diff --git a/o2server/x_base_core_project/src/main/java/com/x/base/core/project/tools/Crypto.java b/o2server/x_base_core_project/src/main/java/com/x/base/core/project/tools/Crypto.java index d3df130e08a2d71956c04450e452143e6d3412ca..563d7d610dfed9bfd3145f50c4e5816a5bde2b59 100644 --- a/o2server/x_base_core_project/src/main/java/com/x/base/core/project/tools/Crypto.java +++ b/o2server/x_base_core_project/src/main/java/com/x/base/core/project/tools/Crypto.java @@ -20,6 +20,8 @@ import org.apache.commons.codec.binary.Base64; import org.apache.commons.lang3.ArrayUtils; import org.apache.commons.lang3.StringUtils; +import com.x.base.core.project.config.Config; + public class Crypto { private static final String utf8 = "UTF-8"; @@ -116,6 +118,59 @@ public class Crypto { } } + //用户登入解密 转成Base64 + public static String decryptRSA(String strDecrypt) { + String privateKey; + String decrypt = null; + try { + privateKey = getPrivateKey(); + decrypt = Crypto.rsaDecrypt(strDecrypt, privateKey); + } catch (Exception e) { + e.printStackTrace(); + } + return decrypt; + } + //转成Base64 + public static String encryptRSA(String strEncrypt) { + String encrypt = null; + try { + String publicKey = Config.publicKey(); + byte[] publicKeyB = Base64.decodeBase64(publicKey); + + encrypt = Crypto.rsaEncrypt(strEncrypt,new String(Base64.encodeBase64(publicKeyB))); + } catch (Exception e) { + e.printStackTrace(); + } + return encrypt; + } + + //转成Base64 + public static String getPublicKey() { + String publicKey = ""; + try { + publicKey = Config.publicKey(); + byte[] publicKeyB = Base64.decodeBase64(publicKey); + publicKey = new String(Base64.encodeBase64(publicKeyB)); + + } catch (Exception e) { + e.printStackTrace(); + } + return publicKey; + } + + //转成Base64 + public static String getPrivateKey() { + String privateKey = ""; + try { + privateKey = Config.privateKey(); + byte[] privateKeyB = Base64.decodeBase64(privateKey); + privateKey = new String(Base64.encodeBase64(privateKeyB)); + } catch (Exception e) { + e.printStackTrace(); + } + return privateKey; + } + public static final String TEST_PUBLIC_KEY = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCWcVZIS57VeOUzi8c01WKvwJK9uRe6hrGTUYmF6J/pI6/UvCbdBWCoErbzsBZOElOH8Sqal3vsNMVLjPYClfoDyYDaUlakP3ldfnXJzAFJVVubF53KadG+fwnh9ZMvxdh7VXVqRL3IQBDwGgzX4rmSK+qkUJjc3OkrNJPB7LLD8QIDAQAB"; public static final String TEST_PRIVATE_KEY = "MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAJZxVkhLntV45TOLxzTVYq/Akr25F7qGsZNRiYXon+kjr9S8Jt0FYKgStvOwFk4SU4fxKpqXe+w0xUuM9gKV+gPJgNpSVqQ/eV1+dcnMAUlVW5sXncpp0b5/CeH1ky/F2HtVdWpEvchAEPAaDNfiuZIr6qRQmNzc6Ss0k8HsssPxAgMBAAECgYAWtRy05NUgm5Lc6Og0jVDL/mEnydxPBy2ectwzHh2k7wIHNi8XhUxFki2TMqzrM9Dv3/LySpMl4AE3mhs34LNPy6F+MwyF5X7j+2Y6MflJyeb9HNyT++viysQneoOEiOk3ghxF2/GPjpiEF79wSp+1YKTxRAyq7ypV3t35fGOOEQJBANLDPWl8b5c3lrcz/dTamMjHbVamEyX43yzQOphzkhYsz4pruATzTxU+z8/zPdEqHcWWV39CP3xu3EYNcAhxJW8CQQC2u7PF5Xb1xYRCsmIPssFxil64vvdUadSxl7GLAgjQ9ULyYWB24KObCEzLnPcT8Pf2Q0YQOixxa/78FuzmgbyfAkA7ZFFV/H7lugB6t+f7p24OhkRFep9CwBMD6dnZRBgSr6X8d8ZvfrD2Z7DgBMeSva+OEoOtlNmXExZ3lynO9zN5AkAVczEmIMp3DSl6XtAuAZC9kD2QODJ2QToLYsAfjiyUwsWKCC43piTuVOoW2KUUPSwOR1VZIEsJQWEcHGDQqhgHAkAeZ7a6dVRZFdBwKA0ADjYCufAW2cIYiVDQBJpgB+kiLQflusNOCBK0FT3lg8BdUSy2D253Ih6l3lbaM/4M7DFQ"; diff --git a/o2server/x_console/src/main/java/com/x/server/console/server/web/WebServerTools.java b/o2server/x_console/src/main/java/com/x/server/console/server/web/WebServerTools.java index 815d0c9dff0ff6dd1754f1336459339f57f91271..d4574445c55b2eb55607bd208626cd7a39e66f35 100644 --- a/o2server/x_console/src/main/java/com/x/server/console/server/web/WebServerTools.java +++ b/o2server/x_console/src/main/java/com/x/server/console/server/web/WebServerTools.java @@ -193,7 +193,14 @@ public class WebServerTools extends JettySeverTools { /* 密码规则 */ map.put("passwordRegex",Config.person().getPasswordRegex() ); map.put("passwordRegexHint", Config.person().getPasswordRegexHint()); - + + /*RSA*/ + File publicKeyFile = new File(Config.base(), "config/public.key"); + if (publicKeyFile.exists() && publicKeyFile.isFile()) { + String publicKey = FileUtils.readFileToString(publicKeyFile, "utf-8"); + map.put("publicKey", publicKey); + } + FileUtils.writeStringToFile(file, gson.toJson(map), DefaultCharset.charset); } } diff --git a/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionCaptchaLogin.java b/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionCaptchaLogin.java index 304e272d5579b06d3a0eb0c15d87ca101a5ce47f..884e78083e9e65335a39d69ef57c8c6b8c7d26f9 100644 --- a/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionCaptchaLogin.java +++ b/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionCaptchaLogin.java @@ -42,7 +42,7 @@ class ActionCaptchaLogin extends BaseAction { //RSA解秘 if (!StringUtils.isEmpty(isEncrypted)) { if(isEncrypted.trim().equalsIgnoreCase("y")) { - password = decryptRSA(password); + password = Crypto.decryptRSA(password); } } @@ -115,63 +115,6 @@ class ActionCaptchaLogin extends BaseAction { } } - //加密 - public String encryptRSA(String strEncrypt) { - String encrypt = null; - try { - String publicKey = Config.publicKey(); - byte[] publicKeyB = Base64.decodeBase64(publicKey); - - encrypt = Crypto.rsaEncrypt(strEncrypt,new String(Base64.encodeBase64(publicKeyB))); - } catch (Exception e) { - e.printStackTrace(); - } - - return encrypt; - } - - //解密 - public String decryptRSA(String strDecrypt) { - String privateKey; - String decrypt = null; - try { - privateKey = getPrivateKey(); - decrypt = Crypto.rsaDecrypt(strDecrypt, privateKey); - } catch (Exception e) { - e.printStackTrace(); - } - - return decrypt; - } - - //获取PublicKey - public String getPublicKey() { - String publicKey = ""; - try { - publicKey = Config.publicKey(); - byte[] publicKeyB = Base64.decodeBase64(publicKey); - publicKey = new String(Base64.encodeBase64(publicKeyB)); - - } catch (Exception e) { - e.printStackTrace(); - } - return publicKey; - } - - - //获取privateKey - public String getPrivateKey() { - String privateKey = ""; - try { - privateKey = Config.privateKey(); - byte[] privateKeyB = Base64.decodeBase64(privateKey); - privateKey = new String(Base64.encodeBase64(privateKeyB)); - } catch (Exception e) { - e.printStackTrace(); - } - return privateKey; - } - public static class Wi extends GsonPropertyObject { @FieldDescribe("凭证") diff --git a/o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/person/ActionSetPassword.java b/o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/person/ActionSetPassword.java index 8c724c006e3b0de8a05c937955bc8d6fb934d2d4..61ee3033d4de8f6830695d67df70c2a6a2945a8f 100644 --- a/o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/person/ActionSetPassword.java +++ b/o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/person/ActionSetPassword.java @@ -8,6 +8,7 @@ import org.apache.commons.lang3.StringUtils; import com.google.gson.JsonElement; import com.x.base.core.container.EntityManagerContainer; import com.x.base.core.container.factory.EntityManagerContainerFactory; +import com.x.base.core.project.annotation.FieldDescribe; import com.x.base.core.project.cache.ApplicationCache; import com.x.base.core.project.config.Config; import com.x.base.core.project.gson.GsonPropertyObject; @@ -59,20 +60,38 @@ class ActionSetPassword extends BaseAction { if (StringUtils.equals(wi.getNewPassword(), wi.getOldPassword())) { throw new ExceptionNewPasswordSameAsOldPassword(); } + + String oldPassword = wi.getOldPassword(); + String newPassword = wi.getNewPassword(); + String confirmPassword = wi.getConfirmPassword(); + String isEncrypted = wi.getIsEncrypted(); + + //RSA解秘 + if (!StringUtils.isEmpty(isEncrypted)) { + if(isEncrypted.trim().equalsIgnoreCase("y")) { + oldPassword = Crypto.decryptRSA(oldPassword); + newPassword = Crypto.decryptRSA(newPassword); + confirmPassword = Crypto.decryptRSA(confirmPassword); + } + } + + if (BooleanUtils.isTrue(Config.person().getSuperPermission()) - && StringUtils.equals(Config.token().getPassword(), wi.getOldPassword())) { + && StringUtils.equals(Config.token().getPassword(), oldPassword)) { logger.info("user{name:" + person.getName() + "} use superPermission."); } else { - if (!StringUtils.equals(Crypto.encrypt(wi.getOldPassword(), Config.token().getKey()), + if (!StringUtils.equals(Crypto.encrypt(oldPassword, Config.token().getKey()), person.getPassword())) { throw new ExceptionOldPasswordNotMatch(); } - if (!wi.getNewPassword().matches(Config.person().getPasswordRegex())) { + if (!newPassword.matches(Config.person().getPasswordRegex())) { throw new ExceptionInvalidPassword(Config.person().getPasswordRegexHint()); } } + + emc.beginTransaction(Person.class); - person.setPassword(Crypto.encrypt(wi.getNewPassword(), Config.token().getKey())); + person.setPassword(Crypto.encrypt(newPassword, Config.token().getKey())); person.setChangePasswordTime(new Date()); emc.commit(); ApplicationCache.notify(Person.class); @@ -86,11 +105,19 @@ class ActionSetPassword extends BaseAction { } public static class Wi extends GsonPropertyObject { - + + @FieldDescribe("原密码") private String oldPassword; + + @FieldDescribe("新密码") private String newPassword; - private String confirmPassword; - + + @FieldDescribe("确认新密码") + private String confirmPassword; + + @FieldDescribe("是否启用加密,默认不加密,启用(y)。注意:使用加密先要在服务器运行 create encrypt key") + private String isEncrypted; + public String getOldPassword() { return oldPassword; } @@ -115,6 +142,13 @@ class ActionSetPassword extends BaseAction { this.newPassword = newPassword; } + public String getIsEncrypted() { + return isEncrypted; + } + + public void setIsEncrypted(String isEncrypted) { + this.isEncrypted = isEncrypted; + } } public static class Wo extends WrapBoolean {