nacos上的配置:
#小状元配置参数
xzy:
private_key: MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAMiecAiIA8Grz+WBkpyjY2VkZweSm6PQnufxndILhNFWlsxt4DnkiaUwD2lG1SXrdaqltBUdCFR9w8LAQxk5/a+YDKmO3Avuc5xsYiF0zJr5+92QkXwrvhH2pmDhYnbpoPDUrHb9bscCcJapagjbVNB3ezfdOvYmxupBgV0gCSXtAgMBAAECgYAIC0BDO07pQE4W7fXWtX9qBJdT+Kcob5g7hRbWofMaoK3ttvcfYyA4wR9REY/A1DrU042PrikUGDHV+HcIRyi6hEIIxi05TJj2gi/X+J76+FFzmm9w8RC/Ig5VnB2LVC3hQpGkxiZU1tm5/XoCXMzoomx1hjgM070Vve6EMJH3GQJBAOLVUkFma/LPVvKSUhqav1GFN9q7rLY6vccVHPYzUfVm8GVvnXiBNj4OlsvEWHKRQvqaIWyZd/t2uJVmvsSBKikCQQDiajdmmDAJ1vgVgZCdvLMTwb4mWl1aaVKACn2SqVdMndDyR4IgsfHIDde1UI7j7WCXu/NgCZucc+zkEmxfK14lAkAzbsMz6RFZAQJqBhtvxN7UkSxVAHDs8OzPE0551LEkv66KkYBXLpUqBQzULzUO5TkWsZQal8HI1uaLmbxvugnhAkBD47t27N1Cpg2/TRlS4tkDbI2arG/fg0M0l3CtwE8n7w5PB3gSW6j25oeum1gtKelTtgy02EyrrerzPD74jmVtAkBQcGBfd0Eh6GnEmQ09WQOL0iKhlWOUeuUY3A0ZV0MytIPymTXU1dWZ+RHjIkDZyR3Na1s0q0F2v18AoEBiUCRc
source: xxy
项目代码里这样获得参数值:
@Value("${xzy.private_key}") private String privateKey;
@Value("${xzy.source}") private String sourceValue;
jeecg框架自带一个RSA加密工具 RSAUtil
public Result<IPage<Map>> queryPageList(@ApiIgnore @RequestBody Map<String,Object> param, HttpServletRequest req) {
//获取请求头中的来源信息 String sourceStr = req.getHeader("source"); if(StringUtils.isEmpty(sourceStr)){ return new Result<IPage<Map>>().error500("拒绝访问!"); } log.info("加密内容:{}",sourceStr);
try { PrivateKey privateKey = RSAUtil.getPrivateKey(this.privateKey); String str = RSAUtil.decrypt(sourceStr,privateKey); if(!this.sourceValue.equals(str)){ return new Result<IPage<Map>>().error500("拒绝访问!"); } } catch (Exception e) { log.error("解密异常:{}",e.getMessage()); log.info("解密异常,异常信息:{}",e.getMessage()); e.printStackTrace(); }
自助生成密钥对
有时候我们想自助生成密钥对可以:
KeyPair pair = SecureUtil.generateKeyPair("RSA");
pair.getPrivate();
pair.getPublic();
自助生成的密钥对是byte[]形式,我们可以使用Base64.encode
方法转为Base64,便于存储为文本。(jeecg框架有这个方法 RSAUtil.getPublicKey(this.publicKey) RSAUtil.getPrivateKey(this.privateKey);)
当然,如果使用RSA
对象,也可以使用encryptStr
和decryptStr
加密解密为字符串。