diff --git a/src/main/java/com/chinaunicom/mall/ebtp/extend/shortmessage/controller/BizShortMessageController.java b/src/main/java/com/chinaunicom/mall/ebtp/extend/shortmessage/controller/BizShortMessageController.java index 71680d7..6320859 100644 --- a/src/main/java/com/chinaunicom/mall/ebtp/extend/shortmessage/controller/BizShortMessageController.java +++ b/src/main/java/com/chinaunicom/mall/ebtp/extend/shortmessage/controller/BizShortMessageController.java @@ -3,6 +3,8 @@ package com.chinaunicom.mall.ebtp.extend.shortmessage.controller; import com.chinaunicom.mall.ebtp.common.base.entity.BaseResponse; import com.chinaunicom.mall.ebtp.extend.shortmessage.entity.SmsSendRequest; +import com.chinaunicom.mall.ebtp.extend.shortmessage.utils.RSA; +import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Value; import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.PathVariable; @@ -20,12 +22,14 @@ import com.chinaunicom.mall.ebtp.extend.shortmessage.entity.BizShortMessage; import com.chinaunicom.mall.ebtp.extend.shortmessage.service.BizShortMessageService; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.baomidou.mybatisplus.core.toolkit.Wrappers; - +@Slf4j @RestController @Api(value = "多因素短信发送记录") @RequestMapping("/v1/bizshortmessage") public class BizShortMessageController{ + @Value("${jury.loginCheck.privateKey}") + private String privateKey; @Resource private BizShortMessageService iBizShortMessageService; @@ -41,7 +45,10 @@ public class BizShortMessageController{ */ @PostMapping("/send/authCode") public BaseResponse authCodeSend(@RequestParam String mobile){ - return BaseResponse.success(iBizShortMessageService.authCodeSend(mobile)); + log.info("解密前:"+mobile); + String value = RSA.decrypt(mobile,privateKey); + log.info("解密后:"+value); + return BaseResponse.success(iBizShortMessageService.authCodeSend(value)); } /** diff --git a/src/main/java/com/chinaunicom/mall/ebtp/extend/shortmessage/utils/RSA.java b/src/main/java/com/chinaunicom/mall/ebtp/extend/shortmessage/utils/RSA.java new file mode 100644 index 0000000..aeb87af --- /dev/null +++ b/src/main/java/com/chinaunicom/mall/ebtp/extend/shortmessage/utils/RSA.java @@ -0,0 +1,363 @@ +package com.chinaunicom.mall.ebtp.extend.shortmessage.utils; + +import com.chinaunicom.mall.ebtp.common.exception.common.CommonExceptionEnum; + +import javax.crypto.Cipher; +import java.security.*; +import java.security.interfaces.RSAPrivateKey; +import java.security.interfaces.RSAPublicKey; +import java.security.spec.PKCS8EncodedKeySpec; +import java.security.spec.X509EncodedKeySpec; +import java.util.Base64; +import java.util.HashMap; +import java.util.Map; + +public class RSA { + + public static final String KEY_ALGORITHM = "RSA"; + public static final String SIGNATURE_ALGORITHM = "MD5withRSA"; + + private static final String PUBLIC_KEY = "RSAPublicKey"; + private static final String PRIVATE_KEY = "RSAPrivateKey"; + + /** + * 初始化密钥 + * + * @return + * @throws Exception + */ + public static Map initKey() throws Exception { + KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(KEY_ALGORITHM); + keyPairGen.initialize(1024); + KeyPair keyPair = keyPairGen.generateKeyPair(); + + // 公钥 + RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); +// logger.info("------" + publicKey); + // 私钥 + RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate(); +// logger.info("------" + publicKey); + + Map keyMap = new HashMap (2); + + keyMap.put(PUBLIC_KEY, publicKey); + keyMap.put(PRIVATE_KEY, privateKey); + return keyMap; + } + + /** + * 取得私钥 + * + * @param keyMap + * @return + * @throws Exception + */ + public static String getPrivateKey(Map keyMap) + throws Exception { + Key key = (Key) keyMap.get(PRIVATE_KEY); + return encryptBASE64(key.getEncoded()); + } + + /** + * 取得公钥 + * + * @param keyMap + * @return + * @throws Exception + */ + public static String getPublicKey(Map keyMap) + throws Exception { + Key key = (Key) keyMap.get(PUBLIC_KEY); + return encryptBASE64(key.getEncoded()); + } + + + /** + * 解密
+ * 用私钥解密 + * + * @param data + * @param key + * @return + * @throws Exception + */ + public static byte[] decryptByPrivateKey(byte[] data, String key) + throws Exception { + // 对密钥解密 + byte[] keyBytes = decryptBASE64(key); + + // 取得私钥 + PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes); + KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); + Key privateKey = keyFactory.generatePrivate(pkcs8KeySpec); + + // 对数据解密 + Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); + cipher.init(Cipher.DECRYPT_MODE, privateKey); + + return cipher.doFinal(data); + } + /** + * 解密
+ * 用私钥解密 + * + * @param data + * @param key + * @return + * @throws Exception + */ + public static String decryptByPrivateKeyString(byte[] data, String key) + throws Exception { + return new String(decryptByPrivateKey(data, key)); + } + + + /** + * 解密
+ * 用公钥解密 + * + * @param data + * @param key + * @return + * @throws Exception + */ + public static byte[] decryptByPublicKey(byte[] data, String key) + throws Exception { + // 对密钥解密 + byte[] keyBytes = decryptBASE64(key); + + // 取得公钥 + X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes); + KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); + Key publicKey = keyFactory.generatePublic(x509KeySpec); + + // 对数据解密 + Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); + cipher.init(Cipher.DECRYPT_MODE, publicKey); + + return cipher.doFinal(data); + } + + /** + * 加密
+ * 用公钥加密 + * + * @param data + * @param key + * @return + * @throws Exception + */ + public static byte[] encryptByPublicKey(byte[] data, String key) + throws Exception { + // 对公钥解密 + byte[] keyBytes = decryptBASE64(key); + + // 取得公钥 + X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes); + KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); + Key publicKey = keyFactory.generatePublic(x509KeySpec); + + // 对数据加密 + Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); + cipher.init(Cipher.ENCRYPT_MODE, publicKey); + + return cipher.doFinal(data); + } + + /** + * 加密
+ * 用私钥加密 + * + * @param data + * @param key + * @return + * @throws Exception + */ + public static byte[] encryptByPrivateKey(byte[] data, String key) + throws Exception { + // 对密钥解密 + byte[] keyBytes = decryptBASE64(key); + + // 取得私钥 + PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes); + KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); + Key privateKey = keyFactory.generatePrivate(pkcs8KeySpec); + + // 对数据加密 + Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); + cipher.init(Cipher.ENCRYPT_MODE, privateKey); + + return cipher.doFinal(data); + } + + /** + * 用私钥对信息生成数字签名 + * + * @param data + * 加密数据 + * @param privateKey + * 私钥 + * + * @return + * @throws Exception + */ + public static String sign(byte[] data, String privateKey) throws Exception { + // 解密由base64编码的私钥 + byte[] keyBytes = decryptBASE64(privateKey); + + // 构造PKCS8EncodedKeySpec对象 + PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes); + + // KEY_ALGORITHM 指定的加密算法 + KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); + + // 取私钥匙对象 + PrivateKey priKey = keyFactory.generatePrivate(pkcs8KeySpec); + + // 用私钥对信息生成数字签名 + Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM); + signature.initSign(priKey); + signature.update(data); + + return encryptBASE64(signature.sign()); + } + + /** + * 校验数字签名 + * + * @param data + * 加密数据 + * @param publicKey + * 公钥 + * @param sign + * 数字签名 + * + * @return 校验成功返回true 失败返回false + * @throws Exception + * + */ + public static boolean verify(byte[] data, String publicKey, String sign) + throws Exception { + + // 解密由base64编码的公钥 + byte[] keyBytes = decryptBASE64(publicKey); + + // 构造X509EncodedKeySpec对象 + X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes); + + // KEY_ALGORITHM 指定的加密算法 + KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); + + // 取公钥匙对象 + PublicKey pubKey = keyFactory.generatePublic(keySpec); + + Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM); + signature.initVerify(pubKey); + signature.update(data); + + // 验证签名是否正常 + return signature.verify(decryptBASE64(sign)); + } + + public static byte[] decryptBASE64(String key) throws Exception { + return Base64.getDecoder().decode(key); + } + + public static String encryptBASE64(byte[] key) throws Exception { + return Base64.getEncoder().encodeToString(key); + } + + public static String encrypt(String value,String publicKey){ + try { + String v = encryptBASE64(RSA.encryptByPublicKey(value.getBytes(), publicKey)); + return v; + }catch (Exception e){ + CommonExceptionEnum.FRAME_EXCEPTION_COMMON_DATA_OTHER_ERROR.customValidName("加密异常", true); + } + return ""; + } + public static String decrypt(String value,String privateKey){ + try { + byte[] decodedData = decryptByPrivateKey(decryptBASE64(value), privateKey); + String target = new String(decodedData); + return target; + }catch (Exception e){ + CommonExceptionEnum.FRAME_EXCEPTION_COMMON_DATA_OTHER_ERROR.customValidName("解密异常", true); + } + return ""; + } + + public static void main(String[] args) { + Map keyMap; + try { + //Map map = initKey(); + //System.out.println(map); + keyMap = initKey(); + System.out.println(keyMap); + //取得公钥和么私钥 + //keyMap = initKey(); + String publicKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCgkWYQFjlRrCsQQBNZj6uo8KEQamePmxaC6O4JI5SoELnXPlTCJIlQTG1Xzn/ajqjDV4/5ZmZAH+auST4j9L5qH8qnoxT1AN+yhUY6hMV9qxF00e1gBc81mYJO2nwwaQjRsGEoq86e9dP1zX5kOk8vMZN6/g508a1K2IWNwpGp0wIDAQAB"; + //String publicKey = getPublicKey(keyMap); + System.out.println("字符类型公钥:" + publicKey); + + String privateKey = "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAKCRZhAWOVGsKxBAE1mPq6jwoRBqZ4+bFoLo7gkjlKgQudc+VMIkiVBMbVfOf9qOqMNXj/lmZkAf5q5JPiP0vmofyqejFPUA37KFRjqExX2rEXTR7WAFzzWZgk7afDBpCNGwYSirzp710/XNfmQ6Ty8xk3r+DnTxrUrYhY3CkanTAgMBAAECgYA8WMkqLKAYUQPSVLKxC20xzlZKbCNF9rzMMK0d5DB/xeGCwxtp5/9vnXnO8X5d7xYAbM1gp5qwaQzy3fYr31UcxHiFTcZMgvN6z32FNBEkejCLaKIFZjaMBn36dStdzpAP+OOclwpXDGpGQO0UKLKshAfl5dsS+fq+nHpOugz52QJBAPUCG9Xzy5TrMiqL9n1TLe1qR+ALfELZHFheevIkyShJtcqlte8u640H0CHDXF9lniisMFn4xChqkxiTUsees58CQQCnxYDP+JfmqORO4Cx2DLCCqOpaOkuxdZo8eSh80s3zbmtdqoMpeYZglVNLuSYKNul8WWF3qeGqcnLULDE6P31NAkEAtSLt+WvYoyyPVi1L+rO4TMI6iUV0hOeGsT6InuTbY1G7eSqyKzcBJq8UDSIl9NFn8KH8zUfBni/MuGqS1Mpb+QJATiPTBwpF1Yy8KXCHxMPMQk7iN/wG3TRlDd1wWhLlEYhQQWP1iw+q4rkp/o7RhNhmjyAiIVXiYTzE9sVOeE6x0QJBAJYmBmOKfxw3rzpjDU+e9I6w0AbpiBzlnviEToZfnDwVH9mjF++H/wDRTDqozIiAE2aN/wqXwqhoWGgVWMlp9Xc="; + // String privateKey = getPrivateKey(keyMap);// + System.out.println("字符类型私钥:" + privateKey); + + System.out.println("公钥加密——私钥解密---------------"); + System.out.println(""); + String source = "220101199902020022"; + System.out.println("\r加密前文字:\r\n" + source); + byte[] data = source.getBytes(); + byte[] encodedData = encryptByPublicKey(data, publicKey); + System.out.println("加密后文字:\r\n" + encryptBASE64(encodedData)); + byte[] decodedData = decryptByPrivateKey(encodedData, privateKey); + String target = new String(decodedData); + System.out.println("解密后文字: \r\n" + target); + +// System.out.println("私钥加密——公钥解密--------------"); +// String source1 = "这是一行测试RSA数字签名的无意义文字"; +// System.out.println("原文字:\r\n" + source1); +// byte[] data1 = source1.getBytes(); +// byte[] encodedData1 = encryptByPrivateKey(data1, privateKey); +// System.out.println("加密后:\r\n" + new String(encodedData1)); +// byte[] decodedData1 = decryptByPublicKey(encodedData1, publicKey); +// String target1 = new String(decodedData1); +// System.out.println("解密后: \r\n" + target1); +// System.out.println("私钥签名——公钥验证签名------------------"); +// String sign = sign(encodedData, privateKey); +// System.out.println("签名:\r" + sign); +// boolean status = verify(encodedData, publicKey, sign); +// System.out.println("验证结果:\r" + status); +//// //对内容进行加密和解密 +// String str = "zqb1231456"; +// byte[] strByte = str.getBytes(); +//// //私钥加密 +// byte[] encode = encryptByPrivateKey(strByte,privateKey); +// System.out.println("私钥加密结果:" + encryptBASE64(encode)); +// //公钥解密 +// byte[] decode = decryptByPublicKey(encode,publicKey); +// System.out.println("公钥解密结果:" + new String(decode)); + + } catch (Exception e) { + e.printStackTrace(); + } + } + + + /** + * String转私钥PrivateKey + * + * @param key + * @return + * @throws Exception + */ + public static PrivateKey getPrivateKey(String key) throws Exception { + byte[] keyBytes; + keyBytes = org.apache.commons.codec.binary.Base64.decodeBase64(key); + PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes); + KeyFactory keyFactory = KeyFactory.getInstance("RSA"); + PrivateKey privateKey = keyFactory.generatePrivate(keySpec); + return privateKey; + } +}