'修改了服务器起动时config.json增加了publicKey,修改密码增加RSA功能'

67d6ca76 · hlwwx · b7e93988 · 67d6ca76 · 67d6ca76 · 67d6ca76
4 changed file
--- a/o2server/x_base_core_project/src/main/java/com/x/base/core/project/tools/Crypto.java
+++ b/o2server/x_base_core_project/src/main/java/com/x/base/core/project/tools/Crypto.java
@@ -20,6 +20,8 @@ import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.lang3.ArrayUtils;
 import org.apache.commons.lang3.StringUtils;

+import com.x.base.core.project.config.Config;
+
 public class Crypto {

 	private static final String utf8 = "UTF-8";
@@ -116,6 +118,59 @@ public class Crypto {
 		}
 	}

+	//用户登入解密 转成Base64	
+	public static String decryptRSA(String strDecrypt) {
+		String privateKey;
+		String decrypt = null;
+		try {
+			privateKey = getPrivateKey();
+		    decrypt = Crypto.rsaDecrypt(strDecrypt, privateKey);
+		} catch (Exception e) {
+			e.printStackTrace();
+		}
+		return decrypt;
+	}
+	//转成Base64	
+	public static String encryptRSA(String strEncrypt) {
+		String encrypt = null;
+		try {
+			 String publicKey = Config.publicKey();
+			 byte[] publicKeyB = Base64.decodeBase64(publicKey);
+			 
+			encrypt = Crypto.rsaEncrypt(strEncrypt,new String(Base64.encodeBase64(publicKeyB)));
+		} catch (Exception e) {
+			e.printStackTrace();
+		}
+		return encrypt;
+	}
+	
+	//转成Base64			
+	public static String  getPublicKey() {
+		String publicKey = "";
+		 try {
+			 publicKey = Config.publicKey();
+			 byte[] publicKeyB = Base64.decodeBase64(publicKey);
+			 publicKey = new String(Base64.encodeBase64(publicKeyB));
+			 
+		} catch (Exception e) {
+			e.printStackTrace();
+		}
+		return publicKey;
+	}
+	
+	//转成Base64		
+	public static String  getPrivateKey() {
+		 String privateKey = "";
+		 try {
+			 privateKey = Config.privateKey();
+			 byte[] privateKeyB = Base64.decodeBase64(privateKey);
+			 privateKey = new String(Base64.encodeBase64(privateKeyB));
+		} catch (Exception e) {
+			e.printStackTrace();
+		}
+		return privateKey;
+	}
+	
 	public static final String TEST_PUBLIC_KEY = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCWcVZIS57VeOUzi8c01WKvwJK9uRe6hrGTUYmF6J/pI6/UvCbdBWCoErbzsBZOElOH8Sqal3vsNMVLjPYClfoDyYDaUlakP3ldfnXJzAFJVVubF53KadG+fwnh9ZMvxdh7VXVqRL3IQBDwGgzX4rmSK+qkUJjc3OkrNJPB7LLD8QIDAQAB";
 	public static final String TEST_PRIVATE_KEY = "MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAJZxVkhLntV45TOLxzTVYq/Akr25F7qGsZNRiYXon+kjr9S8Jt0FYKgStvOwFk4SU4fxKpqXe+w0xUuM9gKV+gPJgNpSVqQ/eV1+dcnMAUlVW5sXncpp0b5/CeH1ky/F2HtVdWpEvchAEPAaDNfiuZIr6qRQmNzc6Ss0k8HsssPxAgMBAAECgYAWtRy05NUgm5Lc6Og0jVDL/mEnydxPBy2ectwzHh2k7wIHNi8XhUxFki2TMqzrM9Dv3/LySpMl4AE3mhs34LNPy6F+MwyF5X7j+2Y6MflJyeb9HNyT++viysQneoOEiOk3ghxF2/GPjpiEF79wSp+1YKTxRAyq7ypV3t35fGOOEQJBANLDPWl8b5c3lrcz/dTamMjHbVamEyX43yzQOphzkhYsz4pruATzTxU+z8/zPdEqHcWWV39CP3xu3EYNcAhxJW8CQQC2u7PF5Xb1xYRCsmIPssFxil64vvdUadSxl7GLAgjQ9ULyYWB24KObCEzLnPcT8Pf2Q0YQOixxa/78FuzmgbyfAkA7ZFFV/H7lugB6t+f7p24OhkRFep9CwBMD6dnZRBgSr6X8d8ZvfrD2Z7DgBMeSva+OEoOtlNmXExZ3lynO9zN5AkAVczEmIMp3DSl6XtAuAZC9kD2QODJ2QToLYsAfjiyUwsWKCC43piTuVOoW2KUUPSwOR1VZIEsJQWEcHGDQqhgHAkAeZ7a6dVRZFdBwKA0ADjYCufAW2cIYiVDQBJpgB+kiLQflusNOCBK0FT3lg8BdUSy2D253Ih6l3lbaM/4M7DFQ";


--- a/o2server/x_console/src/main/java/com/x/server/console/server/web/WebServerTools.java
+++ b/o2server/x_console/src/main/java/com/x/server/console/server/web/WebServerTools.java
@@ -193,7 +193,14 @@ public class WebServerTools extends JettySeverTools {
 			/* 密码规则 */
 		    map.put("passwordRegex",Config.person().getPasswordRegex() );
 			map.put("passwordRegexHint", Config.person().getPasswordRegexHint());
-		
+			
+		    /*RSA*/
+			File publicKeyFile = new File(Config.base(), "config/public.key");
+			if (publicKeyFile.exists() && publicKeyFile.isFile()) {
+					String publicKey = FileUtils.readFileToString(publicKeyFile, "utf-8");
+					map.put("publicKey", publicKey);
+			}
+			
 			FileUtils.writeStringToFile(file, gson.toJson(map), DefaultCharset.charset);
 		}
 	}

--- a/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionCaptchaLogin.java
+++ b/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionCaptchaLogin.java
@@ -42,7 +42,7 @@ class ActionCaptchaLogin extends BaseAction {
 			//RSA解秘
 			if (!StringUtils.isEmpty(isEncrypted)) {
 				if(isEncrypted.trim().equalsIgnoreCase("y")) {
-			    	password = decryptRSA(password);
+			    	password = Crypto.decryptRSA(password);
 				}
 			}
 			
@@ -115,63 +115,6 @@ class ActionCaptchaLogin extends BaseAction {
 		}
 	}

-	 //加密
-		public String encryptRSA(String strEncrypt) {
-			String encrypt = null;
-			try {
-				 String publicKey = Config.publicKey();
-				 byte[] publicKeyB = Base64.decodeBase64(publicKey);
-				 
-				encrypt = Crypto.rsaEncrypt(strEncrypt,new String(Base64.encodeBase64(publicKeyB)));
-			} catch (Exception e) {
-				e.printStackTrace();
-			}
-		
-			return encrypt;
-		}
-		
-		//解密
-		public String decryptRSA(String strDecrypt) {
-			String privateKey;
-			String decrypt = null;
-			try {
-				privateKey = getPrivateKey();
-			    decrypt = Crypto.rsaDecrypt(strDecrypt, privateKey);
-			} catch (Exception e) {
-				e.printStackTrace();
-			}
-		
-			return decrypt;
-		}
-		
-		//获取PublicKey
-		public String  getPublicKey() {
-			String publicKey = "";
-			 try {
-				 publicKey = Config.publicKey();
-				 byte[] publicKeyB = Base64.decodeBase64(publicKey);
-				 publicKey = new String(Base64.encodeBase64(publicKeyB));
-				 
-			} catch (Exception e) {
-				e.printStackTrace();
-			}
-			return publicKey;
-		}
-		
-		
-		//获取privateKey
-		public String  getPrivateKey() {
-			 String privateKey = "";
-			 try {
-				 privateKey = Config.privateKey();
-				 byte[] privateKeyB = Base64.decodeBase64(privateKey);
-				 privateKey = new String(Base64.encodeBase64(privateKeyB));
-			} catch (Exception e) {
-				e.printStackTrace();
-			}
-			return privateKey;
-		}
-		
 	public static class Wi extends GsonPropertyObject {

 		@FieldDescribe("凭证")

--- a/o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/person/ActionSetPassword.java
+++ b/o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/person/ActionSetPassword.java
@@ -8,6 +8,7 @@ import org.apache.commons.lang3.StringUtils;
 import com.google.gson.JsonElement;
 import com.x.base.core.container.EntityManagerContainer;
 import com.x.base.core.container.factory.EntityManagerContainerFactory;
+import com.x.base.core.project.annotation.FieldDescribe;
 import com.x.base.core.project.cache.ApplicationCache;
 import com.x.base.core.project.config.Config;
 import com.x.base.core.project.gson.GsonPropertyObject;
@@ -59,20 +60,38 @@ class ActionSetPassword extends BaseAction {
 				if (StringUtils.equals(wi.getNewPassword(), wi.getOldPassword())) {
 					throw new ExceptionNewPasswordSameAsOldPassword();
 				}
+				
+				String oldPassword = wi.getOldPassword();
+				String newPassword = wi.getNewPassword();
+				String confirmPassword = wi.getConfirmPassword();
+				String isEncrypted = wi.getIsEncrypted();
+				
+				//RSA解秘
+				if (!StringUtils.isEmpty(isEncrypted)) {
+					if(isEncrypted.trim().equalsIgnoreCase("y")) {
+						oldPassword = Crypto.decryptRSA(oldPassword);
+						newPassword = Crypto.decryptRSA(newPassword);
+						confirmPassword = Crypto.decryptRSA(confirmPassword);
+					}
+				}
+				
+				
 				if (BooleanUtils.isTrue(Config.person().getSuperPermission())
-						&& StringUtils.equals(Config.token().getPassword(), wi.getOldPassword())) {
+						&& StringUtils.equals(Config.token().getPassword(), oldPassword)) {
 					logger.info("user{name:" + person.getName() + "} use superPermission.");
 				} else {
-					if (!StringUtils.equals(Crypto.encrypt(wi.getOldPassword(), Config.token().getKey()),
+					if (!StringUtils.equals(Crypto.encrypt(oldPassword, Config.token().getKey()),
 							person.getPassword())) {
 						throw new ExceptionOldPasswordNotMatch();
 					}
-					if (!wi.getNewPassword().matches(Config.person().getPasswordRegex())) {
+					if (!newPassword.matches(Config.person().getPasswordRegex())) {
 						throw new ExceptionInvalidPassword(Config.person().getPasswordRegexHint());
 					}
 				}
+				
+				
 				emc.beginTransaction(Person.class);
-				person.setPassword(Crypto.encrypt(wi.getNewPassword(), Config.token().getKey()));
+				person.setPassword(Crypto.encrypt(newPassword, Config.token().getKey()));
 				person.setChangePasswordTime(new Date());
 				emc.commit();
 				ApplicationCache.notify(Person.class);
@@ -86,11 +105,19 @@ class ActionSetPassword extends BaseAction {
 	}

 	public static class Wi extends GsonPropertyObject {
-
+		
+		@FieldDescribe("原密码")
 		private String oldPassword;
+		
+		@FieldDescribe("新密码")
 		private String newPassword;
-		private String confirmPassword;
-
+		
+		@FieldDescribe("确认新密码")
+		private String confirmPassword;	
+		
+		@FieldDescribe("是否启用加密,默认不加密,启用(y)。注意:使用加密先要在服务器运行 create encrypt key")
+		private String isEncrypted;
+		
 		public String getOldPassword() {
 			return oldPassword;
 		}
@@ -115,6 +142,13 @@ class ActionSetPassword extends BaseAction {
 			this.newPassword = newPassword;
 		}

+		public String getIsEncrypted() {
+			return isEncrypted;
+		}
+
+		public void setIsEncrypted(String isEncrypted) {
+			this.isEncrypted = isEncrypted;
+		}
 	}

 	public static class Wo extends WrapBoolean {