fg_v2.0.git - Gitblit

parent: 70564439 | 补丁 | 提交 | ignore whitespace

whycxzp

2023-10-24 f84177e30fea061b1bca1d7a70e56976e350635b

中等级缺陷9-1

4个文件已修改

1个文件已添加

	pom.xml	6 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	src/main/java/com/whyc/util/JasyptUtils.java	65 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	src/main/resources/config/application-dev.yml	8 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	src/main/resources/config/application-prod-ssl.yml	7 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	src/main/resources/config/application-prod.yml	7 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史

 pom.xml

@@ -245,7 +245,11 @@
            <artifactId>esapi</artifactId>
            <version>2.5.0.0</version>
        </dependency>

        <dependency>
            <groupId>com.github.ulisesbocchio</groupId>
            <artifactId>jasypt-spring-boot-starter</artifactId>
            <version>3.0.4</version>
        </dependency>


    </dependencies>

 src/main/java/com/whyc/util/JasyptUtils.java

New file
@@ -0,0 +1,65 @@
package com.whyc.util;


import lombok.extern.slf4j.Slf4j;
import org.jasypt.properties.PropertyValueEncryptionUtils;
import org.jasypt.util.text.BasicTextEncryptor;

@Slf4j
public final class JasyptUtils {

    public static void main(String[] args) {
        String a = encrypt("lmx8688139");
        decrypt(a);

    }

    /**
     * 加密使用密钥
     */
    private static final String PRIVATE_KEY = "9Lu6HgEvttjj8vYhy3ID+PqPbumuXhcH";

    private static BasicTextEncryptor basicTextEncryptor = new BasicTextEncryptor();

    static {
        basicTextEncryptor.setPassword(PRIVATE_KEY);
    }

    /**
     * 私有构造方法，防止被意外实例化
     */
    private JasyptUtils() {
    }

    /**
     * 明文加密
     *
     * @param plaintext 明文
     * @return String
     */
    public static String encrypt(String plaintext) {
        log.info("明文字符串为：{}", plaintext);
        // 使用的加密算法参考2.2节内容，也可以在源码的类注释中看到
        String ciphertext = basicTextEncryptor.encrypt(plaintext);
        log.info("密文字符串为：{}", ciphertext);
        return ciphertext;
    }

    /**
     * 解密
     *
     * @param ciphertext 密文
     * @return String
     */
    public static String decrypt(String ciphertext) {
        log.info("密文字符串为：{}", ciphertext);
        ciphertext = "ENC(" + ciphertext + ")";
        if (PropertyValueEncryptionUtils.isEncryptedValue(ciphertext)) {
            String plaintext = PropertyValueEncryptionUtils.decrypt(ciphertext, basicTextEncryptor);
            log.info("明文字符串为：{}", plaintext);
            return plaintext;
        }
        log.error("解密失败！");
        return "";
    }
}

 src/main/resources/config/application-dev.yml

@@ -25,7 +25,7 @@
#    url: jdbc:mysql://192.168.10.80:3360/db_user?characterEncoding=utf8&serverTimezone=Asia/Shanghai&allowMultiQueries=true&rewriteBatchedStatements=true
#    url: jdbc:mysql://118.89.139.230:3360/db_user?characterEncoding=utf8&serverTimezone=Asia/Shanghai&allowMultiQueries=true&rewriteBatchedStatements=true
    username: root
    password: lmx8688139
    password: ENC(0BFKp+nuSlmBu4YAB8U7rn5PoV2QVyGu)
    maxIdel: 60
    initialPoolSize: 2
    minPoolSize: 5
@@ -36,6 +36,12 @@
      max-request-size: 200MB
  messages:
    basename: i18n/message
jasypt:
  encryptor:
    password: 9Lu6HgEvttjj8vYhy3ID+PqPbumuXhcH
    algorithm: PBEWithMD5AndDES
    iv-generator-classname: org.jasypt.iv.NoIvGenerator

mybatis-plus:
  typeAliasesPackage: com.whyc.pojo,com.whyc.dto
  mapper-locations: classpath:mapper/**/*Mapper.xml

 src/main/resources/config/application-prod-ssl.yml

@@ -32,7 +32,7 @@
    #    url: jdbc:mysql://192.168.10.80:3360/db_user?characterEncoding=utf8&serverTimezone=Asia/Shanghai&allowMultiQueries=true&rewriteBatchedStatements=true
    #    url: jdbc:mysql://118.89.139.230:3360/db_user?characterEncoding=utf8&serverTimezone=Asia/Shanghai&allowMultiQueries=true&rewriteBatchedStatements=true
    username: root
    password: lmx8688139
    password: ENC(0BFKp+nuSlmBu4YAB8U7rn5PoV2QVyGu)
    maxIdel: 60
    initialPoolSize: 2
    minPoolSize: 2
@@ -43,6 +43,11 @@
      max-request-size: 200MB
  messages:
    basename: i18n/message
jasypt:
  encryptor:
    password: 9Lu6HgEvttjj8vYhy3ID+PqPbumuXhcH
    algorithm: PBEWithMD5AndDES
    iv-generator-classname: org.jasypt.iv.NoIvGenerator
mybatis-plus:
  typeAliasesPackage: com.whyc.pojo,com.whyc.dto
  mapper-locations: classpath:mapper/**/*Mapper.xml

 src/main/resources/config/application-prod.yml

@@ -26,7 +26,7 @@
    #    url: jdbc:mysql://192.168.10.80:3360/db_user?characterEncoding=utf8&serverTimezone=Asia/Shanghai&allowMultiQueries=true&rewriteBatchedStatements=true
    #    url: jdbc:mysql://118.89.139.230:3360/db_user?characterEncoding=utf8&serverTimezone=Asia/Shanghai&allowMultiQueries=true&rewriteBatchedStatements=true
    username: root
    password: lmx8688139
    password: ENC(0BFKp+nuSlmBu4YAB8U7rn5PoV2QVyGu)
    maxIdel: 60
    initialPoolSize: 2
    minPoolSize: 2
@@ -37,6 +37,11 @@
      max-request-size: 200MB
  messages:
    basename: i18n/message
jasypt:
  encryptor:
    password: 9Lu6HgEvttjj8vYhy3ID+PqPbumuXhcH
    algorithm: PBEWithMD5AndDES
    iv-generator-classname: org.jasypt.iv.NoIvGenerator
mybatis-plus:
  typeAliasesPackage: com.whyc.pojo,com.whyc.dto
  mapper-locations: classpath:mapper/**/*Mapper.xml

			@@ -245,7 +245,11 @@
			<artifactId>esapi</artifactId>
			<version>2.5.0.0</version>
			</dependency>

			<dependency>
			<groupId>com.github.ulisesbocchio</groupId>
			<artifactId>jasypt-spring-boot-starter</artifactId>
			<version>3.0.4</version>
			</dependency>


			</dependencies>

New file
			@@ -0,0 +1,65 @@
			package com.whyc.util;


			import lombok.extern.slf4j.Slf4j;
			import org.jasypt.properties.PropertyValueEncryptionUtils;
			import org.jasypt.util.text.BasicTextEncryptor;

			@Slf4j
			public final class JasyptUtils {

			public static void main(String[] args) {
			String a = encrypt("lmx8688139");
			decrypt(a);

			}

			/**
			* 加密使用密钥
			*/
			private static final String PRIVATE_KEY = "9Lu6HgEvttjj8vYhy3ID+PqPbumuXhcH";

			private static BasicTextEncryptor basicTextEncryptor = new BasicTextEncryptor();

			static {
			basicTextEncryptor.setPassword(PRIVATE_KEY);
			}

			/**
			* 私有构造方法，防止被意外实例化
			*/
			private JasyptUtils() {
			}

			/**
			* 明文加密
			*
			* @param plaintext 明文
			* @return String
			*/
			public static String encrypt(String plaintext) {
			log.info("明文字符串为：{}", plaintext);
			// 使用的加密算法参考2.2节内容，也可以在源码的类注释中看到
			String ciphertext = basicTextEncryptor.encrypt(plaintext);
			log.info("密文字符串为：{}", ciphertext);
			return ciphertext;
			}

			/**
			* 解密
			*
			* @param ciphertext 密文
			* @return String
			*/
			public static String decrypt(String ciphertext) {
			log.info("密文字符串为：{}", ciphertext);
			ciphertext = "ENC(" + ciphertext + ")";
			if (PropertyValueEncryptionUtils.isEncryptedValue(ciphertext)) {
			String plaintext = PropertyValueEncryptionUtils.decrypt(ciphertext, basicTextEncryptor);
			log.info("明文字符串为：{}", plaintext);
			return plaintext;
			}
			log.error("解密失败！");
			return "";
			}
			}

			@@ -25,7 +25,7 @@
			# url: jdbc:mysql://192.168.10.80:3360/db_user?characterEncoding=utf8&serverTimezone=Asia/Shanghai&allowMultiQueries=true&rewriteBatchedStatements=true
			# url: jdbc:mysql://118.89.139.230:3360/db_user?characterEncoding=utf8&serverTimezone=Asia/Shanghai&allowMultiQueries=true&rewriteBatchedStatements=true
			username: root
			password: lmx8688139
			password: ENC(0BFKp+nuSlmBu4YAB8U7rn5PoV2QVyGu)
			maxIdel: 60
			initialPoolSize: 2
			minPoolSize: 5
			@@ -36,6 +36,12 @@
			max-request-size: 200MB
			messages:
			basename: i18n/message
			jasypt:
			encryptor:
			password: 9Lu6HgEvttjj8vYhy3ID+PqPbumuXhcH
			algorithm: PBEWithMD5AndDES
			iv-generator-classname: org.jasypt.iv.NoIvGenerator

			mybatis-plus:
			typeAliasesPackage: com.whyc.pojo,com.whyc.dto
			mapper-locations: classpath:mapper/*/Mapper.xml

			@@ -32,7 +32,7 @@
			# url: jdbc:mysql://192.168.10.80:3360/db_user?characterEncoding=utf8&serverTimezone=Asia/Shanghai&allowMultiQueries=true&rewriteBatchedStatements=true
			# url: jdbc:mysql://118.89.139.230:3360/db_user?characterEncoding=utf8&serverTimezone=Asia/Shanghai&allowMultiQueries=true&rewriteBatchedStatements=true
			username: root
			password: lmx8688139
			password: ENC(0BFKp+nuSlmBu4YAB8U7rn5PoV2QVyGu)
			maxIdel: 60
			initialPoolSize: 2
			minPoolSize: 2
			@@ -43,6 +43,11 @@
			max-request-size: 200MB
			messages:
			basename: i18n/message
			jasypt:
			encryptor:
			password: 9Lu6HgEvttjj8vYhy3ID+PqPbumuXhcH
			algorithm: PBEWithMD5AndDES
			iv-generator-classname: org.jasypt.iv.NoIvGenerator
			mybatis-plus:
			typeAliasesPackage: com.whyc.pojo,com.whyc.dto
			mapper-locations: classpath:mapper/*/Mapper.xml

			@@ -26,7 +26,7 @@
			# url: jdbc:mysql://192.168.10.80:3360/db_user?characterEncoding=utf8&serverTimezone=Asia/Shanghai&allowMultiQueries=true&rewriteBatchedStatements=true
			# url: jdbc:mysql://118.89.139.230:3360/db_user?characterEncoding=utf8&serverTimezone=Asia/Shanghai&allowMultiQueries=true&rewriteBatchedStatements=true
			username: root
			password: lmx8688139
			password: ENC(0BFKp+nuSlmBu4YAB8U7rn5PoV2QVyGu)
			maxIdel: 60
			initialPoolSize: 2
			minPoolSize: 2
			@@ -37,6 +37,11 @@
			max-request-size: 200MB
			messages:
			basename: i18n/message
			jasypt:
			encryptor:
			password: 9Lu6HgEvttjj8vYhy3ID+PqPbumuXhcH
			algorithm: PBEWithMD5AndDES
			iv-generator-classname: org.jasypt.iv.NoIvGenerator
			mybatis-plus:
			typeAliasesPackage: com.whyc.pojo,com.whyc.dto
			mapper-locations: classpath:mapper/*/Mapper.xml