From e1c59ce4f724cabd9e3e5cf76cda92f622ae7b9a Mon Sep 17 00:00:00 2001
From: chenbowen <you@example.com>
Date: Fri, 22 Aug 2025 11:37:42 +0800
Subject: [PATCH] =?UTF-8?q?1.=20=E4=BF=AE=E5=A4=8D=E4=B8=AD=E9=93=9D=20e?=
 =?UTF-8?q?=20=E5=8A=9E=E5=90=8C=E6=AD=A5=E8=A7=A3=E5=AF=86=E6=96=B9?=
 =?UTF-8?q?=E6=B3=95=E9=94=99=E8=AF=AF=E7=9A=84bug?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../system/util/sync/SyncVerifyUtil.java      | 63 ++++++++++++++-----
 1 file changed, 49 insertions(+), 14 deletions(-)

diff --git a/yudao-module-system/yudao-module-system-server/src/main/java/cn/iocoder/yudao/module/system/util/sync/SyncVerifyUtil.java b/yudao-module-system/yudao-module-system-server/src/main/java/cn/iocoder/yudao/module/system/util/sync/SyncVerifyUtil.java
index 7057fc0d..1dc822e7 100644
--- a/yudao-module-system/yudao-module-system-server/src/main/java/cn/iocoder/yudao/module/system/util/sync/SyncVerifyUtil.java
+++ b/yudao-module-system/yudao-module-system-server/src/main/java/cn/iocoder/yudao/module/system/util/sync/SyncVerifyUtil.java
@@ -4,7 +4,14 @@ import cn.hutool.crypto.SecureUtil;
 import cn.hutool.crypto.symmetric.AES;
 import cn.hutool.crypto.symmetric.DES;
 
+import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
 import java.nio.charset.StandardCharsets;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.util.Base64;
 import java.util.Map;
 import java.util.TreeMap;
 
@@ -17,41 +24,69 @@ import static cn.iocoder.yudao.module.system.enums.ErrorCodeConstants.AUTH_LOGIN
 public class SyncVerifyUtil {
 
     public static String decrypt(String ciphertext, String key, String type) {
-        byte[] keyBytes = key.getBytes(StandardCharsets.UTF_8);
         if ("AES".equalsIgnoreCase(type)) {
-            byte[] aesKey = new byte[16];
-            System.arraycopy(keyBytes, 0, aesKey, 0, Math.min(keyBytes.length, aesKey.length));
-            AES aes = SecureUtil.aes(aesKey);
-            return aes.decryptStr(ciphertext);
+            try {
+                Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
+                cipher.init(Cipher.DECRYPT_MODE, getSecretKey(key));
+                byte[] result = cipher.doFinal(Base64.getDecoder().decode(ciphertext.getBytes()));
+                return new String(result, StandardCharsets.UTF_8);
+            } catch (Exception e) {
+                throw exception(AUTH_LOGIN_BAD_CREDENTIALS);
+            }
         } else if ("DES".equalsIgnoreCase(type)) {
+            byte[] keyBytes = key.getBytes(StandardCharsets.UTF_8);
             byte[] desKey = new byte[8];
             System.arraycopy(keyBytes, 0, desKey, 0, Math.min(keyBytes.length, desKey.length));
             DES des = SecureUtil.des(desKey);
-            return des.decryptStr(ciphertext);
+
+            byte[] encryptedBytes = Base64.getDecoder().decode(ciphertext);
+            return new String(des.decrypt(encryptedBytes), StandardCharsets.UTF_8);
         } else {
             throw exception(AUTH_LOGIN_BAD_CREDENTIALS);
         }
     }
 
     /**
-     * 对称加密
+     * 生成与原始代码兼容的密钥
+     */
+    private static SecretKeySpec getSecretKey(String password) {
+        try {
+            KeyGenerator kg = KeyGenerator.getInstance("AES");
+            SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
+            random.setSeed(password.getBytes());
+            kg.init(128, random);
+            SecretKey secretKey = kg.generateKey();
+            return new SecretKeySpec(secretKey.getEncoded(), "AES");
+        } catch (NoSuchAlgorithmException ex) {
+            throw exception(AUTH_LOGIN_BAD_CREDENTIALS);
+        }
+    }
+
+    /**
+     * 对称加密（Base64 格式输出）
      * @param plaintext 明文内容
      * @param key 密钥
      * @param type 加密类型，支持 AES、DES
-     * @return 密文（Hex 格式）
+     * @return 密文（Base64 格式）
      */
     public static String encrypt(String plaintext, String key, String type) {
-        byte[] keyBytes = key.getBytes(StandardCharsets.UTF_8);
         if ("AES".equalsIgnoreCase(type)) {
-            byte[] aesKey = new byte[16];
-            System.arraycopy(keyBytes, 0, aesKey, 0, Math.min(keyBytes.length, aesKey.length));
-            AES aes = SecureUtil.aes(aesKey);
-            return aes.encryptHex(plaintext);
+            try {
+                Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
+                byte[] byteContent = plaintext.getBytes(StandardCharsets.UTF_8);
+                cipher.init(Cipher.ENCRYPT_MODE, getSecretKey(key));
+                byte[] result = cipher.doFinal(byteContent);
+                return Base64.getEncoder().encodeToString(result);
+            } catch (Exception e) {
+                throw exception(AUTH_LOGIN_BAD_CREDENTIALS);
+            }
         } else if ("DES".equalsIgnoreCase(type)) {
+            byte[] keyBytes = key.getBytes(StandardCharsets.UTF_8);
             byte[] desKey = new byte[8];
             System.arraycopy(keyBytes, 0, desKey, 0, Math.min(keyBytes.length, desKey.length));
             DES des = SecureUtil.des(desKey);
-            return des.encryptHex(plaintext);
+            byte[] encrypted = des.encrypt(plaintext.getBytes(StandardCharsets.UTF_8));
+            return Base64.getEncoder().encodeToString(encrypted);
         } else {
             throw exception(AUTH_LOGIN_BAD_CREDENTIALS);
         }