diff --git a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/SSOPluginLogin.java b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/SSOPluginLogin.java index 18de80c..a706c9d 100644 --- a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/SSOPluginLogin.java +++ b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/SSOPluginLogin.java @@ -2,22 +2,17 @@ package shkd.sys.sys.eoss; import kd.bos.cache.CacheFactory; import kd.bos.cache.DistributeSessionlessCache; -import kd.bos.dataentity.entity.DynamicObject; import kd.bos.exception.ErrorCode; import kd.bos.exception.KDBizException; import kd.bos.exception.KDException; -import kd.bos.krpc.container.page.pages.SystemPageHandler; import kd.bos.logging.Log; import kd.bos.logging.LogFactory; import kd.bos.login.thirdauth.ThirdSSOAuthHandler; import kd.bos.login.thirdauth.UserAuthResult; import kd.bos.login.thirdauth.UserProperType; -import kd.bos.servicehelper.parameter.SystemParamServiceHelper; import kd.bos.servicehelper.user.UserServiceHelper; -import org.apache.commons.codec.binary.Base64; import org.apache.commons.lang3.StringUtils; -import shkd.sys.sys.utils.RSAUtil; -import shkd.sys.sys.utils.RSAUtils; +import shkd.sys.sys.utils.AesUtils; import javax.servlet.http.*; import java.io.IOException; @@ -115,14 +110,12 @@ public class SSOPluginLogin implements ThirdSSOAuthHandler { // Object o = SystemParamServiceHelper.loadPublicParameterFromCache("shkd_privatekeystring_tag"); // logger.info("获取公共参数shkd_privatekeystring_tag:"+o); - logger.info("加密后user:" + userName); - String privateKeyString = "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDVcEZaQoPn+qado8nw5ZvKlbxEh/xQ9AiBMRUFpY0XibkrCa1T2A7bTWztoAkTaBby1ynOOX4q1BSTGiDVOcXkCZgMteqAlvg3y9YZTlV/6MkbPLNPZTuWgNMa2C6bMkkHfJJqkDI8IZbe3IUxNk4Rz6JWsLDaI6PNhSKbRIq3MHj/emsmkQN+ePAz0Elh4b/bD2L63lmJJEtoK9Ira2b/gl+VwqOiaZb8iZ4PrvCKQJucAPkdQAb2Etcv0Clb/VnzdgzzcR+gU5Ak2hJns29IFMS4jOGhAJkdLQX+fW1KS0Am9gsvYznIbv8R0Bv/PDz+jHrd36a9sMr/ixzOy3QBAgMBAAECggEAXOVc+XPxzUm+suXSwtJsmCPLqVg2bVWJThF6wNZpLlF3ElBH7DIhZTmxq0r4KEYpltAnFebYDvP3cH7yw1s90h6K2x1iT01mA4LoUGNTuzQqM3yb3naFFOBFAW4N+uZL+sIxR8gy1REZhS4dmmm0WPQyB+EnWAojBRRpF4MhjND0ncSRJhWLTg3SiOSidedaVuI9AncwXlsH3hvJTM9xrL86tGIuFZe1JDCbg5zCU0Scz6LFnSc4UISajPEy0u7v8l74k2Tqr+XXOCAbG4gSr12BazQ7c7pT0hnwE1t/WKdeu033dbTfz+FkZ/ARFgfsjuGBrc2LA7A/FbOD28mTcQKBgQDrC41Z14Iz4N+hr4fvilCqou/GcF7T5CP//tKqj3RRgCYu3XF1btQ+iXMRc40NzdCdxmH+BMJ9lS51Soi0dzvHuQTn/A/3cviBfmzptqTMp0T2RpXQ0bSe4wqUT3fdenFm39xbw9p+b+eknZ8lrGM6fn06GBP6mQ+USMvZAnkdawKBgQDod5hasx8rMveJsNdqp/vGOFVtCh6RVX0rV8vlJ1tLGAhxBQbPbbmB/H773Fqyhc7NOWPFbSuHXtZtArgTY5wHwHcBZ41nB7E5Y40wMql8eNFhBFAb1M8xy7o+cX5gIsphrBRiGGM9MBhQNea2cH3flKW9NPKdvH3dF0sv/OGDQwKBgQClV60JpDZtdCUcwjPn5+6y+oedmnK6r+Q7MvDTFrMGmhVCJnin2Vzo2RvfDOAO89drBaDtZj/Cw+y4icP831toNdkjsAczVOdHgL3w8pCffpNeg2zkRoC+vIw2pGh3nqija5rB2taa1vGmtVK817W98jj5YvK6+G0jLMppT/oPHQKBgQC7S3Ai02Jvabbq5uIIeqNtxwF8wsRyD9CzVR9f11/Elu5mMMiV4y+tPQQKZDVm1EwUKQLrk9OYU56rYZ9xb7XMwRKgvQ++TQJK3JxqksbfFHCNm+33HnR5CE1b9hD938ny+7PIfSGnsNJF/ceOgf/IXXlTgg9favh1Y0ketr3zBQKBgFKWHvw/i1j4F/6vQIBn4ke22Ja8qXDNLfIUEcgqqvIx5N6Imv8DLyvu56CWveThVzk810VHRqoJ3aIgA8oTs/mQyd8G/S8jbyufl2GeoHap9azSr63HZh4v8ZBMQuA6xP2CEUByEyIWknwo7pp9yj8gJZUFmvTthY6SvkYrqg1H"; - logger.info("私钥string:" + privateKeyString); - String cleanedBase64String = privateKeyString.replaceAll("[^A-Za-z0-9+/=]", ""); + logger.info("加密后user:" + userName); + String privateKeyString = "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDVcEZaQoPn+qado8nw5ZvKlbxEh/xQ9AiBMRUFpY0XibkrCa1T2A7bTWztoAkTaBby1ynOOX4q1BSTGiDVOcXkCZgMteqAlvg3y9YZTlV/6MkbPLNPZTuWgNMa2C6bMkkHfJJqkDI8IZbe3IUxNk4Rz6JWsLDaI6PNhSKbRIq3MHj/emsmkQN+ePAz0Elh4b/bD2L63lmJJEtoK9Ira2b/gl+VwqOiaZb8iZ4PrvCKQJucAPkdQAb2Etcv0Clb/VnzdgzzcR+gU5Ak2hJns29IFMS4jOGhAJkdLQX+fW1KS0Am9gsvYznIbv8R0Bv/PDz+jHrd36a9sMr/ixzOy3QBAgMBAAECggEAXOVc+XPxzUm+suXSwtJsmCPLqVg2bVWJThF6wNZpLlF3ElBH7DIhZTmxq0r4KEYpltAnFebYDvP3cH7yw1s90h6K2x1iT01mA4LoUGNTuzQqM3yb3naFFOBFAW4N+uZL+sIxR8gy1REZhS4dmmm0WPQyB+EnWAojBRRpF4MhjND0ncSRJhWLTg3SiOSidedaVuI9AncwXlsH3hvJTM9xrL86tGIuFZe1JDCbg5zCU0Scz6LFnSc4UISajPEy0u7v8l74k2Tqr+XXOCAbG4gSr12BazQ7c7pT0hnwE1t/WKdeu033dbTfz+FkZ/ARFgfsjuGBrc2LA7A/FbOD28mTcQKBgQDrC41Z14Iz4N+hr4fvilCqou/GcF7T5CP//tKqj3RRgCYu3XF1btQ+iXMRc40NzdCdxmH+BMJ9lS51Soi0dzvHuQTn/A/3cviBfmzptqTMp0T2RpXQ0bSe4wqUT3fdenFm39xbw9p+b+eknZ8lrGM6fn06GBP6mQ+USMvZAnkdawKBgQDod5hasx8rMveJsNdqp/vGOFVtCh6RVX0rV8vlJ1tLGAhxBQbPbbmB/H773Fqyhc7NOWPFbSuHXtZtArgTY5wHwHcBZ41nB7E5Y40wMql8eNFhBFAb1M8xy7o+cX5gIsphrBRiGGM9MBhQNea2cH3flKW9NPKdvH3dF0sv/OGDQwKBgQClV60JpDZtdCUcwjPn5+6y+oedmnK6r+Q7MvDTFrMGmhVCJnin2Vzo2RvfDOAO89drBaDtZj/Cw+y4icP831toNdkjsAczVOdHgL3w8pCffpNeg2zkRoC+vIw2pGh3nqija5rB2taa1vGmtVK817W98jj5YvK6+G0jLMppT/oPHQKBgQC7S3Ai02Jvabbq5uIIeqNtxwF8wsRyD9CzVR9f11/Elu5mMMiV4y+tPQQKZDVm1EwUKQLrk9OYU56rYZ9xb7XMwRKgvQ++TQJK3JxqksbfFHCNm+33HnR5CE1b9hD938ny+7PIfSGnsNJF/ceOgf/IXXlTgg9favh1Y0ketr3zBQKBgFKWHvw/i1j4F/6vQIBn4ke22Ja8qXDNLfIUEcgqqvIx5N6Imv8DLyvu56CWveThVzk810VHRqoJ3aIgA8oTs/mQyd8G/S8jbyufl2GeoHap9azSr63HZh4v8ZBMQuA6xP2CEUByEyIWknwo7pp9yj8gJZUFmvTthY6SvkYrqg1H"; + logger.info("私钥string:" + privateKeyString); + String cleanedBase64String = privateKeyString.replaceAll("[^A-Za-z0-9+/=]", ""); try { - PrivateKey privateKey = RSAUtil.getPrivateKeyFromString(cleanedBase64String); - logger.info("通过私钥获取获取秘钥:{}", privateKey); - String user = RSAUtil.decrypt(userName, privateKey); + String user = AesUtils.aesDecryptString(userName); logger.info("SSO用户名:" + user); result.setUser(user); result.setSucess(true); diff --git a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/midservice/backlogTack/ToDoResendTack.java b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/midservice/backlogTack/ToDoResendTack.java index 237109f..3da7f04 100644 --- a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/midservice/backlogTack/ToDoResendTack.java +++ b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/midservice/backlogTack/ToDoResendTack.java @@ -17,13 +17,11 @@ import kd.bos.schedule.executor.AbstractTask; import kd.bos.servicehelper.QueryServiceHelper; import kd.bos.servicehelper.parameter.SystemParamServiceHelper; import kd.bos.util.StringUtils; -import org.apache.commons.codec.binary.Base64; import shkd.sys.sys.midservice.handler.CreateToDoHandler; import shkd.sys.sys.midservice.handler.DealToDoHandler; import shkd.sys.sys.midservice.handler.deleteToDoHandler; import shkd.sys.sys.midservice.utils.GetUrlUtils; -import shkd.sys.sys.utils.RSAUtil; -import shkd.sys.sys.utils.RSAUtils; +import shkd.sys.sys.utils.AesUtils; import java.util.*; @@ -177,12 +175,10 @@ public class ToDoResendTack extends AbstractTask { "phone,username", new QFilter[]{new QFilter("id", "=", next.getString("freceiveuserid"))}); String userName; try { - Object o = SystemParamServiceHelper.loadPublicParameterFromCache("shkd_publickeystring"); - logger.info("公钥:"+o); - userName = RSAUtil.encrypt(dynamicObject.getString("username"),RSAUtil.getPublicKeyFromString(String.valueOf(o))); - logger.info("公钥加密后user:"+userName); + userName = AesUtils.aesEncryptString(dynamicObject.getString("username")); + logger.info("AES加密后user:"+userName); }catch (Exception e){ - ErrorCode errorCode = new ErrorCode("error_code", "公钥加密出现异常,请联系运维人员排查!"); + ErrorCode errorCode = new ErrorCode("error_code", "AES加密出现异常,请联系运维人员排查!"); throw new KDException(errorCode, e); } switch (t_status) { diff --git a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/midservice/servicehandler/BacklogServiceHandle.java b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/midservice/servicehandler/BacklogServiceHandle.java index fc118ef..e7acc25 100644 --- a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/midservice/servicehandler/BacklogServiceHandle.java +++ b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/midservice/servicehandler/BacklogServiceHandle.java @@ -12,12 +12,10 @@ import kd.bos.servicehelper.parameter.SystemParamServiceHelper; import kd.bos.workflow.engine.msg.ctx.MessageContext; import kd.bos.workflow.engine.msg.handler.AbstractServiceHandler; import kd.bos.workflow.engine.msg.info.ToDoInfo; -import org.apache.commons.codec.binary.Base64; import shkd.sys.sys.midservice.handler.CreateToDoHandler; import shkd.sys.sys.midservice.handler.DealToDoHandler; import shkd.sys.sys.midservice.handler.deleteToDoHandler; -import shkd.sys.sys.utils.RSAUtil; -import shkd.sys.sys.utils.RSAUtils; +import shkd.sys.sys.utils.AesUtils; import java.util.List; @@ -47,13 +45,11 @@ public class BacklogServiceHandle extends AbstractServiceHandler { for (DynamicObject query_one : query) { String userName; try { - Object o = SystemParamServiceHelper.loadPublicParameterFromCache("shkd_publickeystring"); - logger.info("公钥:"+o); - userName = RSAUtil.encrypt(query_one.getString("username"),RSAUtil.getPublicKeyFromString(String.valueOf(o))); - logger.info("公钥加密后user:"+userName); + userName = AesUtils.aesEncryptString(query_one.getString("username")); + logger.info("AES加密后user:"+userName); }catch (Exception e){ - logger.info("####公钥加密出现异常,请联系运维人员排查!"); - ErrorCode errorCode = new ErrorCode("error_code", "公钥加密出现异常,请联系运维人员排查!"); + logger.info("####AES加密出现异常,请联系运维人员排查!"); + ErrorCode errorCode = new ErrorCode("error_code", "AES加密出现异常,请联系运维人员排查!"); throw new KDException(errorCode, e); } StringBuilder form = new StringBuilder(); diff --git a/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/utils/AesUtils.java b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/utils/AesUtils.java new file mode 100644 index 0000000..26ec830 --- /dev/null +++ b/sys/shkd-sys-sys/src/main/java/shkd/sys/sys/utils/AesUtils.java @@ -0,0 +1,191 @@ +package shkd.sys.sys.utils; + +import kd.bos.exception.ErrorCode; +import kd.bos.exception.KDException; +import kd.bos.logging.Log; +import kd.bos.logging.LogFactory; +import shkd.sys.sys.eoss.SSOPluginLogin; + +import javax.crypto.BadPaddingException; +import javax.crypto.Cipher; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; +import java.io.UnsupportedEncodingException; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.NoSuchAlgorithmException; +import java.util.Base64; +import java.util.Base64.Decoder; +import java.util.Base64.Encoder; + +/** + * 提供AES加密和解密的工具类。 + */ +public class AesUtils { + + // 定义加密使用的初始向量IV + public static final String IV_STRING = "-o@g*m,%0!si^fo1"; + // 定义加密使用的密钥KEY + public static final String KEY = "a@e@skeY;useRName$eOssMsg99!@$@!"; + // 定义字符编码 + public static final String CHARSET = "UTF-8"; + // 日志对象,用于记录日志信息 + private final static Log logger = LogFactory.getLog(SSOPluginLogin.class); + + // 私有构造函数,防止类被实例化 + private AesUtils() { + } + + /** + * 使用默认密钥对字符串进行AES加密。 + * + * @param content 待加密的内容 + * @return 加密后的字符串 + */ + public static String aesEncryptString(String content) { + return aesEncryptString(content, KEY); + } + + /** + * 使用指定密钥对字符串进行AES加密。 + * + * @param content 待加密的内容 + * @param key 16位密钥 + * @return 加密后的字符串 + */ + public static String aesEncryptString(String content, String key) { + if (null == content) { + return null; + } + byte[] encryptedBytes; + try { + // 将内容和密钥转换为字节数组 + byte[] contentBytes = content.getBytes(CHARSET); + byte[] keyBytes = key.getBytes(CHARSET); + // 进行AES加密操作 + encryptedBytes = aesEncryptBytes(contentBytes, keyBytes); + } catch (Exception e) { + // 记录加密失败的日志,并抛出异常 + logger.info("加密失败,异常信息:{}", e); + ErrorCode errorCode = new ErrorCode("error_code", "加密出现异常,请联系运维人员排查!"); + throw new KDException(errorCode, e); + } + // 使用Base64编码加密后的字节数组,并返回结果 + Encoder encoder = Base64.getEncoder(); + return encoder.encodeToString(encryptedBytes); + } + + /** + * 使用默认密钥对字符串进行AES解密。 + * + * @param content 待解密的内容 + * @return 解密后的字符串 + */ + public static String aesDecryptString(String content) { + if (null == content) { + return null; + } + return aesDecryptString(content, KEY); + } + + /** + * 使用指定密钥对字符串进行AES解密。 + * + * @param content 待解密的内容 + * @param key 16位密钥 + * @return 解密后的字符串 + */ + public static String aesDecryptString(String content, String key) { + Decoder decoder = Base64.getDecoder(); + try { + // 使用Base64解码待解密的内容 + byte[] encryptedBytes = decoder.decode(content); + // 将密钥转换为字节数组 + byte[] keyBytes = key.getBytes(CHARSET); + // 进行AES解密操作 + byte[] decryptedBytes = aesDecryptBytes(encryptedBytes, keyBytes); + // 将解密后的字节数组转换为字符串,并返回结果 + return new String(decryptedBytes, CHARSET); + } catch (Exception e) { + // 记录解密失败的日志,并抛出异常 + logger.info("解密失败,异常信息:{}", e); + ErrorCode errorCode = new ErrorCode("error_code", "解密出现异常,请联系运维人员排查!"); + throw new KDException(errorCode, e); + } + + } + + /** + * 对字节数组进行AES加密。 + * + * @param contentBytes 待加密的字节数组 + * @param keyBytes 密钥的字节数组 + * @return 加密后的字节数组 + * @throws NoSuchAlgorithmException e + * @throws NoSuchPaddingException e + * @throws InvalidKeyException e + * @throws InvalidAlgorithmParameterException e + * @throws IllegalBlockSizeException e + * @throws BadPaddingException e + * @throws UnsupportedEncodingException e + */ + private static byte[] aesEncryptBytes(byte[] contentBytes, byte[] keyBytes) throws NoSuchAlgorithmException, + NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, + BadPaddingException, UnsupportedEncodingException { + return cipherOperation(contentBytes, keyBytes, Cipher.ENCRYPT_MODE); + } + + /** + * 对字节数组进行AES解密。 + * + * @param contentBytes 待解密的字节数组 + * @param keyBytes 密钥的字节数组 + * @return 解密后的字节数组 + * @throws NoSuchAlgorithmException e + * @throws NoSuchPaddingException e + * @throws InvalidKeyException e + * @throws InvalidAlgorithmParameterException e + * @throws IllegalBlockSizeException e + * @throws BadPaddingException e + * @throws UnsupportedEncodingException e + */ + private static byte[] aesDecryptBytes(byte[] contentBytes, byte[] keyBytes) throws NoSuchAlgorithmException, + NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, + BadPaddingException, UnsupportedEncodingException { + return cipherOperation(contentBytes, keyBytes, Cipher.DECRYPT_MODE); + } + + /** + * 执行AES加密或解密操作。 + * + * @param contentBytes 待加密或解密的字节数组 + * @param keyBytes 密钥的字节数组 + * @param mode 加密(Cipher.ENCRYPT_MODE)或解密(Cipher.DECRYPT_MODE)模式 + * @return 加密或解密后的字节数组 + * @throws UnsupportedEncodingException e + * @throws NoSuchAlgorithmException e + * @throws NoSuchPaddingException e + * @throws InvalidKeyException e + * @throws InvalidAlgorithmParameterException e + * @throws IllegalBlockSizeException e + * @throws BadPaddingException e + */ + private static byte[] cipherOperation(byte[] contentBytes, byte[] keyBytes, int mode) + throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, + InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException { + // 创建AES密钥 + SecretKeySpec secretKey = new SecretKeySpec(keyBytes, "AES"); + // 创建初始向量IV + byte[] initParam = IV_STRING.getBytes(CHARSET); + IvParameterSpec ivParameterSpec = new IvParameterSpec(initParam); + // 获取AES/CFB/PKCS5Padding模式的Cipher对象 + Cipher cipher = Cipher.getInstance("AES/CFB/PKCS5Padding"); + // 初始化Cipher对象 + cipher.init(mode, secretKey, ivParameterSpec); + // 执行加密或解密操作,并返回结果 + return cipher.doFinal(contentBytes); + } + +} \ No newline at end of file