Java Grails密码加密与rsa
我想创建一个名为User的模块。此模块由名称、用户名、电话号码和密码组成。我想用RSA算法加密和解密密码 这是我的RSA.JavaJava Grails密码加密与rsa,java,grails,rsa,grails-2.0,password-encryption,Java,Grails,Rsa,Grails 2.0,Password Encryption,我想创建一个名为User的模块。此模块由名称、用户名、电话号码和密码组成。我想用RSA算法加密和解密密码 这是我的RSA.Java import java.math.BigInteger; import java.security.SecureRandom; /** * Simple RSA public key encryption algorithm implementation. */ public class RSA { private BigInteger n, d, e;
import java.math.BigInteger;
import java.security.SecureRandom;
/**
* Simple RSA public key encryption algorithm implementation.
*/
public class RSA {
private BigInteger n, d, e;
private int bitlen = 1024;
/** Create an instance that can encrypt using someone elses public key. */
public RSA(BigInteger newn, BigInteger newe) {
n = newn;
e = newe;
}
/** Create an instance that can both encrypt and decrypt. */
public RSA(int bits) {
bitlen = bits;
SecureRandom r = new SecureRandom();
BigInteger p = new BigInteger(bitlen / 2, 100, r);
BigInteger q = new BigInteger(bitlen / 2, 100, r);
n = p.multiply(q);
BigInteger m = (p.subtract(BigInteger.ONE)).multiply(q.subtract(BigInteger.ONE));
e = new BigInteger("3");
while (m.gcd(e).intValue() > 1) {
e = e.add(new BigInteger("2"));
}
d = e.modInverse(m);
}
/** Encrypt the given plaintext message. */
public synchronized String encrypt(String message) {
return (new BigInteger(message.getBytes())).modPow(e, n).toString();
}
/** Encrypt the given plaintext message. */
public synchronized BigInteger encrypt(BigInteger message) {
return message.modPow(e, n);
}
/** Decrypt the given ciphertext message. */
public synchronized String decrypt(String message) {
return new String((new BigInteger(message)).modPow(d, n).toByteArray());
}
/** Decrypt the given ciphertext message. */
public synchronized BigInteger decrypt(BigInteger message) {
return message.modPow(d, n);
}
/** Generate a new public and private key set. */
public synchronized void generateKeys() {
SecureRandom r = new SecureRandom();
BigInteger p = new BigInteger(bitlen / 2, 100, r);
BigInteger q = new BigInteger(bitlen / 2, 100, r);
n = p.multiply(q);
BigInteger m = (p.subtract(BigInteger.ONE)).multiply(q
.subtract(BigInteger.ONE));
e = new BigInteger("3");
while (m.gcd(e).intValue() > 1) {
e = e.add(new BigInteger("2"));
}
d = e.modInverse(m);
}
/** Return the modulus. */
public synchronized BigInteger getN() {
return n;
}
/** Return the public key. */
public synchronized BigInteger getE() {
return e;
}
}
这是我的域用户。groovy:
class User{
String name
String username
String phoneNo
String password
}
这是我的UserController.groovy:(保存和更新)
我必须在我的“保存和编辑”控制器中添加什么,以便在我保存表单时密码将被加密,然后在我编辑表单时密码将被解密?请帮帮我,因为我是Java和grails新手,非常感谢:)类似于,您可以使用beforeinert
和beforeUpdate
事件对密码进行转换。在这些方法中实现加密
class User {
transient springSecurityService
String username
String password
boolean enabled
boolean accountExpired
boolean accountLocked
boolean passwordExpired
static constraints = {
username blank: false, unique: true
password blank: false
}
static mapping = {
password column: '`password`'
}
Set<Role> getAuthorities() {
UserRole.findAllByUser(this).collect { it.role } as Set
}
def beforeInsert() {
encodePassword()
}
def beforeUpdate() {
if (isDirty('password')) {
encodePassword()
}
}
protected void encodePassword() {
password = springSecurityService.encodePassword(password)
}
}
类用户{
临时安全服务
字符串用户名
字符串密码
布尔启用
布尔帐户已过期
布尔帐户锁定
布尔密码过期
静态约束={
用户名空白:false,唯一:true
密码空白:false
}
静态映射={
密码列:“`password`”
}
设置getAuthorities(){
UserRole.findallbyser(this.collect{it.role}作为集合
}
def beforeInsert(){
encodePassword()
}
def beforeUpdate(){
if(isDirty(‘密码’)){
encodePassword()
}
}
受保护的无效密码(){
password=springSecurityService.encodePassword(密码)
}
}
帐户过期有什么用?根据脚本有角色,这意味着我必须添加新的用户角色域?不是吗?这是Spring Security核心用户对象的一个示例,如果您正在运行自己的安全性,您可能不需要它。我把它放在这里,这样你就可以看到beforeInsert和beforeUpdate是如何使用的。正如您所看到的,他们在插入之前和更新记录时对密码进行了编码。
class User {
transient springSecurityService
String username
String password
boolean enabled
boolean accountExpired
boolean accountLocked
boolean passwordExpired
static constraints = {
username blank: false, unique: true
password blank: false
}
static mapping = {
password column: '`password`'
}
Set<Role> getAuthorities() {
UserRole.findAllByUser(this).collect { it.role } as Set
}
def beforeInsert() {
encodePassword()
}
def beforeUpdate() {
if (isDirty('password')) {
encodePassword()
}
}
protected void encodePassword() {
password = springSecurityService.encodePassword(password)
}
}