增加请求加密动态获取密钥

2024-04-06 14:31:25 +08:00 · 2024-04-06 14:31:25 +08:00 · 596cf10a1c
commit 596cf10a1c
parent 659caa1d0e
11 changed files with 437 additions and 42 deletions
--- a/8
+++ b/8
@ -0,0 +1,8 @@
+# 使用官方的 Java 运行时作为父镜像
+FROM openjdk:8-jdk-alpine
+
+# 将本地文件复制到容器中
+COPY target/my-app.jar /app.jar
+
+# 运行应用
+ENTRYPOINT ["java","-jar","/app.jar"]
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/AuthController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/AuthController.java
@ -5,8 +5,6 @@ import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.util.ObjectUtil;
 import com.mybatisflex.core.query.QueryWrapper;
 import com.ruoyi.common.core.constant.UserConstants;
-import com.ruoyi.common.core.core.domain.AjaxResult;
-import com.ruoyi.common.core.core.domain.model.LoginUser;
 import com.ruoyi.common.core.core.domain.model.SocialLoginBody;
 import com.ruoyi.common.core.utils.*;
 import com.ruoyi.common.encrypt.annotation.ApiEncrypt;
@ -15,13 +13,11 @@ import com.ruoyi.common.security.utils.LoginHelper;
 import com.ruoyi.common.social.config.properties.SocialLoginConfigProperties;
 import com.ruoyi.common.social.config.properties.SocialProperties;
 import com.ruoyi.common.social.utils.SocialUtils;
-import com.ruoyi.common.tenant.helper.TenantHelper;
 import com.ruoyi.common.websocket.dto.WebSocketMessageDto;
 import com.ruoyi.common.websocket.utils.WebSocketUtils;
 import com.ruoyi.system.domain.bo.SysTenantBo;
 import com.ruoyi.system.domain.vo.SysClientVo;
 import com.ruoyi.system.domain.vo.SysTenantVo;
-import com.ruoyi.system.domain.vo.SysUserVo;
 import com.ruoyi.system.service.*;
 import com.ruoyi.web.domain.vo.LoginTenantVo;
 import com.ruoyi.web.domain.vo.LoginVo;
@ -34,7 +30,6 @@ import lombok.extern.slf4j.Slf4j;
 import com.ruoyi.common.core.core.domain.R;
 import com.ruoyi.common.core.core.domain.model.LoginBody;
 import com.ruoyi.common.core.core.domain.model.RegisterBody;
-import com.ruoyi.system.domain.SysClient;
 import com.ruoyi.web.service.IAuthStrategy;
 import com.ruoyi.web.service.SysLoginService;
 import me.zhyd.oauth.model.AuthResponse;
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/CaptchaController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/CaptchaController.java
@ -2,7 +2,10 @@ package com.ruoyi.web.controller;

 import cn.dev33.satoken.annotation.SaIgnore;
 import java.time.Duration;
+import java.util.HashMap;
 import java.util.LinkedHashMap;
+import java.util.Map;
+import java.util.UUID;

 import cn.hutool.captcha.AbstractCaptcha;
 import cn.hutool.captcha.generator.CodeGenerator;
@ -10,11 +13,13 @@ import cn.hutool.core.util.IdUtil;
 import cn.hutool.core.util.RandomUtil;
 import com.ruoyi.common.core.annotation.RateLimiter;
 import com.ruoyi.common.core.constant.GlobalConstants;
+import com.ruoyi.common.core.core.domain.AjaxResult;
 import com.ruoyi.common.core.enums.LimitType;
 import com.ruoyi.common.core.utils.StringUtils;
 import com.ruoyi.common.core.utils.reflect.ReflectUtils;
 import com.ruoyi.common.core.utils.SpringUtils;
 import com.ruoyi.common.core.core.domain.R;
+import com.ruoyi.common.encrypt.utils.RSAUtils;
 import com.ruoyi.common.mail.config.properties.MailProperties;
 import com.ruoyi.common.mail.utils.MailUtils;
 import com.ruoyi.common.redis.utils.RedisUtils;
@ -134,4 +139,27 @@ public class CaptchaController
        }
        return R.ok();
    }
+
+    @GetMapping("/genKeyPair")
+    public R genKeyPair() {
+        Map<String,String> map=new HashMap<>();
+        try {
+            log.info("开始生产rsa秘钥");
+
+            Map<String, Object> keyPair = RSAUtils.genKeyPair();
+            String publicKey = RSAUtils.getPublicKey(keyPair);
+            String privateKey = RSAUtils.getPrivateKey(keyPair);
+            log.info("privateKey："+privateKey);
+            String uuid="ruoyi_"+ UUID.randomUUID().toString().replace("-","");
+            RedisUtils.setCacheMapValue("loginRsa",uuid,privateKey);
+            RedisUtils.expire("loginRsa",60*60);
+            log.info("写入redis完成");
+
+            map.put("uuidPrivateKey",uuid);
+            map.put("RSA_PUBLIC_KEY",publicKey);
+        } catch (Exception e) {
+            return R.fail("生成RSA秘钥失败,"+e.getMessage());
+        }
+        return R.ok(map);
+    }
 }
--- a/ruoyi-admin/src/main/resources/application-dev.yml
+++ b/ruoyi-admin/src/main/resources/application-dev.yml
@ -36,8 +36,8 @@ mybatis-flex:
      #postgresql数据库
      driver-class-name: org.postgresql.Driver
      url: jdbc:postgresql://localhost:5432/ruoyi-flex?useUnicode=true&characterEncoding=utf8&useSSL=true&autoReconnect=true&reWriteBatchedInserts=true
-      username: postgres
-      password: postgres@369
+      username: root
+      password: root

 # redis 单机配置(单机与集群只能开启一个另一个需要注释掉)
 spring.data:
@ -49,7 +49,7 @@ spring.data:
    # 数据库索引
    database: 0
    # 密码(如没有密码请注释掉)
-    # password:
+    password: root
    # 连接超时时间
    timeout: 10s
    # 是否开启ssl
--- a/ruoyi-admin/src/main/resources/application-prod.yml
+++ b/ruoyi-admin/src/main/resources/application-prod.yml
@ -35,21 +35,21 @@ mybatis-flex:
      #      password: Root@369
      #postgresql数据库
      driver-class-name: org.postgresql.Driver
-      url: jdbc:postgresql://localhost:5432/ruoyi-flex?useUnicode=true&characterEncoding=utf8&useSSL=true&autoReconnect=true&reWriteBatchedInserts=true
-      username: postgres
-      password: postgres@369
+      url: jdbc:postgresql://172.16.0.151:5432/ruoyi-flex?useUnicode=true&characterEncoding=utf8&useSSL=true&autoReconnect=true&reWriteBatchedInserts=true
+      username: root
+      password: root

 # redis 单机配置(单机与集群只能开启一个另一个需要注释掉)
 spring.data:
  redis:
    # 地址
-    host: localhost
+    host: 172.16.0.151
    # 端口，默认为6379
    port: 6379
    # 数据库索引
    database: 0
    # 密码(如没有密码请注释掉)
-    # password:
+    password: root
    # 连接超时时间
    timeout: 10s
    # 是否开启ssl
@ -81,7 +81,7 @@ redisson:
 spring.boot.admin.client:
  # 增加客户端开关
  enabled: true
-  url: http://localhost:9090/admin
+  url: http://172.16.0.151:9090/admin
  instance:
    service-host-type: IP
  username: ruoyi
@ -97,7 +97,7 @@ powerjob:
    # 28080 端口 随着主应用端口飘逸 避免集群冲突
    port: 2${server.port}
    protocol: http
-    server-address: 127.0.0.1:7700
+    server-address: 172.16.0.151:7700
    store-strategy: disk
    allow-lazy-connect-server: false
    max-appended-wf-context-length: 4096
--- a/ruoyi-admin/src/main/resources/application.yml
+++ b/ruoyi-admin/src/main/resources/application.yml
@ -9,7 +9,7 @@ ruoyi:
  # 实例演示开关
  demoEnabled: true
  # 文件路径 示例（ Windows配置D:/ruoyi/uploadPath，Linux配置 /home/ruoyi/uploadPath）
-  profile: D:/ruoyi/uploadPath
+  profile: /home/ruoyi/uploadPath
  # 获取ip地址开关
  addressEnabled: false

@ -298,6 +298,7 @@ security:
    - /captchaImage
    - /captcha/get
    - /captcha/check
+    - /genKeyPair

 --- # Actuator 监控端点的配置项
 management:
--- a/ruoyi-admin/src/main/resources/logback.xml
+++ b/ruoyi-admin/src/main/resources/logback.xml
@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <configuration>
    <!-- 日志存放路径 -->
-	<property name="log.path" value="/home/ruoyi/logs" />
+	<property name="log.path" value="./home/ruoyi/logs" />
    <!-- 日志输出格式 -->
 	<property name="log.pattern" value="%d{HH:mm:ss.SSS} [%thread] %-5level %logger{20} - [%method,%line] - %msg%n" />

--- a/ruoyi-common/ruoyi-common-encrypt/src/main/java/com/ruoyi/common/encrypt/filter/CryptoFilter.java
+++ b/ruoyi-common/ruoyi-common-encrypt/src/main/java/com/ruoyi/common/encrypt/filter/CryptoFilter.java
@ -51,7 +51,7 @@ public class CryptoFilter implements Filter {
                String headerValue = servletRequest.getHeader(properties.getHeaderFlag());
                if (StringUtils.isNotBlank(headerValue)) {
                    // 请求解密
-                    requestWrapper = new DecryptRequestBodyWrapper(servletRequest, properties.getPrivateKey(), properties.getHeaderFlag());
+                    requestWrapper = new DecryptRequestBodyWrapper(servletRequest, headerValue);
                } else {
                    // 是否有注解，有就报错，没有放行
                    if (ObjectUtil.isNotNull(apiEncrypt)) {
--- a/ruoyi-common/ruoyi-common-encrypt/src/main/java/com/ruoyi/common/encrypt/filter/DecryptRequestBodyWrapper.java
+++ b/ruoyi-common/ruoyi-common-encrypt/src/main/java/com/ruoyi/common/encrypt/filter/DecryptRequestBodyWrapper.java
@ -2,12 +2,14 @@ package com.ruoyi.common.encrypt.filter;

 import cn.hutool.core.io.IoUtil;
 import com.ruoyi.common.encrypt.utils.EncryptUtils;
+import com.ruoyi.common.redis.utils.RedisUtils;
 import jakarta.servlet.ReadListener;
 import jakarta.servlet.ServletInputStream;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletRequestWrapper;
 import com.ruoyi.common.core.constant.Constants;
 import org.springframework.http.MediaType;
+import org.springframework.web.util.UriUtils;

 import java.io.BufferedReader;
 import java.io.ByteArrayInputStream;
@ -24,22 +26,20 @@ public class DecryptRequestBodyWrapper extends HttpServletRequestWrapper {

    private final byte[] body;

-    public DecryptRequestBodyWrapper(HttpServletRequest request, String privateKey, String headerFlag) throws IOException {
-        super(request);
-        // 获取 AES 密码 采用 RSA 加密
-        String headerRsa = request.getHeader(headerFlag);
-        String decryptAes = EncryptUtils.decryptByRsa(headerRsa, privateKey);
-        // 解密 AES 密码
-        String aesPassword = EncryptUtils.decryptByBase64(decryptAes);
-        request.setCharacterEncoding(Constants.UTF8);
-        byte[] readBytes = IoUtil.readBytes(request.getInputStream(), false);
-        String requestBody = new String(readBytes, StandardCharsets.UTF_8);
-        // 解密 body 采用 AES 加密
-        String decryptBody = EncryptUtils.decryptByAes(requestBody, aesPassword);
-        body = decryptBody.getBytes(StandardCharsets.UTF_8);
-    }
+   public DecryptRequestBodyWrapper(HttpServletRequest request, String privateKey) throws IOException {
+            super(request);
+            // 获取 AES 密码 采用 RSA 加密
+            String privateKeyValue = RedisUtils.getCacheMapValue("loginRsa", privateKey);

-    @Override
+            byte[] readBytes = IoUtil.readBytes(request.getInputStream(), false);
+            String requestBody = new String(readBytes, StandardCharsets.UTF_8);
+            // 解密 body 采用 AES 加密
+            String decryptBody = EncryptUtils.decryptByRsa(requestBody, privateKeyValue);
+            body =   UriUtils.decode(decryptBody, StandardCharsets.UTF_8).getBytes(StandardCharsets.UTF_8);
+        }
+
+
+        @Override
    public BufferedReader getReader() {
        return new BufferedReader(new InputStreamReader(getInputStream()));
    }
--- a/ruoyi-common/ruoyi-common-encrypt/src/main/java/com/ruoyi/common/encrypt/utils/RSAUtils.java
+++ b/ruoyi-common/ruoyi-common-encrypt/src/main/java/com/ruoyi/common/encrypt/utils/RSAUtils.java
@ -0,0 +1,363 @@
+package com.ruoyi.common.encrypt.utils;
+
+import org.apache.commons.codec.binary.Base64;
+
+import javax.crypto.Cipher;
+import java.io.ByteArrayOutputStream;
+import java.security.*;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * @NAME: RSAEncryptUtils
+ * @AUTHOR: gaoly
+ * @DATE: 2021/1/26 15:15
+ * @DES:
+ **/
+public class RSAUtils {
+    /** */
+    /**
+     * 加密算法RSA
+     */
+    public static final String KEY_ALGORITHM = "RSA";
+
+    /** */
+    /**
+     * 签名算法
+     */
+    public static final String SIGNATURE_ALGORITHM = "MD5withRSA";
+
+    /** */
+    /**
+     * 获取公钥的key
+     */
+    private static final String PUBLIC_KEY = "RSAPublicKey";
+
+    /** */
+    /**
+     * 获取私钥的key
+     */
+    private static final String PRIVATE_KEY = "RSAPrivateKey";
+
+    /** */
+    /**
+     * RSA最大加密明文大小
+     */
+    private static final int MAX_ENCRYPT_BLOCK = 117;
+
+    /** */
+    /**
+     * RSA最大解密密文大小
+     */
+    private static final int MAX_DECRYPT_BLOCK = 128;
+
+    /** */
+    /**
+     * RSA 位数 如果采用2048 上面最大加密和最大解密则须填写:  245 256
+     */
+    private static final int INITIALIZE_LENGTH = 1024;
+
+    /** */
+    /**
+     * <p>
+     * 生成密钥对(公钥和私钥)
+     * </p>
+     *
+     * @return
+     * @throws Exception
+     */
+    public static Map<String, Object> genKeyPair() throws Exception {
+        KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(KEY_ALGORITHM);
+        keyPairGen.initialize(INITIALIZE_LENGTH);
+        KeyPair keyPair = keyPairGen.generateKeyPair();
+        RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
+        RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
+        Map<String, Object> keyMap = new HashMap<String, Object>(2);
+        keyMap.put(PUBLIC_KEY, publicKey);
+        keyMap.put(PRIVATE_KEY, privateKey);
+        return keyMap;
+    }
+
+    /** */
+    /**
+     * <p>
+     * 用私钥对信息生成数字签名
+     * </p>
+     *
+     * @param data
+     *            已加密数据
+     * @param privateKey
+     *            私钥(BASE64编码)
+     *
+     * @return
+     * @throws Exception
+     */
+    public static String sign(byte[] data, String privateKey) throws Exception {
+        byte[] keyBytes = Base64.decodeBase64(privateKey);
+        PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
+        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
+        PrivateKey privateK = keyFactory.generatePrivate(pkcs8KeySpec);
+        Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
+        signature.initSign(privateK);
+        signature.update(data);
+        return Base64.encodeBase64String(signature.sign());
+    }
+
+    /** */
+    /**
+     * <p>
+     * 校验数字签名
+     * </p>
+     *
+     * @param data
+     *            已加密数据
+     * @param publicKey
+     *            公钥(BASE64编码)
+     * @param sign
+     *            数字签名
+     *
+     * @return
+     * @throws Exception
+     *
+     */
+    public static boolean verify(byte[] data, String publicKey, String sign) throws Exception {
+        byte[] keyBytes = Base64.decodeBase64(publicKey);
+        X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
+        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
+        PublicKey publicK = keyFactory.generatePublic(keySpec);
+        Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
+        signature.initVerify(publicK);
+        signature.update(data);
+        return signature.verify(Base64.decodeBase64(sign));
+    }
+
+    /** */
+    /**
+     * <P>
+     * 私钥解密
+     * </p>
+     *
+     * @param encryptedData
+     *            已加密数据
+     * @param privateKey
+     *            私钥(BASE64编码)
+     * @return
+     * @throws Exception
+     */
+    public static byte[] decryptByPrivateKey(byte[] encryptedData, String privateKey) throws Exception {
+        byte[] keyBytes = Base64.decodeBase64(privateKey);
+        PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
+        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
+        Key privateK = keyFactory.generatePrivate(pkcs8KeySpec);
+        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
+        cipher.init(Cipher.DECRYPT_MODE, privateK);
+        int inputLen = encryptedData.length;
+        ByteArrayOutputStream out = new ByteArrayOutputStream();
+        int offSet = 0;
+        byte[] cache;
+        int i = 0;
+        // 对数据分段解密
+        while (inputLen - offSet > 0) {
+            if (inputLen - offSet > MAX_DECRYPT_BLOCK) {
+                cache = cipher.doFinal(encryptedData, offSet, MAX_DECRYPT_BLOCK);
+            } else {
+                cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet);
+            }
+            out.write(cache, 0, cache.length);
+            i++;
+            offSet = i * MAX_DECRYPT_BLOCK;
+        }
+        byte[] decryptedData = out.toByteArray();
+        out.close();
+        return decryptedData;
+    }
+
+    /** */
+    /**
+     * <p>
+     * 公钥解密
+     * </p>
+     *
+     * @param encryptedData
+     *            已加密数据
+     * @param publicKey
+     *            公钥(BASE64编码)
+     * @return
+     * @throws Exception
+     */
+    public static byte[] decryptByPublicKey(byte[] encryptedData, String publicKey) throws Exception {
+        byte[] keyBytes = Base64.decodeBase64(publicKey);
+        X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
+        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
+        Key publicK = keyFactory.generatePublic(x509KeySpec);
+        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
+        cipher.init(Cipher.DECRYPT_MODE, publicK);
+        int inputLen = encryptedData.length;
+        ByteArrayOutputStream out = new ByteArrayOutputStream();
+        int offSet = 0;
+        byte[] cache;
+        int i = 0;
+        // 对数据分段解密
+        while (inputLen - offSet > 0) {
+            if (inputLen - offSet > MAX_DECRYPT_BLOCK) {
+                cache = cipher.doFinal(encryptedData, offSet, MAX_DECRYPT_BLOCK);
+            } else {
+                cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet);
+            }
+            out.write(cache, 0, cache.length);
+            i++;
+            offSet = i * MAX_DECRYPT_BLOCK;
+        }
+        byte[] decryptedData = out.toByteArray();
+        out.close();
+        return decryptedData;
+    }
+
+    /** */
+    /**
+     * <p>
+     * 公钥加密
+     * </p>
+     *
+     * @param data
+     *            源数据
+     * @param publicKey
+     *            公钥(BASE64编码)
+     * @return
+     * @throws Exception
+     */
+    public static byte[] encryptByPublicKey(byte[] data, String publicKey) throws Exception {
+        byte[] keyBytes = Base64.decodeBase64(publicKey);
+        X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
+        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
+        Key publicK = keyFactory.generatePublic(x509KeySpec);
+        // 对数据加密
+        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
+        cipher.init(Cipher.ENCRYPT_MODE, publicK);
+        int inputLen = data.length;
+        ByteArrayOutputStream out = new ByteArrayOutputStream();
+        int offSet = 0;
+        byte[] cache;
+        int i = 0;
+        // 对数据分段加密
+        while (inputLen - offSet > 0) {
+            if (inputLen - offSet > MAX_ENCRYPT_BLOCK) {
+                cache = cipher.doFinal(data, offSet, MAX_ENCRYPT_BLOCK);
+            } else {
+                cache = cipher.doFinal(data, offSet, inputLen - offSet);
+            }
+            out.write(cache, 0, cache.length);
+            i++;
+            offSet = i * MAX_ENCRYPT_BLOCK;
+        }
+        byte[] encryptedData = out.toByteArray();
+        out.close();
+        return encryptedData;
+    }
+
+    /** */
+    /**
+     * <p>
+     * 私钥加密
+     * </p>
+     *
+     * @param data
+     *            源数据
+     * @param privateKey
+     *            私钥(BASE64编码)
+     * @return
+     * @throws Exception
+     */
+    public static byte[] encryptByPrivateKey(byte[] data, String privateKey) throws Exception {
+        byte[] keyBytes = Base64.decodeBase64(privateKey);
+        PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
+        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
+        Key privateK = keyFactory.generatePrivate(pkcs8KeySpec);
+        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
+        cipher.init(Cipher.ENCRYPT_MODE, privateK);
+        int inputLen = data.length;
+        ByteArrayOutputStream out = new ByteArrayOutputStream();
+        int offSet = 0;
+        byte[] cache;
+        int i = 0;
+        // 对数据分段加密
+        while (inputLen - offSet > 0) {
+            if (inputLen - offSet > MAX_ENCRYPT_BLOCK) {
+                cache = cipher.doFinal(data, offSet, MAX_ENCRYPT_BLOCK);
+            } else {
+                cache = cipher.doFinal(data, offSet, inputLen - offSet);
+            }
+            out.write(cache, 0, cache.length);
+            i++;
+            offSet = i * MAX_ENCRYPT_BLOCK;
+        }
+        byte[] encryptedData = out.toByteArray();
+        out.close();
+        return encryptedData;
+    }
+
+    /** */
+    /**
+     * <p>
+     * 获取私钥
+     * </p>
+     *
+     * @param keyMap
+     *            密钥对
+     * @return
+     * @throws Exception
+     */
+    public static String getPrivateKey(Map<String, Object> keyMap) throws Exception {
+        Key key = (Key) keyMap.get(PRIVATE_KEY);
+        return Base64.encodeBase64String(key.getEncoded());
+    }
+
+    /** */
+    /**
+     * <p>
+     * 获取公钥
+     * </p>
+     *
+     * @param keyMap
+     *            密钥对
+     * @return
+     * @throws Exception
+     */
+    public static String getPublicKey(Map<String, Object> keyMap) throws Exception {
+        Key key = (Key) keyMap.get(PUBLIC_KEY);
+        return Base64.encodeBase64String(key.getEncoded());
+    }
+
+    /**
+     * java端公钥加密
+     */
+    public static String encryptedDataOnJava(String data, String PUBLICKEY) {
+        try {
+            data = Base64.encodeBase64String(encryptByPublicKey(data.getBytes(), PUBLICKEY));
+        } catch (Exception e) {
+        }
+        return data;
+    }
+
+    /**
+     * java端私钥解密
+     */
+    public static String decryptDataOnJava(String data, String PRIVATEKEY) {
+        String temp = "";
+        try {
+            byte[] rs = Base64.decodeBase64(data);
+            temp = new String(RSAUtils.decryptByPrivateKey(rs, PRIVATEKEY),"UTF-8");
+
+        } catch (Exception e) {
+        }
+        return temp;
+    }
+
+    public static void main(String[] args) throws  Exception{
+
+    }
+}
--- a/ruoyi-extra/ruoyi-powerjob-server/src/main/resources/application-dev.properties
+++ b/ruoyi-extra/ruoyi-powerjob-server/src/main/resources/application-dev.properties
@ -4,8 +4,8 @@ oms.env=dev
 spring.datasource.remote.hibernate.properties.hibernate.dialect=tech.powerjob.server.persistence.config.dialect.PowerJobPGDialect
 spring.datasource.core.driver-class-name=org.postgresql.Driver
 spring.datasource.core.jdbc-url=jdbc:postgresql://localhost:5432/ruoyi-flex?useUnicode=true&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&allowPublicKeyRetrieval=true
-spring.datasource.core.username=postgres
-spring.datasource.core.password=postgres@369
+spring.datasource.core.username=root
+spring.datasource.core.password=root
 ## MySQL数据库连接参数
 #spring.datasource.core.driver-class-name=com.mysql.cj.jdbc.Driver
 #spring.datasource.core.jdbc-url=jdbc:mysql://localhost:3306/ruoyi-flex?useUnicode=true&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&allowPublicKeyRetrieval=true