mid:增加mp的数据保护 启动报错

pom.xml

@@ -30,6 +30,7 @@
         <kaptcha.version>2.3.2</kaptcha.version>
         <pagehelper.boot.version>1.4.1</pagehelper.boot.version>
         <cn.hutool.version>5.7.19</cn.hutool.version>
+        <github.jasypt.version>3.0.4</github.jasypt.version>
         <druid.version>1.2.8</druid.version>
         <dynamic-ds.version>3.5.0</dynamic-ds.version>
         <commons.io.version>2.11.0</commons.io.version>
@@ -163,6 +164,13 @@
                 <version>${commons.fileupload.version}</version>
             </dependency>
 
+            <!-- 配置加密类 -->
+            <dependency>
+                <groupId>com.github.ulisesbocchio</groupId>
+                <artifactId>jasypt-spring-boot-starter</artifactId>
+                <version>${github.jasypt.version}</version>
+            </dependency>
+
             <!-- 代码生成使用模板 -->
             <dependency>
                 <groupId>org.apache.velocity</groupId>

ruoyi-common/pinn-common-extend/pom.xml

@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <parent>
+        <groupId>com.ruoyi</groupId>
+        <artifactId>ruoyi-common</artifactId>
+        <version>3.4.0</version>
+    </parent>
+
+    <artifactId>pinn-common-extend</artifactId>
+
+    <description>
+        pinn-common-extend扩展功能
+    </description>
+    <properties>
+        <maven.compiler.source>8</maven.compiler.source>
+        <maven.compiler.target>8</maven.compiler.target>
+    </properties>
+
+    <dependencies>
+        <!-- mybatis plus 配置-->
+        <dependency>
+            <groupId>com.baomidou</groupId>
+            <artifactId>mybatis-plus-boot-starter</artifactId>
+        </dependency>
+        <!-- Hutool -->
+        <dependency>
+            <groupId>cn.hutool</groupId>
+            <artifactId>hutool-all</artifactId>
+        </dependency>
+        <!-- jasypt -->
+        <dependency>
+            <groupId>com.github.ulisesbocchio</groupId>
+            <artifactId>jasypt-spring-boot-starter</artifactId>
+        </dependency>
+
+
+    </dependencies>
+</project>

ruoyi-common/pinn-common-extend/src/main/java/com/pinn/publicPackage/context/jasyptHandler.java

@@ -0,0 +1,33 @@
+package com.pinn.publicPackage.context;
+
+import org.jasypt.encryption.StringEncryptor;
+import org.jasypt.encryption.pbe.PooledPBEStringEncryptor;
+import org.jasypt.encryption.pbe.StandardPBEByteEncryptor;
+import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig;
+import org.springframework.context.annotation.Bean;
+import org.springframework.stereotype.Component;
+
+/**
+ * jasypt上下文继承注册类
+ * 暂时不自定义
+ */
+@Component
+public class jasyptHandler {
+
+    @Bean("jasyptStringEncryptor")
+    public StringEncryptor stringEncryptor() {
+        PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
+        SimpleStringPBEConfig config = new SimpleStringPBEConfig();
+        // 配置解析的密码
+        config.setPassword("password");
+        config.setAlgorithm(StandardPBEByteEncryptor.DEFAULT_ALGORITHM);
+        config.setKeyObtentionIterations("1000");
+        config.setPoolSize("1");
+//        config.setProviderName("SunJCE");
+        config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
+//        config.setIvGeneratorClassName("org.jasypt.iv.RandomIvGenerator");
+        config.setStringOutputType("base64");
+        encryptor.setConfig(config);
+        return encryptor;
+    }
+}

ruoyi-common/pinn-common-extend/src/main/java/com/pinn/publicPackage/encryption/MybatisPlusAES.java

@@ -0,0 +1,20 @@
+package com.pinn.publicPackage.encryption;
+
+import cn.hutool.core.map.MapUtil;
+import com.pinn.publicPackage.utils.AESMybatisPlusUtils;
+
+import java.util.HashMap;
+
+/**
+ * plus插件数据安全保护
+ */
+public class MybatisPlusAES {
+    public static void main(String[] args) {
+        HashMap<String, String> dataSource = MapUtil.newHashMap();
+        dataSource.put("url","jdbc:mysql://175.178.38.240:9033/ry_cloud?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8");
+        dataSource.put("username","nacos");
+        dataSource.put("password","nacos2233");
+
+        AESMybatisPlusUtils.encryptionDataSource(dataSource);
+    }
+}

ruoyi-common/pinn-common-extend/src/main/java/com/pinn/publicPackage/utils/AESMybatisPlusUtils.java

@@ -0,0 +1,85 @@
+package com.pinn.publicPackage.utils;
+
+import ch.qos.logback.core.util.FileUtil;
+import cn.hutool.core.io.file.FileReader;
+import cn.hutool.core.io.file.FileWriter;
+import cn.hutool.core.util.ObjectUtil;
+import com.baomidou.mybatisplus.core.toolkit.AES;
+
+import java.io.File;
+import java.net.URL;
+import java.util.Map;
+
+public class AESMybatisPlusUtils {
+
+    //根目录下
+    final static String FILE_PATCH_KEY = "ruoyi-common/pinn-common-extend/src/main/resources/mybatisPlus/EncryptKEY.properts";
+    final static String FILE_PATCH_URL = "ruoyi-common/pinn-common-extend/src/main/resources/mybatisPlus/EncryptURL.yaml";
+    final static String FILE_PATCH_ALL = "ruoyi-common/pinn-common-extend/src/main/resources/mybatisPlus/EncryptAll.yaml";
+    final static String CHARSET_UTF8 = "utf-8";
+    final static String LINE = "\r\n";
+
+    /**
+     * 打印密钥和加密串
+     * @param dataSource 集合
+     */
+    public static void encryptionDataSource(Map<String,String> dataSource){
+        String url = encryptionData(dataSource.get("url"));
+        String username = encryptionData(dataSource.get("username"));
+        String password = encryptionData(dataSource.get("password"));
+
+        //保存在目录下
+        FileWriter writer = new FileWriter(new File(FILE_PATCH_ALL), CHARSET_UTF8);
+        writer.write("key: "+ genOrGetKey() + LINE,false);
+        writer.write("url: "+url + LINE,true);
+        writer.write("username: " +username + LINE,true);
+        writer.write("password: " +password+ LINE,true);
+    }
+
+
+    /**
+     * 打印密钥和加密串
+     * @param url dataSourceUrl
+     */
+    public static void encryptionUrl(String url){
+        String s = encryptionData(url);
+
+        //保存在目录下
+        FileWriter writer = new FileWriter(new File(FILE_PATCH_URL), CHARSET_UTF8);
+        File write = writer.write("url: "+s);
+        //查看路径
+        //FileUtil.fileToURL(write);
+    }
+
+    /**
+     * 获取密钥生成加密串
+     * @param data
+     * @return
+     */
+    private static String encryptionData(String data){
+        String key = genOrGetKey();
+        // 随机密钥加密
+        String result = AES.encrypt(data, key);
+        return "mpw:"+result;
+    }
+
+    /**
+     * 生成密钥或者获取密钥
+     */
+    public static String genOrGetKey(){
+        String randomKey = "";
+        FileReader fileReader = new FileReader(new File(FILE_PATCH_KEY));
+        String result = fileReader.readString();
+        if (ObjectUtil.isNull(result) || ObjectUtil.equals("",result)){
+            // 生成 16 位随机 AES 密钥
+            randomKey = AES.generateRandomKey();
+            FileWriter writer = new FileWriter(new File(FILE_PATCH_KEY), CHARSET_UTF8);
+            writer.write(randomKey);
+        }else {
+            randomKey = result;
+        }
+        return randomKey;
+    }
+
+
+}

ruoyi-common/pinn-common-extend/src/main/java/com/pinn/publicPackage/utils/jasyptEncryptUtils.java

@@ -0,0 +1,125 @@
+package com.pinn.publicPackage.utils;
+
+import cn.hutool.core.io.file.FileWriter;
+import cn.hutool.core.map.MapUtil;
+import org.jasypt.encryption.StringEncryptor;
+import org.jasypt.encryption.pbe.PooledPBEStringEncryptor;
+import org.jasypt.encryption.pbe.StandardPBEByteEncryptor;
+import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig;
+
+import java.io.File;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * jasypt数据安全保护
+ */
+public class jasyptEncryptUtils {
+    //根目录下
+    final static String FILE_PATCH_ALL = "ruoyi-common/pinn-common-extend/src/main/resources/mybatisPlus/JasyptAll.yaml";
+    final static String FILE_PATCH_DE = "ruoyi-common/pinn-common-extend/src/main/resources/mybatisPlus/JasyptDe.yaml";
+    final static String CHARSET_UTF8 = "utf-8";
+    final static String LINE = "\r\n";
+    final static String PREFIX = "PINN@[";
+    final static String SUFFIX = "]";
+
+        /**
+         * Jasypt生成加密结果
+         *
+         * @param password 配置文件中设定的加密密码 jasypt.encryptor.password
+         * @param value    待加密值
+         * @return
+         */
+        public static String encryptPwd(String password, String value) {
+            PooledPBEStringEncryptor encryptOr = new PooledPBEStringEncryptor();
+            encryptOr.setConfig(cryptOr(password));
+            String result = encryptOr.encrypt(value);
+            return result;
+        }
+
+        /**
+         * 解密
+         *
+         * @param password 配置文件中设定的加密密码 jasypt.encryptor.password
+         * @param value    待解密密文
+         * @return
+         */
+        public static String decryptPwd(String password, String value) {
+            PooledPBEStringEncryptor encryptOr = new PooledPBEStringEncryptor();
+            encryptOr.setConfig(cryptOr(password));
+            String result = encryptOr.decrypt(value);
+            return result;
+        }
+
+        /**
+         * @param password salt
+         * @return
+         */
+        public static SimpleStringPBEConfig cryptOr(String password) {
+            SimpleStringPBEConfig config = new SimpleStringPBEConfig();
+            config.setPassword(password);
+//            config.setAlgorithm(StandardPBEByteEncryptor.DEFAULT_ALGORITHM);
+//            config.setKeyObtentionIterations("1000");
+            config.setPoolSize("1");
+//            config.setProviderName(null);
+//            config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
+//            config.setStringOutputType("base64");
+
+            return config;
+        }
+
+    /**
+     * 打印密钥和加密串
+     * @param dataSource 集合
+     */
+    public static void decryptDataSource(Map<String,String> dataSource){
+        String key = AESMybatisPlusUtils.genOrGetKey();
+        String url = decryptPwd(key,dataSource.get("url"));
+        String username = decryptPwd(key,dataSource.get("username"));
+        String password = decryptPwd(key,dataSource.get("password"));
+
+        //保存在目录下
+        FileWriter writer = new FileWriter(new File(FILE_PATCH_DE), CHARSET_UTF8);
+        writer.write("key: "+ key + LINE,false);
+        writer.write("url: " +url  + LINE,true);
+        writer.write("username: " +username + LINE,true);
+        writer.write("password: "  +password + LINE,true);
+    }
+
+    /**
+     * 打印密钥和加密串
+     * @param dataSource 集合
+     */
+    public static void encryptionDataSource(Map<String,String> dataSource){
+        String key = AESMybatisPlusUtils.genOrGetKey();
+        String url = encryptPwd(key,dataSource.get("url"));
+        String username = encryptPwd(key,dataSource.get("username"));
+        String password = encryptPwd(key,dataSource.get("password"));
+
+        //保存在目录下
+        FileWriter writer = new FileWriter(new File(FILE_PATCH_ALL), CHARSET_UTF8);
+        writer.write("key: "+ key + LINE,false);
+        writer.write("url: " + PREFIX +url + SUFFIX + LINE,true);
+        writer.write("username: " + PREFIX +username + SUFFIX + LINE,true);
+        writer.write("password: " + PREFIX +password + SUFFIX + LINE,true);
+    }
+
+
+    public static void main(String[] args) {
+        HashMap<String, String> dataSource = MapUtil.newHashMap();
+        dataSource.put("url","jdbc:mysql://175.178.38.240:9033/ry_cloud?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8");
+        dataSource.put("username","nacos");
+        dataSource.put("password","nacos2233");
+
+        encryptionDataSource(dataSource);
+
+
+/*        HashMap<String, String> dataSource2 = MapUtil.newHashMap();
+        dataSource2.put("url","tdAxOXA3+S2kSy2Rv8sfFujgdl46zQy+Cl7xVnC9pDhZrVwtHnCdOeco2zkvyZnMDfIl/uiBig3DYmU4HqGbQgwBeYdyqamHu9jGKxVI9RzlKVM4XiDae630G5hSwNzhndchz33PBUZ0IMdvB7pDcDs/Ug/5h8O47qQ0TQrTAOarKOFkZCoA7wNqaDhYJmZzTCAtvPadRx8qdNRKHsbswFtjqmCO+QrW");
+        dataSource2.put("username","ghFv/J1tegsx6a/kVdzwVQ==");
+        dataSource2.put("password","VNMRcA303/pklpGem3JQYP8T+GwZXwnC");
+
+        decryptDataSource(dataSource2);*/
+    }
+
+}

ruoyi-common/pinn-common-extend/src/main/resources/mybatisPlus/EncryptAll.yaml

@@ -0,0 +1,4 @@
+key: aa78fcbe21d77af8
+url: mpw:dxcuLSvupjcu/lXTFeah0+/5ZOqqpbJtimO6jhk7kqtseJxX31V3v+T6KXnp0SnBx9tXFE0sX3YQfsMYaRtVQo2vR+4+EhvkriJeh0oYADW8go/D7pIxxCi7dC3J5dj2zkRQXWBA2MKvSnmchqdq7VYdchlQwTSkubSz9li+PReBf4nDcFD878ZBNU1Hl7wBlnqPIhy1rfVBtbXnd2G2sw==
+username: mpw:XgSK4A04lw0/UQ0yaxjf4Q==
+password: mpw:ULp8g6eW4DkAlZfvgM2byQ==

ruoyi-common/pinn-common-extend/src/main/resources/mybatisPlus/JasyptAll.yaml

@@ -0,0 +1,4 @@
+key: aa78fcbe21d77af8
+url: PINN@[RDvIMG8MFQAINuVwgI59BimaqgkEOrcnY0vj8kYmZMmlRWwl+9rn7weZDNwon807LaYXZF+hme4/+Ye4d9LwHUS2IzOvz/nOqXoeqmPIMYNq2Cdt4AAIvtENj+Fnp4/XccSKfhAlA8pRarc/lk8F7l62ul5VsxKi8lUQatXDB1v1OCsNAzDowj2l7T0o/TzNrIHWl0b9yYcZZVGDnyYrkA==]
+username: PINN@[9LFA4aI0xDSxwlsyyoJf1w==]
+password: PINN@[AG6wLP/NWZx1UpBDYIHAcpQ62kjD7mfa]

ruoyi-common/pinn-common-extend/src/main/resources/mybatisPlus/JasyptDe.yaml

@@ -0,0 +1,4 @@
+key: aa78fcbe21d77af8
+url: 'jdbc:mysql://175.178.38.240:9033/ry_cloud?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8'
+username: 'nacos'
+password: 'nacos2233'

ruoyi-common/pinn-common-extend/src/main/resources/mybatisPlus/数据安全说明.md

@@ -0,0 +1,23 @@
+## 1、在MybatisPlusAES 输入对应信息 生成加密
+## 2、resources mybatisPlus下会追加EncryptKey
+## 3、如何启动是加上密钥
+
+```java
+// Jar 启动参数（ idea 设置 Program arguments（编辑启动面板alt+R可以添加） , 服务器可以设置为启动环境变量 ）
+--mpw.key=d1104d7c3b616f0b
+```
+
+
+## jasypt 加密解密
+## 1、在MybatisPlusAES 输入对应信息 生成加密
+## 2、resources mybatisPlus下会追加EncryptKey
+## 3、datasource配置上jasyptALL.yaml里面的数据 
+## 4、配置jasypt解密到yaml中
+```yaml
+jasypt:
+  encryptor:
+    password: aa78fcbe21d77af8
+    property:
+      prefix: "PINN@["
+      suffix: "]"
+```

ruoyi-common/pinn-common-mybatisplus/src/main/resources/mybatisPlus/数据安全说明.md

@@ -1,8 +0,0 @@
-## 1、在MybatisPlusAES 输入对应信息 生成加密
-## 2、resources mybatisPlus下会追加EncryptKey
-## 3、如何启动是加上密钥
-
-```java
-// Jar 启动参数（ idea 设置 Program arguments（编辑启动面板alt+R可以添加） , 服务器可以设置为启动环境变量 ）
---mpw.key=d1104d7c3b616f0b
-```

ruoyi-common/pom.xml

@@ -16,7 +16,7 @@
         <module>ruoyi-common-security</module>
         <module>ruoyi-common-datascope</module>
 		<module>ruoyi-common-datasource</module>
-		<module>pinn-common-mybatisPlus</module>
+		<module>pinn-common-extend</module>
     </modules>
 
     <artifactId>ruoyi-common</artifactId>

ruoyi-modules/ruoyi-system/pom.xml

@@ -78,6 +78,17 @@
             <artifactId>ruoyi-common-swagger</artifactId>
         </dependency>
 
+        <!-- jasypt -->
+        <dependency>
+            <groupId>com.github.ulisesbocchio</groupId>
+            <artifactId>jasypt-spring-boot-starter</artifactId>
+        </dependency>
+        <!-- mybatis plus 配置-->
+        <dependency>
+            <groupId>com.baomidou</groupId>
+            <artifactId>mybatis-plus-boot-starter</artifactId>
+        </dependency>
+
     </dependencies>
 
     <build>