licoy / encrypt-body-spring-boot-starter Goto Github PK

🔒 SpringBoot控制器统一的响应体编码/加密与请求体解密的注解处理方式，支持MD5/SHA/AES/DES/RSA | SpringBoot controller unified response body encoding/encryption and request body decryption annotation processing method.

License: Apache License 2.0

Java 100.00%

springboot encrypt responsebody spring-mvc spring-security spring java aes des-encryption md5

encrypt-body-spring-boot-starter's Introduction

简体中文 | English

介绍

encrypt-body-spring-boot-starter是对springboot控制器统一的响应体编码/加密与请求体解密的注解处理方式，支持MD5/SHA/AES/DES/RSA。

编码/加密解密支持

可进行编码/加密的方式有：
- - MD5
- - SHA-1 / SHA-256
- - AES
- - DES
- - RSA
可进行解密的方式有：
- - AES
- - DES
- - RSA

引入注册

导入依赖

在项目的pom.xml中引入依赖：

<dependency>
    <groupId>cn.licoy</groupId>
    <artifactId>encrypt-body-spring-boot-starter</artifactId>
    <version>1.2.3</version>
</dependency>

启用组件

在工程对应的Application类中增加@EnableEncryptBody注解，如：

@EnableEncryptBody
@SpringBootApplication
public class Application {
    
    public static void main(String[] args) {
        SpringApplication.run(Application.class, args);
    }

}

配置参数

在项目的application.yml或application.properties文件中增加参数配置，例如：

encrypt:  
    body:
      aes-key: 12345678 #AES加密秘钥
      des-key: 12345678 #DES加密秘钥
      # more...

使用

对整个控制器生效

@RestController
@EncryptBody
@RequestMapping("/test")
public class TestController {

    @GetMapping
    public String test(){
        return "hello world";
    }

}

对单一请求生效

@Controller
@RequestMapping("/test")
public class TestController {

    @GetMapping
    @ResponseBody
    @EncryptBody(value = EncryptBodyMethod.AES)
    public String test(){
        return "hello world";
    }

}

对响应的声明类生效

@Data
@EncryptBody
public class User implements Serializable {

    private String name;

    private String email;

    private Integer number;

    private String numberValue;

}

对声明类单一属性生效

@Data
@EncryptBody
@FieldBody
public class User implements Serializable {

    private String name;

    @FieldBody
    @AESEncryptBody(key = "1234567812345678")
    private String email;

    @FieldBody(field = "numberValue", clearValue = true)
    @DESEncryptBody(key = "1234567812345678")
    private Integer number;

    private String numberValue;

}

注解一览表

开源协议

Apache 2.0

encrypt-body-spring-boot-starter's People

Contributors

Stargazers

Watchers

Forkers

veligerli weibo1987 winson1990 agilesharp toywei o2e gqfjob liuwang126 yangsimon zhhui bentys javagrails jxchenchangyu luoyuwei3919 yelllowhat fj1994 yaohongda rarshion zhanghongjie6 garenmax usernotexist12 zhiguangji2008 jyy524325 guijih mrfatuncle davidsche kuailejiandan hongwu123 zjf2671 fangdaomen zc888168 sunashang suivan synpore zhanglei salahatwa zhangxinhang cocoiceman liuxiaoming1109 xdfh jwang31496 tianzifan senon-ye laoye-java wushu0725 ixuea jwencode pingxingshikong huangsir333 lambochen biqingguo lbqssss liji123456 oopyoung zone-broke twchenjia d1jk luyulong skyyan2000 shaojay spunk166 yoyofx flywind2 apple006 doushaoxun samproton lichenju33 tszgc gitwyy hoaronal-project yanmyokyaw shlgyzl zhangnew vishu221b guojieem hjh-illusionist kayleyang leimingchao666 masterdxy oomgomgxx maina-alex 121666751 a13668349935 cleancloud123 mymrgithub aluenkinglee yangtang-up glinboy qingyueyun zouxiaodong damoasis linkinshi xucw qinfensiwo willynganga yangbingkun315 banorpick apriorhythm ruanun vitorhenriquec

encrypt-body-spring-boot-starter's Issues

有个坑

EncryptResponseBodyAdvice.java 203
DES拿的KEY拿错了吧？
config.getAesKey()

AESEncryptUtil在SSM框架下,Tomcat控制台解密错误

加密前:[{"roleId":0,"roleName":"财务部领导0","roleType":"0"},{"roleId":0,"roleName":"财务部领导1","roleType":"1"},{"roleId":0,"roleName":"财务部领导2","roleType":"2"},{"roleId":0,"roleName":"财务部领导3","roleType":"3"},{"roleId":0,"roleName":"财务部领导4","roleType":"4"},{"roleId":0,"roleName":"财务部领导5","roleType":"5"},{"roleId":0,"roleName":"财务部领导6","roleType":"6"},{"roleId":0,"roleName":"财务部领导7","roleType":"7"},{"roleId":0,"roleName":"财务部领导8","roleType":"8"},{"roleId":0,"roleName":"财务部领导9","roleType":"9"}]

[INFO ] [14:26:57] com.qtong.rms.act.encryptbody.AESEncryptUtil - 加密后:A9EB8D26BF03E36D31DDC8721F267C674BB14500B0269D8752BD87FB1C4F0BB418EFD59DF3CB11CA8280F70EDDC188F95CC98052108878008E013E4E218BC4B89122C96A0E684BBA707781ADA4F351ED667DFF24EA5F002BD942A3D4BEB8739CF1D341813C4C451205193FD8E926C84C44F1D1C4C5DDF2A297C027D84B8F25CA7F08F4B86EE9A6205F607BA85DEE93D06676EFC1A3E1B2B40D40FBF2845B2CF97B93FD40C5E0EEFC74827D79D172D73614318A726F881BE792E99ABB9C1CD0B5B9BB5DE8E4BD223D438E413BBC679D0BA57D05ED58861C8181797814B045E0C1F673FC0C6B0DDE80337D6847934A011371D1956F71043D10A625272C1E73B30A5CCFFB297160E57A8E7D19D7511027E1C5ECD0416B40AF828CDD0C05C54D8D7C9A9DC76A212497A007D9D6BE15A9E611023F67AA8160D90A9D7B572D917EC6A17827A6D24CD32DB9FB18C9B216BAB1616E0A2731C23427426C16983CE34A1690085324533277D0631819FC5975ACC439A032FCA7543E73AC7C345D85C4A46D0721E40DB4FA774346A3837D900BC21E8DB9E1D796728FF96064251C5E66E9722258F5BB2171AA55C3B19DE3B2481DAEFAF4E1DD95F08314654315ECCE0608374149CAF6D51427BBB5294577B675D690D4D7A74AEA61C845546A7ADD18C610F63D4BB14500B0269D8752BD87FB1C4F0BB4CA9AC9C11ADE4E6F300E45D5917EC66B1CCF453885C054892C1D68CEFD2AE9429122C96A0E684BBA707781ADA4F351ED667DFF24EA5F002BD942A3D4BEB8739C54D595B7A3931A85D58E4AE02366734B568778CA85AD8A43A4C5F9C85E02B0F8

[INFO ] [14:26:57] com.qtong.rms.act.encryptbody.AESEncryptUtil - 解密后:[{"roleId":0,"roleName":"璐㈠姟閮ㄩ瀵?0","roleType":"0"},{"roleId":0,"roleName":"璐㈠姟閮ㄩ瀵?1","roleType":"1"},{"roleId":0,"roleName":"璐㈠姟閮ㄩ瀵?2","roleType":"2"},{"roleId":0,"roleName":"璐㈠姟閮ㄩ瀵?3","roleType":"3"},{"roleId":0,"roleName":"璐㈠姟閮ㄩ瀵?4","roleType":"4"},{"roleId":0,"roleName":"璐㈠姟閮ㄩ瀵?5","roleType":"5"},{"roleId":0,"roleName":"璐㈠姟閮ㄩ瀵?6","roleType":"6"},{"roleId":0,"roleName":"璐㈠姟閮ㄩ瀵?7","roleType":"7"},{"roleId":0,"roleName":"璐㈠姟閮ㄩ瀵?8","roleType":"8"},{"roleId":0,"roleName":"璐㈠姟閮ㄩ瀵?9","roleType":"9"}]

中文乱码, 是AESEncryptUtil类中aes方法解密类型, byte转String的时候,没有增加 utf-8 导致中文乱码
72行改成:return new String(cipher.doFinal(byteContent), "utf-8"); 这样就可以了,

支持对象内指定属性加解密

考虑支持 SM 国密算法·

是否会考虑增加 SM 国密算法, 例如 SM2 签名验签/加密解密(非对称)、SM3 摘要、SM4 加密解密(对称)

InvalidKeyException: Invalid AES key length: 2 bytes.访问接口，总是出现这个错误

前端如何进行解密

后端采用@EncryptBody 加密前端如何解密

rsa加密的怎么配置呢

EncryptResponseBodyAdvice 返回日期格式问题

对返回数据的整个进行了加密，返回结果集中的，日期字段如何格式化返回？

请问在控制器中，每个请求的返回值必须是 String 吗？

    @ApiOperation("登录")
    @PostMapping("/loginUser")
    public ResultVo loginUser(@Validated @RequestBody LoginUserForm userForm) {
        if (userService.loginUser(userForm)) {
            return ResultVoUtil.success();
        } else {
            return ResultVoUtil.error(ResultEnum.ADD_ERROR);
        }
    }

继承重新实现

博主、你写的这东西能不能给人继承下？

Given final block not properly padded. Such issues can arise if a bad key is used during decryption.

hi，when user the des encrypt, meet the error.

Firstly,when I just test the dncrpty method using main method, that is ok
@test
public void test1() {

    for (int i = 0; i < 100; i++) {
        System.out.println(DESCryptography.dncrypt("F62AC256E0778C87"));

    }

}

but , unhappily ,when I start my spring boot web ,just write this:
public static void main(String... args) {

    ApplicationContext context = SpringApplication.run(WalletDriver.class, args);

    for (int i = 0; i < 100; i++) {
        System.out.println(DESCryptography.dncrypt("F62AC256E0778C87"));
    }
}

I meet the error：
javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
at java.base/com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:991)
at java.base/com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:847)
at java.base/com.sun.crypto.provider.DESCipher.engineDoFinal(DESCipher.java:314)
at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2202)

Until now,i can not found how to resolve the problem

Given final block not properly padded. Such issues can arise if a bad key is used during decryption.

依然还是出现这个问题, SSM框架,tomcat是9.0.13, java version "1.8.0_181"

1.是SSM的一个项目,写的方法,

2.ssm项目控制台打印的结果

3.springboot项目,接受参数

AESEn

只在类上加@EncryptBody 注解时报错

@RestController
@EncryptBody(value = EncryptBodyMethod.AES)
@RequestMapping("/test")
public class TestController {

    @GetMapping
    public String test(){
        return "hello world";
    }
}

报错行地方在EncryptResponseBodyAdvice类；会走到 116 行；

大概原因是106 行把类上EncryptAnnotationInfoBean 覆盖掉了。

RSA

为啥现在还不支持RSA

AES解密异常：Given final block not properly padded

AES解密异常javax.crypto.BadPaddingException: Given final block not properly padded，类：cn.licoy.encryptbody.util.AESEncryptUtil

抛出异常类型好像不对

https://github.com/Licoy/encrypt-body-spring-boot-starter/blob/master/src/main/java/cn/licoy/encryptbody/util/ShaEncryptUtil.java
应该是抛EncryptMethodNotFoundException异常吧

Map请求参数不兼容

cn.licoy.encryptbody.exception.DecryptBodyFailException: java.util.Map<java.lang.String, java.lang.String>
at cn.licoy.encryptbody.advice.DecryptRequestBodyAdvice.beforeBodyRead(DecryptRequestBodyAdvice.java:101)
at org.springframework.web.servlet.mvc.method.annotation.RequestResponseBodyAdviceChain.beforeBodyRead(RequestResponseBodyAdviceChain.java:92)
at org.springframework.web.servlet.mvc.method.annotation.AbstractMessageConverterMethodArgumentResolver.readWithMessageConverters(AbstractMessageConverterMethodArgumentResolver.java:184)
at org.springframework.web.servlet.mvc.method.annotation.RequestResponseBodyMethodProcessor.readWithMessageConverters(RequestResponseBodyMethodProcessor.java:160)
at org.springframework.web.servlet.mvc.method.annotation.RequestResponseBodyMethodProcessor.resolveArgument(RequestResponseBodyMethodProcessor.java:133)
at org.springframework.web.method.support.HandlerMethodArgumentResolverComposite.resolveArgument(HandlerMethodArgumentResolverComposite.java:122)
at org.springframework.web.method.support.InvocableHandlerMethod.getMethodArgumentValues(InvocableHandlerMethod.java:179)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:146)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:117)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:808)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1067)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:963)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006)
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:681)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:764)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:327)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:115)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:81)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:122)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:116)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:126)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:81)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:109)