dushitaoyuan/javaweb_security_handle
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

调整rsa,增加aes

Browse Source
This commit is contained in:
dushitaoyuan
2020-01-20 12:57:32 +08:00
parent 158fcf36fd
commit 3d886a5185
7 changed files with 229 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/main/java/com/taoyuanx/securitydemo/security/ratelimit/GuavaRateLimiter.java
View File

@@ -22,8 +22,9 @@ public class GuavaRateLimiter extends AbstractRateLimiter {
/**
* 总数限流到0后,标记,会有些许误判,不在乎内存的话,可用hashset存
*/
private BloomFilter<CharSequence> TOTAL_LIMIT_ZERO_FLAG = BloomFilter.create(Funnels.stringFunnel(Charset.defaultCharset()), MAX_HOLDER_SIZE * 20);
private BloomFilter<CharSequence> TOTAL_LIMIT_ZERO_FLAG = BloomFilter.create(Funnels.stringFunnel(Charset.defaultCharset()), MAX_HOLDER_SIZE * 20, 0.001);
@Override
public boolean doTryAcquire(int permits, String key, Double limit) {
//超过固定阈值,清空,重构
if (rateHolder.size() > MAX_HOLDER_SIZE) {
@@ -32,8 +33,9 @@ public class GuavaRateLimiter extends AbstractRateLimiter {
RateLimiter rateLimiter = null;
if (rateHolder.containsKey(key)) {
rateLimiter = rateHolder.get(key);
} else {
rateLimiter = RateLimiter.create(limit);
}
rateLimiter = RateLimiter.create(limit);
rateHolder.putIfAbsent(key, rateLimiter);
return rateLimiter.tryAcquire(permits);
}

70
src/main/java/com/taoyuanx/securitydemo/utils/AesUtil.java Normal file
View File

@@ -0,0 +1,70 @@
package com.taoyuanx.securitydemo.utils;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.InputStream;
import java.io.OutputStream;
/**
* @author dushitaoyuan
* @desc aes 加密
* @date 2020/1/20
*/
public class AesUtil {
private static final byte[] iv = "0000000000000000".getBytes();
private static final String AES_MODE = "AES/CBC/PKCS5Padding";
private static Integer cacheSize = 1024 * 1024;
public static byte[] encrypt(byte[] data, String password) throws Exception {
SecretKeySpec key = new SecretKeySpec(password.getBytes(), "AES");
Cipher cipher = Cipher.getInstance(AES_MODE);
cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv));
byte[] result = cipher.doFinal(data);
return result;
}
public static byte[] decrypt(byte[] data, String password) throws Exception {
SecretKeySpec key = new SecretKeySpec(password.getBytes(), "AES");
Cipher cipher = Cipher.getInstance(AES_MODE);
cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv));
byte[] result = cipher.doFinal(data);
return result;
}
public static void encrypt(InputStream dataStream, String password, OutputStream encodeStream) throws Exception {
SecretKeySpec key = new SecretKeySpec(password.getBytes(), "AES");
Cipher cipher = Cipher.getInstance(AES_MODE);
cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv));
CipherInputStream cipherInputStream = new CipherInputStream(dataStream, cipher);
byte[] buf = new byte[cacheSize];
int len = 0;
while ((len = cipherInputStream.read(buf)) != -1) {
encodeStream.write(buf, 0, len);
encodeStream.flush();
}
encodeStream.close();
cipherInputStream.close();
}
public static void decrypt(InputStream encodeStream, String password, OutputStream decodeStream) throws Exception {
SecretKeySpec key = new SecretKeySpec(password.getBytes(), "AES");
Cipher cipher = Cipher.getInstance(AES_MODE);
cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv));
CipherOutputStream cipherOutputStream = new CipherOutputStream(decodeStream, cipher);
byte[] buf = new byte[cacheSize];
int len = 0;
while ((len = encodeStream.read(buf)) != -1) {
cipherOutputStream.write(buf, 0, len);
cipherOutputStream.flush();
}
cipherOutputStream.close();
decodeStream.close();
encodeStream.close();
}
}

52
src/main/java/com/taoyuanx/securitydemo/utils/RSAUtil.java
View File

@@ -98,12 +98,12 @@ public final class RSAUtil {
int key_len = publicKey.getModulus().bitLength() / 8;
// 加密数据长度 <= 模长-11,如果明文长度大于模长-11则要分组加密
key_len -= 11;
byte[] dataReturn = null;
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
for (int i = 0; i < data.length; i += key_len) {
byte[] doFinal = cipher.doFinal(HelperUtil.subarray(data, i, i + key_len));
dataReturn = HelperUtil.addAll(dataReturn, doFinal);
outputStream.write(doFinal);
}
return dataReturn;
return outputStream.toByteArray();
}
@@ -139,37 +139,55 @@ public final class RSAUtil {
}
public static void encryptByPublicKey(InputStream data, RSAPublicKey publicKey, OutputStream encodeStream) throws Exception {
public static void encryptByPublicKey(InputStream dataStream, RSAPublicKey publicKey, OutputStream encodeStream) throws Exception {
if (null == publicKey) {
throw new Exception("rsa publicKey is null");
}
Cipher cipher = Cipher.getInstance(ENCRYPT_TYPE_RSA);
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
CipherInputStream cipherInputStream = new CipherInputStream(data, cipher);
int buffSize = 4 << 20;
// 计算分组长度
int key_len = publicKey.getModulus().bitLength() / 8 - 11;
int buffSize = key_len * 1024;
byte[] buf = new byte[buffSize];
int len = 0;
while ((len = cipherInputStream.read(buf)) != -1) {
encodeStream.write(buf, 0, len);
int len = 0, end = 0;
while ((len = dataStream.read(buf)) != -1) {
for (int start = 0; start < len; start += key_len) {
end = start + key_len;
if (end > len) {
end = len;
}
byte[] doFinal = cipher.doFinal(HelperUtil.subarray(buf, start, end));
encodeStream.write(doFinal, 0, doFinal.length);
}
}
cipherInputStream.close();
dataStream.close();
encodeStream.close();
}
public static void decryptByPrivateKey(InputStream data, RSAPrivateKey privateKey, OutputStream decodeStream) throws Exception {
public static void decryptByPrivateKey(InputStream dataStream, RSAPrivateKey privateKey, OutputStream decodeStream) throws Exception {
if (null == privateKey) {
throw new Exception("rsa privateKey is null");
}
Cipher cipher = Cipher.getInstance(ENCRYPT_TYPE_RSA);
cipher.init(Cipher.DECRYPT_MODE, privateKey);
CipherOutputStream cipherOutputStream = new CipherOutputStream(decodeStream, cipher);
int buffSize = 4 << 20;
// 计算分组长度
int key_len = privateKey.getModulus().bitLength() / 8;
int buffSize = key_len * 1024;
byte[] buf = new byte[buffSize];
int len = 0;
while ((len = data.read(buf)) != -1) {
cipherOutputStream.write(buf, 0, len);
int len = 0, end = 0;
while ((len = dataStream.read(buf)) != -1) {
for (int start = 0; start < len; start += key_len) {
end = start + key_len;
if (end > len) {
end = len;
}
byte[] doFinal = cipher.doFinal(HelperUtil.subarray(buf, start, end));
decodeStream.write(doFinal, 0, doFinal.length);
}
}
cipherOutputStream.close();
dataStream.close();
decodeStream.close();
}

31
src/test/java/com/taoyuanx/securitydemo/BoomFilterTest.java
View File

@@ -10,6 +10,9 @@ import org.springframework.expression.common.TemplateParserContext;
import org.springframework.expression.spel.standard.SpelExpressionParser;
import org.springframework.expression.spel.support.StandardEvaluationContext;
import java.math.RoundingMode;
import java.text.DecimalFormat;
import java.text.NumberFormat;
import java.util.HashMap;
import java.util.Map;
@@ -22,28 +25,36 @@ public class BoomFilterTest {
@Test
public void failedCountTest() {
int batch = 10000000;
BloomFilter bloomFilter = BloomFilter.create(Funnels.integerFunnel(), batch);
int batch = 100000;
BloomFilter bloomFilter = BloomFilter.create(Funnels.integerFunnel(), batch, 0.0001);
for (int i = 0; i < batch; i++) {
bloomFilter.put(i);
}
int count = 0;
for (int i = 0; i < batch; i++) {
if (!bloomFilter.mightContain(i)) {
System.out.println("failed\t" + i);
int count = 0, max = batch * 10;
for (int i = 0; i < max; i++) {
if (i < batch && !bloomFilter.mightContain(i)) {
System.out.println("误判 \t" + i);
count++;
}
if (i > batch && bloomFilter.mightContain(i)) {
System.out.println("误判 \t" + i);
count++;
}
}
System.out.println("失败次数:" + count);
System.out.println("失败次数:" + count + "错误率:" + PercentUtil.percent(Double.valueOf(count), Double.valueOf(max), 2));
}
@Test
public void testEl(){
String el="${m}";
public void testEl() {
String el = "${m}";
ExpressionParser parser = new SpelExpressionParser();
EvaluationContext context = new StandardEvaluationContext();
context.setVariable("m","1234");
context.setVariable("m", "1234");
Expression expression = parser.parseExpression(el);

44
src/test/java/com/taoyuanx/securitydemo/CertTest.java
View File

@@ -1,44 +0,0 @@
package com.taoyuanx.securitydemo;
import com.taoyuanx.securitydemo.utils.HashUtil;
import com.taoyuanx.securitydemo.utils.HelperUtil;
import com.taoyuanx.securitydemo.utils.RSAUtil;
import org.junit.Test;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.KeyStore;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
/**
* @author dushitaoyuan
* @date 2020/1/15
*/
public class CertTest {
@Test
public void rsaTest() throws Exception {
KeyStore keyStore = RSAUtil.getKeyStore("d://client.p12", "123456");
RSAPublicKey publicKey = RSAUtil.getPublicKey(keyStore);
RSAUtil.getPrivateKey(keyStore, "123456");
}
@Test
public void rsaDecodeFileTest() throws Exception {
KeyStore keyStore = RSAUtil.getKeyStore("d://client.p12", "123456");
RSAPublicKey publicKey = RSAUtil.getPublicKey(keyStore);
RSAPrivateKey privateKey = RSAUtil.getPrivateKey(keyStore, "123456");
String srcFile = "d://demo.pdf", encodeFile = "d://demo_encode.pdf", decodeFile = "d://demo_decode.pdf";
String fileHash = HashUtil.hash(new FileInputStream(srcFile), HashUtil.MD5, HashUtil.HEX);
RSAUtil.encryptByPublicKey(new FileInputStream(srcFile), publicKey, new FileOutputStream(encodeFile));
RSAUtil.decryptByPrivateKey(new FileInputStream(encodeFile), privateKey, new FileOutputStream(decodeFile));
String fileEncodeHash = HashUtil.hash(new FileInputStream(decodeFile), HashUtil.MD5, HashUtil.HEX);
System.out.println(fileHash.equals(fileEncodeHash));
}
}

80
src/test/java/com/taoyuanx/securitydemo/EncodeTest.java Normal file
View File

@@ -0,0 +1,80 @@
package com.taoyuanx.securitydemo;
import com.google.common.base.Charsets;
import com.google.common.hash.HashCode;
import com.google.common.hash.Hashing;
import com.taoyuanx.securitydemo.utils.AesUtil;
import com.taoyuanx.securitydemo.utils.HashUtil;
import com.taoyuanx.securitydemo.utils.RSAUtil;
import org.apache.commons.io.FileUtils;
import org.junit.Test;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.KeyStore;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
/**
* @author dushitaoyuan
* @date 2020/1/15
*/
public class EncodeTest {
@Test
public void rsaTest() throws Exception {
KeyStore keyStore = RSAUtil.getKeyStore("d://client.p12", "123456");
RSAPublicKey publicKey = RSAUtil.getPublicKey(keyStore);
RSAUtil.getPrivateKey(keyStore, "123456");
}
@Test
public void rsaDecodeFileTest() throws Exception {
KeyStore keyStore = RSAUtil.getKeyStore("d://client.p12", "123456");
RSAPublicKey publicKey = RSAUtil.getPublicKey(keyStore);
RSAPrivateKey privateKey = RSAUtil.getPrivateKey(keyStore, "123456");
String srcFile = "d://demo.pdf", encodeFile = "d://demo_encode.pdf", decodeFile = "d://demo_decode.pdf";
String fileHash = HashUtil.hash(new FileInputStream(srcFile), HashUtil.MD5, HashUtil.HEX);
RSAUtil.encryptByPublicKey(new FileInputStream(srcFile), publicKey, new FileOutputStream(encodeFile));
RSAUtil.decryptByPrivateKey(new FileInputStream(encodeFile), privateKey, new FileOutputStream(decodeFile));
String fileEncodeHash = HashUtil.hash(new FileInputStream(decodeFile), HashUtil.MD5, HashUtil.HEX);
System.out.println(fileHash.equals(fileEncodeHash));
}
@Test
public void rsaFileTest() throws Exception {
KeyStore keyStore = RSAUtil.getKeyStore("d://client.p12", "123456");
RSAPublicKey publicKey = RSAUtil.getPublicKey(keyStore);
RSAPrivateKey privateKey = RSAUtil.getPrivateKey(keyStore, "123456");
String srcFile = "d://demo.pdf", encodeFile = "d://demo_encode.pdf", decodeFile = "d://demo_decode.pdf";
String fileHash = HashUtil.hash(new FileInputStream(srcFile), HashUtil.MD5, HashUtil.HEX);
byte[] bytes = RSAUtil.encryptByPublicKey(FileUtils.readFileToByteArray(new File(srcFile)), publicKey);
FileUtils.writeByteArrayToFile(new File(encodeFile), bytes);
bytes = RSAUtil.decryptByPrivateKey(bytes, privateKey);
FileUtils.writeByteArrayToFile(new File(decodeFile), bytes);
String fileEncodeHash = HashUtil.hash(new FileInputStream(decodeFile), HashUtil.MD5, HashUtil.HEX);
System.out.println(fileHash.equals(fileEncodeHash));
}
@Test
public void aesFileTest() throws Exception {
String srcFile = "d://demo.pdf", encodeFile = "d://demo_encode.pdf", decodeFile = "d://demo_decode.pdf";
String password="1234567812345678";
String fileHash = HashUtil.hash(new FileInputStream(srcFile), HashUtil.MD5, HashUtil.HEX);
AesUtil.encrypt(new FileInputStream(srcFile), password, new FileOutputStream(encodeFile));
AesUtil.decrypt(new FileInputStream(encodeFile), password, new FileOutputStream(decodeFile));
String fileEncodeHash = HashUtil.hash(new FileInputStream(decodeFile), HashUtil.MD5, HashUtil.HEX);
System.out.println(fileHash.equals(fileEncodeHash));
}
}

19
src/test/java/com/taoyuanx/securitydemo/PercentUtil.java Normal file
View File

@@ -0,0 +1,19 @@
package com.taoyuanx.securitydemo;
import java.math.RoundingMode;
import java.text.DecimalFormat;
import java.text.NumberFormat;
/**
* @author dushitaoyuan
* @date 2020/1/20
*/
public class PercentUtil {
public static String percent(double num, double total, int scale) {
DecimalFormat format = (DecimalFormat) NumberFormat.getPercentInstance();
format.setMaximumFractionDigits(scale);
format.setRoundingMode(RoundingMode.HALF_UP);
double percent = num / total;
return format.format(percent);
}
}