我想创建一个名为User的模块。该模块由Name,username,phoneNo和password组成。我想使用RSA algorythm加密和减少密码。
这是我的RSA.Java
import java.math.BigInteger;
import java.security.SecureRandom;
/**
* Simple RSA public key encryption algorithm implementation.
*/
public class RSA {
private BigInteger n, d, e;
private int bitlen = 1024;
/** Create an instance that can encrypt using someone elses public key. */
public RSA(BigInteger newn, BigInteger newe) {
n = newn;
e = newe;
}
/** Create an instance that can both encrypt and decrypt. */
public RSA(int bits) {
bitlen = bits;
SecureRandom r = new SecureRandom();
BigInteger p = new BigInteger(bitlen / 2, 100, r);
BigInteger q = new BigInteger(bitlen / 2, 100, r);
n = p.multiply(q);
BigInteger m = (p.subtract(BigInteger.ONE)).multiply(q.subtract(BigInteger.ONE));
e = new BigInteger("3");
while (m.gcd(e).intValue() > 1) {
e = e.add(new BigInteger("2"));
}
d = e.modInverse(m);
}
/** Encrypt the given plaintext message. */
public synchronized String encrypt(String message) {
return (new BigInteger(message.getBytes())).modPow(e, n).toString();
}
/** Encrypt the given plaintext message. */
public synchronized BigInteger encrypt(BigInteger message) {
return message.modPow(e, n);
}
/** Decrypt the given ciphertext message. */
public synchronized String decrypt(String message) {
return new String((new BigInteger(message)).modPow(d, n).toByteArray());
}
/** Decrypt the given ciphertext message. */
public synchronized BigInteger decrypt(BigInteger message) {
return message.modPow(d, n);
}
/** Generate a new public and private key set. */
public synchronized void generateKeys() {
SecureRandom r = new SecureRandom();
BigInteger p = new BigInteger(bitlen / 2, 100, r);
BigInteger q = new BigInteger(bitlen / 2, 100, r);
n = p.multiply(q);
BigInteger m = (p.subtract(BigInteger.ONE)).multiply(q
.subtract(BigInteger.ONE));
e = new BigInteger("3");
while (m.gcd(e).intValue() > 1) {
e = e.add(new BigInteger("2"));
}
d = e.modInverse(m);
}
/** Return the modulus. */
public synchronized BigInteger getN() {
return n;
}
/** Return the public key. */
public synchronized BigInteger getE() {
return e;
}
}
这是我的域名User.groovy:
class User{
String name
String username
String phoneNo
String password
}
这是我的UserController.groovy :(保存并更新)
class UserController {
static allowedMethods = [save: "POST", update: "POST", delete: "POST"]
def index = {
redirect(action: "list", params: params)
}
def save = {
def userInstance = new User(params)
if (userInstance .save(flush: true)) {
flash.message = "${message(code: 'default.created.message', args: [message(code: 'user.label', default: 'User'), userInstance .id])}"
redirect(action: "show", id: userInstance .id)
}
else {
render(view: "create", model: [userInstance : userInstance ])
}
}
def edit = {
def userInstance = User.get(params.id)
if (!userInstance ) {
flash.message = "${message(code: 'default.not.found.message', args: [message(code: 'user.label', default: 'User'), params.id])}"
redirect(action: "list")
}
else {
return [userInstance : userInstance ]
}
}
def update = {
def userInstance = User.get(params.id)
if (userInstance ) {
if (params.version) {
def version = params.version.toLong()
if (userInstance .version > version) {
userInstance .errors.rejectValue("version", "default.optimistic.locking.failure", [message(code: 'user.label', default: 'User')] as Object[], "Another user has updated this User while you were editing")
render(view: "edit", model: [userInstance : userInstance ])
return
}
}
userInstance .properties = params
if (!userInstance .hasErrors() && userInstance .save(flush: true)) {
flash.message = "${message(code: 'default.updated.message', args: [message(code: 'user.label', default: 'User'), userInstance .id])}"
redirect(action: "show", id: userInstance .id)
}
else {
render(view: "edit", model: [userInstance : userInstance ])
}
}
else {
flash.message = "${message(code: 'default.not.found.message', args: [message(code: 'user.label', default: 'User'), params.id])}"
redirect(action: "list")
}
}
}
我必须在保存和编辑控制器中添加什么,以便在保存表单时加密密码,然后当我编辑表单时,密码将被解密?请帮帮我,因为我是Java和Grails的新手,非常感谢你:)。
答案 0 :(得分:1)
与SpringSecurity Plugin类似,您可以使用beforeInsert
和beforeUpdate
事件对您的密码进行转换。在那些方法中实现加密。
class User {
transient springSecurityService
String username
String password
boolean enabled
boolean accountExpired
boolean accountLocked
boolean passwordExpired
static constraints = {
username blank: false, unique: true
password blank: false
}
static mapping = {
password column: '`password`'
}
Set<Role> getAuthorities() {
UserRole.findAllByUser(this).collect { it.role } as Set
}
def beforeInsert() {
encodePassword()
}
def beforeUpdate() {
if (isDirty('password')) {
encodePassword()
}
}
protected void encodePassword() {
password = springSecurityService.encodePassword(password)
}
}