wangxy
/
manage-web
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sm4提交

Browse Source
master
wangxy 4 months ago
parent 24952e0481
commit 2472ebe58f
17 changed files with 346 additions and 76 deletions
Show Stats Download Patch File Download Diff File

7
ruoyi-admin/pom.xml
Unescape View File

@ -79,6 +79,13 @@
<version>2.1.0</version>
</dependency>
<!--sm4加密算法依赖-->
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.59</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>

18
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java
Unescape View File

@ -2,6 +2,8 @@ package com.ruoyi.web.controller.system;
import java.util.List;
import java.util.Set;
import com.ruoyi.common.utils.sign.Sm4Util;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
@ -41,11 +43,11 @@ public class SysLoginController
* @return
*/
@PostMapping("/login")
public AjaxResult login(@RequestBody LoginBody loginBody)
{
public AjaxResult login(@RequestBody LoginBody loginBody) throws Exception {
AjaxResult ajax = AjaxResult.success();
// 生成令牌
String token = loginService.login(loginBody.getUsername(), loginBody.getPassword(), loginBody.getCode());
String token = loginService.login(loginBody.getUsername(),
Sm4Util.decryptEcb(loginBody.getPassword()), loginBody.getCode());
ajax.put(Constants.TOKEN, token);
return ajax;
}
@ -82,4 +84,14 @@ public class SysLoginController
List<SysMenu> menus = menuService.selectMenuTreeByUserId(userId);
return AjaxResult.success(menuService.buildMenus(menus));
}
/**
*
*
* @return
*/
@GetMapping("/publicKey")
public String publicKey() throws Exception {
return Sm4Util.hexKey;
}
}

48
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java
Unescape View File

@ -1,5 +1,6 @@
package com.ruoyi.web.controller.system;
import com.ruoyi.common.utils.sign.Sm4Util;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
@ -25,13 +26,12 @@ import com.ruoyi.system.service.ISysUserService;
/**
*
*
*
* @author ruoyi
*/
@RestController
@RequestMapping("/system/user/profile")
public class SysProfileController extends BaseController
{
public class SysProfileController extends BaseController {
@Autowired
private ISysUserService userService;
@ -42,8 +42,7 @@ public class SysProfileController extends BaseController
*
*/
@GetMapping
public AjaxResult profile()
{
public AjaxResult profile() {
LoginUser loginUser = getLoginUser();
SysUser user = loginUser.getUser();
AjaxResult ajax = AjaxResult.success(user);
@ -57,24 +56,20 @@ public class SysProfileController extends BaseController
*/
@Log(title = "个人信息", businessType = BusinessType.UPDATE)
@PutMapping
public AjaxResult updateProfile(@RequestBody SysUser user)
{
public AjaxResult updateProfile(@RequestBody SysUser user) {
LoginUser loginUser = getLoginUser();
SysUser currentUser = loginUser.getUser();
currentUser.setNickName(user.getNickName());
currentUser.setEmail(user.getEmail());
currentUser.setPhonenumber(user.getPhonenumber());
currentUser.setSex(user.getSex());
if (StringUtils.isNotEmpty(user.getPhonenumber()) && !userService.checkPhoneUnique(currentUser))
{
if (StringUtils.isNotEmpty(user.getPhonenumber()) && !userService.checkPhoneUnique(currentUser)) {
return error("修改用户'" + loginUser.getUsername() + "'失败,手机号码已存在");
}
if (StringUtils.isNotEmpty(user.getEmail()) && !userService.checkEmailUnique(currentUser))
{
if (StringUtils.isNotEmpty(user.getEmail()) && !userService.checkEmailUnique(currentUser)) {
return error("修改用户'" + loginUser.getUsername() + "'失败,邮箱账号已存在");
}
if (userService.updateUserProfile(currentUser) > 0)
{
if (userService.updateUserProfile(currentUser) > 0) {
// 更新缓存用户信息
tokenService.setLoginUser(loginUser);
return success();
@ -87,24 +82,22 @@ public class SysProfileController extends BaseController
*/
@Log(title = "个人信息", businessType = BusinessType.UPDATE)
@PutMapping("/updatePwd")
public AjaxResult updatePwd(String oldPassword, String newPassword)
{
public AjaxResult updatePwd(String oldPassword, String newPassword) throws Exception {
LoginUser loginUser = getLoginUser();
String userName = loginUser.getUsername();
String password = loginUser.getPassword();
if (!SecurityUtils.matchesPassword(oldPassword, password))
{
//解密
oldPassword = Sm4Util.decryptEcb(oldPassword);
newPassword = Sm4Util.decryptEcb(newPassword);
if (!SecurityUtils.matchesPassword(oldPassword, password)) {
return error("修改密码失败,旧密码错误");
}
if (SecurityUtils.matchesPassword(newPassword, password))
{
if (SecurityUtils.matchesPassword(newPassword, password)) {
return error("新密码不能与旧密码相同");
}
newPassword = SecurityUtils.encryptPassword(newPassword);
if (userService.resetUserPwd(userName, newPassword) > 0)
{
if (userService.resetUserPwd(userName, SecurityUtils.encryptPassword(newPassword)) > 0) {
// 更新缓存用户密码
loginUser.getUser().setPassword(newPassword);
loginUser.getUser().setPassword(SecurityUtils.encryptPassword(newPassword));
tokenService.setLoginUser(loginUser);
return success();
}
@ -116,14 +109,11 @@ public class SysProfileController extends BaseController
*/
@Log(title = "用户头像", businessType = BusinessType.UPDATE)
@PostMapping("/avatar")
public AjaxResult avatar(@RequestParam("avatarfile") MultipartFile file) throws Exception
{
if (!file.isEmpty())
{
public AjaxResult avatar(@RequestParam("avatarfile") MultipartFile file) throws Exception {
if (!file.isEmpty()) {
LoginUser loginUser = getLoginUser();
String avatar = FileUploadUtils.upload(RuoYiConfig.getAvatarPath(), file, MimeTypeUtils.IMAGE_EXTENSION);
if (userService.updateUserAvatar(loginUser.getUsername(), avatar))
{
if (userService.updateUserAvatar(loginUser.getUsername(), avatar)) {
AjaxResult ajax = AjaxResult.success();
ajax.put("imgUrl", avatar);
// 更新缓存用户头像

3
ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRegisterController.java
Unescape View File

@ -26,8 +26,7 @@ public class SysRegisterController extends BaseController
private ISysConfigService configService;
@PostMapping("/register")
public AjaxResult register(@RequestBody RegisterBody user)
{
public AjaxResult register(@RequestBody RegisterBody user) throws Exception {
if (!("true".equals(configService.selectConfigByKey("sys.account.registerUser"))))
{
return error("当前系统没有开启注册功能!");

8
ruoyi-common/pom.xml
Unescape View File

@ -135,6 +135,14 @@
<groupId>cn.hutool</groupId>
<artifactId>hutool-all</artifactId>
</dependency>
<!--sm4加密算法依赖-->
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.59</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>

2
ruoyi-common/src/main/java/com/ruoyi/common/constant/UserConstants.java
Unescape View File

@ -77,5 +77,5 @@ public class UserConstants
*
*/
public static final int PASSWORD_MIN_LENGTH = 5;
public static final int PASSWORD_MAX_LENGTH = 20;
public static final int PASSWORD_MAX_LENGTH = 20000;
}

176
ruoyi-common/src/main/java/com/ruoyi/common/utils/sign/Sm4Util.java
Unescape View File

@ -0,0 +1,176 @@
package com.ruoyi.common.utils.sign;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.pqc.math.linearalgebra.ByteUtils;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.SecretKeySpec;
import java.security.*;
import java.util.Arrays;
/**
* ClassName: Sm4Util
* Package: com.hyp.common.utils.sign
* sm4
* @explain sm4
*
* @Author wangxy
* @Create 2024/11/28 14:44
* @Version 1.0
*/
public class Sm4Util {
static {
Security.addProvider(new BouncyCastleProvider());
}
private static final String ENCODING = "UTF-8";
public static final String ALGORITHM_NAME = "SM4";
// 加密算法/分组加密模式/分组填充方式
// PKCS5Padding-以8个字节为一组进行分组加密
// 定义分组加密模式使用PKCS5Padding
public static final String ALGORITHM_NAME_ECB_PADDING = "SM4/ECB/PKCS5Padding";
// 128-32位16进制256-64位16进制
public static final int DEFAULT_KEY_SIZE = 128;
/**
* ECBkey
*/
public static final String hexKey = "6fb7b3dcaa041c798c3798abe6f9575c";
/**
* ECB
* @explain ECBElectronic codebook
* @param algorithmName
* @param mode
* @param key
* @return
* @throws Exception
*/
private static Cipher generateEcbCipher(String algorithmName, int mode, byte[] key) throws Exception {
Cipher cipher = Cipher.getInstance(algorithmName, BouncyCastleProvider.PROVIDER_NAME);
Key sm4Key = new SecretKeySpec(key, ALGORITHM_NAME);
cipher.init(mode, sm4Key);
return cipher;
}
/**
*
* @explain
* @return
* @throws NoSuchAlgorithmException
* @throws NoSuchProviderException
*/
public static byte[] generateKey() throws Exception {
return generateKey(DEFAULT_KEY_SIZE);
}
//加密******************************************
/**
* @explain
* @param keySize
* @return
* @throws Exception
*/
public static byte[] generateKey(int keySize) throws Exception {
KeyGenerator kg = KeyGenerator.getInstance(ALGORITHM_NAME, BouncyCastleProvider.PROVIDER_NAME);
kg.init(keySize, new SecureRandom());
return kg.generateKey().getEncoded();
}
/**
* sm4
* @explain ECB
* @param
* @param paramStr
* @return 16
* @throws Exception
*/
public static String encryptEcb(String paramStr) throws Exception {
String cipherText = "";
// 16进制字符串-->byte[]
byte[] keyData = ByteUtils.fromHexString(hexKey);
// String-->byte[]
byte[] srcData = paramStr.getBytes(ENCODING);
// 加密后的数组
byte[] cipherArray = encrypt_Ecb_Padding(keyData, srcData);
// byte[]-->hexString
cipherText = ByteUtils.toHexString(cipherArray);
return cipherText;
}
/**
* Ecb
* @param key
* @param data
* @return
* @throws Exception
*/
public static byte[] encrypt_Ecb_Padding(byte[] key, byte[] data) throws Exception {
Cipher cipher = generateEcbCipher(ALGORITHM_NAME_ECB_PADDING, Cipher.ENCRYPT_MODE, key);//声称Ecb暗号,通过第二个参数判断加密还是解密
return cipher.doFinal(data);
}
//解密****************************************
/**
* sm4
* @explain ECB
* @param
* @param cipherText 16
* @return
* @throws Exception
*/
public static String decryptEcb(String cipherText) throws Exception {
// 用于接收解密后的字符串
String decryptStr = "";
// hexString-->byte[]
byte[] keyData = ByteUtils.fromHexString(hexKey);
// hexString-->byte[]
byte[] cipherData = ByteUtils.fromHexString(cipherText);
// 解密
byte[] srcData = decrypt_Ecb_Padding(keyData, cipherData);
// byte[]-->String
decryptStr = new String(srcData, ENCODING);
return decryptStr;
}
/**
*
* @explain
* @param key
* @param cipherText
* @return
* @throws Exception
*/
public static byte[] decrypt_Ecb_Padding(byte[] key, byte[] cipherText) throws Exception {
Cipher cipher = generateEcbCipher(ALGORITHM_NAME_ECB_PADDING, Cipher.DECRYPT_MODE, key);//生成Ecb暗号,通过第二个参数判断加密还是解密
return cipher.doFinal(cipherText);
}
/**
*
* @explain
* @param
* @param cipherText 16
* @param paramStr
* @return
* @throws Exception
*/
public static boolean verifyEcb(String cipherText, String paramStr) throws Exception {
// 用于接收校验结果
boolean flag = false;
// hexString-->byte[]
byte[] keyData = ByteUtils.fromHexString(hexKey);
// 将16进制字符串转换成数组
byte[] cipherData = ByteUtils.fromHexString(cipherText);
// 解密
byte[] decryptData = decrypt_Ecb_Padding(keyData, cipherData);
// 将原字符串转换成byte[]
byte[] srcData = paramStr.getBytes(ENCODING);
// 判断2个数组是否一致
flag = Arrays.equals(decryptData, srcData);
return flag;
}
}

2
ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
Unescape View File

@ -111,7 +111,7 @@ public class SecurityConfig
.authorizeHttpRequests((requests) -> {
permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll());
// 对于登录login 注册register 验证码captchaImage 允许匿名访问
requests.antMatchers("/login", "/register", "/captcha/get", "/captcha/check","/captchaImage").permitAll()
requests.antMatchers("/login", "/register", "/captcha/get", "/captcha/check","/publicKey","/captchaImage").permitAll()
// 静态资源,可匿名访问
.antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
.antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()

6
ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysRegisterService.java
Unescape View File

@ -1,5 +1,6 @@
package com.ruoyi.framework.web.service;
import com.ruoyi.common.utils.sign.Sm4Util;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import com.ruoyi.common.constant.CacheConstants;
@ -38,9 +39,8 @@ public class SysRegisterService
/**
*
*/
public String register(RegisterBody registerBody)
{
String msg = "", username = registerBody.getUsername(), password = registerBody.getPassword();
public String register(RegisterBody registerBody) throws Exception {
String msg = "", username = registerBody.getUsername(), password = Sm4Util.decryptEcb(registerBody.getPassword());
SysUser sysUser = new SysUser();
sysUser.setUserName(username);

2
ruoyi-system/src/main/resources/mapper/system/SysMenuMapper.xml
Unescape View File

@ -80,7 +80,7 @@
left join sys_role_menu rm on m.menu_id = rm.menu_id
left join sys_user_role ur on rm.role_id = ur.role_id
left join sys_role ro on ur.role_id = ro.role_id
left join sys_user u on ur.user_id = u.user_id
left join ${prefix}sys_user u on ur.user_id = u.user_id
where u.user_id = #{userId} and m.menu_type in ('M', 'C') and m.status = 0 AND ro.status = 0
order by m.parent_id, m.order_num
</select>

4
ruoyi-system/src/main/resources/mapper/system/SysPostMapper.xml
Unescape View File

@ -50,7 +50,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
select p.post_id
from sys_post p
left join sys_user_post up on up.post_id = p.post_id
left join sys_user u on u.user_id = up.user_id
left join ${prefix}sys_user u on u.user_id = up.user_id
where u.user_id = #{userId}
</select>
@ -58,7 +58,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
select p.post_id, p.post_name, p.post_code
from sys_post p
left join sys_user_post up on up.post_id = p.post_id
left join sys_user u on u.user_id = up.user_id
left join ${prefix}sys_user u on u.user_id = up.user_id
where u.user_name = #{userName}
</select>

1
ruoyi-ui/package.json
Unescape View File

@ -54,6 +54,7 @@
"nprogress": "0.2.0",
"quill": "1.3.7",
"screenfull": "5.0.2",
"sm-crypto": "^0.3.13",
"sortablejs": "1.10.2",
"vue": "2.6.12",
"vue-count-to": "1.0.13",

13
ruoyi-ui/src/api/login.js
Unescape View File

@ -1,12 +1,11 @@
import request from '@/utils/request'
// 登录方法
export function login(username, password, code, uuid) {
export function login(username, password, code) {
const data = {
username,
password,
code,
uuid
code
}
return request({
url: '/login',
@ -46,3 +45,11 @@ export function logout() {
method: 'post'
})
}
// 获取key
export function getPublicKey() {
return request({
url: '/publicKey',
method: 'get',
})
}

15
ruoyi-ui/src/api/sm4.js
Unescape View File

@ -0,0 +1,15 @@
const sm4 =require('sm-crypto').sm4
//const key='7f5cd501e5548914edaed6824d3ff79d'//可以为16进制串或字节数组要求为128比特
/**
* 加密
* @param txt
* @returns {*}
*/
export function encrypt(txt,key) {
return sm4.encrypt(txt,key);
}
export function decrypt(txt,key) {
return sm4.decrypt(txt,key);
}

41
ruoyi-ui/src/store/modules/user.js
Unescape View File

@ -1,5 +1,6 @@
import { login, logout, getInfo } from '@/api/login'
import { login, logout, getInfo, getPublicKey } from '@/api/login'
import { getToken, setToken, removeToken } from '@/utils/auth'
import {encrypt} from "@/api/sm4";
const user = {
state: {
@ -33,19 +34,35 @@ const user = {
},
actions: {
getPublicKey() {
return new Promise((resolve, reject) => {
getPublicKey()
.then(res => {
resolve(res)
})
.catch(error => {
reject(error)
})
})
},
// 登录
Login({ commit }, userInfo) {
const username = userInfo.username.trim()
const password = userInfo.password
const code = userInfo.code
const uuid = userInfo.uuid
Login({ commit, dispatch }, userInfo) {
return new Promise((resolve, reject) => {
login(username, password, code, uuid).then(res => {
setToken(res.token)
commit('SET_TOKEN', res.token)
resolve()
}).catch(error => {
reject(error)
dispatch('getPublicKey').then(res => {
let publicKey = res
const username = userInfo.username.trim()
//调用加密方法(传密码和公钥)
const password = encrypt(userInfo.password,publicKey)
const code = userInfo.code
login(username, password, code)
.then(res => {
setToken(res.token)
commit('SET_TOKEN', res.token)
resolve()
})
.catch(error => {
reject(error)
})
})
})
},

50
ruoyi-ui/src/views/register.vue
Unescape View File

@ -67,8 +67,8 @@
</template>
<script>
import { getCodeImg, register } from "@/api/login";
import { getCodeImg,getPublicKey, register } from "@/api/login";
import {encrypt} from "@/api/sm4";
export default {
name: "Register",
data() {
@ -121,24 +121,42 @@ export default {
}
});
},
getPublicKey() {
return new Promise((resolve, reject) => {
getPublicKey()
.then(res => {
resolve(res)
})
.catch(error => {
reject(error)
})
})
},
handleRegister() {
this.$refs.registerForm.validate(valid => {
if (valid) {
this.loading = true;
register(this.registerForm).then(res => {
const username = this.registerForm.username;
this.$alert("<font color='red'>恭喜你,您的账号 " + username + " 注册成功!</font>", '系统提示', {
dangerouslyUseHTMLString: true,
type: 'success'
}).then(() => {
this.$router.push("/login");
}).catch(() => {});
}).catch(() => {
this.loading = false;
if (this.captchaEnabled) {
this.getCode();
}
this.getPublicKey().then(res => {
let publicKey = res
this.registerForm.password = encrypt(this.registerForm.password, publicKey)
this.registerForm.confirmPassword = encrypt(this.registerForm.confirmPassword, publicKey)
this.loading = true
register(this.registerForm).then(res => {
const username = this.registerForm.username
this.$alert('<font color=\'red\'>恭喜你,您的账号 ' + username + ' 注册成功!</font>', '系统提示', {
dangerouslyUseHTMLString: true,
type: 'success'
}).then(() => {
this.$router.push('/login')
}).catch(() => {
})
}).catch(() => {
this.loading = false
if (this.captchaEnabled) {
this.getCode()
}
})
})
}
});
}

26
ruoyi-ui/src/views/system/user/profile/resetPwd.vue
Unescape View File

@ -18,6 +18,8 @@
<script>
import { updateUserPwd } from "@/api/system/user";
import {encrypt} from "@/api/sm4";
import {getPublicKey} from "@/api/login";
export default {
data() {
@ -52,12 +54,30 @@ export default {
};
},
methods: {
getPublicKey() {
return new Promise((resolve, reject) => {
getPublicKey()
.then(res => {
resolve(res)
})
.catch(error => {
reject(error)
})
})
},
submit() {
this.$refs["form"].validate(valid => {
if (valid) {
updateUserPwd(this.user.oldPassword, this.user.newPassword).then(response => {
this.$modal.msgSuccess("修改成功");
});
this.getPublicKey().then(res=>{
let publicKey = res
const oldPassword = encrypt(this.user.oldPassword, publicKey)
const newPassword = encrypt(this.user.newPassword, publicKey)
updateUserPwd(oldPassword, newPassword).then(
response => {
this.$modal.msgSuccess("修改成功");
}
);
})
}
});
},

Write Preview
Loading…
Cancel
Save