From 5f104fce87f2ae87ec5c364ff33d22dcced9ff77 Mon Sep 17 00:00:00 2001
From: thinkgem <thinkgem@163.com>
Date: Tue, 23 Jul 2024 19:41:18 +0800
Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9E=20encrypt.smAlgorithm=20?=
 =?UTF-8?q?=E5=8F=82=E6=95=B0=EF=BC=8C=E6=98=AF=E5=90=A6=E4=BD=BF=E7=94=A8?=
 =?UTF-8?q?=E5=9B=BD=E5=AF=86=20SM=20=E7=AE=97=E6=B3=95=EF=BC=88=E4=B8=80?=
 =?UTF-8?q?=E9=94=AE=E6=9B=BF=E6=8D=A2=20SHA-1=20=E6=9B=BF=E6=8D=A2?=
 =?UTF-8?q?=E4=B8=BA=20SM3=E3=80=81AES=20=E6=9B=BF=E6=8D=A2=E4=B8=BA=20SM4?=
 =?UTF-8?q?=20=E7=AE=97=E6=B3=95=EF=BC=89?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../common/shiro/realm/AuthorizingRealm.java  | 35 +++++++++++--------
 .../src/main/resources/config/logger-core.xml |  1 +
 2 files changed, 21 insertions(+), 15 deletions(-)

diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/realm/AuthorizingRealm.java b/modules/core/src/main/java/com/jeesite/common/shiro/realm/AuthorizingRealm.java
index 7ffac3b3..03beb444 100644
--- a/modules/core/src/main/java/com/jeesite/common/shiro/realm/AuthorizingRealm.java
+++ b/modules/core/src/main/java/com/jeesite/common/shiro/realm/AuthorizingRealm.java
@@ -5,7 +5,9 @@
 package com.jeesite.common.shiro.realm;
 
 import com.jeesite.common.codec.EncodeUtils;
+import com.jeesite.common.codec.SM3Utils;
 import com.jeesite.common.codec.Sha1Utils;
+import com.jeesite.common.config.Global;
 import com.jeesite.common.shiro.authc.FormToken;
 import com.jeesite.common.utils.SpringUtils;
 import com.jeesite.modules.sys.entity.Log;
@@ -13,11 +15,10 @@ import com.jeesite.modules.sys.entity.User;
 import com.jeesite.modules.sys.service.UserService;
 import com.jeesite.modules.sys.utils.LogUtils;
 import com.jeesite.modules.sys.utils.UserUtils;
+import jakarta.servlet.http.HttpServletRequest;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationInfo;
 import org.apache.shiro.authc.AuthenticationToken;
-
-import jakarta.servlet.http.HttpServletRequest;
 import org.apache.shiro.authz.AuthorizationInfo;
 import org.apache.shiro.session.Session;
 import org.apache.shiro.subject.Subject;
@@ -28,19 +29,15 @@ import org.apache.shiro.subject.Subject;
  * @version 2018-7-11
  */
 public class AuthorizingRealm extends BaseAuthorizingRealm  {
-	
+
 	public static final String HASH_ALGORITHM = "SHA-1";
-	public static final int HASH_INTERATIONS = 1024;
+	public static final int HASH_ITERATIONS = 1024;
 	public static final int SALT_SIZE = 8;
-	
+
 	private UserService userService;
 	
 	public AuthorizingRealm() {
 		super();
-//		// 设定密码校验的Hash算法与迭代次数（V4.1.4及以上版本不需要了，统一使用validatePassword验证密码）
-//		HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(HASH_ALGORITHM);
-//		matcher.setHashIterations(HASH_INTERATIONS);
-//		this.setCredentialsMatcher(matcher);
 	}
 	
 	/**
@@ -86,9 +83,13 @@ public class AuthorizingRealm extends BaseAuthorizingRealm  {
 	@Override
 	public String encryptPassword(String plainPassword) {
 		String plain = EncodeUtils.decodeHtml(plainPassword);
-		byte[] salt = Sha1Utils.genSalt(SALT_SIZE);
-		byte[] hashPassword = Sha1Utils.sha1(plain.getBytes(), salt, HASH_INTERATIONS);
-		return EncodeUtils.encodeHex(salt) + EncodeUtils.encodeHex(hashPassword);
+		String salt = SM3Utils.genSaltString(SALT_SIZE);
+		if (Global.isSmAlgorithm()) {
+			String data = SM3Utils.sm3(plain, salt, HASH_ITERATIONS);
+			return salt + data;
+		}
+		String data = Sha1Utils.sha1(plain, salt, HASH_ITERATIONS);
+		return salt + data;
 	}
 
 	/**
@@ -101,9 +102,13 @@ public class AuthorizingRealm extends BaseAuthorizingRealm  {
 	public boolean validatePassword(String plainPassword, String password) {
 		try{
 			String plain = EncodeUtils.decodeHtml(plainPassword);
-			byte[] salt = EncodeUtils.decodeHex(password.substring(0, 16));
-			byte[] hashPassword = Sha1Utils.sha1(plain.getBytes(), salt, HASH_INTERATIONS);
-			return password.equals(EncodeUtils.encodeHex(salt) + EncodeUtils.encodeHex(hashPassword));
+			String salt = password.substring(0, SALT_SIZE * 2);
+			if (Global.isSmAlgorithm()) {
+				String data = SM3Utils.sm3(plain, salt, HASH_ITERATIONS);
+				return password.equals(salt + data);
+			}
+			String data = Sha1Utils.sha1(plain, salt, HASH_ITERATIONS);
+			return password.equals(salt + data);
 		}catch(Exception e){
 			return false;
 		}
diff --git a/modules/core/src/main/resources/config/logger-core.xml b/modules/core/src/main/resources/config/logger-core.xml
index 9bbf3f29..36d4ed9d 100644
--- a/modules/core/src/main/resources/config/logger-core.xml
+++ b/modules/core/src/main/resources/config/logger-core.xml
@@ -41,6 +41,7 @@
 	<logger name="com.jeesite.common.j2cache" level="INFO" />
 	<logger name="com.jeesite.common.j2cache.cache.support.caffeine" level="ERROR" />
 	<logger name="com.jeesite.common.mybatis" level="INFO" />
+	<logger name="com.jeesite.common.mybatis.type" level="DEBUG" />
 	<logger name="com.jeesite.common.mybatis.mapper" level="DEBUG" />
 	<logger name="com.jeesite.common.reflect.ReflectUtils" level="INFO" />
 	<logger name="com.jeesite.common.io.FileUtils" level="INFO" />