兰宝车间质量管理系统
blame | 历史 | 补丁 | 提交 | 提交对比 | 忽略空白
疯狂的狮子Li
2023-07-10 af08632c37b10c0927cf3fb9c75fac0d3a58b9f1 
 ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/DecryptRequestBodyWrapper.java


ÎļþÃû´Ó ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/filter/DecryptRequestBodyWrapper.java ÐÞ¸Ä


@@ -1,18 +1,12 @@


package org.dromara.cryptapi.filter;


package org.dromara.common.encrypt.filter;




import cn.hutool.core.codec.Base64;


import cn.hutool.core.io.IoUtil;


import jakarta.servlet.ReadListener;


import jakarta.servlet.ServletInputStream;


import jakarta.servlet.http.HttpServletRequest;


import jakarta.servlet.http.HttpServletRequestWrapper;


import org.dromara.common.core.constant.Constants;


import org.dromara.common.core.exception.base.BaseException;


import org.dromara.common.core.utils.StringUtils;


import org.dromara.cryptapi.core.AesEncryptor;


import org.dromara.cryptapi.core.EncryptContext;


import org.dromara.cryptapi.core.RsaEncryptor;


import org.dromara.cryptapi.enums.EncodeType;


import org.dromara.common.encrypt.utils.EncryptUtils;


import org.springframework.http.MediaType;




import java.io.BufferedReader;


@@ -30,21 +24,18 @@




    private final byte[] body;




    public DecryptRequestBodyWrapper(HttpServletRequest request, RsaEncryptor rsaEncryptor, String headerFlag) throws IOException {


    public DecryptRequestBodyWrapper(HttpServletRequest request, String publicKey, String privateKey, String headerFlag) throws IOException {


        super(request);


        String requestRsa = request.getHeader(headerFlag);


        if (StringUtils.isEmpty(requestRsa)) {


            throw new BaseException("加密AES的动态密码不能为空");


        }


        String decryptAes = new String(Base64.decode(rsaEncryptor.decrypt(requestRsa)));


        // èŽ·å– AES å¯†ç  é‡‡ç”¨ RSA åŠ å¯†


        String headerRsa = request.getHeader(headerFlag);


        String decryptAes = EncryptUtils.decryptByRsa(headerRsa, privateKey);


        // è§£å¯† AES å¯†ç 


        String aesPassword = EncryptUtils.decryptByBase64(decryptAes);


        request.setCharacterEncoding(Constants.UTF8);


        byte[] readBytes = IoUtil.readBytes(request.getInputStream(), false);


        String requestBody = StringUtils.toEncodedString(readBytes, StandardCharsets.UTF_8);


        EncryptContext encryptContext = new EncryptContext();


        encryptContext.setPassword(decryptAes);


        encryptContext.setEncode(EncodeType.BASE64);


        AesEncryptor aesEncryptor = new AesEncryptor(encryptContext);


        String decryptBody = aesEncryptor.decrypt(requestBody);


        String requestBody = new String(readBytes, StandardCharsets.UTF_8);


        // è§£å¯† body é‡‡ç”¨ AES åŠ å¯†


        String decryptBody = EncryptUtils.decryptByAes(requestBody, aesPassword);


        body = decryptBody.getBytes(StandardCharsets.UTF_8);


    }