Commit 0908004d by chamberone

feat: saas地址加密

1 parent 58578f66
...@@ -10,6 +10,7 @@ import com.dituhui.pea.order.dto.BusinessServerBlocksRespDTO; ...@@ -10,6 +10,7 @@ import com.dituhui.pea.order.dto.BusinessServerBlocksRespDTO;
import com.dituhui.pea.order.entity.*; import com.dituhui.pea.order.entity.*;
import com.dituhui.pea.order.feign.ISaaSRemoteService; import com.dituhui.pea.order.feign.ISaaSRemoteService;
import com.dituhui.pea.order.service.BusinessBlockService; import com.dituhui.pea.order.service.BusinessBlockService;
import com.dituhui.pea.order.utils.EncryptionUtil;
import com.dituhui.pea.order.utils.TypeUtils; import com.dituhui.pea.order.utils.TypeUtils;
import com.google.gson.internal.LinkedTreeMap; import com.google.gson.internal.LinkedTreeMap;
...@@ -57,6 +58,8 @@ public class BusinessBlockServiceImpl implements BusinessBlockService { ...@@ -57,6 +58,8 @@ public class BusinessBlockServiceImpl implements BusinessBlockService {
private MapLayerCustomizeDao mapLayerCustomizeDao; private MapLayerCustomizeDao mapLayerCustomizeDao;
@Autowired @Autowired
private EntityManager entityManager; private EntityManager entityManager;
@Autowired
private EncryptionUtil encryptionUtil;
@Override @Override
public Result<?> businessServerBlocks(String levelType, String levelValue, int page, int size, String layerId, String teamId) { public Result<?> businessServerBlocks(String levelType, String levelValue, int page, int size, String layerId, String teamId) {
...@@ -143,6 +146,8 @@ public class BusinessBlockServiceImpl implements BusinessBlockService { ...@@ -143,6 +146,8 @@ public class BusinessBlockServiceImpl implements BusinessBlockService {
+ "&jump=basedata&navHidden=true&layerId=" + StringUtils.trimToEmpty(b.getSaasLayerId()) + "&jump=basedata&navHidden=true&layerId=" + StringUtils.trimToEmpty(b.getSaasLayerId())
+ "&layercode=" + StringUtils.trimToEmpty(b.getSaasLayercode()) + "&area_ids=" + "&layercode=" + StringUtils.trimToEmpty(b.getSaasLayercode()) + "&area_ids="
+ StringUtils.trimToEmpty(b.getAreaIds()); + StringUtils.trimToEmpty(b.getAreaIds());
// 传输加密
saasUrl = encryptionUtil.AESEncrypt(saasUrl);
block.setSaasUrl(saasUrl); block.setSaasUrl(saasUrl);
if(null != b.getUpdateTime()) { if(null != b.getUpdateTime()) {
block.setUpdateTime(TimeUtils.IsoLocalDateTime2String(b.getUpdateTime())); block.setUpdateTime(TimeUtils.IsoLocalDateTime2String(b.getUpdateTime()));
......
package com.dituhui.pea.order.utils;
import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Base64;
import java.util.Base64.Decoder;
import java.util.Base64.Encoder;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import lombok.extern.slf4j.Slf4j;
/**
* 加密工具
*/
@Component
@Slf4j
public class EncryptionUtil {
public static Encoder encoder = Base64.getEncoder();
public static Decoder decoder = Base64.getDecoder();
@Value("${SaaS.encryptionPassWord}")
String passWord;
@Value("${SaaS.encryptionPassWord}")
String IV;
/*
* AES加密算法
*
* @author 加密用的Key 可以用26个字母和数字组成,最好不要用保留字符,虽然不会错,至于怎么裁决,个人看情况而定
* 此处使用AES-128-CBC加密模式,key需要为16位。
* */
public String AESEncrypt(String sSrc) {
try {
if (passWord == null) {
log.error("password 未加载");
return null;
}
// 判断Key是否为16位
if (passWord.length() != 16) {
log.error("password 长度异常: [" + passWord + "],length=" + passWord.length());
return null;
}
byte[] raw = passWord.getBytes("utf-8");
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");// "算法/模式/补码方式"
IvParameterSpec iv = new IvParameterSpec(IV.getBytes("utf-8"));// 使用CBC模式,需要一个向量iv,可增加加密算法的强度
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv);
byte[] encrypted = cipher.doFinal(sSrc.getBytes("utf-8"));
return encoder.encodeToString(encrypted);// 此处使用BAES64做转码功能,同时能起到2次
} catch (Exception e) {
e.printStackTrace();
log.error(e.getMessage(), e);
return null;
}
}
/**
* AES解密
*
* @param sSrc
* @return
* @see
*/
public String AESDecrypt(String sSrc) {
try {
// 判断Key是否正确
if (passWord == null) {
log.error("password 未加载");
return null;
}
// 判断Key是否为16位
if (passWord.length() != 16) {
log.error("password 长度异常: [" + passWord + "],length=" + passWord.length());
return null;
}
SecretKeySpec secretKeySpec = new SecretKeySpec(passWord.getBytes("utf-8"), "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5padding");
AlgorithmParameterSpec iv = new IvParameterSpec(IV.getBytes("utf-8"));
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, iv);
// 先用bAES64解密
byte[] encrypted1 = decoder.decode(sSrc);
try {
byte[] original = cipher.doFinal(encrypted1);
return new String(original);
} catch (Exception e) {
e.printStackTrace();
log.error(e.getMessage(), e);
return null;
}
} catch (Exception e) {
e.printStackTrace();
log.error(e.getMessage(), e);
return null;
}
}
/**
* 加密
*
* @param encData 原始待加密串
* @param key 16位key
* @param ivs 16位向量
* @return
* @throws Exception
* @see
*/
public static String AESEncode(String key, String ivs, String encData) throws Exception {
if (key == null) {
return null;
}
if (key.length() != 16) {
return null;
}
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
int blockSize = cipher.getBlockSize();
byte[] dataBytes = encData.getBytes();
int plaintextLength = dataBytes.length;
if (plaintextLength % blockSize != 0) {
plaintextLength = plaintextLength + (blockSize - (plaintextLength % blockSize));
}
byte[] plaintext = new byte[plaintextLength];
System.arraycopy(dataBytes, 0, plaintext, 0, dataBytes.length);
SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");
IvParameterSpec ivspec = new IvParameterSpec(ivs.getBytes());
cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec);
byte[] encrypted = cipher.doFinal(plaintext);
return encoder.encodeToString(encrypted);
}
/**
* 解密
*
* @param sSrc
* @param key 16位key
* @param ivs 16位向量
* @return
* @see
*/
public static String AESDncode(String key, String ivs, String sSrc) {
try {
byte[] raw = key.getBytes(StandardCharsets.US_ASCII);
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
IvParameterSpec iv = new IvParameterSpec(ivs.getBytes());
cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);
byte[] encrypted1 = decoder.decode(sSrc);// 先用base64解密
byte[] original = cipher.doFinal(encrypted1);
String originalString = new String(original, StandardCharsets.UTF_8);
return originalString.trim();
} catch (Exception ex) {
ex.printStackTrace();
return null;
}
}
/*
* 加密
* 1.构造密钥生成器
* 2.根据ecnodeRules规则初始化密钥生成器
* 3.产生密钥
* 4.创建和初始化密码器
* 5.内容加密
* 6.返回字符串
*/
public static String AESEncode_ECB(String encodeRules, String content) {
try {
//1.构造密钥生成器,指定为AES算法,不区分大小写
KeyGenerator keygen = KeyGenerator.getInstance("AES");
//2.根据ecnodeRules规则初始化密钥生成器
//生成一个128位的随机源,根据传入的字节数组
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
random.setSeed(encodeRules.getBytes());
keygen.init(128, random);
//3.产生原始对称密钥
SecretKey original_key = keygen.generateKey();
//4.获得原始对称密钥的字节数组
byte[] raw = original_key.getEncoded();
System.out.println(raw.length);
//5.根据字节数组生成AES密钥
SecretKey key = new SecretKeySpec(raw, "AES");
//6.根据指定算法AES自成密码器
Cipher cipher = Cipher.getInstance("AES");
//7.初始化密码器,第一个参数为加密(Encrypt_mode)或者解密解密(Decrypt_mode)操作,第二个参数为使用的KEY
cipher.init(Cipher.ENCRYPT_MODE, key);
//8.获取加密内容的字节数组(这里要设置为utf-8)不然内容中如果有中文和英文混合中文就会解密为乱码
byte[] byte_encode = content.getBytes(StandardCharsets.UTF_8);
//9.根据密码器的初始化方式--加密:将数据加密
byte[] byte_AES = cipher.doFinal(byte_encode);
//10.将加密后的数据转换为字符串
//这里用Base64Encoder中会找不到包
//解决办法:
//在项目的Build path中先移除JRE System Library,再添加库JRE System Library,重新编译后就一切正常了。
String AES_encode = new String(encoder.encode(byte_AES));
//11.将字符串返回
return AES_encode;
} catch (Exception e) {
e.printStackTrace();
}
//如果有错就返加nulll
return null;
}
/*
* 解密
* 解密过程:
* 1.同加密1-4步
* 2.将加密后的字符串反纺成byte[]数组
* 3.将加密内容解密
*/
public static String AESDncode_ECB(String encodeRules, String content) {
try {
//1.构造密钥生成器,指定为AES算法,不区分大小写
KeyGenerator keygen = KeyGenerator.getInstance("AES");
//2.根据ecnodeRules规则初始化密钥生成器
//生成一个128位的随机源,根据传入的字节数组
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
random.setSeed(encodeRules.getBytes());
keygen.init(128, random);
//3.产生原始对称密钥
SecretKey original_key = keygen.generateKey();
//4.获得原始对称密钥的字节数组
byte[] raw = original_key.getEncoded();
//5.根据字节数组生成AES密钥
SecretKey key = new SecretKeySpec(raw, "AES");
//6.根据指定算法AES自成密码器
Cipher cipher = Cipher.getInstance("AES");
//7.初始化密码器,第一个参数为加密(Encrypt_mode)或者解密(Decrypt_mode)操作,第二个参数为使用的KEY
cipher.init(Cipher.DECRYPT_MODE, key);
//8.将加密并编码后的内容解码成字节数组
byte[] byte_content = decoder.decode(content);
/*
* 解密
*/
byte[] byte_decode = cipher.doFinal(byte_content);
String AES_decode = new String(byte_decode, StandardCharsets.UTF_8);
return AES_decode;
} catch (Exception e) {
e.printStackTrace();
}
//如果有错就返加nulll
return null;
}
public static void main(String[] args) throws Exception {
// String aR = "1234567890";
// System.out.println(AESEncrypt(aR));
// System.out.println(AESDecrypt(AESEncrypt(aR)));
}
}
...@@ -65,6 +65,7 @@ SaaS: ...@@ -65,6 +65,7 @@ SaaS:
ak: 64e1cde3f9144bfb850b7d37c51af559 ak: 64e1cde3f9144bfb850b7d37c51af559
userAccount: sMvf3yZWA69lKcvlgKcOHQ== userAccount: sMvf3yZWA69lKcvlgKcOHQ==
userPassword: qjOHxpQPXLnJP+Jq1CZGBQ== userPassword: qjOHxpQPXLnJP+Jq1CZGBQ==
encryptionPassWord: bsh@2013!@
bean: bean:
server: https://bean-test.bshg.com.cn server: https://bean-test.bshg.com.cn
app-key: eDZEhTCxAcM9paRfwPjAM7RGkfmbf15S_PEA app-key: eDZEhTCxAcM9paRfwPjAM7RGkfmbf15S_PEA
......
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!