jiazhizhong/spring-boot-base-demo
1
0
Fork 0
mirror of https://github.com/RemainderTime/spring-boot-base-demo.git synced 2026-06-05 09:27:45 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): 修复RSA加密实现并移除BCrypt密码编码器

Browse Source 
- 在login.html中添加HTML语言声明和密码显示功能
- 重构前端RSA加密逻辑,支持大数据块分片加密
- 更新RSAUtils.java中的加密算法,使用标准PKCS1填充模式
- 移除UserService中不必要的BCryptPasswordEncoder依赖
- 简化success.html页面的参数解析逻辑
- 统一前后端RSA加密解密的实现方式
This commit is contained in:
海言
2026-06-01 15:14:04 +08:00
parent 8f5f3f137d
commit 217e931806
4 changed files with 181 additions and 229 deletions
Download Patch File Download Diff File Expand all files Collapse all files

240
src/main/java/cn/xf/basedemo/common/utils/RSAUtils.java
View File

@@ -1,192 +1,134 @@
package cn.xf.basedemo.common.utils;
import org.apache.tomcat.util.codec.binary.Base64;
import org.apache.tomcat.util.http.fileupload.IOUtils;
import javax.crypto.Cipher;
import java.io.ByteArrayOutputStream;
import java.security.*;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;
/**
* @program: xf-boot-base
* @ClassName RSAUtils
* @description: 加密工具类
* @author: xiongfeng
* @create: 2022-06-20 10:37
**/
public class RSAUtils {
//算法类型
private static final String RSA = "RSA";
private static final String RSA_TRANSFORMATION = "RSA/ECB/PKCS1Padding";
private static final int KEY_SIZE = 1024;
//字符编码类型
private static final String CHARSET = "UTF-8";
//加密长度
private static final int ENCRYPT_SIZE = 1024;
/**
* 创建rsa密匙对
*
* @return
*/
private static Map<String, String> createEncryptKey() {
KeyPairGenerator kpg;
try {
kpg = KeyPairGenerator.getInstance(RSA);
KeyPairGenerator kpg = KeyPairGenerator.getInstance(RSA);
kpg.initialize(KEY_SIZE);
KeyPair keyPair = kpg.generateKeyPair();
PublicKey publicKey = keyPair.getPublic();
PrivateKey privateKey = keyPair.getPrivate();
Map<String, String> map = new HashMap<>();
map.put("publicKey", Base64.getEncoder().encodeToString(publicKey.getEncoded()));
map.put("privateKey", Base64.getEncoder().encodeToString(privateKey.getEncoded()));
return map;
} catch (Exception e) {
throw new IllegalArgumentException();
throw new IllegalArgumentException("create RSA key pair failed", e);
}
kpg.initialize(ENCRYPT_SIZE);
KeyPair keyPair = kpg.generateKeyPair();
PublicKey aPublic = keyPair.getPublic();
String publicKey = Base64.encodeBase64URLSafeString(aPublic.getEncoded());
PrivateKey aPrivate = keyPair.getPrivate();
String privateKey = Base64.encodeBase64URLSafeString(aPrivate.getEncoded());
Map<String, String> map = new HashMap<>();
map.put("publicKey", publicKey);
map.put("privateKey", privateKey);
return map;
}
/**
* 获取ras公匙
*
* @param publicKeyStr 公匙加密字符串
* @return
* @throws NoSuchAlgorithmException
* @throws InvalidKeySpecException
*/
public static RSAPublicKey getPublicKey(String publicKeyStr) throws NoSuchAlgorithmException, InvalidKeySpecException {
// 通过X509编码的Key指令获得公钥对象
KeyFactory keyFactory = KeyFactory.getInstance(RSA);
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(Base64.decodeBase64URLSafe(publicKeyStr));
RSAPublicKey key = (RSAPublicKey) keyFactory.generatePublic(x509KeySpec);
return key;
}
/**
* 获取ras私匙
*
* @param privateKeyStr 私匙加密字符串
* @return
* @throws NoSuchAlgorithmException
* @throws InvalidKeySpecException
*/
public static RSAPrivateKey getPrivateKey(String privateKeyStr) throws NoSuchAlgorithmException, InvalidKeySpecException {
KeyFactory keyFactory = KeyFactory.getInstance(RSA);
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64URLSafe(privateKeyStr));
RSAPrivateKey privateKey = (RSAPrivateKey) keyFactory.generatePrivate(pkcs8EncodedKeySpec);
return privateKey;
}
/**
* 公匙加密
*
* @param data 字符串
* @param publicKey
* @return
*/
public static String publicEncrypt(String data, RSAPublicKey publicKey) {
public static RSAPublicKey getPublicKey(String publicKeyStr) throws InvalidKeySpecException {
try {
Cipher cipher = Cipher.getInstance(RSA);
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
byte[] bytes = cipher.doFinal(data.getBytes());
return Base64.encodeBase64URLSafeString(bytes);
// return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, data.getBytes(CHARSET), publicKey.getModulus().bitLength()));
KeyFactory keyFactory = KeyFactory.getInstance(RSA);
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(decodeBase64(publicKeyStr));
return (RSAPublicKey) keyFactory.generatePublic(keySpec);
} catch (InvalidKeySpecException e) {
throw e;
} catch (Exception e) {
throw new RuntimeException();
throw new InvalidKeySpecException("invalid RSA public key", e);
}
}
public static RSAPrivateKey getPrivateKey(String privateKeyStr) throws InvalidKeySpecException {
try {
KeyFactory keyFactory = KeyFactory.getInstance(RSA);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(decodeBase64(privateKeyStr));
return (RSAPrivateKey) keyFactory.generatePrivate(keySpec);
} catch (InvalidKeySpecException e) {
throw e;
} catch (Exception e) {
throw new InvalidKeySpecException("invalid RSA private key", e);
}
}
public static String publicEncrypt(String data, RSAPublicKey publicKey) {
try {
Cipher cipher = Cipher.getInstance(RSA_TRANSFORMATION);
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
byte[] encrypted = rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE,
data.getBytes(StandardCharsets.UTF_8), publicKey.getModulus().bitLength());
return Base64.getEncoder().encodeToString(encrypted);
} catch (Exception e) {
throw new RuntimeException("RSA encrypt failed", e);
}
}
public static String privateDecryption(String data, RSAPrivateKey privateKey) {
try {
Cipher cipher = Cipher.getInstance(RSA);
Cipher cipher = Cipher.getInstance(RSA_TRANSFORMATION);
cipher.init(Cipher.DECRYPT_MODE, privateKey);
// byte[] bytes = cipher.doFinal(Base64.decodeBase64(data.getBytes(CHARSET)));
// return new String(bytes);
return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(data.getBytes(CHARSET), 0, data.getBytes(CHARSET).length), privateKey.getModulus().bitLength()), CHARSET);
byte[] decrypted = rsaSplitCodec(cipher, Cipher.DECRYPT_MODE,
decodeBase64(data), privateKey.getModulus().bitLength());
return new String(decrypted, StandardCharsets.UTF_8);
} catch (Exception e) {
throw new RuntimeException("解密字符串[" + data + "]时遇到异常", e);
throw new RuntimeException("RSA decrypt failed", e);
}
}
private static byte[] decodeBase64(String data) {
String normalizedData = data.replaceAll("\\s", "");
try {
return Base64.getDecoder().decode(normalizedData);
} catch (IllegalArgumentException e) {
return Base64.getUrlDecoder().decode(normalizedData);
}
}
//rsa切割解码 , ENCRYPT_MODE,加密数据 ,DECRYPT_MODE,解密数据
private static byte[] rsaSplitCodec(Cipher cipher, int opmode, byte[] datas, int keySize) {
int maxBlock = 0; //最大块
if (opmode == Cipher.DECRYPT_MODE) {
maxBlock = keySize / 8;
} else {
maxBlock = keySize / 8 - 11;
}
ByteArrayOutputStream out = new ByteArrayOutputStream();
int offSet = 0;
byte[] buff;
int i = 0;
try {
while (datas.length > offSet) {
if (datas.length - offSet > maxBlock) {
//可以调用以下的doFinal方法完成加密或解密数据
buff = cipher.doFinal(datas, offSet, maxBlock);
} else {
buff = cipher.doFinal(datas, offSet, datas.length - offSet);
}
out.write(buff, 0, buff.length);
i++;
offSet = i * maxBlock;
int maxBlock = opmode == Cipher.DECRYPT_MODE ? keySize / 8 : keySize / 8 - 11;
int offset = 0;
int index = 0;
try (ByteArrayOutputStream out = new ByteArrayOutputStream()) {
while (datas.length > offset) {
int inputLen = Math.min(datas.length - offset, maxBlock);
byte[] buffer = cipher.doFinal(datas, offset, inputLen);
out.write(buffer, 0, buffer.length);
index++;
offset = index * maxBlock;
}
return out.toByteArray();
} catch (Exception e) {
throw new RuntimeException("加解密阀值为[" + maxBlock + "]的数据时发生异常", e);
throw new RuntimeException("RSA block codec failed, maxBlock=" + maxBlock, e);
}
byte[] resultDatas = out.toByteArray();
IOUtils.closeQuietly(out);
return resultDatas;
}
public static void main(String[] args) {
// Map<String, String> encryptKey = createEncryptKey();
// String publicKey = encryptKey.get("publicKey");
// String privateKey = encryptKey.get("privateKey");
//
// System.out.println("公匙加密串:" + publicKey);
// System.out.println("私匙加密串:" + privateKey);
//
// System.out.println();
//
String data = "data";
//加密
try {
String s = publicEncrypt(data, getPublicKey("MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC_F5UQC1QWsu3QsESQBz9M-GDA9Atm0qVSvwIsy568lyRLi-nq3VvvnmgrlL4yTbngFzyfb2Dn35cNCHsBvIaGuCY3_PpzPqMzVpxr2QlEkhEX9atnJQ1rWexS8QeZtPjpiIwoQrChTzXjD_sYUkDrqSykFplyivf0NSO2WqCBdwIDAQAB"));
System.out.println("加密后密文:" + s);
String ss = "bPrP3VQpVNj7jxzSvVRQQpOCzg4c9HAMd/Sesda0SOxmWbNzP8SnhayV2H9Jpih2sf26O8dOqiNE7V1u5NPgQBIPi6LqX2QiFTjynVLxQBUmISfmQ2Q6K3sjHBIRIhuZPrXijw7CextUUQwzh4VvEVkjyaUnqlMXVRkUGlgqP7M=";
String privateKey1 = "MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBALiJJ6RPMMh-ETrmppOG7JKINPSFaaZoHjzZkyQl3AcfrpKMmH82j_Pxl4mPvvgKtbR20N-88-nJLT4v4aOz9XYVl5ruE59SsJl_T8YqN-i8L8KH8Wptd0_ee7nDhF4-OGEi-o330daFv20eLpboy6nDkWLmLihKC0jEZWK8MLZzAgMBAAECgYAEhO9gmcPjFRtM6vsnX8WJbSaG2oGU3rXm3Zk56Gd0ETWQRzsw2mA6JC-G4etWXcTHb6V75T-_-PpPrJKFFNItEH-WFRS36xneomycxRG1YTfK1SsGLGF0BV3bLVZx8cQz7VsBY4vqbRCSKtcOZBJpnxI6iHAv07i8w34F6qjfsQJBAORnKUuJQ_GsHHBPT1VhMYjXVepAfTrWtCzRQ648KavbHLAGaRIhX10uj-hAhZLafDqQF8Y7T7GHTlasRL9ubWsCQQDO1R3KScJJSR3KDsnSsF0YCw7V28cr_OVAwiPoro90Me6MUz9yKV88gQlTuJkNFMuu_YdPXYKjlzNVg0zFmtUZAkEAoe9mPtDeZD0TmKkSZUVYul1543C_mPTan5_qrWCoZtkd2MtiuWEB3O4DR7ZfPcQ8KcU5pektUn_NEfRndZYUawJBAJfydOoxeawBLQNODfLcYefR59owlYe5SGpktaCw7O596DPqzId_4Vk_qqx4xueXSXOLCabCmcC4yZue0_2vm7ECQQDLrzXL-BpSqxbvtE0gNKcgaSkEUSOh1QmQFPCHERsOBxcflM6ej71STKglB21JD9m6tM2RySgbtUx4TfOuJTek";
String s1 = privateDecryption(ss, getPrivateKey(privateKey1));
System.out.println("解密后明文:" + s1);
} catch (Exception e) {
throw new IllegalArgumentException();
}
public static void main(String[] args) throws Exception {
Map<String, String> encryptKey = createEncryptKey();
String publicKey = encryptKey.get("publicKey");
String privateKey = encryptKey.get("privateKey");
String data = "{\"account\":\"admin\",\"pwd\":\"123456\"}";
String encrypted = publicEncrypt(data, getPublicKey(publicKey));
String decrypted = privateDecryption(encrypted, getPrivateKey(privateKey));
System.out.println("publicKey: " + publicKey);
System.out.println("privateKey: " + privateKey);
System.out.println("encrypted: " + encrypted);
System.out.println("decrypted: " + decrypted);
}
}
}