add the aes(rsa.privateKey) method

Signed-off-by: kakawu <[email protected]>

pom.xml

@@ -5,7 +5,7 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>fateboard</groupId>
     <artifactId>fateboard</artifactId>
-    <version>1.11.1</version>
+    <version>1.11.3</version>
 
     <parent>
         <groupId>org.springframework.boot</groupId>
@@ -36,13 +36,19 @@
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-web</artifactId>
+<!--            <exclusions>-->
+<!--                <exclusion>-->
+<!--                    <artifactId>snakeyaml</artifactId>-->
+<!--                    <groupId>org.yaml</groupId>-->
+<!--                </exclusion>-->
+<!--            </exclusions>-->
         </dependency>
-        <dependency>
-            <groupId>org.springframework</groupId>
-            <artifactId>spring-webmvc</artifactId>
-            <version>5.3.26</version>
-            <scope>compile</scope>
-        </dependency>
+<!--        <dependency>-->
+<!--            <groupId>org.springframework</groupId>-->
+<!--            <artifactId>spring-webmvc</artifactId>-->
+<!--            <version>5.3.26</version>-->
+<!--            <scope>compile</scope>-->
+<!--        </dependency>-->
 
         <!-- https://mvnrepository.com/artifact/org.apache.commons/commons-lang3 -->
         <dependency>
@@ -154,6 +160,12 @@
             <groupId>org.springframework.cloud</groupId>
             <artifactId>spring-cloud-starter-openfeign</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.yaml</groupId>
+            <artifactId>snakeyaml</artifactId>
+            <version>2.0</version>
+            <scope>compile</scope>
+        </dependency>
     </dependencies>
 
     <dependencyManagement>

src/main/java/com/webank/ai/fate/board/services/UserService.java

@@ -16,6 +16,7 @@
 package com.webank.ai.fate.board.services;
 
 import com.webank.ai.fate.board.pojo.UserDTO;
+import com.webank.ai.fate.board.utils.AESUtil;
 import com.webank.ai.fate.board.utils.StandardRSAUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
@@ -69,6 +70,7 @@ public boolean checkUser(String username, String password) {
         String encrypted = getValue("server.board.encrypt.enable");
         if (StringUtils.isNotBlank(privateKey) && "true".equalsIgnoreCase(encrypted)) {
             try {
+                privateKey = AESUtil.aesDecrypt(privateKey, AESUtil.aesKey);
                 passwordValue = StandardRSAUtils.decryptByPrivateKey(passwordValue, privateKey);
             } catch (Exception e) {
                 logger.error("decrypt password error");

src/main/java/com/webank/ai/fate/board/utils/AESUtil.java

@@ -0,0 +1,92 @@
+package com.webank.ai.fate.board.utils;
+
+
+import com.sun.org.apache.xerces.internal.impl.dv.util.Base64;
+import org.apache.commons.lang3.StringUtils;
+import sun.misc.BASE64Decoder;
+import sun.misc.BASE64Encoder;
+
+import javax.crypto.Cipher;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+
+
+public class AESUtil {
+
+
+    public static String aesKey = "94kl35k25d3t2rk1";
+
+
+    // 加密
+    public static String encrypt(String sSrc, String encryptKey) throws Exception {
+        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+        byte[] raw = encryptKey.getBytes();
+        SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
+        IvParameterSpec iv = new IvParameterSpec(encryptKey.getBytes());// 使用CBC模式，需要一个向量iv，可增加加密算法的强度
+        cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv);
+        byte[] encrypted = cipher.doFinal(sSrc.getBytes("utf-8"));
+        // 此处使用BASE64做转码。
+        return new BASE64Encoder().encode(encrypted).replaceAll("[\\s*\t\n\r]", "");
+    }
+
+
+    /**
+     * base 64 encode
+     *
+     * @param bytes 待编码的byte[]
+     * @return 编码后的base 64 code
+     */
+    public static String base64Encode(byte[] bytes) {
+        return Base64.encode(bytes);
+    }
+
+    /**
+     * base 64 decode
+     *
+     * @param base64Code 待解码的base 64 code
+     * @return 解码后的byte[]
+     * @throws Exception
+     */
+    public static byte[] base64Decode(String base64Code) throws Exception {
+        return StringUtils.isEmpty(base64Code) ? null : new BASE64Decoder().decodeBuffer(base64Code);
+    }
+
+
+    /**
+     * AES解密
+     *
+     * @param encryptBytes 待解密的byte[]
+     * @param decryptKey   解密密钥
+     * @return 解密后的String
+     * @throws Exception
+     */
+    public static String aesDecryptByBytes(byte[] encryptBytes, String decryptKey) throws Exception {
+        IvParameterSpec iv = new IvParameterSpec(decryptKey.getBytes("UTF-8"));
+        SecretKeySpec skeySpec = new SecretKeySpec(decryptKey.getBytes("UTF-8"), "AES");
+
+        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+        cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);
+        byte[] decryptBytes = cipher.doFinal(encryptBytes);
+        return new String(decryptBytes);
+    }
+
+
+    /**
+     * 将base 64 code AES解密
+     *
+     * @param encryptStr 待解密的base 64 code
+     * @param decryptKey 解密密钥
+     * @return 解密后的string
+     * @throws Exception
+     */
+    public static String aesDecrypt(String encryptStr, String decryptKey) throws Exception {
+        return StringUtils.isEmpty(encryptStr) ? null : aesDecryptByBytes(base64Decode(encryptStr), decryptKey);
+    }
+
+    public static void main(String[] args) throws Exception {
+        String t = "test";
+        String encrypt = AESUtil.encrypt(t, AESUtil.aesKey);
+        System.out.println(encrypt);
+        System.out.println(AESUtil.aesDecrypt(encrypt, AESUtil.aesKey));
+    }
+}