From 1623b77b4a09031fdb5c7c0e324d3db4087ee304 Mon Sep 17 00:00:00 2001
From: wkc <978997012@qq.com>
Date: Mon, 30 Mar 2026 10:39:19 +0800
Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E5=AF=86=E7=A0=81=E4=BC=A0?=
 =?UTF-8?q?=E8=BE=93=E8=A7=A3=E5=AF=86=E6=9C=8D=E5=8A=A1?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../src/main/resources/application-dev.yml    |  4 ++
 .../src/main/resources/application.yml        |  4 ++
 .../PasswordTransferCryptoService.java        | 30 ++++++++++++
 .../PasswordTransferCryptoServiceTest.java    | 47 +++++++++++++++++++
 4 files changed, 85 insertions(+)
 create mode 100644 ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PasswordTransferCryptoService.java
 create mode 100644 ruoyi-framework/src/test/java/com/ruoyi/framework/web/service/PasswordTransferCryptoServiceTest.java

diff --git a/ruoyi-admin/src/main/resources/application-dev.yml b/ruoyi-admin/src/main/resources/application-dev.yml
index 1b246ad..3b96989 100644
--- a/ruoyi-admin/src/main/resources/application-dev.yml
+++ b/ruoyi-admin/src/main/resources/application-dev.yml
@@ -80,3 +80,7 @@ spring:
                         multi-statement-allow: true
 model:
     url: http://localhost:8080/rate/pricing/mock/invokeModel
+
+security:
+    password-transfer:
+        key: "1234567890abcdef"
diff --git a/ruoyi-admin/src/main/resources/application.yml b/ruoyi-admin/src/main/resources/application.yml
index 3603805..7a09b6d 100644
--- a/ruoyi-admin/src/main/resources/application.yml
+++ b/ruoyi-admin/src/main/resources/application.yml
@@ -99,3 +99,7 @@ xss:
   excludes: /system/notice
   # 匹配链接
   urlPatterns: /system/*,/monitor/*,/tool/*
+
+security:
+  password-transfer:
+    key: "1234567890abcdef"
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PasswordTransferCryptoService.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PasswordTransferCryptoService.java
new file mode 100644
index 0000000..a6cd10f
--- /dev/null
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/PasswordTransferCryptoService.java
@@ -0,0 +1,30 @@
+package com.ruoyi.framework.web.service;
+
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+import javax.crypto.Cipher;
+import javax.crypto.spec.SecretKeySpec;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Service;
+import com.ruoyi.common.exception.ServiceException;
+
+@Service
+public class PasswordTransferCryptoService
+{
+    @Value("${security.password-transfer.key}")
+    private String key;
+
+    public String decrypt(String cipherText)
+    {
+        try
+        {
+            Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
+            cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "AES"));
+            return new String(cipher.doFinal(Base64.getDecoder().decode(cipherText)), StandardCharsets.UTF_8);
+        }
+        catch (Exception ex)
+        {
+            throw new ServiceException("密码解密失败");
+        }
+    }
+}
diff --git a/ruoyi-framework/src/test/java/com/ruoyi/framework/web/service/PasswordTransferCryptoServiceTest.java b/ruoyi-framework/src/test/java/com/ruoyi/framework/web/service/PasswordTransferCryptoServiceTest.java
new file mode 100644
index 0000000..4113734
--- /dev/null
+++ b/ruoyi-framework/src/test/java/com/ruoyi/framework/web/service/PasswordTransferCryptoServiceTest.java
@@ -0,0 +1,47 @@
+package com.ruoyi.framework.web.service;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+import javax.crypto.Cipher;
+import javax.crypto.spec.SecretKeySpec;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.springframework.test.util.ReflectionTestUtils;
+import com.ruoyi.common.exception.ServiceException;
+
+class PasswordTransferCryptoServiceTest
+{
+    private static final String KEY = "1234567890abcdef";
+
+    private PasswordTransferCryptoService service;
+
+    @BeforeEach
+    void setUp()
+    {
+        service = new PasswordTransferCryptoService();
+        ReflectionTestUtils.setField(service, "key", KEY);
+    }
+
+    @Test
+    void shouldDecryptValidCipherText() throws Exception
+    {
+        String plain = service.decrypt(encrypt("admin123"));
+        assertEquals("admin123", plain);
+    }
+
+    @Test
+    void shouldRejectInvalidCipherText()
+    {
+        assertThrows(ServiceException.class, () -> service.decrypt("not-base64"));
+    }
+
+    private String encrypt(String plainText) throws Exception
+    {
+        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
+        cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(KEY.getBytes(StandardCharsets.UTF_8), "AES"));
+        return Base64.getEncoder().encodeToString(cipher.doFinal(plainText.getBytes(StandardCharsets.UTF_8)));
+    }
+}