分析的版本爲2.83 先看下面的代碼
public static synchronized boolean refValid()
{
if (!validated)
{
validated = true;
try
{
String key = MybatisSetting.getInstance().getKey(); //KEY
String result = MybatisSetting.getInstance().getResult(); //RESULT
if ((StringUtils.isBlank(key)) || (StringUtils.isBlank(result)))
{
valid = false;
}
else
{
Key publicKey = Codec.loadKey(key);
Codec.decrypt(publicKey, Hexs.toBytes(result));
valid = true;
}
}
catch (Exception e)
{
valid = false;
}
}
return valid;
}
這裏說明KEY和RESULT其實是C:Usersilanyu.IntelliJIdea2016.2configoptionsmybatis.xml這個文件中獲取到的
下面的
Key publicKey = Codec.loadKey(key);
Codec.decrypt(publicKey, Hexs.toBytes(result));
這兩句是校驗KEY和RESULT的
具體代碼如下
public static Key loadKey(String key)
{
Preconditions.checkNotNull(key, "key must not be null");
try
{
KeyFactory factory = KeyFactory.getInstance("RSA");
X509EncodedKeySpec spec = new X509EncodedKeySpec(Hexs.toBytes(key));
return factory.generatePublic(spec);
}
catch (Exception e)
{
throw new RuntimeException(e);
}
}
public static byte[] decrypt(Key key, byte[] raw)
{
Preconditions.checkNotNull(key, "key must not be null");
Preconditions.checkNotNull(raw, "raw must not be null");
try
{
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(2, key);
return cipher.doFinal(raw);
}
catch (Exception e)
{
throw new RuntimeException(e);
}
}
首先對KEY檢查,看是否含有公鑰,有就通過,沒有就失敗 然後用KEY裏的公鑰檢測能不能用來解密RESULT
針對性的註冊機:
package com.lanyus;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
public class Main {
public static void main(String[] args) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
KeyPairGenerator keygen = KeyPairGenerator.getInstance("RSA");
keygen.initialize(512);
KeyPair kp = keygen.generateKeyPair();
RSAPrivateKey privateKey = (RSAPrivateKey)kp.getPrivate();
RSAPublicKey publicKey = (RSAPublicKey)kp.getPublic();
System.out.println("KEY:\n" + bytesToHexString(publicKey.getEncoded()) + "\n");
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE,privateKey);
System.out.println("RESULT:\n" + bytesToHexString(cipher.doFinal("ilanyu".getBytes())) + "\n");
}
private static String bytesToHexString(byte[] src){
StringBuilder stringBuilder = new StringBuilder("");
if (src == null || src.length <= 0) {
return null;
}
for (byte aSrc : src) {
int v = aSrc & 0xFF;
String hv = Integer.toHexString(v);
if (hv.length() < 2) {
stringBuilder.append(0);
}
stringBuilder.append(hv);
}
return stringBuilder.toString();
}
}
計算出來的KEY和RESULT:
KEY:
305c300d06092a864886f70d0101010500034b003048024100878e6bea07d7052499419efe4ed4382f426dc5ca2d01140f896a6d0566526c6757ff591347d888bd032f94ce92609ce0cc349de0ba9043dc3163f9667438a14d0203010001
RESULT:
414834456369b9329793f0b42c6c0af67d00516c7ceb136ad221fa0355dc2cd611ed1bcd36b61d00ba7e587d253c1de145831cd0d65b891c9dc34430f9e69c59
說下KEY和RESULT的使用方法: 1、安裝官方版mybatis plus插件,然後關閉IDEA
2、hosts中添加127.0.0.1 www.codesmagic.com
3、記事本打開C:Users{USER}.IntelliJIdea{VERSION}configoptionsmybatis.xml,寫入到對應的字段中,打開idea,mybatis插件已經激活