1、加密工具类增加sha384以及sha512，抽取sha公共方法，增加加密异常码

2、优化代码规范提示
2025-04-05 17:37:53 +08:00 · 2023-08-21 12:34:10 +08:00 · 2023-08-21 12:34:10 +08:00 · b42deb823b
commit b42deb823b
parent 60cdb12c69
8 changed files with 93 additions and 35 deletions
--- a/sa-token-core/pom.xml
+++ b/sa-token-core/pom.xml
@ -3,7 +3,19 @@
 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
 	<modelVersion>4.0.0</modelVersion>
-	
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-compiler-plugin</artifactId>
+				<configuration>
+					<source>8</source>
+					<target>8</target>
+				</configuration>
+			</plugin>
+		</plugins>
+	</build>
+
 	<parent>
        <groupId>cn.dev33</groupId>
        <artifactId>sa-token-parent</artifactId>
--- a/sa-token-core/src/main/java/cn/dev33/satoken/application/SaApplication.java
+++ b/sa-token-core/src/main/java/cn/dev33/satoken/application/SaApplication.java
@ -34,7 +34,7 @@ public class SaApplication implements SaSetValueInterface {
 	/**
 	 * 默认实例 
 	 */
-	public static SaApplication defaultInstance = new SaApplication();
+	public final static SaApplication defaultInstance = new SaApplication();

 	// ---- 实现接口存取值方法 

--- a/sa-token-core/src/main/java/cn/dev33/satoken/basic/SaBasicUtil.java
+++ b/sa-token-core/src/main/java/cn/dev33/satoken/basic/SaBasicUtil.java
@ -29,7 +29,7 @@ public class SaBasicUtil {
 	/**
 	 * 底层使用的 SaBasicTemplate 对象
 	 */
-	public static SaBasicTemplate saBasicTemplate = new SaBasicTemplate();
+	public final static SaBasicTemplate saBasicTemplate = new SaBasicTemplate();

 	/**
 	 * 获取浏览器提交的 Basic 参数 （裁剪掉前缀并解码）
--- a/sa-token-core/src/main/java/cn/dev33/satoken/config/SaTokenConfigFactory.java
+++ b/sa-token-core/src/main/java/cn/dev33/satoken/config/SaTokenConfigFactory.java
@ -42,7 +42,7 @@ public class SaTokenConfigFactory {
 	/**
 	 * 配置文件地址 
 	 */
-	public static String configPath = "sa-token.properties";
+	public final static String configPath = "sa-token.properties";

 	/**
 	 * 根据 configPath 路径获取配置信息
--- a/sa-token-core/src/main/java/cn/dev33/satoken/context/SaTokenContextForThreadLocalStorage.java
+++ b/sa-token-core/src/main/java/cn/dev33/satoken/context/SaTokenContextForThreadLocalStorage.java
@ -34,7 +34,7 @@ public class SaTokenContextForThreadLocalStorage {
 	/**
 	 * 基于 ThreadLocal 的 [ Box 存储器 ]
 	 */
-	public static ThreadLocal<Box> boxThreadLocal = new InheritableThreadLocal<>();
+	public static final ThreadLocal<Box> boxThreadLocal = new InheritableThreadLocal<>();
 	
 	/**
 	 * 初始化当前线程的 [ Box 存储器 ]
--- a/sa-token-core/src/main/java/cn/dev33/satoken/dao/SaTokenDaoDefaultImpl.java
+++ b/sa-token-core/src/main/java/cn/dev33/satoken/dao/SaTokenDaoDefaultImpl.java
@ -34,12 +34,12 @@ public class SaTokenDaoDefaultImpl implements SaTokenDao {
 	/**
 	 * 存储数据的集合
 	 */
-	public Map<String, Object> dataMap = new ConcurrentHashMap<>();
+	public final Map<String, Object> dataMap = new ConcurrentHashMap<>();

 	/**
 	 * 存储数据过期时间的集合（单位: 毫秒）, 记录所有 key 的到期时间 （注意存储的是到期时间，不是剩余存活时间）
 	 */
-	public Map<String, Long> expireMap = new ConcurrentHashMap<>();
+	public final Map<String, Long> expireMap = new ConcurrentHashMap<>();

 	/**
 	 * 构造函数
--- a/sa-token-core/src/main/java/cn/dev33/satoken/error/SaErrorCode.java
+++ b/sa-token-core/src/main/java/cn/dev33/satoken/error/SaErrorCode.java
@ -154,6 +154,12 @@ public interface SaErrorCode {
 	/** sha256 加密异常 */
 	int CODE_12113 = 12113;

+	/** sha384 加密异常 */
+	int CODE_121131 = 121131;
+
+	/** sha512 加密异常 */
+	int CODE_121132 = 121132;
+
 	/** AES 加密异常 */
 	int CODE_12114 = 12114;

--- a/sa-token-core/src/main/java/cn/dev33/satoken/secure/SaSecureUtil.java
+++ b/sa-token-core/src/main/java/cn/dev33/satoken/secure/SaSecureUtil.java
@ -31,6 +31,7 @@ import java.security.spec.PKCS8EncodedKeySpec;
 import java.security.spec.X509EncodedKeySpec;
 import java.util.Base64;
 import java.util.HashMap;
+import java.util.Objects;
 import java.util.UUID;

 /**
@ -91,20 +92,8 @@ public class SaSecureUtil {
 	public static String sha1(String str) {
 		try {
 			str = (str == null ? "" : str);
-			MessageDigest md = MessageDigest.getInstance("SHA1");
-			byte[] b = str.getBytes();
-			md.update(b);
-			byte[] b2 = md.digest();
-			int len = b2.length;
-			String strA = "0123456789abcdef";
-			char[] ch = strA.toCharArray();
-			char[] chs = new char[len * 2];
-			for (int i = 0, k = 0; i < len; i++) {
-				byte b3 = b2[i];
-				chs[k++] = ch[b3 >>> 4 & 0xf];
-				chs[k++] = ch[b3 & 0xf];
-			}
-			return new String(chs);
+			MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
+			return getShaHexString(str, messageDigest);
 		} catch (Exception e) {
 			throw new SaTokenException(e).setCode(SaErrorCode.CODE_12112);
 		}
@ -120,25 +109,67 @@ public class SaSecureUtil {
 		try {
 			str = (str == null ? "" : str);
 			MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
-			messageDigest.update(str.getBytes(StandardCharsets.UTF_8));
-
-			byte[] bytes = messageDigest.digest();
-			StringBuilder builder = new StringBuilder();
-			String temp;
-			for (byte aByte : bytes) {
-				temp = Integer.toHexString(aByte & 0xFF);
-				if (temp.length() == 1) {
-					builder.append("0");
-				}
-				builder.append(temp);
-			}
-
-			return builder.toString();
+			return getShaHexString(str, messageDigest);
 		} catch (Exception e) {
 			throw new SaTokenException(e).setCode(SaErrorCode.CODE_12113);
 		}
 	}

+	/**
+	 * sha384加密
+	 *
+	 * @param str 指定字符串
+	 * @return 加密后的字符串
+	 */
+	public static String sha384(String str) {
+		try {
+			str = (str == null ? "" : str);
+			MessageDigest messageDigest = MessageDigest.getInstance("SHA-384");
+			return getShaHexString(str, messageDigest);
+		} catch (Exception e) {
+			throw new SaTokenException(e).setCode(SaErrorCode.CODE_121131);
+		}
+	}
+
+	/**
+	 * sha512加密
+	 *
+	 * @param str 指定字符串
+	 * @return 加密后的字符串
+	 */
+	public static String sha512(String str) {
+		try {
+			str = (str == null ? "" : str);
+			MessageDigest messageDigest = MessageDigest.getInstance("SHA-512");
+			return getShaHexString(str, messageDigest);
+		} catch (Exception e) {
+			throw new SaTokenException(e).setCode(SaErrorCode.CODE_121132);
+		}
+	}
+
+	/**
+	 * sha (Secure Hash Algorithm)加密 公共方法
+	 *
+	 * @param str 指定字符串
+	 * @param messageDigest 消息摘要
+	 * @return 加密后的字符串
+	 */
+	private static String getShaHexString(String str, MessageDigest messageDigest) {
+		messageDigest.update(str.getBytes(StandardCharsets.UTF_8));
+		byte[] bytes = messageDigest.digest();
+		StringBuilder builder = new StringBuilder();
+		String temp;
+		for (byte aByte : bytes) {
+			temp = Integer.toHexString(aByte & 0xFF); // 获取无符号整数十六进制字符串
+			if (temp.length() == 1) {
+				builder.append("0"); // 确保每个字节都用两个字符表示
+			}
+			builder.append(temp);
+		}
+
+		return builder.toString();
+	}
+
 	/**
 	 * md5加盐加密: md5(md5(str) + md5(salt))
 	 * @param str 字符串
@ -149,6 +180,15 @@ public class SaSecureUtil {
 		return md5(md5(str) + md5(salt));
 	}

+	/**
+	 * sha256加盐加密: sha256(sha256(str) + sha256(salt))
+	 * @param str 字符串
+	 * @param salt 盐
+	 * @return 加密后的字符串
+	 */
+	public static String sha256BySalt(String str, String salt) {
+		return sha256(sha256(str) + sha256(salt));
+	}

 	// ----------------------- 对称加密 AES -----------------------