diff --git a/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/utils/EncryptUtils.java b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/utils/EncryptUtils.java index ff0fbc812..fb15a3b04 100644 --- a/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/utils/EncryptUtils.java +++ b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/utils/EncryptUtils.java @@ -222,6 +222,50 @@ public class EncryptUtils { return sm2.decryptStr(data, KeyType.PrivateKey, StandardCharsets.UTF_8); } + /** + * SM2公钥验签(Base64编码) + * + * @param data 原文数据 + * @param sign 签名值 + * @param publicKey 公钥 + * @return true-验签成功,false-验签失败 + */ + public static boolean verifySm2Sign(String data, String sign, String publicKey) { + if (StrUtil.isBlank(data)) { + throw new IllegalArgumentException("SM2验签需要传入原文数据"); + } + if (StrUtil.isBlank(sign)) { + throw new IllegalArgumentException("SM2验签需要传入签名值"); + } + if (StrUtil.isBlank(publicKey)) { + throw new IllegalArgumentException("SM2验签需要传入公钥"); + } + SM2 sm2 = SmUtil.sm2(null, publicKey); + return sm2.verify(data.getBytes(StandardCharsets.UTF_8), sign.getBytes(StandardCharsets.UTF_8)); + } + + /** + * SM2公钥验签(Hex编码) + * + * @param dataHex 原文数据(Hex编码) + * @param signHex 签名值(Hex编码) + * @param publicKey 公钥 + * @return true-验签成功,false-验签失败 + */ + public static boolean verifySm2SignHex(String dataHex, String signHex, String publicKey) { + if (StrUtil.isBlank(dataHex)) { + throw new IllegalArgumentException("SM2验签需要传入Hex格式的原文数据"); + } + if (StrUtil.isBlank(signHex)) { + throw new IllegalArgumentException("SM2验签需要传入Hex格式的签名值"); + } + if (StrUtil.isBlank(publicKey)) { + throw new IllegalArgumentException("SM2验签需要传入公钥"); + } + SM2 sm2 = SmUtil.sm2(null, publicKey); + return sm2.verifyHex(dataHex, signHex); + } + /** * 产生RSA加解密需要的公钥和私钥 * diff --git a/ruoyi-modules/ruoyi-resource/src/main/java/org/dromara/resource/controller/SysEmailController.java b/ruoyi-modules/ruoyi-resource/src/main/java/org/dromara/resource/controller/SysEmailController.java index 8463195f1..ea92e79df 100644 --- a/ruoyi-modules/ruoyi-resource/src/main/java/org/dromara/resource/controller/SysEmailController.java +++ b/ruoyi-modules/ruoyi-resource/src/main/java/org/dromara/resource/controller/SysEmailController.java @@ -9,6 +9,7 @@ import org.dromara.common.core.constant.GlobalConstants; import org.dromara.common.core.domain.R; import org.dromara.common.core.exception.ServiceException; import org.dromara.common.core.utils.SpringUtils; +import org.dromara.common.core.utils.regex.RegexValidator; import org.dromara.common.redis.annotation.RateLimiter; import org.dromara.common.web.core.BaseController; import org.dromara.common.mail.config.properties.MailProperties; @@ -37,7 +38,7 @@ public class SysEmailController extends BaseController { private final MailProperties mailProperties; /** - * 邮箱验证码 + * 发送邮箱验证码 * * @param email 邮箱 */ @@ -46,6 +47,9 @@ public class SysEmailController extends BaseController { if (!mailProperties.getEnabled()) { return R.fail("当前系统没有开启邮箱功能!"); } + if (!RegexValidator.isEmail(email)) { + return R.fail("请输入正确的邮箱地址!"); + } SpringUtils.getAopProxy(this).emailCodeImpl(email); return R.ok(); } diff --git a/ruoyi-modules/ruoyi-resource/src/main/java/org/dromara/resource/controller/SysSmsController.java b/ruoyi-modules/ruoyi-resource/src/main/java/org/dromara/resource/controller/SysSmsController.java index 4207dc4f6..6ddb248fb 100644 --- a/ruoyi-modules/ruoyi-resource/src/main/java/org/dromara/resource/controller/SysSmsController.java +++ b/ruoyi-modules/ruoyi-resource/src/main/java/org/dromara/resource/controller/SysSmsController.java @@ -8,6 +8,7 @@ import lombok.extern.slf4j.Slf4j; import org.dromara.common.core.constant.Constants; import org.dromara.common.core.constant.GlobalConstants; import org.dromara.common.core.domain.R; +import org.dromara.common.core.utils.regex.RegexValidator; import org.dromara.common.redis.annotation.RateLimiter; import org.dromara.common.redis.utils.RedisUtils; import org.dromara.common.web.core.BaseController; @@ -42,6 +43,9 @@ public class SysSmsController extends BaseController { @RateLimiter(key = "#phonenumber", time = 60, count = 1) @GetMapping("/code") public R smsCaptcha(@NotBlank(message = "{user.phonenumber.not.blank}") String phoneNumber) { + if (!RegexValidator.isMobile(phoneNumber)) { + return R.fail("请输入正确的手机号!"); + } String key = GlobalConstants.CAPTCHA_CODE_KEY + phoneNumber; String code = RandomUtil.randomNumbers(4); RedisUtils.setCacheObject(key, code, Duration.ofMinutes(Constants.CAPTCHA_EXPIRATION)); diff --git a/ruoyi-modules/ruoyi-resource/src/main/java/org/dromara/resource/dubbo/RemoteFileServiceImpl.java b/ruoyi-modules/ruoyi-resource/src/main/java/org/dromara/resource/dubbo/RemoteFileServiceImpl.java index b138e9d6c..b67eaa608 100644 --- a/ruoyi-modules/ruoyi-resource/src/main/java/org/dromara/resource/dubbo/RemoteFileServiceImpl.java +++ b/ruoyi-modules/ruoyi-resource/src/main/java/org/dromara/resource/dubbo/RemoteFileServiceImpl.java @@ -8,9 +8,10 @@ import org.dromara.common.core.exception.ServiceException; import org.dromara.common.core.utils.MapstructUtils; import org.dromara.common.core.utils.StringUtils; import org.dromara.common.json.utils.JsonUtils; -import org.dromara.common.oss.core.OssClient; -import org.dromara.common.oss.entity.UploadResult; +import org.dromara.common.oss.client.OssClient; import org.dromara.common.oss.factory.OssFactory; +import org.dromara.common.oss.model.PutObjectResult; +import org.dromara.common.oss.util.S3ObjectUtil; import org.dromara.resource.api.RemoteFileService; import org.dromara.resource.api.domain.RemoteFile; import org.dromara.resource.domain.SysOssExt; @@ -43,15 +44,16 @@ public class RemoteFileServiceImpl implements RemoteFileService { public RemoteFile upload(String name, String originalFilename, String contentType, byte[] file) throws ServiceException { try { String suffix = StringUtils.substring(originalFilename, originalFilename.lastIndexOf("."), originalFilename.length()); - OssClient storage = OssFactory.instance(); - UploadResult uploadResult = storage.uploadSuffix(file, suffix, contentType); + OssClient instance = OssFactory.instance(); + String pathKey = S3ObjectUtil.buildPathKey(originalFilename); + PutObjectResult result = instance.upload(pathKey, file); // 保存文件信息 SysOssBo oss = new SysOssBo(); - oss.setUrl(uploadResult.getUrl()); + oss.setUrl(result.url()); oss.setFileSuffix(suffix); - oss.setFileName(uploadResult.getFilename()); + oss.setFileName(result.key()); oss.setOriginalName(originalFilename); - oss.setService(storage.getConfigKey()); + oss.setService(instance.clientId()); SysOssExt ext1 = new SysOssExt(); ext1.setFileSize((long) file.length); String extStr = JsonUtils.toJsonString(ext1); @@ -59,8 +61,8 @@ public class RemoteFileServiceImpl implements RemoteFileService { sysOssService.insertByBo(oss); RemoteFile sysFile = new RemoteFile(); sysFile.setOssId(oss.getOssId()); - sysFile.setName(uploadResult.getFilename()); - sysFile.setUrl(uploadResult.getUrl()); + sysFile.setName(result.key()); + sysFile.setUrl(result.url()); sysFile.setOriginalName(originalFilename); sysFile.setFileSuffix(suffix); sysFile.setExt1(extStr);