spring aop rsa加密解密。
spring 增加配置:
<!-- 对@AspectJ切面的bean创建代理 -->
<aop:aspectj-autoproxy proxy-target-class="true" />
增加 RSA 注解
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface RSA {
/**
* 生成 加密modulus、exponent
* @return
*/
boolean generate() default false;
/**
* 解密 如果值为true,被注解的方法中 带RequestParam注解的参数进行解密,
* @return
*/
boolean decrypt() default false;
/**
* 移除session中的 rsa
* @return
*/
boolean remove() default false;
}
Aspect
@Aspect
@Component
@Order(1)
public class RsaAspect {
@Autowired
private RSAService rsaService;
@Pointcut("@annotation(com.asiainfo.common.annotation.RSA)")
public void rsaAspect() {
}
@Before("rsaAspect()")
public void beforeAdvice(JoinPoint joinPoint){
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();//获取request对象
final MethodSignature methodSignature = (MethodSignature)joinPoint.getSignature();
Method method = methodSignature.getMethod();//获取被注解的方法
String[] parameterNames = methodSignature.getParameterNames();//获取参数名称
RSA rsa = method.getAnnotation(RSA.class);//获取方法的RSA注解
Annotation[][] parameterAnnotations = method.getParameterAnnotations();//获取参数的注解 Annotation[0][2] 代表第一个参数的第三个注解
if (rsa != null) {
boolean needGenerate = rsa.generate();//是否需要生成密匙
boolean decrypt = rsa.decrypt();//是否需要解密
boolean needRemove = rsa.remove();//是否需要清除session
if (needGenerate) {
RSAPublicKey publicKey = rsaService.generateKey(request, WebContants.RSA_KEY);
Object attribute = request.getSession().getAttribute(WebContants.RSA_KEY);
String modulus = Base64.encodeBase64String(publicKey.getModulus().toByteArray());
String exponent = Base64.encodeBase64String(publicKey.getPublicExponent().toByteArray());
request.setAttribute("modulus", modulus);
request.setAttribute("exponent", exponent);
}
if(decrypt){
for(int i=0;i<parameterAnnotations.length;i++){
if(parameterAnnotations[i]!=null&¶meterAnnotations[i].length>0){
Annotation annotation = parameterAnnotations[i][0];//第一个注解
if(annotation.annotationType()==RequestParam.class){//注解是RequestParam
String requestParam = (String)joinPoint.getArgs()[i];//获取参数值
String parameterName = parameterNames[i];//参数名
String realValue = rsaService.decryptParam(requestParam, request, WebContants.RSA_KEY);//解密
request.setAttribute(parameterName,realValue);//将解密值传入request
}
}
}
}
if(needRemove) {
rsaService.removePrivateKey(request, WebContants.RSA_KEY);
}
}
}
}
rsaService
@Service
public class RSAService {
/**
* 生成公钥私钥,将私钥存到{@link HttpSession}默认属性privateKey下面
* @param request {@link HttpServletRequest}对象
* @return 返回公钥对象
*/
public RSAPublicKey generateKey(HttpServletRequest request) {
Assert.checkNotNull(request);
KeyPair localKeyPair = RSAUtils.generateKeyPair();
RSAPublicKey localRSAPublicKey = (RSAPublicKey) localKeyPair.getPublic();
RSAPrivateKey localRSAPrivateKey = (RSAPrivateKey) localKeyPair.getPrivate();
HttpSession localHttpSession = request.getSession();
localHttpSession.setAttribute("privateKey", localRSAPrivateKey);
return localRSAPublicKey;
}
/**
* 生成公钥私钥,将私钥存到{@link HttpSession}指定属性下面
* @param request {@link HttpServletRequest}对象
* @param attrName 属性名
* @return 返回公钥对象
*/
public RSAPublicKey generateKey(HttpServletRequest request,String attrName ) {
Assert.checkNotNull(request);
KeyPair localKeyPair = RSAUtils.generateKeyPair();
RSAPublicKey localRSAPublicKey = (RSAPublicKey) localKeyPair.getPublic();
RSAPrivateKey localRSAPrivateKey = (RSAPrivateKey) localKeyPair.getPrivate();
HttpSession localHttpSession = request.getSession();
localHttpSession.setAttribute(attrName, localRSAPrivateKey);
return localRSAPublicKey;
}
/**
* 删除{@link HttpSession}默认属性privateKey
* @param request {@link HttpServletRequest}对象
*/
public void removePrivateKey(HttpServletRequest request) {
Assert.checkNotNull(request);
HttpSession localHttpSession = request.getSession();
localHttpSession.removeAttribute("privateKey");
}
/**
* 删除{@link HttpSession}指定属性
* @param request {@link HttpServletRequest}对象
* @param attrName 属性名
*/
public void removePrivateKey(HttpServletRequest request,String attrName) {
Assert.checkNotNull(request);
HttpSession localHttpSession = request.getSession();
localHttpSession.removeAttribute(attrName);
}
/**
* 获取{@link HttpSession}默认属性privateKey的密钥进行解密
* @param name 加密的内容
* @param request {@link HttpServletRequest}对象
* @return 内容的明文
*/
public String decryptParameter(String name, HttpServletRequest request) {
Assert.checkNotNull(request);
if (name != null) {
HttpSession localHttpSession = request.getSession();
RSAPrivateKey localRSAPrivateKey = (RSAPrivateKey) localHttpSession.getAttribute("privateKey");
String str = request.getParameter(name);
if ((localRSAPrivateKey != null) && (StringUtils.isNotEmpty(str)))
return RSAUtils.decrypt(localRSAPrivateKey, str);
}
return null;
}
/**
* 获取{@link HttpSession}指定属性的密钥进行解密
* @param name 加密的内容 的 key
* @param request {@link HttpServletRequest}对象
* @param attrName 属性名
* @return 内容的明文
*/
public String decryptParameter(String name, HttpServletRequest request,String attrName) {
Assert.checkNotNull(request);
if (name != null) {
HttpSession localHttpSession = request.getSession();
RSAPrivateKey localRSAPrivateKey = (RSAPrivateKey) localHttpSession.getAttribute(attrName);
String str = request.getParameter(name);
if ((localRSAPrivateKey != null) && (StringUtils.isNotEmpty(str)))
return RSAUtils.decrypt(localRSAPrivateKey, str);
}
return null;
}
/**
* 获取{@link HttpSession}指定属性的密钥进行解密
* @param name 加密的内容
* @param request {@link HttpServletRequest}对象
* @param attrName 属性名
* @return 内容的明文
*/
public String decryptParam(String name, HttpServletRequest request,String attrName) {
Assert.checkNotNull(request);
if (name != null) {
HttpSession localHttpSession = request.getSession();
RSAPrivateKey localRSAPrivateKey = (RSAPrivateKey) localHttpSession.getAttribute(attrName);
if ((localRSAPrivateKey != null) && (StringUtils.isNotEmpty(name)))
return RSAUtils.decrypt(localRSAPrivateKey, name);
}
return null;
}
}
<pre name="code" class="java">