机器管理密钥、密钥密码,加密/解密依赖包新增,版本更换
This commit is contained in:
zyj
parent
de12ccfd9e
commit
de817f1060
@ -11,6 +11,18 @@
|
|||||||
<artifactId>module-ci-machine</artifactId>
|
<artifactId>module-ci-machine</artifactId>
|
||||||
|
|
||||||
<packaging>jar</packaging>
|
<packaging>jar</packaging>
|
||||||
|
<build>
|
||||||
|
<plugins>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-compiler-plugin</artifactId>
|
||||||
|
<configuration>
|
||||||
|
<source>16</source>
|
||||||
|
<target>16</target>
|
||||||
|
</configuration>
|
||||||
|
</plugin>
|
||||||
|
</plugins>
|
||||||
|
</build>
|
||||||
<version>${revision}</version>
|
<version>${revision}</version>
|
||||||
<name>${project.artifactId}</name>
|
<name>${project.artifactId}</name>
|
||||||
|
|
||||||
@ -43,7 +55,12 @@
|
|||||||
<dependency>
|
<dependency>
|
||||||
<groupId>com.antherd</groupId>
|
<groupId>com.antherd</groupId>
|
||||||
<artifactId>sm-crypto</artifactId>
|
<artifactId>sm-crypto</artifactId>
|
||||||
<version>0.3.2</version>
|
<version>0.3.2.1-RELEASE</version>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.openjdk.nashorn</groupId>
|
||||||
|
<artifactId>nashorn-core</artifactId>
|
||||||
|
<version>15.4</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.projectlombok</groupId>
|
<groupId>org.projectlombok</groupId>
|
||||||
|
|||||||
@ -19,6 +19,7 @@ import org.springframework.util.StringUtils;
|
|||||||
import org.springframework.web.socket.TextMessage;
|
import org.springframework.web.socket.TextMessage;
|
||||||
import org.springframework.web.socket.WebSocketSession;
|
import org.springframework.web.socket.WebSocketSession;
|
||||||
|
|
||||||
|
import javax.script.ScriptException;
|
||||||
import java.io.BufferedReader;
|
import java.io.BufferedReader;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
@ -166,7 +167,12 @@ public class WebSocketConnection {
|
|||||||
throw exception(SECRET_KEY_NULL);
|
throw exception(SECRET_KEY_NULL);
|
||||||
}
|
}
|
||||||
//公钥解密
|
//公钥解密
|
||||||
String pubKeyContent = CryptogramUtil.doDecrypt(secretKeyService.getPublicKeyContent(machineInfo.getSecretKeyId()));
|
String pubKeyContent;
|
||||||
|
try {
|
||||||
|
pubKeyContent = CryptogramUtil.doDecrypt(secretKeyService.getPublicKeyContent(machineInfo.getSecretKeyId()));
|
||||||
|
} catch (ScriptException e) {
|
||||||
|
throw exception(ENCRYPT_OR_DECRYPT_FAIL);
|
||||||
|
}
|
||||||
// 验证秘钥格式
|
// 验证秘钥格式
|
||||||
if (!pubKeyContent.startsWith("-----BEGIN")) {
|
if (!pubKeyContent.startsWith("-----BEGIN")) {
|
||||||
log.error("无效的密钥格式{}", pubKeyContent);
|
log.error("无效的密钥格式{}", pubKeyContent);
|
||||||
|
|||||||
@ -36,6 +36,7 @@ public interface MachineErrorCodeConstants {
|
|||||||
ErrorCode SECRET_KEY_NOT_EXISTS = new ErrorCode(1_003_004_001, "密钥不存在");
|
ErrorCode SECRET_KEY_NOT_EXISTS = new ErrorCode(1_003_004_001, "密钥不存在");
|
||||||
ErrorCode INVALID_kEY_FORMAT = new ErrorCode(1_003_004_002, "无效的密钥格式");
|
ErrorCode INVALID_kEY_FORMAT = new ErrorCode(1_003_004_002, "无效的密钥格式");
|
||||||
ErrorCode READ_SECRET_CONTENT_ERROR = new ErrorCode(1_003_004_003, "读取密钥加载失败");
|
ErrorCode READ_SECRET_CONTENT_ERROR = new ErrorCode(1_003_004_003, "读取密钥加载失败");
|
||||||
|
ErrorCode ENCRYPT_OR_DECRYPT_FAIL = new ErrorCode(1_003_004_004, "加密/解密失败");
|
||||||
|
|
||||||
//========== 会话连接模块 1-003-006-000 ==========
|
//========== 会话连接模块 1-003-006-000 ==========
|
||||||
ErrorCode SESSION_CONNECT_ERROR = new ErrorCode(1_003_006_001, "会话连接失败");
|
ErrorCode SESSION_CONNECT_ERROR = new ErrorCode(1_003_006_001, "会话连接失败");
|
||||||
|
|||||||
@ -14,6 +14,7 @@ import jakarta.annotation.Resource;
|
|||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
import org.springframework.transaction.annotation.Transactional;
|
import org.springframework.transaction.annotation.Transactional;
|
||||||
|
|
||||||
|
import javax.script.ScriptException;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
import static cd.casic.framework.commons.exception.util.ServiceExceptionUtil.exception;
|
import static cd.casic.framework.commons.exception.util.ServiceExceptionUtil.exception;
|
||||||
@ -51,10 +52,14 @@ public class SecretKeyServiceImpl implements SecretKeyService {
|
|||||||
public Long createSecretKey(SecretKeyVO secretKeyVO) {
|
public Long createSecretKey(SecretKeyVO secretKeyVO) {
|
||||||
validateSecretKeyAdd(secretKeyVO);
|
validateSecretKeyAdd(secretKeyVO);
|
||||||
SecretKeyDO secretKeyDO = BeanUtils.toBean(secretKeyVO, SecretKeyDO.class);
|
SecretKeyDO secretKeyDO = BeanUtils.toBean(secretKeyVO, SecretKeyDO.class);
|
||||||
//密码加密
|
try {
|
||||||
secretKeyDO.setPassword(CryptogramUtil.doEncrypt(secretKeyVO.getPassword()));
|
//密码加密
|
||||||
//公钥加密
|
secretKeyDO.setPassword(CryptogramUtil.doEncrypt(secretKeyVO.getPassword()));
|
||||||
secretKeyDO.setPublicKey(CryptogramUtil.doEncrypt(secretKeyVO.getPublic_key()));
|
//公钥加密
|
||||||
|
secretKeyDO.setPublicKey(CryptogramUtil.doEncrypt(secretKeyVO.getPublic_key()));
|
||||||
|
} catch (ScriptException e) {
|
||||||
|
throw exception(ENCRYPT_OR_DECRYPT_FAIL);
|
||||||
|
}
|
||||||
secretKeyMapper.insert(secretKeyDO);
|
secretKeyMapper.insert(secretKeyDO);
|
||||||
return secretKeyDO.getId();
|
return secretKeyDO.getId();
|
||||||
}
|
}
|
||||||
|
|||||||
@ -7,6 +7,8 @@ import com.antherd.smcrypto.sm3.Sm3;
|
|||||||
import com.antherd.smcrypto.sm4.Sm4;
|
import com.antherd.smcrypto.sm4.Sm4;
|
||||||
import com.antherd.smcrypto.sm4.Sm4Options;
|
import com.antherd.smcrypto.sm4.Sm4Options;
|
||||||
|
|
||||||
|
import javax.script.ScriptException;
|
||||||
|
|
||||||
public class CryptogramUtil {
|
public class CryptogramUtil {
|
||||||
|
|
||||||
private static final Log log = Log.get();
|
private static final Log log = Log.get();
|
||||||
@ -18,7 +20,7 @@ public class CryptogramUtil {
|
|||||||
* @param str 待加密数据
|
* @param str 待加密数据
|
||||||
* @return 加密后的密文
|
* @return 加密后的密文
|
||||||
*/
|
*/
|
||||||
public static String doSm2Encrypt (String str) {
|
public static String doSm2Encrypt (String str) throws ScriptException {
|
||||||
return Sm2.doEncrypt(str, Keypair.PUBLIC_KEY);
|
return Sm2.doEncrypt(str, Keypair.PUBLIC_KEY);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -30,7 +32,7 @@ public class CryptogramUtil {
|
|||||||
* @param str 密文
|
* @param str 密文
|
||||||
* @return 解密后的明文
|
* @return 解密后的明文
|
||||||
*/
|
*/
|
||||||
public static String doSm2Decrypt (String str) {
|
public static String doSm2Decrypt (String str) throws ScriptException {
|
||||||
// 解密
|
// 解密
|
||||||
return Sm2.doDecrypt(str, Keypair.PRIVATE_KEY);
|
return Sm2.doDecrypt(str, Keypair.PRIVATE_KEY);
|
||||||
}
|
}
|
||||||
@ -42,7 +44,7 @@ public class CryptogramUtil {
|
|||||||
* @param str 待加密数据
|
* @param str 待加密数据
|
||||||
* @return 加密后的密文
|
* @return 加密后的密文
|
||||||
*/
|
*/
|
||||||
public static String doEncrypt (String str) {
|
public static String doEncrypt (String str) throws ScriptException {
|
||||||
// SM4 加密 cbc模式
|
// SM4 加密 cbc模式
|
||||||
Sm4Options sm4Options4 = new Sm4Options();
|
Sm4Options sm4Options4 = new Sm4Options();
|
||||||
sm4Options4.setMode("cbc");
|
sm4Options4.setMode("cbc");
|
||||||
@ -58,7 +60,7 @@ public class CryptogramUtil {
|
|||||||
* @param str 密文
|
* @param str 密文
|
||||||
* @return 解密后的明文
|
* @return 解密后的明文
|
||||||
*/
|
*/
|
||||||
public static String doDecrypt (String str) {
|
public static String doDecrypt (String str) throws ScriptException {
|
||||||
// 解密,cbc 模式,输出 utf8 字符串
|
// 解密,cbc 模式,输出 utf8 字符串
|
||||||
Sm4Options sm4Options8 = new Sm4Options();
|
Sm4Options sm4Options8 = new Sm4Options();
|
||||||
sm4Options8.setMode("cbc");
|
sm4Options8.setMode("cbc");
|
||||||
@ -79,7 +81,7 @@ public class CryptogramUtil {
|
|||||||
* @param str 待签名数据
|
* @param str 待签名数据
|
||||||
* @return 签名结果
|
* @return 签名结果
|
||||||
*/
|
*/
|
||||||
public static String doSignature (String str) {
|
public static String doSignature (String str) throws ScriptException {
|
||||||
return Sm2.doSignature(str, Keypair.PRIVATE_KEY);
|
return Sm2.doSignature(str, Keypair.PRIVATE_KEY);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -91,7 +93,7 @@ public class CryptogramUtil {
|
|||||||
* @param str 签名结果
|
* @param str 签名结果
|
||||||
* @return 是否通过
|
* @return 是否通过
|
||||||
*/
|
*/
|
||||||
public static boolean doVerifySignature (String originalStr, String str) {
|
public static boolean doVerifySignature (String originalStr, String str) throws ScriptException {
|
||||||
return Sm2.doVerifySignature(originalStr, str, Keypair.PUBLIC_KEY);
|
return Sm2.doVerifySignature(originalStr, str, Keypair.PUBLIC_KEY);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -102,7 +104,7 @@ public class CryptogramUtil {
|
|||||||
* @param str 字符串
|
* @param str 字符串
|
||||||
* @return hash 值
|
* @return hash 值
|
||||||
*/
|
*/
|
||||||
public static String doHashValue (String str) {
|
public static String doHashValue (String str) throws ScriptException {
|
||||||
return Sm3.sm3(str);
|
return Sm3.sm3(str);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user