增加基本加解密方式

2 years ago · c4e75e5297
parent 861cef8529
commit c4e75e5297
4 changed files with 348 additions and 12 deletions
--- a/ad-platform-common/ad-platform-common-core/src/main/java/com/baiye/constant/AdPlatFormConstants.java
+++ b/ad-platform-common/ad-platform-common-core/src/main/java/com/baiye/constant/AdPlatFormConstants.java
@ -9,4 +9,6 @@ public class AdPlatFormConstants {
    }

    public static final String AD_PLATFORM = "ad-platform";
+
+    public static final String PLATFORM_USER = "platform-user";
 }
--- a/ad-platform-common/ad-platform-common-core/src/main/java/com/baiye/util/EncryptUtil.java
+++ b/ad-platform-common/ad-platform-common-core/src/main/java/com/baiye/util/EncryptUtil.java
@ -0,0 +1,336 @@
+package com.baiye.util;
+
+import cn.hutool.core.codec.Base64;
+import cn.hutool.core.util.CharsetUtil;
+import com.baiye.constant.AdPlatFormConstants;
+import lombok.extern.slf4j.Slf4j;
+
+import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.Mac;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+import java.security.MessageDigest;
+import java.security.SecureRandom;
+import java.util.Objects;
+
+/**
+ * @author Enzo
+ * @date : 2022/11/1
+ */
+@Slf4j
+public class EncryptUtil {
+
+
+    public static final String MD5 = "MD5";
+    public static final String SHA1 = "SHA1";
+    public static final String HmacMD5 = "HmacMD5";
+    public static final String HmacSHA1 = "HmacSHA1";
+    public static final String DES = "DES";
+    public static final String AES = "AES";
+    /**
+     * 签名算法
+     */
+    public static final String SIGN_ALGORITHMS = "SHA1PRNG";
+    /**
+     * 编码格式；默认使用uft-8
+     */
+    public static String charset = CharsetUtil.UTF_8;
+    /**
+     * DES
+     */
+    public int keysizeDES = 0;
+    /**
+     * AES
+     */
+    public static int keysizeAES = 128;
+
+    public static EncryptUtil me;
+
+    private EncryptUtil() {
+        //单例
+    }
+
+    //双重锁
+    public static EncryptUtil getInstance() {
+        if (me == null) {
+            synchronized (EncryptUtil.class) {
+                if (me == null) {
+                    me = new EncryptUtil();
+                }
+            }
+        }
+        return me;
+    }
+
+    /**
+     * 使用MessageDigest进行单向加密（无密码）
+     *
+     * @param res       被加密的文本
+     * @param algorithm 加密算法名称
+     * @return
+     */
+    private String messageDigest(String res, String algorithm) {
+        try {
+            MessageDigest md = MessageDigest.getInstance(algorithm);
+            byte[] resBytes = charset == null ? res.getBytes() : res.getBytes(charset);
+            return base64(md.digest(resBytes));
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+        return null;
+    }
+
+    /**
+     * 使用KeyGenerator进行单向/双向加密（可设密码）
+     *
+     * @param res       被加密的原文
+     * @param algorithm 加密使用的算法名称
+     * @param key       加密使用的秘钥
+     * @return
+     */
+    private String keyGeneratorMac(String res, String algorithm, String key) {
+        try {
+            SecretKey sk = null;
+            if (key == null) {
+                KeyGenerator kg = KeyGenerator.getInstance(algorithm);
+                sk = kg.generateKey();
+            } else {
+                byte[] keyBytes = charset == null ? key.getBytes() : key.getBytes(charset);
+                sk = new SecretKeySpec(keyBytes, algorithm);
+            }
+            Mac mac = Mac.getInstance(algorithm);
+            mac.init(sk);
+            byte[] result = mac.doFinal(res.getBytes());
+            return base64(result);
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+        return null;
+    }
+
+    /**
+     * 使用KeyGenerator双向加密，DES/AES，注意这里转化为字符串的时候是将2进制转为16进制格式的字符串，不是直接转，因为会出错
+     *
+     * @param res       加密的原文
+     * @param algorithm 加密使用的算法名称
+     * @param key       加密的秘钥
+     * @param keysize
+     * @param isEncode
+     * @return
+     */
+    private static String keyGeneratorES(String res, String algorithm, String key, int keysize, boolean isEncode) {
+        try {
+            KeyGenerator kg = KeyGenerator.getInstance(algorithm);
+            SecureRandom random = SecureRandom.getInstance(SIGN_ALGORITHMS);
+            if (keysize == 0) {
+                byte[] keyBytes = charset == null ? key.getBytes() : key.getBytes(charset);
+                random.setSeed(keyBytes);
+                kg.init(random);
+            } else if (key == null) {
+                kg.init(keysize);
+            } else {
+                byte[] keyBytes = charset == null ? key.getBytes() : key.getBytes(charset);
+                random.setSeed(keyBytes);
+                kg.init(keysize, random);
+            }
+            SecretKey sk = kg.generateKey();
+            SecretKeySpec sks = new SecretKeySpec(sk.getEncoded(), algorithm);
+            Cipher cipher = Cipher.getInstance(algorithm);
+            if (isEncode) {
+                cipher.init(Cipher.ENCRYPT_MODE, sks);
+                byte[] resBytes = charset == null ? res.getBytes() : res.getBytes(charset);
+                return parseByte2HexStr(cipher.doFinal(resBytes));
+            } else {
+                cipher.init(Cipher.DECRYPT_MODE, sks);
+                return new String(cipher.doFinal(Objects.requireNonNull(parseHexStr2Byte(res))));
+            }
+        } catch (Exception e) {
+            log.error("++++++++++++++++++ the keyGeneratorES error +++++++++++++++");
+        }
+        return null;
+    }
+
+    private String base64(byte[] res) {
+        return Base64.encode(res);
+    }
+
+    /**
+     * 将二进制转换成16进制
+     */
+    public static String parseByte2HexStr(byte[] buf) {
+        StringBuffer sb = new StringBuffer();
+        for (int i = 0; i < buf.length; i++) {
+            String hex = Integer.toHexString(buf[i] & 0xFF);
+            if (hex.length() == 1) {
+                hex = '0' + hex;
+            }
+            sb.append(hex.toUpperCase());
+        }
+        return sb.toString();
+    }
+
+    /**
+     * 将16进制转换为二进制
+     */
+    public static byte[] parseHexStr2Byte(String hexStr) {
+        if (hexStr.length() < 1) {
+            return null;
+        }
+        byte[] result = new byte[hexStr.length() / 2];
+        for (int i = 0; i < hexStr.length() / 2; i++) {
+            int high = Integer.parseInt(hexStr.substring(i * 2, i * 2 + 1), 16);
+            int low = Integer.parseInt(hexStr.substring(i * 2 + 1, i * 2 + 2), 16);
+            result[i] = (byte) (high * 16 + low);
+        }
+        return result;
+    }
+
+    /**
+     * md5加密算法进行加密（不可逆）
+     *
+     * @param res 需要加密的原文
+     * @return
+     */
+    public String MD5(String res) {
+        return messageDigest(res, MD5);
+    }
+
+    /**
+     * md5加密算法进行加密（不可逆）
+     *
+     * @param res 需要加密的原文
+     * @param key 秘钥
+     * @return
+     */
+    public String MD5(String res, String key) {
+        return keyGeneratorMac(res, HmacMD5, key);
+    }
+
+    /**
+     * 使用SHA1加密算法进行加密（不可逆）
+     *
+     * @param res 需要加密的原文
+     * @return
+     */
+    public String SHA1(String res) {
+        return messageDigest(res, SHA1);
+    }
+
+    /**
+     * 使用SHA1加密算法进行加密（不可逆）
+     *
+     * @param res 需要加密的原文
+     * @param key 秘钥
+     * @return
+     */
+    public String SHA1(String res, String key) {
+        return keyGeneratorMac(res, HmacSHA1, key);
+    }
+
+    /**
+     * 使用DES加密算法进行加密（可逆）
+     *
+     * @param res 需要加密的原文
+     * @param key 秘钥
+     * @return
+     */
+    public String DESencode(String res, String key) {
+        return keyGeneratorES(res, DES, key, keysizeDES, true);
+    }
+
+    /**
+     * 对使用DES加密算法的密文进行解密（可逆）
+     *
+     * @param res 需要解密的密文
+     * @param key 秘钥
+     * @return
+     */
+    public String DESdecode(String res, String key) {
+        return keyGeneratorES(res, DES, key, keysizeDES, false);
+    }
+
+    /**
+     * 使用AES加密算法经行加密（可逆）
+     *
+     * @param res 需要加密的密文
+     * @param key 秘钥
+     * @return
+     */
+    public static String AESEncode(String res, String key) {
+        return keyGeneratorES(res, AES, key, keysizeAES, true);
+    }
+
+    /**
+     * 对使用AES加密算法的密文进行解密
+     *
+     * @param res 需要解密的密文
+     * @param key 秘钥
+     * @return
+     */
+    public static String AESDecode(String res, String key) {
+        return keyGeneratorES(res, AES, key, keysizeAES, false);
+    }
+
+    /**
+     * 使用异或进行加密
+     *
+     * @param res 需要加密的密文
+     * @param key 秘钥
+     * @return
+     */
+    public String XORencode(String res, String key) {
+        byte[] bs = res.getBytes();
+        for (int i = 0; i < bs.length; i++) {
+            bs[i] = (byte) ((bs[i]) ^ key.hashCode());
+        }
+        return parseByte2HexStr(bs);
+    }
+
+    /**
+     * 使用异或进行解密
+     *
+     * @param res 需要解密的密文
+     * @param key 秘钥
+     * @return
+     */
+    public String XORdecode(String res, String key) {
+        byte[] bs = parseHexStr2Byte(res);
+        for (int i = 0; i < bs.length; i++) {
+            bs[i] = (byte) ((bs[i]) ^ key.hashCode());
+        }
+        return new String(bs);
+    }
+
+    /**
+     * 直接使用异或（第一调用加密，第二次调用解密）
+     *
+     * @param res 密文
+     * @param key 秘钥
+     * @return
+     */
+    public int XOR(int res, String key) {
+        return res ^ key.hashCode();
+    }
+
+    /**
+     * 使用Base64进行加密
+     *
+     * @param res 密文
+     * @return
+     */
+    public String Base64Encode(String res) {
+        return Base64.encode(res.getBytes());
+    }
+
+    /**
+     * 使用Base64进行解密
+     *
+     * @param res
+     * @return
+     */
+    public String Base64Decode(String res) {
+        return new String(Base64.decode(res));
+    }
+
+}
--- a/manage/ad-platform-management/src/main/java/com/baiye/modules/security/rest/AuthorizationController.java
+++ b/manage/ad-platform-management/src/main/java/com/baiye/modules/security/rest/AuthorizationController.java
@ -20,8 +20,8 @@ import com.baiye.annotation.rest.AnonymousDeleteMapping;
 import com.baiye.annotation.rest.AnonymousGetMapping;
 import com.baiye.annotation.rest.AnonymousPostMapping;
 import com.baiye.config.properties.RsaProperties;
+import com.baiye.constant.AdPlatFormConstants;
 import com.baiye.exception.BadRequestException;
-import com.baiye.manager.UserTokenManager;
 import com.baiye.model.dto.JwtUserDto;
 import com.baiye.modules.security.service.OnlineUserService;
 import com.baiye.modules.security.service.dto.AuthUserDto;
@ -29,10 +29,7 @@ import com.baiye.properties.SecurityProperties;
 import com.baiye.properties.bean.LoginCodeEnum;
 import com.baiye.properties.bean.LoginProperties;
 import com.baiye.security.TokenProvider;
-import com.baiye.util.RedisUtils;
-import com.baiye.util.RsaUtils;
-import com.baiye.util.SecurityUtils;
-import com.baiye.util.StringUtils;
+import com.baiye.util.*;
 import com.google.common.collect.ImmutableMap;
 import com.wf.captcha.base.Captcha;

@ -100,8 +97,7 @@ public class AuthorizationController {
        final JwtUserDto jwtUserDto = (JwtUserDto) authentication.getPrincipal();
        // 保存在线信息
        onlineUserService.save(jwtUserDto, token, request);
-        String jwtTokenString = UserTokenManager.generateToken(jwtUserDto.getUser().getId());
-
+        String jwtTokenString = AESUtils.encrypt(jwtUserDto.getUser().getId().toString(), AdPlatFormConstants.PLATFORM_USER);
        // 返回 token 与 用户信息
        Map<String, Object> authInfo = ImmutableMap.of("token", properties.getTokenStartWith() + token, "jwtToken", jwtTokenString, "user", jwtUserDto);

--- a/manage/ad-platform-management/src/main/java/com/baiye/socket/WebSocketServer.java
+++ b/manage/ad-platform-management/src/main/java/com/baiye/socket/WebSocketServer.java
@ -2,15 +2,16 @@ package com.baiye.socket;

 import cn.hutool.json.JSONObject;
 import cn.hutool.json.JSONUtil;
+import com.baiye.constant.AdPlatFormConstants;
 import com.baiye.constant.DefaultNumberConstants;
 import com.baiye.http.WebSocketResponse;
-import com.baiye.manager.UserTokenManager;
 import com.baiye.model.dto.SendWebSocketDTO;
 import com.baiye.model.enums.ResponseCode;
 import com.baiye.model.enums.WebSocketEnums;
 import com.baiye.modules.system.service.MessageNotificationService;
 import com.baiye.modules.system.service.UserMessageService;
 import com.baiye.modules.system.service.dto.UserMessageDto;
+import com.baiye.util.AESUtils;
 import com.baiye.util.SpringContextHolder;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
@ -33,7 +34,6 @@ import java.util.concurrent.atomic.AtomicInteger;
@Component
@ServerEndpoint(value = "/ws/prosperous")
 public class WebSocketServer {
-    private Long onlineId;

    @PostConstruct
    public void init() {
@ -53,9 +53,9 @@ public class WebSocketServer {
    @OnOpen
    public void onOpen(Session session) {
        Long userId = getUserId(session);
+        log.info("=============== user id  as {} ===================",userId);
        if (userId != null) {
            SESSIONS.put(userId, session);
-            onlineId = userId;
            // 在线数加1
            int cnt = ONLINE_COUNT.incrementAndGet();
            log.info("有连接加入，当前连接用户为 {}，当前连接数为：{}", userId, cnt);
@ -231,7 +231,10 @@ public class WebSocketServer {
        if (queryString != null &&
                StringUtils.isNotBlank(StringUtils.substring(queryString, DefaultNumberConstants.FOURTEEN_NUMBER))) {
            String substring = queryString.substring(DefaultNumberConstants.FOURTEEN_NUMBER);
-            return UserTokenManager.getUserId(substring);
+            String decrypt = AESUtils.decrypt(substring, AdPlatFormConstants.PLATFORM_USER);
+            if (StringUtils.isNotBlank(decrypt)) {
+                return Long.parseLong(decrypt);
+            }
        }
        return null;
    }
@ -263,5 +266,4 @@ public class WebSocketServer {
            e.printStackTrace();
        }
    }
-
 }