1FVd445VybF8CAwEAAQ
#配置证书方式
yexuejc.http.encrypt.private-key-path=/lgfishing.keystore
yexuejc.http.encrypt.private-alias=lgfishing
yexuejc.http.encrypt.private-pwd=lgfishing2018
#编码

BIN
yexuejc-springboot-base/src/test/resources/lgfishing.cer Normal file
View File

Binary file not shown.

BIN
yexuejc-springboot-base/src/test/resources/lgfishing.keystore Normal file
View File

Binary file not shown.