Package com.alibaba.druid.filter.config

Source Code of com.alibaba.druid.filter.config.ConfigTools

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
/*
* Copyright 1999-2011 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
*      http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.druid.filter.config;

import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.security.spec.X509EncodedKeySpec;

import javax.crypto.Cipher;

import com.alibaba.druid.util.Base64;
import com.alibaba.druid.util.JdbcUtils;

public class ConfigTools {

  private static final String DEFAULT_PRIVATE_KEY_STRING = "MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAocbCrurZGbC5GArEHKlAfDSZi7gFBnd4yxOt0rwTqKBFzGyhtQLu5PRKjEiOXVa95aeIIBJ6OhC2f8FjqFUpawIDAQABAkAPejKaBYHrwUqUEEOe8lpnB6lBAsQIUFnQI/vXU4MV+MhIzW0BLVZCiarIQqUXeOhThVWXKFt8GxCykrrUsQ6BAiEA4vMVxEHBovz1di3aozzFvSMdsjTcYRRo82hS5Ru2/OECIQC2fAPoXixVTVY7bNMeuxCP4954ZkXp7fEPDINCjcQDywIgcc8XLkkPcs3Jxk7uYofaXaPbg39wuJpEmzPIxi3k0OECIGubmdpOnin3HuCP/bbjbJLNNoUdGiEmFL5hDI4UdwAdAiEAtcAwbm08bKN7pwwvyqaCBC//VnEWaq39DCzxr+Z2EIk=";
  public static final String DEFAULT_PUBLIC_KEY_STRING = "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKHGwq7q2RmwuRgKxBypQHw0mYu4BQZ3eMsTrdK8E6igRcxsobUC7uT0SoxIjl1WveWniCASejoQtn/BY6hVKWsCAwEAAQ==";

  public static void main(String[] args) throws Exception {
    String password = args[0];
    System.out.println(encrypt(password));
  }

  public static String decrypt(String cipherText) throws Exception {
    return decrypt((String) null, cipherText);
  }

  public static String decrypt(String publicKeyText, String cipherText)
      throws Exception {
    PublicKey publicKey = getPublicKey(publicKeyText);

    return decrypt(publicKey, cipherText);
  }

  public static PublicKey getPublicKeyByX509(String x509File) {
    if (x509File == null || x509File.length() == 0) {
      return ConfigTools.getPublicKey(null);
    }

    FileInputStream in = null;
    try {
      in = new FileInputStream(x509File);

      CertificateFactory factory = CertificateFactory
          .getInstance("X.509");
      Certificate cer = factory.generateCertificate(in);
      return cer.getPublicKey();
    } catch (Exception e) {
      throw new IllegalArgumentException("Failed to get public key", e);
    } finally {
      JdbcUtils.close(in);
    }
  }

  public static PublicKey getPublicKey(String publicKeyText) {
    if (publicKeyText == null || publicKeyText.length() == 0) {
      publicKeyText = ConfigTools.DEFAULT_PUBLIC_KEY_STRING;
    }

    try {
      byte[] publicKeyBytes = Base64.base64ToByteArray(publicKeyText);
      X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(
          publicKeyBytes);

      KeyFactory keyFactory = KeyFactory.getInstance("RSA");
      return keyFactory.generatePublic(x509KeySpec);
    } catch (Exception e) {
      throw new IllegalArgumentException("Failed to get public key", e);
    }
  }

  public static PublicKey getPublicKeyByPublicKeyFile(String publicKeyFile) {
    if (publicKeyFile == null || publicKeyFile.length() == 0) {
      return ConfigTools.getPublicKey(null);
    }

    FileInputStream in = null;
    try {
      in = new FileInputStream(publicKeyFile);
      ByteArrayOutputStream out = new ByteArrayOutputStream();
      int len = 0;
      byte[] b = new byte[512 / 8];
      while ((len = in.read(b)) != -1) {
        out.write(b, 0, len);
      }

      byte[] publicKeyBytes = out.toByteArray();
      X509EncodedKeySpec spec = new X509EncodedKeySpec(publicKeyBytes);
      KeyFactory factory = KeyFactory.getInstance("RSA");
      return factory.generatePublic(spec);
    } catch (Exception e) {
      throw new IllegalArgumentException("Failed to get public key", e);
    } finally {
      JdbcUtils.close(in);
    }
  }

  public static String decrypt(PublicKey publicKey, String cipherText)
      throws Exception {
    Cipher cipher = Cipher.getInstance("RSA");
    try {
      cipher.init(Cipher.DECRYPT_MODE, publicKey);
    } catch (InvalidKeyException e) {
            // 因为 IBM JDK 不支持私钥加密, 公钥解密, 所以要反转公私钥
            // 也就是说对于解密, 可以通过公钥的参数伪造一个私钥对象欺骗 IBM JDK
            RSAPublicKey rsaPublicKey = (RSAPublicKey) publicKey;
            RSAPrivateKeySpec spec = new RSAPrivateKeySpec(rsaPublicKey.getModulus(), rsaPublicKey.getPublicExponent());
            Key fakePrivateKey = KeyFactory.getInstance("RSA").generatePrivate(spec);
            cipher = Cipher.getInstance("RSA"); //It is a stateful object. so we need to get new one.
            cipher.init(Cipher.DECRYPT_MODE, fakePrivateKey);
    }
   
    if (cipherText == null || cipherText.length() == 0) {
      return cipherText;
    }

    byte[] cipherBytes = Base64.base64ToByteArray(cipherText);
    byte[] plainBytes = cipher.doFinal(cipherBytes);

    return new String(plainBytes);
  }

  public static String encrypt(String plainText) throws Exception {
    return encrypt((String) null, plainText);
  }

  public static String encrypt(String key, String plainText) throws Exception {
    if (key == null) {
      key = DEFAULT_PRIVATE_KEY_STRING;
    }

    byte[] keyBytes = Base64.base64ToByteArray(key);
    return encrypt(keyBytes, plainText);
  }

  public static String encrypt(byte[] keyBytes, String plainText)
      throws Exception {
    PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
    KeyFactory factory = KeyFactory.getInstance("RSA");
    PrivateKey privateKey = factory.generatePrivate(spec);
    Cipher cipher = Cipher.getInstance("RSA");
        try {
        cipher.init(Cipher.ENCRYPT_MODE, privateKey);
        } catch (InvalidKeyException e) {
            //For IBM JDK, 原因请看解密方法中的说明
            RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) privateKey;
            RSAPublicKeySpec publicKeySpec = new RSAPublicKeySpec(rsaPrivateKey.getModulus(), rsaPrivateKey.getPrivateExponent());
            Key fakePublicKey = KeyFactory.getInstance("RSA").generatePublic(publicKeySpec);
            cipher = Cipher.getInstance("RSA");
            cipher.init(Cipher.ENCRYPT_MODE, fakePublicKey);
        }

    byte[] encryptedBytes = cipher.doFinal(plainText.getBytes("UTF-8"));
    String encryptedString = Base64.byteArrayToBase64(encryptedBytes);

    return encryptedString;
  }

  public static byte[][] genKeyPairBytes(int keySize)
      throws NoSuchAlgorithmException {
    byte[][] keyPairBytes = new byte[2][];

    KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA");
    gen.initialize(keySize, new SecureRandom());
    KeyPair pair = gen.generateKeyPair();

    keyPairBytes[0] = pair.getPrivate().getEncoded();
    keyPairBytes[1] = pair.getPublic().getEncoded();

    return keyPairBytes;
  }

  public static String[] genKeyPair(int keySize)
      throws NoSuchAlgorithmException {
    byte[][] keyPairBytes = genKeyPairBytes(keySize);
    String[] keyPairs = new String[2];

    keyPairs[0] = Base64.byteArrayToBase64(keyPairBytes[0]);
    keyPairs[1] = Base64.byteArrayToBase64(keyPairBytes[1]);

    return keyPairs;
  }

}
TOP

Related Classes of com.alibaba.druid.filter.config.ConfigTools

  • java.security.spec.RSAPublicKeySpec
  • java.security.interfaces.RSAPublicKey
  • java.security.spec.RSAPrivateKeySpec
  • java.security.interfaces.RSAPrivateKey
  • java.security.PrivateKey
  • java.security.cert.Certificate
  • java.security.Key
  • java.security.SecureRandom
  • java.security.PublicKey
  • java.security.spec.PKCS8EncodedKeySpec
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.