update:加密解密改为AES加密
This commit is contained in:
luoluogit
parent
59f51df67f
commit
57f1af9a4b
|
|
@ -2,22 +2,17 @@ package shkd.sys.sys.eoss;
|
|||
|
||||
import kd.bos.cache.CacheFactory;
|
||||
import kd.bos.cache.DistributeSessionlessCache;
|
||||
import kd.bos.dataentity.entity.DynamicObject;
|
||||
import kd.bos.exception.ErrorCode;
|
||||
import kd.bos.exception.KDBizException;
|
||||
import kd.bos.exception.KDException;
|
||||
import kd.bos.krpc.container.page.pages.SystemPageHandler;
|
||||
import kd.bos.logging.Log;
|
||||
import kd.bos.logging.LogFactory;
|
||||
import kd.bos.login.thirdauth.ThirdSSOAuthHandler;
|
||||
import kd.bos.login.thirdauth.UserAuthResult;
|
||||
import kd.bos.login.thirdauth.UserProperType;
|
||||
import kd.bos.servicehelper.parameter.SystemParamServiceHelper;
|
||||
import kd.bos.servicehelper.user.UserServiceHelper;
|
||||
import org.apache.commons.codec.binary.Base64;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import shkd.sys.sys.utils.RSAUtil;
|
||||
import shkd.sys.sys.utils.RSAUtils;
|
||||
import shkd.sys.sys.utils.AesUtils;
|
||||
|
||||
import javax.servlet.http.*;
|
||||
import java.io.IOException;
|
||||
|
|
@ -120,9 +115,7 @@ public class SSOPluginLogin implements ThirdSSOAuthHandler {
|
|||
logger.info("私钥string:" + privateKeyString);
|
||||
String cleanedBase64String = privateKeyString.replaceAll("[^A-Za-z0-9+/=]", "");
|
||||
try {
|
||||
PrivateKey privateKey = RSAUtil.getPrivateKeyFromString(cleanedBase64String);
|
||||
logger.info("通过私钥获取获取秘钥:{}", privateKey);
|
||||
String user = RSAUtil.decrypt(userName, privateKey);
|
||||
String user = AesUtils.aesDecryptString(userName);
|
||||
logger.info("SSO用户名:" + user);
|
||||
result.setUser(user);
|
||||
result.setSucess(true);
|
||||
|
|
|
|||
|
|
@ -17,13 +17,11 @@ import kd.bos.schedule.executor.AbstractTask;
|
|||
import kd.bos.servicehelper.QueryServiceHelper;
|
||||
import kd.bos.servicehelper.parameter.SystemParamServiceHelper;
|
||||
import kd.bos.util.StringUtils;
|
||||
import org.apache.commons.codec.binary.Base64;
|
||||
import shkd.sys.sys.midservice.handler.CreateToDoHandler;
|
||||
import shkd.sys.sys.midservice.handler.DealToDoHandler;
|
||||
import shkd.sys.sys.midservice.handler.deleteToDoHandler;
|
||||
import shkd.sys.sys.midservice.utils.GetUrlUtils;
|
||||
import shkd.sys.sys.utils.RSAUtil;
|
||||
import shkd.sys.sys.utils.RSAUtils;
|
||||
import shkd.sys.sys.utils.AesUtils;
|
||||
|
||||
import java.util.*;
|
||||
|
||||
|
|
@ -177,12 +175,10 @@ public class ToDoResendTack extends AbstractTask {
|
|||
"phone,username", new QFilter[]{new QFilter("id", "=", next.getString("freceiveuserid"))});
|
||||
String userName;
|
||||
try {
|
||||
Object o = SystemParamServiceHelper.loadPublicParameterFromCache("shkd_publickeystring");
|
||||
logger.info("公钥:"+o);
|
||||
userName = RSAUtil.encrypt(dynamicObject.getString("username"),RSAUtil.getPublicKeyFromString(String.valueOf(o)));
|
||||
logger.info("公钥加密后user:"+userName);
|
||||
userName = AesUtils.aesEncryptString(dynamicObject.getString("username"));
|
||||
logger.info("AES加密后user:"+userName);
|
||||
}catch (Exception e){
|
||||
ErrorCode errorCode = new ErrorCode("error_code", "公钥加密出现异常,请联系运维人员排查!");
|
||||
ErrorCode errorCode = new ErrorCode("error_code", "AES加密出现异常,请联系运维人员排查!");
|
||||
throw new KDException(errorCode, e);
|
||||
}
|
||||
switch (t_status) {
|
||||
|
|
|
|||
|
|
@ -12,12 +12,10 @@ import kd.bos.servicehelper.parameter.SystemParamServiceHelper;
|
|||
import kd.bos.workflow.engine.msg.ctx.MessageContext;
|
||||
import kd.bos.workflow.engine.msg.handler.AbstractServiceHandler;
|
||||
import kd.bos.workflow.engine.msg.info.ToDoInfo;
|
||||
import org.apache.commons.codec.binary.Base64;
|
||||
import shkd.sys.sys.midservice.handler.CreateToDoHandler;
|
||||
import shkd.sys.sys.midservice.handler.DealToDoHandler;
|
||||
import shkd.sys.sys.midservice.handler.deleteToDoHandler;
|
||||
import shkd.sys.sys.utils.RSAUtil;
|
||||
import shkd.sys.sys.utils.RSAUtils;
|
||||
import shkd.sys.sys.utils.AesUtils;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
|
|
@ -47,13 +45,11 @@ public class BacklogServiceHandle extends AbstractServiceHandler {
|
|||
for (DynamicObject query_one : query) {
|
||||
String userName;
|
||||
try {
|
||||
Object o = SystemParamServiceHelper.loadPublicParameterFromCache("shkd_publickeystring");
|
||||
logger.info("公钥:"+o);
|
||||
userName = RSAUtil.encrypt(query_one.getString("username"),RSAUtil.getPublicKeyFromString(String.valueOf(o)));
|
||||
logger.info("公钥加密后user:"+userName);
|
||||
userName = AesUtils.aesEncryptString(query_one.getString("username"));
|
||||
logger.info("AES加密后user:"+userName);
|
||||
}catch (Exception e){
|
||||
logger.info("####公钥加密出现异常,请联系运维人员排查!");
|
||||
ErrorCode errorCode = new ErrorCode("error_code", "公钥加密出现异常,请联系运维人员排查!");
|
||||
logger.info("####AES加密出现异常,请联系运维人员排查!");
|
||||
ErrorCode errorCode = new ErrorCode("error_code", "AES加密出现异常,请联系运维人员排查!");
|
||||
throw new KDException(errorCode, e);
|
||||
}
|
||||
StringBuilder form = new StringBuilder();
|
||||
|
|
|
|||
|
|
@ -0,0 +1,191 @@
|
|||
package shkd.sys.sys.utils;
|
||||
|
||||
import kd.bos.exception.ErrorCode;
|
||||
import kd.bos.exception.KDException;
|
||||
import kd.bos.logging.Log;
|
||||
import kd.bos.logging.LogFactory;
|
||||
import shkd.sys.sys.eoss.SSOPluginLogin;
|
||||
|
||||
import javax.crypto.BadPaddingException;
|
||||
import javax.crypto.Cipher;
|
||||
import javax.crypto.IllegalBlockSizeException;
|
||||
import javax.crypto.NoSuchPaddingException;
|
||||
import javax.crypto.spec.IvParameterSpec;
|
||||
import javax.crypto.spec.SecretKeySpec;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.security.InvalidAlgorithmParameterException;
|
||||
import java.security.InvalidKeyException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.Base64;
|
||||
import java.util.Base64.Decoder;
|
||||
import java.util.Base64.Encoder;
|
||||
|
||||
/**
|
||||
* 提供AES加密和解密的工具类。
|
||||
*/
|
||||
public class AesUtils {
|
||||
|
||||
// 定义加密使用的初始向量IV
|
||||
public static final String IV_STRING = "-o@g*m,%0!si^fo1";
|
||||
// 定义加密使用的密钥KEY
|
||||
public static final String KEY = "a@e@skeY;useRName$eOssMsg99!@$@!";
|
||||
// 定义字符编码
|
||||
public static final String CHARSET = "UTF-8";
|
||||
// 日志对象,用于记录日志信息
|
||||
private final static Log logger = LogFactory.getLog(SSOPluginLogin.class);
|
||||
|
||||
// 私有构造函数,防止类被实例化
|
||||
private AesUtils() {
|
||||
}
|
||||
|
||||
/**
|
||||
* 使用默认密钥对字符串进行AES加密。
|
||||
*
|
||||
* @param content 待加密的内容
|
||||
* @return 加密后的字符串
|
||||
*/
|
||||
public static String aesEncryptString(String content) {
|
||||
return aesEncryptString(content, KEY);
|
||||
}
|
||||
|
||||
/**
|
||||
* 使用指定密钥对字符串进行AES加密。
|
||||
*
|
||||
* @param content 待加密的内容
|
||||
* @param key 16位密钥
|
||||
* @return 加密后的字符串
|
||||
*/
|
||||
public static String aesEncryptString(String content, String key) {
|
||||
if (null == content) {
|
||||
return null;
|
||||
}
|
||||
byte[] encryptedBytes;
|
||||
try {
|
||||
// 将内容和密钥转换为字节数组
|
||||
byte[] contentBytes = content.getBytes(CHARSET);
|
||||
byte[] keyBytes = key.getBytes(CHARSET);
|
||||
// 进行AES加密操作
|
||||
encryptedBytes = aesEncryptBytes(contentBytes, keyBytes);
|
||||
} catch (Exception e) {
|
||||
// 记录加密失败的日志,并抛出异常
|
||||
logger.info("加密失败,异常信息:{}", e);
|
||||
ErrorCode errorCode = new ErrorCode("error_code", "加密出现异常,请联系运维人员排查!");
|
||||
throw new KDException(errorCode, e);
|
||||
}
|
||||
// 使用Base64编码加密后的字节数组,并返回结果
|
||||
Encoder encoder = Base64.getEncoder();
|
||||
return encoder.encodeToString(encryptedBytes);
|
||||
}
|
||||
|
||||
/**
|
||||
* 使用默认密钥对字符串进行AES解密。
|
||||
*
|
||||
* @param content 待解密的内容
|
||||
* @return 解密后的字符串
|
||||
*/
|
||||
public static String aesDecryptString(String content) {
|
||||
if (null == content) {
|
||||
return null;
|
||||
}
|
||||
return aesDecryptString(content, KEY);
|
||||
}
|
||||
|
||||
/**
|
||||
* 使用指定密钥对字符串进行AES解密。
|
||||
*
|
||||
* @param content 待解密的内容
|
||||
* @param key 16位密钥
|
||||
* @return 解密后的字符串
|
||||
*/
|
||||
public static String aesDecryptString(String content, String key) {
|
||||
Decoder decoder = Base64.getDecoder();
|
||||
try {
|
||||
// 使用Base64解码待解密的内容
|
||||
byte[] encryptedBytes = decoder.decode(content);
|
||||
// 将密钥转换为字节数组
|
||||
byte[] keyBytes = key.getBytes(CHARSET);
|
||||
// 进行AES解密操作
|
||||
byte[] decryptedBytes = aesDecryptBytes(encryptedBytes, keyBytes);
|
||||
// 将解密后的字节数组转换为字符串,并返回结果
|
||||
return new String(decryptedBytes, CHARSET);
|
||||
} catch (Exception e) {
|
||||
// 记录解密失败的日志,并抛出异常
|
||||
logger.info("解密失败,异常信息:{}", e);
|
||||
ErrorCode errorCode = new ErrorCode("error_code", "解密出现异常,请联系运维人员排查!");
|
||||
throw new KDException(errorCode, e);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* 对字节数组进行AES加密。
|
||||
*
|
||||
* @param contentBytes 待加密的字节数组
|
||||
* @param keyBytes 密钥的字节数组
|
||||
* @return 加密后的字节数组
|
||||
* @throws NoSuchAlgorithmException e
|
||||
* @throws NoSuchPaddingException e
|
||||
* @throws InvalidKeyException e
|
||||
* @throws InvalidAlgorithmParameterException e
|
||||
* @throws IllegalBlockSizeException e
|
||||
* @throws BadPaddingException e
|
||||
* @throws UnsupportedEncodingException e
|
||||
*/
|
||||
private static byte[] aesEncryptBytes(byte[] contentBytes, byte[] keyBytes) throws NoSuchAlgorithmException,
|
||||
NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException,
|
||||
BadPaddingException, UnsupportedEncodingException {
|
||||
return cipherOperation(contentBytes, keyBytes, Cipher.ENCRYPT_MODE);
|
||||
}
|
||||
|
||||
/**
|
||||
* 对字节数组进行AES解密。
|
||||
*
|
||||
* @param contentBytes 待解密的字节数组
|
||||
* @param keyBytes 密钥的字节数组
|
||||
* @return 解密后的字节数组
|
||||
* @throws NoSuchAlgorithmException e
|
||||
* @throws NoSuchPaddingException e
|
||||
* @throws InvalidKeyException e
|
||||
* @throws InvalidAlgorithmParameterException e
|
||||
* @throws IllegalBlockSizeException e
|
||||
* @throws BadPaddingException e
|
||||
* @throws UnsupportedEncodingException e
|
||||
*/
|
||||
private static byte[] aesDecryptBytes(byte[] contentBytes, byte[] keyBytes) throws NoSuchAlgorithmException,
|
||||
NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException,
|
||||
BadPaddingException, UnsupportedEncodingException {
|
||||
return cipherOperation(contentBytes, keyBytes, Cipher.DECRYPT_MODE);
|
||||
}
|
||||
|
||||
/**
|
||||
* 执行AES加密或解密操作。
|
||||
*
|
||||
* @param contentBytes 待加密或解密的字节数组
|
||||
* @param keyBytes 密钥的字节数组
|
||||
* @param mode 加密(Cipher.ENCRYPT_MODE)或解密(Cipher.DECRYPT_MODE)模式
|
||||
* @return 加密或解密后的字节数组
|
||||
* @throws UnsupportedEncodingException e
|
||||
* @throws NoSuchAlgorithmException e
|
||||
* @throws NoSuchPaddingException e
|
||||
* @throws InvalidKeyException e
|
||||
* @throws InvalidAlgorithmParameterException e
|
||||
* @throws IllegalBlockSizeException e
|
||||
* @throws BadPaddingException e
|
||||
*/
|
||||
private static byte[] cipherOperation(byte[] contentBytes, byte[] keyBytes, int mode)
|
||||
throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException,
|
||||
InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
|
||||
// 创建AES密钥
|
||||
SecretKeySpec secretKey = new SecretKeySpec(keyBytes, "AES");
|
||||
// 创建初始向量IV
|
||||
byte[] initParam = IV_STRING.getBytes(CHARSET);
|
||||
IvParameterSpec ivParameterSpec = new IvParameterSpec(initParam);
|
||||
// 获取AES/CFB/PKCS5Padding模式的Cipher对象
|
||||
Cipher cipher = Cipher.getInstance("AES/CFB/PKCS5Padding");
|
||||
// 初始化Cipher对象
|
||||
cipher.init(mode, secretKey, ivParameterSpec);
|
||||
// 执行加密或解密操作,并返回结果
|
||||
return cipher.doFinal(contentBytes);
|
||||
}
|
||||
|
||||
}
|
||||
Loading…
Reference in New Issue