1.登陆界面得验证码增加了干扰因子

2.登陆密码传输由原来得对称算法，改成了非对称

1.登陆界面得验证码增加了干扰因子
2.登陆密码传输由原来得对称算法，改成了非对称
04dccee6 · WeiCong · 02d7cc76 · 04dccee6 · 04dccee6
Commit 04dccee6 authored Jan 25, 2021 by WeiCong
Showing with 70 additions and 13 deletions

DatabaseLoginContextForELCS.java ...com/brilliance/eibs/auth/DatabaseLoginContextForELCS.java +23 -2

VerifyCodeCreateController.java ...sentation/noui/controller/VerifyCodeCreateController.java +47 -11

No files found.
--- a/src/main/java/cn/com/brilliance/eibs/auth/DatabaseLoginContextForELCS.java
+++ b/src/main/java/cn/com/brilliance/eibs/auth/DatabaseLoginContextForELCS.java
@@ -2,6 +2,7 @@ package cn.com.brilliance.eibs.auth;

 import log.Log;
 import log.LogFactory;
+import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.dbutils.DbUtils;
 import org.sss.common.impl.AbstractLoginContext;
 import org.sss.common.impl.MenuItemImpl;
@@ -9,11 +10,14 @@ import org.sss.common.model.IContext.DataType;
 import org.sss.common.model.IFilter;
 import org.sss.common.model.IMenuItem;
 import org.sss.presentation.noui.api.response.ErrorCode;
-import org.sss.presentation.noui.util.AESUtil;
 import org.sss.presentation.noui.util.NoUiUtils;
 import org.sss.presentation.noui.util.StringUtil;
 import org.sss.util.ContainerUtils;

+import javax.crypto.Cipher;
+import java.security.KeyFactory;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.spec.PKCS8EncodedKeySpec;
 import java.sql.*;
 import java.time.Duration;
 import java.time.LocalDateTime;
@@ -66,6 +70,8 @@ public class DatabaseLoginContextForELCS extends AbstractLoginContext {
    //连续多次输入密码重置
    private static int maxfltcnt = 5;

+    private static final String privateKey="MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALTHSCdzrBYyWReFrasVB+ehvfOg/34nTPPNSJsTlr0vqwvVohhqhnlBtIGE1g1//stMcAso8CevpCnN5/cOiwubzFhm1dRsyQmmkiMzH68sNx8+h87X/XeKpWIVSswc2Z3nMMV8zTDK8KhpPJwVRIQ5CqPdiYpQoDhBB5POiWPdAgMBAAECgYAxYCzI+cMK3P2QeyaQD9J05axoGpUt87YE8RDfql4Fljt1pAf9+zp3bAbNSWbdkRQamuoPYkMV09dWw7KTvBklwQe91llTF3eHXKXmI5M+NJtlfmk2aeJCwmb8LtFyIMb3ocgvni5es/jEd/UTzZvzZpbkR+aD5aiXEC/wFCNJUQJBANfQuCDO2d7MIfv36DKbGJ25oqX/e2B/GWDhNGb3F4BqN+3MkFw21MAP3OlW/nu0XgyRLVzw8pm6E6WlBR3GPGMCQQDWcHVWr7fIeQ9sLAKwhe+D4k/kPElaptxoqzMIWNcweG5fc2eMvJ5BHh081B0h4+KiLE6lgvitZU2c8aCm/TK/AkAuJ7U5TwPJYl7iRGKkcAcTtF/UoI8CVCxZS9CpNK8SB6VudhFpp1BYwwu7258RVcHHbkUFW4KG3gTVqDUv6PWBAkEAsuD6sMZB68Q4vkZ0M+Z2JzDI7h3wHuOkZtew6VyanT9I6uysy3SoGq/ROeXDK3samaeWL3DymkowFSRmnAYIpwJABliTTManT9rkQx+sahGwGKInAClxl3Po5XB8ST/75xkSobYAVaV8kgrxE4u4DJxbomBUWeT7oOOhX2vODMhuZg==";
+
    static {
        init();
    }
@@ -104,13 +110,28 @@ public class DatabaseLoginContextForELCS extends AbstractLoginContext {
            return "";
        }
        try {
-            pwd = AESUtil.decryptAES(pwd,verifycode);
+//            pwd = AESUtil.decryptAES(pwd,verifycode);
+            pwd = decrypt(pwd);
        } catch (Exception e) {
            log.warn("密码解密失败，使用原密码");
        }
        return pwd;
    }

+    public static String decrypt(String pwd) throws Exception{
+        pwd=pwd.replaceAll("%2B","+");
+        //64位解码加密后的字符串
+        byte[] inputByte = org.apache.commons.codec.binary.Base64.decodeBase64(pwd.getBytes("UTF-8"));
+        //base64编码的私钥
+        byte[] decoded = Base64.decodeBase64(privateKey);
+        RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decoded));
+        //RSA解密
+        Cipher cipher = Cipher.getInstance("RSA");
+        cipher.init(Cipher.DECRYPT_MODE, priKey);
+        String outStr = new String(cipher.doFinal(inputByte),"UTF-8");
+        return outStr;
+    }
+
    //偏移 头4 尾7
    private static String convert(String str) {
        if(str.length()==1){

--- a/src/main/java/org/sss/presentation/noui/controller/VerifyCodeCreateController.java
+++ b/src/main/java/org/sss/presentation/noui/controller/VerifyCodeCreateController.java
@@ -31,14 +31,18 @@ public class VerifyCodeCreateController {
    private static final int width = 100;//验证码图片宽度
    private static final int height = 50;//验证码图片高度
    private static final int vcsessionout = 120;//验证码超时时间
+    final float yawpRate = 0.05f;// 噪声率
+    final int area = (int) (yawpRate * width * height);
+    final int fontSize = height - 4;
+    final Random r = new Random();

    @Autowired
    private NoUiVersion noUiVersion;

    @ResponseBody
-    @RequestMapping(value ="/version", method = RequestMethod.GET)
+    @RequestMapping(value = "/version", method = RequestMethod.GET)
    public Object version(HttpServletRequest request, HttpServletResponse response) {
-        Map<String,Object> retDatamap=new HashMap<>();
+        Map<String, Object> retDatamap = new HashMap<>();
        retDatamap.put("fieldencode", NoUiUtils.fieldencode);
        return ResultUtil.result(ErrorCodes.SUCCESS, ErrorCodes.SUCCESS_INFO, retDatamap, noUiVersion.getVersion());
    }
@@ -52,39 +56,71 @@ public class VerifyCodeCreateController {
     * 绘画验证码
     */
    private void drawVerifyCode(HttpServletRequest request, HttpServletResponse response) {
-        Graphics2D g=null;
+        Graphics2D g = null;
        try {
-            Random r = new Random();
            BufferedImage bi = new BufferedImage(width, height, BufferedImage.TYPE_INT_RGB);
            g = bi.createGraphics();
            g.setBackground(new Color(200, 150, 255));
            g.fillRect(0, 0, width, height);
+            //绘制干扰线
+            g.setColor(new Color(r.nextInt(88), r.nextInt(188), r.nextInt(255)));
+            for (int i = 0; i < 20; i++) {
+                int x = r.nextInt(width - 1);
+                int y = r.nextInt(height - 1);
+                int xl = r.nextInt(6) + 1;
+                int yl = r.nextInt(12) + 1;
+                g.drawLine(x, y, x + xl + 40, y + yl + 20);
+            }
+            // 添加噪点
+            for (int i = 0; i < area; i++) {
+                int x = r.nextInt(width);
+                int y = r.nextInt(height);
+                int rgb = getRandomIntColor();
+                bi.setRGB(x, y, rgb);
+            }
            StringBuilder codes = new StringBuilder();
            for (int i = 0; i < 4; i++) {
                String code = STR.charAt(r.nextInt(STR.length())) + "";
                g.setColor(new Color(r.nextInt(88), r.nextInt(188), r.nextInt(255)));
-                Font font = new Font("Times New Roman", Font.ITALIC, r.nextInt(1)*7+30);
+                Font font = new Font("Times New Roman", Font.ITALIC, fontSize);
                g.setFont(font);
                g.drawString(code, (i * 18) + 10, 30);
                codes.append(code);
            }
-            StringBuilder key=new StringBuilder(codes);
-            if(!StringUtil.isEmpty(request.getRemoteAddr())){
+            StringBuilder key = new StringBuilder(codes);
+            if (!StringUtil.isEmpty(request.getRemoteAddr())) {
                key.append(request.getRemoteAddr());
            }
-            String kb=key.toString().toLowerCase();
-            log.info("key==="+kb);
-            RedisUtil.set(kb, codes.toString(),vcsessionout);
+            String kb = key.toString().toLowerCase();
+            log.info("key===" + kb);
+            RedisUtil.set(kb, codes.toString(), vcsessionout);

 //            request.getSession().setAttribute(Constants.VERIFYCODE, codes.toString());
            ImageIO.write(bi, "JPG", response.getOutputStream());
        } catch (Exception e) {
            log.error("绘制登陆验证码异常", e);
        } finally {
-            if(g!=null){
+            if (g != null) {
                g.dispose();
            }
        }
    }

+    private int getRandomIntColor() {
+        int[] rgb = getRandomRgb();
+        int color = 0;
+        for (int c : rgb) {
+            color = color << 8;
+            color = color | c;
+        }
+        return color;
+    }
+
+    private int[] getRandomRgb() {
+        int[] rgb = new int[3];
+        for (int i = 0; i < 3; i++) {
+            rgb[i] = r.nextInt(255);
+        }
+        return rgb;
+    }
 }