Home Explore Help
Register Sign In
xiongzhu
/
O2OA
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

'修改了服务器起动时config.json增加了publicKey,修改密码增加RSA功能'

o2wwx 5 years ago
parent
eb5913055e
commit
05e7a9f082
4 changed files with 105 additions and 66 deletions
Split View Show Diff Stats
  1. 55 0
      o2server/x_base_core_project/src/main/java/com/x/base/core/project/tools/Crypto.java
  2. 8 1
      o2server/x_console/src/main/java/com/x/server/console/server/web/WebServerTools.java
  3. 1 58
      o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionCaptchaLogin.java
  4. 41 7
      o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/person/ActionSetPassword.java

+ 55 - 0
o2server/x_base_core_project/src/main/java/com/x/base/core/project/tools/Crypto.java
View File 

@@ -20,6 +20,8 @@ import org.apache.commons.codec.binary.Base64;
 
 import org.apache.commons.lang3.ArrayUtils;
 
 import org.apache.commons.lang3.StringUtils;
 
 
+import com.x.base.core.project.config.Config;
 
+
 
 public class Crypto {
 
 
 	private static final String utf8 = "UTF-8";
 
@@ -116,6 +118,59 @@ public class Crypto {
 
 		}
 
 	}
 
 
+	//用户登入解密 转成Base64	
+	public static String decryptRSA(String strDecrypt) {
 
+		String privateKey;
 
+		String decrypt = null;
 
+		try {
 
+			privateKey = getPrivateKey();
 
+		    decrypt = Crypto.rsaDecrypt(strDecrypt, privateKey);
 
+		} catch (Exception e) {
 
+			e.printStackTrace();
 
+		}
 
+		return decrypt;
 
+	}
 
+	//转成Base64	
+	public static String encryptRSA(String strEncrypt) {
 
+		String encrypt = null;
 
+		try {
 
+			 String publicKey = Config.publicKey();
 
+			 byte[] publicKeyB = Base64.decodeBase64(publicKey);
 
+			 
+			encrypt = Crypto.rsaEncrypt(strEncrypt,new String(Base64.encodeBase64(publicKeyB)));
 
+		} catch (Exception e) {
 
+			e.printStackTrace();
 
+		}
 
+		return encrypt;
 
+	}
 
+	
+	//转成Base64			
+	public static String  getPublicKey() {
 
+		String publicKey = "";
 
+		 try {
 
+			 publicKey = Config.publicKey();
 
+			 byte[] publicKeyB = Base64.decodeBase64(publicKey);
 
+			 publicKey = new String(Base64.encodeBase64(publicKeyB));
 
+			 
+		} catch (Exception e) {
 
+			e.printStackTrace();
 
+		}
 
+		return publicKey;
 
+	}
 
+	
+	//转成Base64		
+	public static String  getPrivateKey() {
 
+		 String privateKey = "";
 
+		 try {
 
+			 privateKey = Config.privateKey();
 
+			 byte[] privateKeyB = Base64.decodeBase64(privateKey);
 
+			 privateKey = new String(Base64.encodeBase64(privateKeyB));
 
+		} catch (Exception e) {
 
+			e.printStackTrace();
 
+		}
 
+		return privateKey;
 
+	}
 
+	
 	public static final String TEST_PUBLIC_KEY = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCWcVZIS57VeOUzi8c01WKvwJK9uRe6hrGTUYmF6J/pI6/UvCbdBWCoErbzsBZOElOH8Sqal3vsNMVLjPYClfoDyYDaUlakP3ldfnXJzAFJVVubF53KadG+fwnh9ZMvxdh7VXVqRL3IQBDwGgzX4rmSK+qkUJjc3OkrNJPB7LLD8QIDAQAB";
 
 	public static final String TEST_PRIVATE_KEY = "MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAJZxVkhLntV45TOLxzTVYq/Akr25F7qGsZNRiYXon+kjr9S8Jt0FYKgStvOwFk4SU4fxKpqXe+w0xUuM9gKV+gPJgNpSVqQ/eV1+dcnMAUlVW5sXncpp0b5/CeH1ky/F2HtVdWpEvchAEPAaDNfiuZIr6qRQmNzc6Ss0k8HsssPxAgMBAAECgYAWtRy05NUgm5Lc6Og0jVDL/mEnydxPBy2ectwzHh2k7wIHNi8XhUxFki2TMqzrM9Dv3/LySpMl4AE3mhs34LNPy6F+MwyF5X7j+2Y6MflJyeb9HNyT++viysQneoOEiOk3ghxF2/GPjpiEF79wSp+1YKTxRAyq7ypV3t35fGOOEQJBANLDPWl8b5c3lrcz/dTamMjHbVamEyX43yzQOphzkhYsz4pruATzTxU+z8/zPdEqHcWWV39CP3xu3EYNcAhxJW8CQQC2u7PF5Xb1xYRCsmIPssFxil64vvdUadSxl7GLAgjQ9ULyYWB24KObCEzLnPcT8Pf2Q0YQOixxa/78FuzmgbyfAkA7ZFFV/H7lugB6t+f7p24OhkRFep9CwBMD6dnZRBgSr6X8d8ZvfrD2Z7DgBMeSva+OEoOtlNmXExZ3lynO9zN5AkAVczEmIMp3DSl6XtAuAZC9kD2QODJ2QToLYsAfjiyUwsWKCC43piTuVOoW2KUUPSwOR1VZIEsJQWEcHGDQqhgHAkAeZ7a6dVRZFdBwKA0ADjYCufAW2cIYiVDQBJpgB+kiLQflusNOCBK0FT3lg8BdUSy2D253Ih6l3lbaM/4M7DFQ";

+ 8 - 1
o2server/x_console/src/main/java/com/x/server/console/server/web/WebServerTools.java
View File 

@@ -193,7 +193,14 @@ public class WebServerTools extends JettySeverTools {
 
 			/* 密码规则 */
 
 		    map.put("passwordRegex",Config.person().getPasswordRegex() );
 
 			map.put("passwordRegexHint", Config.person().getPasswordRegexHint());
 
-		
+			
+		    /*RSA*/
 
+			File publicKeyFile = new File(Config.base(), "config/public.key");
 
+			if (publicKeyFile.exists() && publicKeyFile.isFile()) {
 
+					String publicKey = FileUtils.readFileToString(publicKeyFile, "utf-8");
 
+					map.put("publicKey", publicKey);
 
+			}
 
+			
 			FileUtils.writeStringToFile(file, gson.toJson(map), DefaultCharset.charset);
 
 		}
 
 	}

+ 1 - 58
o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionCaptchaLogin.java
View File 

@@ -42,7 +42,7 @@ class ActionCaptchaLogin extends BaseAction {
 
 			//RSA解秘
 
 			if (!StringUtils.isEmpty(isEncrypted)) {
 
 				if(isEncrypted.trim().equalsIgnoreCase("y")) {
 
-			    	password = decryptRSA(password);
 
+			    	password = Crypto.decryptRSA(password);
 
 				}
 
 			}
 
 			
@@ -115,63 +115,6 @@ class ActionCaptchaLogin extends BaseAction {
 
 		}
 
 	}
 
 
-	 //加密
 
-		public String encryptRSA(String strEncrypt) {
 
-			String encrypt = null;
 
-			try {
 
-				 String publicKey = Config.publicKey();
 
-				 byte[] publicKeyB = Base64.decodeBase64(publicKey);
 
-				 
-				encrypt = Crypto.rsaEncrypt(strEncrypt,new String(Base64.encodeBase64(publicKeyB)));
 
-			} catch (Exception e) {
 
-				e.printStackTrace();
 
-			}
 
-		
-			return encrypt;
 
-		}
 
-		
-		//解密
 
-		public String decryptRSA(String strDecrypt) {
 
-			String privateKey;
 
-			String decrypt = null;
 
-			try {
 
-				privateKey = getPrivateKey();
 
-			    decrypt = Crypto.rsaDecrypt(strDecrypt, privateKey);
 
-			} catch (Exception e) {
 
-				e.printStackTrace();
 
-			}
 
-		
-			return decrypt;
 
-		}
 
-		
-		//获取PublicKey
 
-		public String  getPublicKey() {
 
-			String publicKey = "";
 
-			 try {
 
-				 publicKey = Config.publicKey();
 
-				 byte[] publicKeyB = Base64.decodeBase64(publicKey);
 
-				 publicKey = new String(Base64.encodeBase64(publicKeyB));
 
-				 
-			} catch (Exception e) {
 
-				e.printStackTrace();
 
-			}
 
-			return publicKey;
 
-		}
 
-		
-		
-		//获取privateKey
 
-		public String  getPrivateKey() {
 
-			 String privateKey = "";
 
-			 try {
 
-				 privateKey = Config.privateKey();
 
-				 byte[] privateKeyB = Base64.decodeBase64(privateKey);
 
-				 privateKey = new String(Base64.encodeBase64(privateKeyB));
 
-			} catch (Exception e) {
 
-				e.printStackTrace();
 
-			}
 
-			return privateKey;
 
-		}
 
-		
 	public static class Wi extends GsonPropertyObject {
 
 
 		@FieldDescribe("凭证")

+ 41 - 7
o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/person/ActionSetPassword.java
View File 

@@ -8,6 +8,7 @@ import org.apache.commons.lang3.StringUtils;
 
 import com.google.gson.JsonElement;
 
 import com.x.base.core.container.EntityManagerContainer;
 
 import com.x.base.core.container.factory.EntityManagerContainerFactory;
 
+import com.x.base.core.project.annotation.FieldDescribe;
 
 import com.x.base.core.project.cache.ApplicationCache;
 
 import com.x.base.core.project.config.Config;
 
 import com.x.base.core.project.gson.GsonPropertyObject;
 
@@ -59,20 +60,38 @@ class ActionSetPassword extends BaseAction {
 
 				if (StringUtils.equals(wi.getNewPassword(), wi.getOldPassword())) {
 
 					throw new ExceptionNewPasswordSameAsOldPassword();
 
 				}
 
+				
+				String oldPassword = wi.getOldPassword();
 
+				String newPassword = wi.getNewPassword();
 
+				String confirmPassword = wi.getConfirmPassword();
 
+				String isEncrypted = wi.getIsEncrypted();
 
+				
+				//RSA解秘
 
+				if (!StringUtils.isEmpty(isEncrypted)) {
 
+					if(isEncrypted.trim().equalsIgnoreCase("y")) {
 
+						oldPassword = Crypto.decryptRSA(oldPassword);
 
+						newPassword = Crypto.decryptRSA(newPassword);
 
+						confirmPassword = Crypto.decryptRSA(confirmPassword);
 
+					}
 
+				}
 
+				
+				
 				if (BooleanUtils.isTrue(Config.person().getSuperPermission())
 
-						&& StringUtils.equals(Config.token().getPassword(), wi.getOldPassword())) {
 
+						&& StringUtils.equals(Config.token().getPassword(), oldPassword)) {
 
 					logger.info("user{name:" + person.getName() + "} use superPermission.");
 
 				} else {
 
-					if (!StringUtils.equals(Crypto.encrypt(wi.getOldPassword(), Config.token().getKey()),
 
+					if (!StringUtils.equals(Crypto.encrypt(oldPassword, Config.token().getKey()),
 
 							person.getPassword())) {
 
 						throw new ExceptionOldPasswordNotMatch();
 
 					}
 
-					if (!wi.getNewPassword().matches(Config.person().getPasswordRegex())) {
 
+					if (!newPassword.matches(Config.person().getPasswordRegex())) {
 
 						throw new ExceptionInvalidPassword(Config.person().getPasswordRegexHint());
 
 					}
 
 				}
 
+				
+				
 				emc.beginTransaction(Person.class);
 
-				person.setPassword(Crypto.encrypt(wi.getNewPassword(), Config.token().getKey()));
 
+				person.setPassword(Crypto.encrypt(newPassword, Config.token().getKey()));
 
 				person.setChangePasswordTime(new Date());
 
 				emc.commit();
 
 				ApplicationCache.notify(Person.class);
 
@@ -86,11 +105,19 @@ class ActionSetPassword extends BaseAction {
 
 	}
 
 
 	public static class Wi extends GsonPropertyObject {
 
-
 
+		
+		@FieldDescribe("原密码")
 
 		private String oldPassword;
 
+		
+		@FieldDescribe("新密码")
 
 		private String newPassword;
 
-		private String confirmPassword;
 
-
 
+		
+		@FieldDescribe("确认新密码")
 
+		private String confirmPassword;	
+		
+		@FieldDescribe("是否启用加密,默认不加密,启用(y)。注意:使用加密先要在服务器运行 create encrypt key")
 
+		private String isEncrypted;
 
+		
 		public String getOldPassword() {
 
 			return oldPassword;
 
 		}
 
@@ -115,6 +142,13 @@ class ActionSetPassword extends BaseAction {
 
 			this.newPassword = newPassword;
 
 		}
 
 
+		public String getIsEncrypted() {
 
+			return isEncrypted;
 
+		}
 
+
 
+		public void setIsEncrypted(String isEncrypted) {
 
+			this.isEncrypted = isEncrypted;
 
+		}
 
 	}
 
 
 	public static class Wo extends WrapBoolean {