
时间:2013-08-10 13:02:30

标签: java grails rsa grails-2.0 password-encryption

我想创建一个名为User的模块。该模块由Name,username,phoneNo和password组成。我想使用RSA algorythm加密和减少密码。


import java.math.BigInteger;

 * Simple RSA public key encryption algorithm implementation.

public class RSA {
  private BigInteger n, d, e;

  private int bitlen = 1024;

  /** Create an instance that can encrypt using someone elses public key. */
  public RSA(BigInteger newn, BigInteger newe) {
    n = newn;
    e = newe;

  /** Create an instance that can both encrypt and decrypt. */
  public RSA(int bits) {
    bitlen = bits;
    SecureRandom r = new SecureRandom();
    BigInteger p = new BigInteger(bitlen / 2, 100, r);
    BigInteger q = new BigInteger(bitlen / 2, 100, r);

    n = p.multiply(q);
    BigInteger m = (p.subtract(BigInteger.ONE)).multiply(q.subtract(BigInteger.ONE));

    e = new BigInteger("3");
    while (m.gcd(e).intValue() > 1) {
      e = e.add(new BigInteger("2"));
    d = e.modInverse(m);

  /** Encrypt the given plaintext message. */
  public synchronized String encrypt(String message) {
    return (new BigInteger(message.getBytes())).modPow(e, n).toString();

  /** Encrypt the given plaintext message. */
  public synchronized BigInteger encrypt(BigInteger message) {
    return message.modPow(e, n);

  /** Decrypt the given ciphertext message. */
  public synchronized String decrypt(String message) {
    return new String((new BigInteger(message)).modPow(d, n).toByteArray());

  /** Decrypt the given ciphertext message. */
  public synchronized BigInteger decrypt(BigInteger message) {
    return message.modPow(d, n);

  /** Generate a new public and private key set. */
  public synchronized void generateKeys() {
    SecureRandom r = new SecureRandom();
    BigInteger p = new BigInteger(bitlen / 2, 100, r);
    BigInteger q = new BigInteger(bitlen / 2, 100, r);
    n = p.multiply(q);
    BigInteger m = (p.subtract(BigInteger.ONE)).multiply(q
    e = new BigInteger("3");
    while (m.gcd(e).intValue() > 1) {
      e = e.add(new BigInteger("2"));
    d = e.modInverse(m);

  /** Return the modulus. */
  public synchronized BigInteger getN() {
    return n;

  /** Return the public key. */
  public synchronized BigInteger getE() {
    return e;


class User{

    String name
    String username
    String phoneNo
    String password


这是我的UserController.groovy :(保存并更新)

class UserController {

    static allowedMethods = [save: "POST", update: "POST", delete: "POST"]

    def index = {
        redirect(action: "list", params: params)

    def save = {
        def userInstance = new User(params)
        if (userInstance .save(flush: true)) {
            flash.message = "${message(code: 'default.created.message', args: [message(code: 'user.label', default: 'User'), userInstance .id])}"
            redirect(action: "show", id: userInstance .id)
        else {
            render(view: "create", model: [userInstance : userInstance ])

    def edit = {
        def userInstance = User.get(
        if (!userInstance ) {
            flash.message = "${message(code: 'default.not.found.message', args: [message(code: 'user.label', default: 'User'),])}"
            redirect(action: "list")
        else {
            return [userInstance : userInstance ]

    def update = {
        def userInstance = User.get(
        if (userInstance ) {
            if (params.version) {
                def version = params.version.toLong()
                if (userInstance .version > version) {

                    userInstance .errors.rejectValue("version", "default.optimistic.locking.failure", [message(code: 'user.label', default: 'User')] as Object[], "Another user has updated this User while you were editing")
                    render(view: "edit", model: [userInstance : userInstance ])
            userInstance .properties = params
            if (!userInstance .hasErrors() && userInstance .save(flush: true)) {
                flash.message = "${message(code: 'default.updated.message', args: [message(code: 'user.label', default: 'User'), userInstance .id])}"
                redirect(action: "show", id: userInstance .id)
            else {
                render(view: "edit", model: [userInstance : userInstance ])
        else {
            flash.message = "${message(code: 'default.not.found.message', args: [message(code: 'user.label', default: 'User'),])}"
            redirect(action: "list")


1 个答案:

答案 0 :(得分:1)

SpringSecurity Plugin类似,您可以使用beforeInsertbeforeUpdate事件对您的密码进行转换。在那些方法中实现加密。

class User {

    transient springSecurityService

    String username
    String password
    boolean enabled
    boolean accountExpired
    boolean accountLocked
    boolean passwordExpired

    static constraints = {
        username blank: false, unique: true
        password blank: false

    static mapping = {
        password column: '`password`'

    Set<Role> getAuthorities() {
        UserRole.findAllByUser(this).collect { it.role } as Set

    def beforeInsert() {

    def beforeUpdate() {
        if (isDirty('password')) {

    protected void encodePassword() {
        password = springSecurityService.encodePassword(password)