update:加密解密改为AES加密

sys/shkd-sys-sys/src/main/java/shkd/sys/sys/eoss/SSOPluginLogin.java

@@ -2,22 +2,17 @@ package shkd.sys.sys.eoss;
 
 import kd.bos.cache.CacheFactory;
 import kd.bos.cache.DistributeSessionlessCache;
-import kd.bos.dataentity.entity.DynamicObject;
 import kd.bos.exception.ErrorCode;
 import kd.bos.exception.KDBizException;
 import kd.bos.exception.KDException;
-import kd.bos.krpc.container.page.pages.SystemPageHandler;
 import kd.bos.logging.Log;
 import kd.bos.logging.LogFactory;
 import kd.bos.login.thirdauth.ThirdSSOAuthHandler;
 import kd.bos.login.thirdauth.UserAuthResult;
 import kd.bos.login.thirdauth.UserProperType;
-import kd.bos.servicehelper.parameter.SystemParamServiceHelper;
 import kd.bos.servicehelper.user.UserServiceHelper;
-import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.lang3.StringUtils;
-import shkd.sys.sys.utils.RSAUtil;
+import shkd.sys.sys.utils.AesUtils;
-import shkd.sys.sys.utils.RSAUtils;
 
 import javax.servlet.http.*;
 import java.io.IOException;
@@ -120,9 +115,7 @@ public class SSOPluginLogin implements ThirdSSOAuthHandler {
             logger.info("私钥string：" + privateKeyString);
             String cleanedBase64String = privateKeyString.replaceAll("[^A-Za-z0-9+/=]", "");
             try {
-                PrivateKey privateKey = RSAUtil.getPrivateKeyFromString(cleanedBase64String);
+                String user = AesUtils.aesDecryptString(userName);
-                logger.info("通过私钥获取获取秘钥：{}", privateKey);
-                String user = RSAUtil.decrypt(userName, privateKey);
                 logger.info("SSO用户名：" + user);
                 result.setUser(user);
                 result.setSucess(true);

sys/shkd-sys-sys/src/main/java/shkd/sys/sys/midservice/backlogTack/ToDoResendTack.java

@@ -17,13 +17,11 @@ import kd.bos.schedule.executor.AbstractTask;
 import kd.bos.servicehelper.QueryServiceHelper;
 import kd.bos.servicehelper.parameter.SystemParamServiceHelper;
 import kd.bos.util.StringUtils;
-import org.apache.commons.codec.binary.Base64;
 import shkd.sys.sys.midservice.handler.CreateToDoHandler;
 import shkd.sys.sys.midservice.handler.DealToDoHandler;
 import shkd.sys.sys.midservice.handler.deleteToDoHandler;
 import shkd.sys.sys.midservice.utils.GetUrlUtils;
-import shkd.sys.sys.utils.RSAUtil;
+import shkd.sys.sys.utils.AesUtils;
-import shkd.sys.sys.utils.RSAUtils;
 
 import java.util.*;
 
@@ -177,12 +175,10 @@ public class ToDoResendTack extends AbstractTask {
                         "phone,username", new QFilter[]{new QFilter("id", "=", next.getString("freceiveuserid"))});
                 String userName;
                 try {
-                    Object o = SystemParamServiceHelper.loadPublicParameterFromCache("shkd_publickeystring");
+                    userName = AesUtils.aesEncryptString(dynamicObject.getString("username"));
-                    logger.info("公钥："+o);
+                    logger.info("AES加密后user："+userName);
-                    userName = RSAUtil.encrypt(dynamicObject.getString("username"),RSAUtil.getPublicKeyFromString(String.valueOf(o)));
-                    logger.info("公钥加密后user："+userName);
                 }catch (Exception e){
-                    ErrorCode errorCode = new ErrorCode("error_code", "公钥加密出现异常，请联系运维人员排查！");
+                    ErrorCode errorCode = new ErrorCode("error_code", "AES加密出现异常，请联系运维人员排查！");
                     throw new KDException(errorCode, e);
                 }
                 switch (t_status) {

sys/shkd-sys-sys/src/main/java/shkd/sys/sys/midservice/servicehandler/BacklogServiceHandle.java

@@ -12,12 +12,10 @@ import kd.bos.servicehelper.parameter.SystemParamServiceHelper;
 import kd.bos.workflow.engine.msg.ctx.MessageContext;
 import kd.bos.workflow.engine.msg.handler.AbstractServiceHandler;
 import kd.bos.workflow.engine.msg.info.ToDoInfo;
-import org.apache.commons.codec.binary.Base64;
 import shkd.sys.sys.midservice.handler.CreateToDoHandler;
 import shkd.sys.sys.midservice.handler.DealToDoHandler;
 import shkd.sys.sys.midservice.handler.deleteToDoHandler;
-import shkd.sys.sys.utils.RSAUtil;
+import shkd.sys.sys.utils.AesUtils;
-import shkd.sys.sys.utils.RSAUtils;
 
 import java.util.List;
 
@@ -47,13 +45,11 @@ public class BacklogServiceHandle extends AbstractServiceHandler {
         for (DynamicObject query_one : query) {
             String userName;
             try {
-                Object o = SystemParamServiceHelper.loadPublicParameterFromCache("shkd_publickeystring");
+                userName = AesUtils.aesEncryptString(query_one.getString("username"));
-                logger.info("公钥："+o);
+                logger.info("AES加密后user："+userName);
-                userName = RSAUtil.encrypt(query_one.getString("username"),RSAUtil.getPublicKeyFromString(String.valueOf(o)));
-                logger.info("公钥加密后user："+userName);
             }catch (Exception e){
-                logger.info("####公钥加密出现异常，请联系运维人员排查！");
+                logger.info("####AES加密出现异常，请联系运维人员排查！");
-                ErrorCode errorCode = new ErrorCode("error_code", "公钥加密出现异常，请联系运维人员排查！");
+                ErrorCode errorCode = new ErrorCode("error_code", "AES加密出现异常，请联系运维人员排查！");
                 throw new KDException(errorCode, e);
             }
             StringBuilder form = new StringBuilder();

sys/shkd-sys-sys/src/main/java/shkd/sys/sys/utils/AesUtils.java

@@ -0,0 +1,191 @@
+package shkd.sys.sys.utils;
+
+import kd.bos.exception.ErrorCode;
+import kd.bos.exception.KDException;
+import kd.bos.logging.Log;
+import kd.bos.logging.LogFactory;
+import shkd.sys.sys.eoss.SSOPluginLogin;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.io.UnsupportedEncodingException;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.util.Base64;
+import java.util.Base64.Decoder;
+import java.util.Base64.Encoder;
+
+/**
+ * 提供AES加密和解密的工具类。
+ */
+public class AesUtils {
+
+    // 定义加密使用的初始向量IV
+    public static final String IV_STRING = "-o@g*m,%0!si^fo1";
+    // 定义加密使用的密钥KEY
+    public static final String KEY = "a@e@skeY;useRName$eOssMsg99!@$@!";
+    // 定义字符编码
+    public static final String CHARSET = "UTF-8";
+    // 日志对象，用于记录日志信息
+    private final static Log logger = LogFactory.getLog(SSOPluginLogin.class);
+
+    // 私有构造函数，防止类被实例化
+    private AesUtils() {
+    }
+
+    /**
+     * 使用默认密钥对字符串进行AES加密。
+     *
+     * @param content 待加密的内容
+     * @return 加密后的字符串
+     */
+    public static String aesEncryptString(String content) {
+        return aesEncryptString(content, KEY);
+    }
+
+    /**
+     * 使用指定密钥对字符串进行AES加密。
+     *
+     * @param content 待加密的内容
+     * @param key     16位密钥
+     * @return 加密后的字符串
+     */
+    public static String aesEncryptString(String content, String key) {
+        if (null == content) {
+            return null;
+        }
+        byte[] encryptedBytes;
+        try {
+            // 将内容和密钥转换为字节数组
+            byte[] contentBytes = content.getBytes(CHARSET);
+            byte[] keyBytes = key.getBytes(CHARSET);
+            // 进行AES加密操作
+            encryptedBytes = aesEncryptBytes(contentBytes, keyBytes);
+        } catch (Exception e) {
+            // 记录加密失败的日志，并抛出异常
+            logger.info("加密失败,异常信息：{}", e);
+            ErrorCode errorCode = new ErrorCode("error_code", "加密出现异常，请联系运维人员排查！");
+            throw new KDException(errorCode, e);
+        }
+        // 使用Base64编码加密后的字节数组，并返回结果
+        Encoder encoder = Base64.getEncoder();
+        return encoder.encodeToString(encryptedBytes);
+    }
+
+    /**
+     * 使用默认密钥对字符串进行AES解密。
+     *
+     * @param content 待解密的内容
+     * @return 解密后的字符串
+     */
+    public static String aesDecryptString(String content) {
+        if (null == content) {
+            return null;
+        }
+        return aesDecryptString(content, KEY);
+    }
+
+    /**
+     * 使用指定密钥对字符串进行AES解密。
+     *
+     * @param content 待解密的内容
+     * @param key     16位密钥
+     * @return 解密后的字符串
+     */
+    public static String aesDecryptString(String content, String key) {
+        Decoder decoder = Base64.getDecoder();
+        try {
+            // 使用Base64解码待解密的内容
+            byte[] encryptedBytes = decoder.decode(content);
+            // 将密钥转换为字节数组
+            byte[] keyBytes = key.getBytes(CHARSET);
+            // 进行AES解密操作
+            byte[] decryptedBytes = aesDecryptBytes(encryptedBytes, keyBytes);
+            // 将解密后的字节数组转换为字符串，并返回结果
+            return new String(decryptedBytes, CHARSET);
+        } catch (Exception e) {
+            // 记录解密失败的日志，并抛出异常
+            logger.info("解密失败,异常信息：{}", e);
+            ErrorCode errorCode = new ErrorCode("error_code", "解密出现异常，请联系运维人员排查！");
+            throw new KDException(errorCode, e);
+        }
+
+    }
+
+    /**
+     * 对字节数组进行AES加密。
+     *
+     * @param contentBytes 待加密的字节数组
+     * @param keyBytes     密钥的字节数组
+     * @return 加密后的字节数组
+     * @throws NoSuchAlgorithmException e
+     * @throws NoSuchPaddingException e
+     * @throws InvalidKeyException e
+     * @throws InvalidAlgorithmParameterException e
+     * @throws IllegalBlockSizeException e
+     * @throws BadPaddingException e
+     * @throws UnsupportedEncodingException e
+     */
+    private static byte[] aesEncryptBytes(byte[] contentBytes, byte[] keyBytes) throws NoSuchAlgorithmException,
+            NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException,
+            BadPaddingException, UnsupportedEncodingException {
+        return cipherOperation(contentBytes, keyBytes, Cipher.ENCRYPT_MODE);
+    }
+
+    /**
+     * 对字节数组进行AES解密。
+     *
+     * @param contentBytes 待解密的字节数组
+     * @param keyBytes     密钥的字节数组
+     * @return 解密后的字节数组
+     * @throws NoSuchAlgorithmException e
+     * @throws NoSuchPaddingException e
+     * @throws InvalidKeyException e
+     * @throws InvalidAlgorithmParameterException e
+     * @throws IllegalBlockSizeException e
+     * @throws BadPaddingException e
+     * @throws UnsupportedEncodingException e
+     */
+    private static byte[] aesDecryptBytes(byte[] contentBytes, byte[] keyBytes) throws NoSuchAlgorithmException,
+            NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException,
+            BadPaddingException, UnsupportedEncodingException {
+        return cipherOperation(contentBytes, keyBytes, Cipher.DECRYPT_MODE);
+    }
+
+    /**
+     * 执行AES加密或解密操作。
+     *
+     * @param contentBytes 待加密或解密的字节数组
+     * @param keyBytes     密钥的字节数组
+     * @param mode         加密(Cipher.ENCRYPT_MODE)或解密(Cipher.DECRYPT_MODE)模式
+     * @return 加密或解密后的字节数组
+     * @throws UnsupportedEncodingException e
+     * @throws NoSuchAlgorithmException e
+     * @throws NoSuchPaddingException e
+     * @throws InvalidKeyException e
+     * @throws InvalidAlgorithmParameterException e
+     * @throws IllegalBlockSizeException e
+     * @throws BadPaddingException e
+     */
+    private static byte[] cipherOperation(byte[] contentBytes, byte[] keyBytes, int mode)
+            throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException,
+            InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
+        // 创建AES密钥
+        SecretKeySpec secretKey = new SecretKeySpec(keyBytes, "AES");
+        // 创建初始向量IV
+        byte[] initParam = IV_STRING.getBytes(CHARSET);
+        IvParameterSpec ivParameterSpec = new IvParameterSpec(initParam);
+        // 获取AES/CFB/PKCS5Padding模式的Cipher对象
+        Cipher cipher = Cipher.getInstance("AES/CFB/PKCS5Padding");
+        // 初始化Cipher对象
+        cipher.init(mode, secretKey, ivParameterSpec);
+        // 执行加密或解密操作，并返回结果
+        return cipher.doFinal(contentBytes);
+    }
+
+}