通过添加系统属性hutool.crypto.decodeHex强制关闭hex识别以解决hex和Base64歧义问题

2025-07-21 15:09:48 +08:00 · 2024-02-10 08:37:15 +08:00
parent 6accf8fca0
commit e948273f2d
26 changed files with 169 additions and 158 deletions
--- a/hutool-crypto/src/main/java/org/dromara/hutool/crypto/SecureUtil.java
+++ b/hutool-crypto/src/main/java/org/dromara/hutool/crypto/SecureUtil.java
@@ -12,22 +12,23 @@

 package org.dromara.hutool.crypto;

+import org.bouncycastle.crypto.AlphabetMapper;
 import org.dromara.hutool.core.array.ArrayUtil;
+import org.dromara.hutool.core.codec.binary.HexUtil;
 import org.dromara.hutool.core.codec.binary.Base64;
-import org.dromara.hutool.core.codec.HexUtil;
 import org.dromara.hutool.core.lang.Validator;
 import org.dromara.hutool.core.text.StrUtil;
 import org.dromara.hutool.core.util.ByteUtil;
+import org.dromara.hutool.core.util.SystemUtil;
 import org.dromara.hutool.crypto.asymmetric.AsymmetricAlgorithm;
 import org.dromara.hutool.crypto.asymmetric.RSA;
 import org.dromara.hutool.crypto.digest.DigestAlgorithm;
 import org.dromara.hutool.crypto.digest.Digester;
+import org.dromara.hutool.crypto.digest.MD5;
 import org.dromara.hutool.crypto.digest.mac.HMac;
 import org.dromara.hutool.crypto.digest.mac.HmacAlgorithm;
-import org.dromara.hutool.crypto.digest.MD5;
 import org.dromara.hutool.crypto.provider.GlobalProviderFactory;
 import org.dromara.hutool.crypto.symmetric.*;
-import org.bouncycastle.crypto.AlphabetMapper;

 import javax.crypto.Cipher;
 import javax.crypto.Mac;
@@ -51,6 +52,9 @@ import java.util.Objects;
 */
 public class SecureUtil {

+	/** Hutool自定义系统属性：是否解码Hex字符 issue#I90M9D */
+	public static String HUTOOL_CRYPTO_DECODE_HEX = "hutool.crypto.decodeHex";
+
 	/**
 	 * 生成算法，格式为XXXwithXXX
 	 *
@@ -528,7 +532,11 @@ public class SecureUtil {
 		if(Objects.isNull(key)){
 			return null;
 		}
-		return Validator.isHex(key) ? HexUtil.decodeHex(key) : Base64.decode(key);
+
+		// issue#I90M9D
+		// 某些特殊字符串会无法区分Hex还是Base64，此处使用系统属性强制关闭Hex解析
+		final boolean decodeHex = SystemUtil.getBoolean(HUTOOL_CRYPTO_DECODE_HEX, true);
+		return (decodeHex && Validator.isHex(key)) ? HexUtil.decode(key) : Base64.decode(key);
 	}

 	/**
--- a/hutool-crypto/src/main/java/org/dromara/hutool/crypto/asymmetric/AsymmetricEncryptor.java
+++ b/hutool-crypto/src/main/java/org/dromara/hutool/crypto/asymmetric/AsymmetricEncryptor.java
@@ -12,7 +12,7 @@

 package org.dromara.hutool.crypto.asymmetric;

-import org.dromara.hutool.core.codec.HexUtil;
+import org.dromara.hutool.core.codec.binary.HexUtil;
 import org.dromara.hutool.core.codec.binary.Base64;
 import org.dromara.hutool.core.io.IORuntimeException;
 import org.dromara.hutool.core.io.IoUtil;
@@ -51,7 +51,7 @@ public interface AsymmetricEncryptor {
 	 * @return Hex字符串
 	 */
 	default String encryptHex(final byte[] data, final KeyType keyType) {
-		return HexUtil.encodeHexStr(encrypt(data, keyType));
+		return HexUtil.encodeStr(encrypt(data, keyType));
 	}

 	/**
@@ -98,7 +98,7 @@ public interface AsymmetricEncryptor {
 	 * @since 4.0.1
 	 */
 	default String encryptHex(final String data, final KeyType keyType) {
-		return HexUtil.encodeHexStr(encrypt(data, keyType));
+		return HexUtil.encodeStr(encrypt(data, keyType));
 	}

 	/**
@@ -111,7 +111,7 @@ public interface AsymmetricEncryptor {
 	 * @since 4.0.1
 	 */
 	default String encryptHex(final String data, final Charset charset, final KeyType keyType) {
-		return HexUtil.encodeHexStr(encrypt(data, charset, keyType));
+		return HexUtil.encodeStr(encrypt(data, charset, keyType));
 	}

 	/**
@@ -160,7 +160,7 @@ public interface AsymmetricEncryptor {
 	 * @since 4.0.1
 	 */
 	default String encryptHex(final InputStream data, final KeyType keyType) {
-		return HexUtil.encodeHexStr(encrypt(data, keyType));
+		return HexUtil.encodeStr(encrypt(data, keyType));
 	}

 	/**
--- a/hutool-crypto/src/main/java/org/dromara/hutool/crypto/asymmetric/SM2.java
+++ b/hutool-crypto/src/main/java/org/dromara/hutool/crypto/asymmetric/SM2.java
@@ -27,7 +27,7 @@ import org.bouncycastle.crypto.signers.SM2Signer;
 import org.bouncycastle.crypto.signers.StandardDSAEncoding;
 import org.bouncycastle.util.BigIntegers;
 import org.bouncycastle.util.encoders.Hex;
-import org.dromara.hutool.core.codec.HexUtil;
+import org.dromara.hutool.core.codec.binary.HexUtil;
 import org.dromara.hutool.core.lang.Assert;
 import org.dromara.hutool.crypto.CryptoException;
 import org.dromara.hutool.crypto.SecureUtil;
@@ -347,7 +347,7 @@ public class SM2 extends AbstractAsymmetricCrypto<SM2> {
 	 * @return 签名
 	 */
 	public String signHex(final String dataHex, final String idHex) {
-		return HexUtil.encodeHexStr(sign(HexUtil.decodeHex(dataHex), HexUtil.decodeHex(idHex)));
+		return HexUtil.encodeStr(sign(HexUtil.decode(dataHex), HexUtil.decode(idHex)));
 	}

 	/**
@@ -409,7 +409,7 @@ public class SM2 extends AbstractAsymmetricCrypto<SM2> {
 	 * @since 5.2.0
 	 */
 	public boolean verifyHex(final String dataHex, final String signHex, final String idHex) {
-		return verify(HexUtil.decodeHex(dataHex), HexUtil.decodeHex(signHex), HexUtil.decodeHex(idHex));
+		return verify(HexUtil.decode(dataHex), HexUtil.decode(signHex), HexUtil.decode(idHex));
 	}

 	/**
--- a/hutool-crypto/src/main/java/org/dromara/hutool/crypto/asymmetric/Sign.java
+++ b/hutool-crypto/src/main/java/org/dromara/hutool/crypto/asymmetric/Sign.java
@@ -12,7 +12,7 @@

 package org.dromara.hutool.crypto.asymmetric;

-import org.dromara.hutool.core.codec.HexUtil;
+import org.dromara.hutool.core.codec.binary.HexUtil;
 import org.dromara.hutool.core.codec.binary.Base64;
 import org.dromara.hutool.core.collection.CollUtil;
 import org.dromara.hutool.core.io.IoUtil;
@@ -229,7 +229,7 @@ public class Sign extends BaseAsymmetric<Sign> {
 	 * @since 5.7.0
 	 */
 	public String signHex(final String data, final Charset charset) {
-		return HexUtil.encodeHexStr(sign(data, charset));
+		return HexUtil.encodeStr(sign(data, charset));
 	}

 	/**
@@ -261,7 +261,7 @@ public class Sign extends BaseAsymmetric<Sign> {
 	 * @since 5.7.0
 	 */
 	public String signHex(final byte[] data) {
-		return HexUtil.encodeHexStr(sign(data));
+		return HexUtil.encodeStr(sign(data));
 	}

 	/**
@@ -273,7 +273,7 @@ public class Sign extends BaseAsymmetric<Sign> {
 	 * @since 5.7.0
 	 */
 	public String signHex(final InputStream data) {
-		return HexUtil.encodeHexStr(sign(data));
+		return HexUtil.encodeStr(sign(data));
 	}

 	/**
@@ -297,7 +297,7 @@ public class Sign extends BaseAsymmetric<Sign> {
 	 * @since 5.7.0
 	 */
 	public String digestHex(final InputStream data, final int bufferLength) {
-		return HexUtil.encodeHexStr(sign(data, bufferLength));
+		return HexUtil.encodeStr(sign(data, bufferLength));
 	}

 	/**
--- a/hutool-crypto/src/main/java/org/dromara/hutool/crypto/digest/Digester.java
+++ b/hutool-crypto/src/main/java/org/dromara/hutool/crypto/digest/Digester.java
@@ -13,7 +13,7 @@
 package org.dromara.hutool.crypto.digest;

 import org.dromara.hutool.core.array.ArrayUtil;
-import org.dromara.hutool.core.codec.HexUtil;
+import org.dromara.hutool.core.codec.binary.HexUtil;
 import org.dromara.hutool.core.lang.wrapper.SimpleWrapper;
 import org.dromara.hutool.core.io.IORuntimeException;
 import org.dromara.hutool.core.io.IoUtil;
@@ -196,7 +196,7 @@ public class Digester extends SimpleWrapper<MessageDigest> implements Serializab
 	 * @since 4.6.0
 	 */
 	public String digestHex(final String data, final Charset charset) {
-		return HexUtil.encodeHexStr(digest(data, charset));
+		return HexUtil.encodeStr(digest(data, charset));
 	}

 	/**
@@ -235,7 +235,7 @@ public class Digester extends SimpleWrapper<MessageDigest> implements Serializab
 	 * @return 摘要
 	 */
 	public String digestHex(final File file) {
-		return HexUtil.encodeHexStr(digest(file));
+		return HexUtil.encodeStr(digest(file));
 	}

 	/**
@@ -274,7 +274,7 @@ public class Digester extends SimpleWrapper<MessageDigest> implements Serializab
 	 * @return 摘要
 	 */
 	public String digestHex(final byte[] data) {
-		return HexUtil.encodeHexStr(digest(data));
+		return HexUtil.encodeStr(digest(data));
 	}

 	/**
@@ -295,7 +295,7 @@ public class Digester extends SimpleWrapper<MessageDigest> implements Serializab
 	 * @return 摘要
 	 */
 	public String digestHex(final InputStream data) {
-		return HexUtil.encodeHexStr(digest(data));
+		return HexUtil.encodeStr(digest(data));
 	}

 	/**
@@ -334,7 +334,7 @@ public class Digester extends SimpleWrapper<MessageDigest> implements Serializab
 	 * @return 摘要
 	 */
 	public String digestHex(final InputStream data, final int bufferLength) {
-		return HexUtil.encodeHexStr(digest(data, bufferLength));
+		return HexUtil.encodeStr(digest(data, bufferLength));
 	}

 	/**
--- a/hutool-crypto/src/main/java/org/dromara/hutool/crypto/digest/mac/Mac.java
+++ b/hutool-crypto/src/main/java/org/dromara/hutool/crypto/digest/mac/Mac.java
@@ -12,7 +12,7 @@

 package org.dromara.hutool.crypto.digest.mac;

-import org.dromara.hutool.core.codec.HexUtil;
+import org.dromara.hutool.core.codec.binary.HexUtil;
 import org.dromara.hutool.core.codec.binary.Base64;
 import org.dromara.hutool.core.io.IoUtil;
 import org.dromara.hutool.core.io.file.FileUtil;
@@ -116,7 +116,7 @@ public class Mac implements Serializable {
 	 * @return 摘要
 	 */
 	public String digestHex(final String data, final Charset charset) {
-		return HexUtil.encodeHexStr(digest(data, charset));
+		return HexUtil.encodeStr(digest(data, charset));
 	}

 	/**
@@ -155,7 +155,7 @@ public class Mac implements Serializable {
 	 * @return 摘要
 	 */
 	public String digestHex(final File file) {
-		return HexUtil.encodeHexStr(digest(file));
+		return HexUtil.encodeStr(digest(file));
 	}

 	/**
@@ -175,7 +175,7 @@ public class Mac implements Serializable {
 	 * @return 摘要
 	 */
 	public String digestHex(final byte[] data) {
-		return HexUtil.encodeHexStr(digest(data));
+		return HexUtil.encodeStr(digest(data));
 	}

 	/**
@@ -196,7 +196,7 @@ public class Mac implements Serializable {
 	 * @return 摘要
 	 */
 	public String digestHex(final InputStream data) {
-		return HexUtil.encodeHexStr(digest(data));
+		return HexUtil.encodeStr(digest(data));
 	}

 	/**
@@ -219,7 +219,7 @@ public class Mac implements Serializable {
 	 * @return 摘要
 	 */
 	public String digestHex(final InputStream data, final int bufferLength) {
-		return HexUtil.encodeHexStr(digest(data, bufferLength));
+		return HexUtil.encodeStr(digest(data, bufferLength));
 	}

 	/**
--- a/hutool-crypto/src/main/java/org/dromara/hutool/crypto/symmetric/PBKDF2.java
+++ b/hutool-crypto/src/main/java/org/dromara/hutool/crypto/symmetric/PBKDF2.java
@@ -12,7 +12,7 @@

 package org.dromara.hutool.crypto.symmetric;

-import org.dromara.hutool.core.codec.HexUtil;
+import org.dromara.hutool.core.codec.binary.HexUtil;
 import org.dromara.hutool.crypto.KeyUtil;

 import javax.crypto.SecretKey;
@@ -73,6 +73,6 @@ public class PBKDF2 {
 	 * @return 加密后的密码
 	 */
 	public String encryptHex(final char[] password, final byte[] salt) {
-		return HexUtil.encodeHexStr(encrypt(password, salt));
+		return HexUtil.encodeStr(encrypt(password, salt));
 	}
 }
--- a/hutool-crypto/src/main/java/org/dromara/hutool/crypto/symmetric/SymmetricCrypto.java
+++ b/hutool-crypto/src/main/java/org/dromara/hutool/crypto/symmetric/SymmetricCrypto.java
@@ -13,7 +13,7 @@
 package org.dromara.hutool.crypto.symmetric;

 import org.dromara.hutool.core.array.ArrayUtil;
-import org.dromara.hutool.core.codec.HexUtil;
+import org.dromara.hutool.core.codec.binary.HexUtil;
 import org.dromara.hutool.core.io.IORuntimeException;
 import org.dromara.hutool.core.io.IoUtil;
 import org.dromara.hutool.core.lang.Assert;
@@ -287,7 +287,7 @@ public class SymmetricCrypto implements SymmetricEncryptor, SymmetricDecryptor,
 	 * @since 5.6.8
 	 */
 	public String updateHex(final byte[] data) {
-		return HexUtil.encodeHexStr(update(data));
+		return HexUtil.encodeStr(update(data));
 	}

 	// --------------------------------------------------------------------------------- Encrypt
--- a/hutool-crypto/src/main/java/org/dromara/hutool/crypto/symmetric/SymmetricEncryptor.java
+++ b/hutool-crypto/src/main/java/org/dromara/hutool/crypto/symmetric/SymmetricEncryptor.java
@@ -12,7 +12,7 @@

 package org.dromara.hutool.crypto.symmetric;

-import org.dromara.hutool.core.codec.HexUtil;
+import org.dromara.hutool.core.codec.binary.HexUtil;
 import org.dromara.hutool.core.codec.binary.Base64;
 import org.dromara.hutool.core.io.IORuntimeException;
 import org.dromara.hutool.core.io.IoUtil;
@@ -61,7 +61,7 @@ public interface SymmetricEncryptor {
 	 * @return 加密后的Hex
 	 */
 	default String encryptHex(final byte[] data) {
-		return HexUtil.encodeHexStr(encrypt(data));
+		return HexUtil.encodeStr(encrypt(data));
 	}

 	/**
@@ -93,7 +93,7 @@ public interface SymmetricEncryptor {
 	 * @return 加密后的Hex
 	 */
 	default String encryptHex(final String data, final Charset charset) {
-		return HexUtil.encodeHexStr(encrypt(data, charset));
+		return HexUtil.encodeStr(encrypt(data, charset));
 	}

 	/**
@@ -125,7 +125,7 @@ public interface SymmetricEncryptor {
 	 * @return 加密后的Hex
 	 */
 	default String encryptHex(final String data) {
-		return HexUtil.encodeHexStr(encrypt(data));
+		return HexUtil.encodeStr(encrypt(data));
 	}

 	/**
@@ -156,7 +156,7 @@ public interface SymmetricEncryptor {
 	 * @return 加密后的Hex
 	 */
 	default String encryptHex(final InputStream data) {
-		return HexUtil.encodeHexStr(encrypt(data));
+		return HexUtil.encodeStr(encrypt(data));
 	}

 	/**