b2baccline/ballcat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

调整前后端传输密码加解密模式

Browse Source
This commit is contained in:
b2baccline
2020-07-13 16:51:58 +08:00
parent 71f5c845a2
commit 8e9470726c
1 changed files with 34 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
ballcat-common/ballcat-common-core/src/main/java/com/hccake/ballcat/common/core/util/PasswordUtil.java
View File

@@ -7,11 +7,12 @@ import cn.hutool.crypto.symmetric.AES;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
/** /**
* 前后端交互中密码使用 AES 加密,模式: CBCpadding: PKCS5偏移量暂不定制和密钥相同。 <br/>
* 服务端OAuth2中密码使用BCrypt方式加密
*
* @author Hccake * @author Hccake
* @version 1.0 * @version 1.0
* @date 2019/9/25 15:14 * @date 2019/9/25 15:14
@@ -20,43 +21,49 @@ public class PasswordUtil {
public static final PasswordEncoder ENCODER = new BCryptPasswordEncoder(); public static final PasswordEncoder ENCODER = new BCryptPasswordEncoder();
/**
* 将前端传递过来的密文解密后再进行加密
* @param pass AES加密后的密文
* @param secretKey 密钥
* @return BCrypt加密后的密文密码
*/
public static String decodeAesAndEncodeBCrypt(String pass, String secretKey) { public static String decodeAesAndEncodeBCrypt(String pass, String secretKey) {
return encodeBCrypt(decodeAES(pass, secretKey)); return encodeBCrypt(decodeAES(pass, secretKey));
} }
/**
* 将前端传递过来的密文解密为明文
* @param aesPass AES加密后的密文
* @param secretKey 密钥
* @return 明文密码
*/
public static String decodeAES(String aesPass, String secretKey) { public static String decodeAES(String aesPass, String secretKey) {
byte[] secretKeyBytes = secretKey.getBytes();
AES aes = new AES(Mode.CBC, Padding.NoPadding, new SecretKeySpec(secretKey.getBytes(), "AES"), AES aes = new AES(Mode.CBC, Padding.PKCS5Padding, secretKeyBytes, secretKeyBytes);
new IvParameterSpec(secretKey.getBytes()));
byte[] result = aes.decrypt(Base64.decode(aesPass.getBytes(StandardCharsets.UTF_8))); byte[] result = aes.decrypt(Base64.decode(aesPass.getBytes(StandardCharsets.UTF_8)));
// 删除byte数组中补位产生的\u0000, 否则密码校验时会有问题 // 删除byte数组中补位产生的\u0000, 否则密码校验时会有问题
return new String(result, StandardCharsets.UTF_8).replaceAll("[\u0000]", ""); return new String(result, StandardCharsets.UTF_8).replaceAll("[\u0000]", "");
} }
public static String encodeAESBase64(String pass, String secretKey) { /**
AES aes = new AES(Mode.CBC, Padding.NoPadding, new SecretKeySpec(secretKey.getBytes(), "AES"), * 将明文密码加密为密文
new IvParameterSpec(secretKey.getBytes())); * @param password 明文密码
return aes.encryptBase64(pass, StandardCharsets.UTF_8); * @param secretKey 密钥
* @return AES加密后的密文
*/
public static String encodeAESBase64(String password, String secretKey) {
byte[] secretKeyBytes = secretKey.getBytes();
AES aes = new AES(Mode.CBC, Padding.PKCS5Padding, secretKeyBytes, secretKeyBytes);
return aes.encryptBase64(password, StandardCharsets.UTF_8);
} }
public static String encodeBCrypt(String pass) { /**
return ENCODER.encode(pass); * 使用BCrypt加密密码
} * @param password 明文密码
* @return BCrypt加密后的密码
public static void main(String[] args) { */
public static String encodeBCrypt(String password) {
System.out.println(decodeAES("4Yj0Jfy+MjEW/RGafIoEJA==", "==BallCat-Auth==")); return ENCODER.encode(password);
;
String pass = "a123456";
String password = ENCODER.encode(pass);
System.out.println(password);
System.out.println(ENCODER.matches(pass, password));
System.out.println(ENCODER.matches(pass, "$2a$10$YJDXeAsk7FjQQVTdutIat.rPR3p3uUPWmZyhtnRDOrIjPujOAUrla"));
} }
} }