diff --git a/.vscode/launch.json b/.vscode/launch.json
index 6224e9d..d4419e6 100644
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -8,6 +8,7 @@
"mainClass": "top.crushtj.xiaoyishu.auth.XiaoyiAuthApplication",
"projectName": "xiaoyi-auth",
"args": "",
+ "vmArgs": "-Djasypt.encryptor.password=GhaU7VjZd2b3M4Hbx4SelEXZc",
"envFile": "${workspaceFolder}/.env"
}
]
diff --git a/pom.xml b/pom.xml
index 0f794b0..9c9267d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -49,6 +49,7 @@
5.8.26
3.12.0
2.0.0
+ 3.0.5
@@ -176,6 +177,13 @@
dypnsapi20170525
${dypnsapi.version}
+
+
+
+ com.github.ulisesbocchio
+ jasypt-spring-boot-starter
+ ${jasypt-starter.version}
+
diff --git a/xiaoyi-auth/pom.xml b/xiaoyi-auth/pom.xml
index dc79e32..4c3ae0d 100644
--- a/xiaoyi-auth/pom.xml
+++ b/xiaoyi-auth/pom.xml
@@ -82,6 +82,12 @@
com.aliyun
dypnsapi20170525
+
+
+
+ com.github.ulisesbocchio
+ jasypt-spring-boot-starter
+
diff --git a/xiaoyi-auth/src/main/java/top/crushtj/xiaoyishu/auth/controller/TestController.java b/xiaoyi-auth/src/main/java/top/crushtj/xiaoyishu/auth/controller/TestController.java
index 4a87593..1e0a44d 100644
--- a/xiaoyi-auth/src/main/java/top/crushtj/xiaoyishu/auth/controller/TestController.java
+++ b/xiaoyi-auth/src/main/java/top/crushtj/xiaoyishu/auth/controller/TestController.java
@@ -1,5 +1,7 @@
package top.crushtj.xiaoyishu.auth.controller;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Value;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
@@ -22,6 +24,7 @@ import java.time.LocalDateTime;
* @date 2025/11/21
*/
+@Slf4j
@RestController
public class TestController {
diff --git a/xiaoyi-auth/src/main/resources/config/application-dev.yml b/xiaoyi-auth/src/main/resources/config/application-dev.yml
index b75cb09..86dd4f3 100644
--- a/xiaoyi-auth/src/main/resources/config/application-dev.yml
+++ b/xiaoyi-auth/src/main/resources/config/application-dev.yml
@@ -7,8 +7,8 @@ spring:
driver-class-name: com.mysql.cj.jdbc.Driver
# 数据库连接信息
url: jdbc:mysql://127.0.0.1:3306/xiaoyishu?useUnicode=true&characterEncoding=utf-8&autoReconnect=true&useSSL=false&serverTimezone=Asia/Shanghai&allowPublicKeyRetrieval=true
- username: ayi
- password: Os0TpcErSh26nT4Nqqjgo2vwi3IaEglzj+brT2b7q0P4Dlhnv3OEQVUNpG/dYqvJZUCR2/IyfxQ4LnQIB7FcfQ==
+ username: ENC(q6eB0z65vHf2Fsm/DGFZpOea+GFigZNdnInAw2YvW1vMLWGAANwp+AcGiZB8lT5c)
+ password: ENC(ZUUg0fBx9YSK4c4hOtIpkBpNSXMbhsRCM0CBRYHYvSzJCXTu9dK4gMgODcKgyooo67Osmm2ccgBeHbJheSMTCQ==)
druid: # Druid 连接池
initial-size: 5 # 初始化连接池大小
min-idle: 5 # 最小连接池数量
@@ -40,7 +40,6 @@ spring:
wall: # 防火墙
config:
multi-statement-allow: true
- connection-properties: config.decrypt=true;config.decrypt.key=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAK6C4nQHNuYSebx/5vOdvDqP/o8AH+p73s1LWCFs915RiwVHvtEd+ropmXkCO3Agc9Zuo8pyMvccIgPL9F0I8YkCAwEAAQ==
data:
redis:
database: 0 # Redis 数据库索引(默认为 0)
@@ -73,6 +72,14 @@ logging:
level:
top.crushtj.xiaoyishu.auth.domain.mappers: debug
-aliyun: # 接入阿里云(发送短信使用)
- accessKeyId:
- accessKeySecret:
\ No newline at end of file
+aliyun:
+ accessKeyId: ENC(h8yRFpNaFNA3NduXrnm8Z4D1jZr1UNapbYVdBxaSKsZMSn1RqJQ29RmqsZscxsea5vKuLdywVE+CYP3+Q+ZQ/A==)
+ accessKeySecret: ENC(/Ovw0XK2/fFIGXKxOdmdUHvFPI0pNSHBDkLyjAXdbQytlCCNnBW8hFBseN4t4juumjJ5AJ9KBgvgDYCV+/gWGg==)
+jasypt:
+ encryptor:
+ password:
+ algorithm: PBEWithHMACSHA512AndAES_256
+ key-obtention-iterations: 1000
+ string-output-type: base64
+ provider-name: SunJCE
+ iv-generator-classname: org.jasypt.iv.RandomIvGenerator
\ No newline at end of file
diff --git a/xiaoyi-auth/src/test/java/top/crushtj/xiaoyishu/auth/EncryptTest.java b/xiaoyi-auth/src/test/java/top/crushtj/xiaoyishu/auth/EncryptTest.java
index 8d0c99d..8cba947 100644
--- a/xiaoyi-auth/src/test/java/top/crushtj/xiaoyishu/auth/EncryptTest.java
+++ b/xiaoyi-auth/src/test/java/top/crushtj/xiaoyishu/auth/EncryptTest.java
@@ -3,10 +3,12 @@ package top.crushtj.xiaoyishu.auth;
import com.alibaba.druid.filter.config.ConfigTools;
import lombok.SneakyThrows;
import lombok.extern.slf4j.Slf4j;
-import org.jasypt.encryption.pbe.PooledPBEStringEncryptor;
-import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig;
+import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
+import org.jasypt.iv.RandomIvGenerator;
import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.TestPropertySource;
/**
* @author ayi
@@ -18,11 +20,13 @@ import org.springframework.boot.test.context.SpringBootTest;
@SpringBootTest
@Slf4j
+@TestPropertySource(properties = {"jasypt.encryptor.password=GhaU7VjZd2b3M4Hbx4SelEXZc"})
public class EncryptTest {
//@Autowired
//private StringEncryptor defaultLazyEncryptor;
//private StringEncryptor pooledPbeStringEncryptor;
-
+ @Value("${jasypt.encryptor.password}")
+ private String encryptorPassword;
/**
* Druid 密码加密
*/
@@ -44,20 +48,37 @@ public class EncryptTest {
}
@Test
- void smsEncode() {
- String accessKeyId = manualEncrypt("", "Yu020320.");
- System.out.println("accessKeyId:" + accessKeyId);
- String accessKeySecret = manualEncrypt("", "Yu020320.");
- System.out.println("accessKeySecret:" + accessKeySecret);
+ void encrypt() {
+ StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
+
+ // JDK 17适配的核心配置(关键参数必须完整)
+ encryptor.setPassword(encryptorPassword); // AES-256要求密钥至少32位
+ encryptor.setAlgorithm("PBEWithHMACSHA512AndAES_256"); // JDK17原生支持的算法
+ encryptor.setKeyObtentionIterations(1000); // 迭代次数(固定值)
+ encryptor.setStringOutputType("base64"); // 输出格式(固定)
+ encryptor.setProviderName("SunJCE"); // 加密提供者(JDK17默认)
+ encryptor.setIvGenerator(new RandomIvGenerator()); // AES必须的IV生成器
+
+ // 待加密的原始值
+ String accessKeyId = "ayi";
+ String accessKeySecret = "HhpxE2HWE4bGTyB5";
+
+ try {
+ String cipherAccessKeyId = encryptor.encrypt(accessKeyId);
+ System.out.println("accessKeyId加密成功,密文:" + cipherAccessKeyId);
+
+ String decryptAccessKeyId = encryptor.decrypt(cipherAccessKeyId);
+ System.out.println("accessKeyId解密成功,明文:" + decryptAccessKeyId);
+
+ String cipherAccessKeySecret = encryptor.encrypt(accessKeySecret);
+ System.out.println("accessKeySecret加密成功,密文:" + cipherAccessKeySecret);
+
+ String decryptAccessKeySecret = encryptor.decrypt(cipherAccessKeySecret);
+ System.out.println("accessKeySecret解密成功,明文:" + decryptAccessKeySecret);
+ } catch (Exception e) {
+ e.printStackTrace();
+ System.out.println("加密失败原因:" + e.getMessage());
+ }
}
- private String manualEncrypt(String plainText, String secretKey) {
- PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
- SimpleStringPBEConfig config = new SimpleStringPBEConfig();
- config.setPassword(secretKey); // 密钥
- config.setAlgorithm("PBEWithMD5AndDES"); // 算法
- config.setPoolSize(1); // 池大小(默认)
- encryptor.setConfig(config);
- return encryptor.encrypt(plainText);
- }
}