diff --git a/modules/module-ci-machine/pom.xml b/modules/module-ci-machine/pom.xml
index fcc46f95..6f97ecf3 100644
--- a/modules/module-ci-machine/pom.xml
+++ b/modules/module-ci-machine/pom.xml
@@ -11,6 +11,18 @@
module-ci-machine
jar
+
+
+
+ org.apache.maven.plugins
+ maven-compiler-plugin
+
+ 16
+ 16
+
+
+
+
${revision}
${project.artifactId}
@@ -43,7 +55,12 @@
com.antherd
sm-crypto
- 0.3.2
+ 0.3.2.1-RELEASE
+
+
+ org.openjdk.nashorn
+ nashorn-core
+ 15.4
org.projectlombok
diff --git a/modules/module-ci-machine/src/main/java/cd/casic/module/machine/component/WebSocketConnection.java b/modules/module-ci-machine/src/main/java/cd/casic/module/machine/component/WebSocketConnection.java
index cc8a63da..6f9fcd91 100644
--- a/modules/module-ci-machine/src/main/java/cd/casic/module/machine/component/WebSocketConnection.java
+++ b/modules/module-ci-machine/src/main/java/cd/casic/module/machine/component/WebSocketConnection.java
@@ -19,6 +19,7 @@ import org.springframework.util.StringUtils;
import org.springframework.web.socket.TextMessage;
import org.springframework.web.socket.WebSocketSession;
+import javax.script.ScriptException;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
@@ -166,7 +167,12 @@ public class WebSocketConnection {
throw exception(SECRET_KEY_NULL);
}
//公钥解密
- String pubKeyContent = CryptogramUtil.doDecrypt(secretKeyService.getPublicKeyContent(machineInfo.getSecretKeyId()));
+ String pubKeyContent;
+ try {
+ pubKeyContent = CryptogramUtil.doDecrypt(secretKeyService.getPublicKeyContent(machineInfo.getSecretKeyId()));
+ } catch (ScriptException e) {
+ throw exception(ENCRYPT_OR_DECRYPT_FAIL);
+ }
// 验证秘钥格式
if (!pubKeyContent.startsWith("-----BEGIN")) {
log.error("无效的密钥格式{}", pubKeyContent);
diff --git a/modules/module-ci-machine/src/main/java/cd/casic/module/machine/contants/MachineErrorCodeConstants.java b/modules/module-ci-machine/src/main/java/cd/casic/module/machine/contants/MachineErrorCodeConstants.java
index 8d32153b..bc3b9614 100644
--- a/modules/module-ci-machine/src/main/java/cd/casic/module/machine/contants/MachineErrorCodeConstants.java
+++ b/modules/module-ci-machine/src/main/java/cd/casic/module/machine/contants/MachineErrorCodeConstants.java
@@ -36,6 +36,7 @@ public interface MachineErrorCodeConstants {
ErrorCode SECRET_KEY_NOT_EXISTS = new ErrorCode(1_003_004_001, "密钥不存在");
ErrorCode INVALID_kEY_FORMAT = new ErrorCode(1_003_004_002, "无效的密钥格式");
ErrorCode READ_SECRET_CONTENT_ERROR = new ErrorCode(1_003_004_003, "读取密钥加载失败");
+ ErrorCode ENCRYPT_OR_DECRYPT_FAIL = new ErrorCode(1_003_004_004, "加密/解密失败");
//========== 会话连接模块 1-003-006-000 ==========
ErrorCode SESSION_CONNECT_ERROR = new ErrorCode(1_003_006_001, "会话连接失败");
diff --git a/modules/module-ci-machine/src/main/java/cd/casic/module/machine/service/impl/SecretKeyServiceImpl.java b/modules/module-ci-machine/src/main/java/cd/casic/module/machine/service/impl/SecretKeyServiceImpl.java
index f7eaf377..1ab43d9c 100644
--- a/modules/module-ci-machine/src/main/java/cd/casic/module/machine/service/impl/SecretKeyServiceImpl.java
+++ b/modules/module-ci-machine/src/main/java/cd/casic/module/machine/service/impl/SecretKeyServiceImpl.java
@@ -14,6 +14,7 @@ import jakarta.annotation.Resource;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
+import javax.script.ScriptException;
import java.util.List;
import static cd.casic.framework.commons.exception.util.ServiceExceptionUtil.exception;
@@ -51,10 +52,14 @@ public class SecretKeyServiceImpl implements SecretKeyService {
public Long createSecretKey(SecretKeyVO secretKeyVO) {
validateSecretKeyAdd(secretKeyVO);
SecretKeyDO secretKeyDO = BeanUtils.toBean(secretKeyVO, SecretKeyDO.class);
- //密码加密
- secretKeyDO.setPassword(CryptogramUtil.doEncrypt(secretKeyVO.getPassword()));
- //公钥加密
- secretKeyDO.setPublicKey(CryptogramUtil.doEncrypt(secretKeyVO.getPublic_key()));
+ try {
+ //密码加密
+ secretKeyDO.setPassword(CryptogramUtil.doEncrypt(secretKeyVO.getPassword()));
+ //公钥加密
+ secretKeyDO.setPublicKey(CryptogramUtil.doEncrypt(secretKeyVO.getPublic_key()));
+ } catch (ScriptException e) {
+ throw exception(ENCRYPT_OR_DECRYPT_FAIL);
+ }
secretKeyMapper.insert(secretKeyDO);
return secretKeyDO.getId();
}
diff --git a/modules/module-ci-machine/src/main/java/cd/casic/module/machine/utils/CryptogramUtil.java b/modules/module-ci-machine/src/main/java/cd/casic/module/machine/utils/CryptogramUtil.java
index ca99dac7..46a52e7a 100644
--- a/modules/module-ci-machine/src/main/java/cd/casic/module/machine/utils/CryptogramUtil.java
+++ b/modules/module-ci-machine/src/main/java/cd/casic/module/machine/utils/CryptogramUtil.java
@@ -7,6 +7,8 @@ import com.antherd.smcrypto.sm3.Sm3;
import com.antherd.smcrypto.sm4.Sm4;
import com.antherd.smcrypto.sm4.Sm4Options;
+import javax.script.ScriptException;
+
public class CryptogramUtil {
private static final Log log = Log.get();
@@ -18,7 +20,7 @@ public class CryptogramUtil {
* @param str 待加密数据
* @return 加密后的密文
*/
- public static String doSm2Encrypt (String str) {
+ public static String doSm2Encrypt (String str) throws ScriptException {
return Sm2.doEncrypt(str, Keypair.PUBLIC_KEY);
}
@@ -30,7 +32,7 @@ public class CryptogramUtil {
* @param str 密文
* @return 解密后的明文
*/
- public static String doSm2Decrypt (String str) {
+ public static String doSm2Decrypt (String str) throws ScriptException {
// 解密
return Sm2.doDecrypt(str, Keypair.PRIVATE_KEY);
}
@@ -42,7 +44,7 @@ public class CryptogramUtil {
* @param str 待加密数据
* @return 加密后的密文
*/
- public static String doEncrypt (String str) {
+ public static String doEncrypt (String str) throws ScriptException {
// SM4 加密 cbc模式
Sm4Options sm4Options4 = new Sm4Options();
sm4Options4.setMode("cbc");
@@ -58,7 +60,7 @@ public class CryptogramUtil {
* @param str 密文
* @return 解密后的明文
*/
- public static String doDecrypt (String str) {
+ public static String doDecrypt (String str) throws ScriptException {
// 解密,cbc 模式,输出 utf8 字符串
Sm4Options sm4Options8 = new Sm4Options();
sm4Options8.setMode("cbc");
@@ -79,7 +81,7 @@ public class CryptogramUtil {
* @param str 待签名数据
* @return 签名结果
*/
- public static String doSignature (String str) {
+ public static String doSignature (String str) throws ScriptException {
return Sm2.doSignature(str, Keypair.PRIVATE_KEY);
}
@@ -91,7 +93,7 @@ public class CryptogramUtil {
* @param str 签名结果
* @return 是否通过
*/
- public static boolean doVerifySignature (String originalStr, String str) {
+ public static boolean doVerifySignature (String originalStr, String str) throws ScriptException {
return Sm2.doVerifySignature(originalStr, str, Keypair.PUBLIC_KEY);
}
@@ -102,7 +104,7 @@ public class CryptogramUtil {
* @param str 字符串
* @return hash 值
*/
- public static String doHashValue (String str) {
+ public static String doHashValue (String str) throws ScriptException {
return Sm3.sm3(str);
}