From 7abfd65badd31fff218d32dec00391a8bfcbe34e Mon Sep 17 00:00:00 2001 From: Parker Date: Wed, 19 May 2021 00:20:35 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96=20=E9=9D=9E=E5=AF=B9?= =?UTF-8?q?=E7=A7=B0=E5=8A=A0=E5=AF=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../common/enums/CryptoAsymmetricType.java | 61 ----- .../aspect/ApiCryptoAsymmetricAop.java | 75 ++--- .../core/utils/CryptoAsymmetricUtil.java | 257 ------------------ .../options/web/SysOptionsRestController.java | 10 +- .../crypto/model/CryptoAsymmetric.java | 6 +- 5 files changed, 33 insertions(+), 376 deletions(-) delete mode 100644 opsli-base-support/opsli-common/src/main/java/org/opsli/common/enums/CryptoAsymmetricType.java delete mode 100644 opsli-base-support/opsli-core/src/main/java/org/opsli/core/utils/CryptoAsymmetricUtil.java diff --git a/opsli-base-support/opsli-common/src/main/java/org/opsli/common/enums/CryptoAsymmetricType.java b/opsli-base-support/opsli-common/src/main/java/org/opsli/common/enums/CryptoAsymmetricType.java deleted file mode 100644 index 2af47c2..0000000 --- a/opsli-base-support/opsli-common/src/main/java/org/opsli/common/enums/CryptoAsymmetricType.java +++ /dev/null @@ -1,61 +0,0 @@ -/** - * Copyright 2020 OPSLI 快速开发平台 https://www.opsli.com - *

- * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy of - * the License at - *

- * http://www.apache.org/licenses/LICENSE-2.0 - *

- * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - */ -package org.opsli.common.enums; - -/** - * 非对称算法类型 - * - * @author Parker - * @date 2020-09-16 17:42 - */ -public enum CryptoAsymmetricType { - - /** 非对称算法类型 */ - - RSA("RSA", "RSA 算法"), - SM2("SM2", "SM2 算法"), - ECIES("ECIES", "ECIES 算法"), - - ; - - private final String code; - private final String desc; - - public static CryptoAsymmetricType getCryptoType(String code) { - CryptoAsymmetricType[] types = values(); - for (CryptoAsymmetricType type : types) { - if (type.code.equalsIgnoreCase(code)) { - return type; - } - } - return null; - } - - public String getCode() { - return this.code; - } - - public String getDesc() { - return this.desc; - } - - // ================= - - CryptoAsymmetricType(final String code, final String desc) { - this.code = code; - this.desc = desc; - } -} diff --git a/opsli-base-support/opsli-core/src/main/java/org/opsli/core/filters/aspect/ApiCryptoAsymmetricAop.java b/opsli-base-support/opsli-core/src/main/java/org/opsli/core/filters/aspect/ApiCryptoAsymmetricAop.java index e0477f6..15de4fe 100644 --- a/opsli-base-support/opsli-core/src/main/java/org/opsli/core/filters/aspect/ApiCryptoAsymmetricAop.java +++ b/opsli-base-support/opsli-core/src/main/java/org/opsli/core/filters/aspect/ApiCryptoAsymmetricAop.java @@ -21,7 +21,6 @@ import cn.hutool.core.util.ReflectUtil; import cn.hutool.core.util.TypeUtil; import lombok.extern.slf4j.Slf4j; import opsli.plugins.crypto.CryptoPlugin; -import opsli.plugins.crypto.enums.CryptoAsymmetricType; import opsli.plugins.crypto.model.CryptoAsymmetric; import opsli.plugins.crypto.strategy.CryptoAsymmetricService; import org.aspectj.lang.ProceedingJoinPoint; @@ -31,12 +30,9 @@ import org.aspectj.lang.annotation.Pointcut; import org.aspectj.lang.reflect.MethodSignature; import org.opsli.api.base.encrypt.BaseEncrypt; import org.opsli.api.base.result.ResultVo; -import org.opsli.api.wrapper.system.options.OptionsModel; import org.opsli.common.annotation.ApiCryptoAsymmetric; -import org.opsli.common.enums.OptionsType; import org.opsli.common.exception.ServiceException; import org.opsli.core.msg.CoreMsg; -import org.opsli.core.utils.CryptoAsymmetricUtil; import org.opsli.core.utils.OptionsUtil; import org.springframework.core.annotation.Order; import org.springframework.stereotype.Component; @@ -82,60 +78,32 @@ public class ApiCryptoAsymmetricAop { // 获得方法注解 ApiCryptoAsymmetric annotation = method.getAnnotation(ApiCryptoAsymmetric.class); - if(annotation != null){ - // TODO 后期引入 享元池设计 防止过度创建对象 先保障能跑起来 2021年5月17日18:23:56 以下全是要优化的地方 - // 获得非对称加解密 执行器 - CryptoAsymmetricService asymmetric = CryptoPlugin.getAsymmetric(); - // 加解密模型 - CryptoAsymmetric cryptoModel = asymmetric.createNilModel(); - // 获得缓存配置 - // 加解密方式 - OptionsModel cryptoAsymmetric = OptionsUtil.getOptionByCode(OptionsType.CRYPTO_ASYMMETRIC); - // 公钥 - OptionsModel cryptoAsymmetricPublicKey = - OptionsUtil.getOptionByCode(OptionsType.CRYPTO_ASYMMETRIC_PUBLIC_KEY); - // 私钥 - OptionsModel cryptoAsymmetricPrivateKey = - OptionsUtil.getOptionByCode(OptionsType.CRYPTO_ASYMMETRIC_PRIVATE_KEY); - - // 非法验证 - if(cryptoAsymmetric == null || cryptoAsymmetricPublicKey == null || - cryptoAsymmetricPrivateKey == null - ){ - throw new RuntimeException(); - } - - // 加解密方式枚举 - CryptoAsymmetricType cryptoType = CryptoAsymmetricType.getCryptoType( - cryptoAsymmetric.getOptionValue()); - // 非法验证 - if(cryptoType == null){ - throw new RuntimeException(); - } - // TODO 都需要优化掉 - cryptoModel.setCryptoType(cryptoType); - cryptoModel.setPublicKey(cryptoAsymmetricPublicKey.getOptionValue()); - cryptoModel.setPrivateKey(cryptoAsymmetricPrivateKey.getOptionValue()); - - // 1. 拆解请求数据 - // request 解密 - if (annotation.enable() && annotation.requestDecrypt()){ - enterDecrypt(args, method, asymmetric, cryptoModel); - } - // 2. 执行方法 - returnValue = point.proceed(args); + // 获得非对称加解密 执行器 + CryptoAsymmetricService asymmetric = null; + // 加解密模型 + CryptoAsymmetric cryptoAsymmetric = null; + if(annotation != null && annotation.enable()){ + asymmetric = CryptoPlugin.getAsymmetric(); + cryptoAsymmetric = + OptionsUtil.getOptionByBean(asymmetric.createNilModel()); + } - // 3. 返回响应数据 - // response 加密 - if (annotation.enable() && annotation.responseEncrypt()){ - returnValue = resultEncrypt(returnValue, asymmetric, cryptoModel); + // 1. 请求解密 + if(annotation != null && annotation.enable() && annotation.requestDecrypt()){ + if(cryptoAsymmetric != null){ + enterDecrypt(args, method, asymmetric, cryptoAsymmetric); } - return returnValue; + } + // 2. 执行方法 + returnValue = point.proceed(args); - }else{ - returnValue = point.proceed(args); + // 3. 返回加密 + if(annotation != null && annotation.enable() && annotation.responseEncrypt()){ + if(cryptoAsymmetric != null){ + returnValue = resultEncrypt(returnValue, asymmetric, cryptoAsymmetric); + } } return returnValue; } @@ -203,7 +171,6 @@ public class ApiCryptoAsymmetricAop { returnValue = ret; }else { returnValue = asymmetric.encrypt(cryptoModel, returnValue); - CryptoAsymmetricUtil.encrypt(returnValue); } }catch (Exception e){ // 非对称加密失败 diff --git a/opsli-base-support/opsli-core/src/main/java/org/opsli/core/utils/CryptoAsymmetricUtil.java b/opsli-base-support/opsli-core/src/main/java/org/opsli/core/utils/CryptoAsymmetricUtil.java deleted file mode 100644 index 69cd3f4..0000000 --- a/opsli-base-support/opsli-core/src/main/java/org/opsli/core/utils/CryptoAsymmetricUtil.java +++ /dev/null @@ -1,257 +0,0 @@ -/** - * Copyright 2020 OPSLI 快速开发平台 https://www.opsli.com - *

- * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy of - * the License at - *

- * http://www.apache.org/licenses/LICENSE-2.0 - *

- * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - */ -package org.opsli.core.utils; - -import cn.hutool.core.util.CharsetUtil; -import cn.hutool.core.util.StrUtil; -import cn.hutool.crypto.SecureUtil; -import cn.hutool.crypto.SmUtil; -import cn.hutool.crypto.asymmetric.ECIES; -import cn.hutool.crypto.asymmetric.KeyType; -import cn.hutool.crypto.asymmetric.RSA; -import cn.hutool.crypto.asymmetric.SM2; -import com.alibaba.fastjson.JSONObject; -import lombok.Data; -import lombok.extern.slf4j.Slf4j; -import org.apache.commons.lang3.StringUtils; -import org.opsli.api.wrapper.system.options.OptionsModel; -import org.opsli.common.enums.CryptoAsymmetricType; -import org.opsli.common.enums.OptionsType; -import org.opsli.common.exception.ServiceException; -import org.opsli.core.msg.CoreMsg; - -import java.util.Collection; - -/** - * @BelongsProject: opsli-boot - * @BelongsPackage: org.opsli.core.utils - * @Author: Parker - * @CreateTime: 2020-09-19 20:03 - * @Description: 非对称加密工具类 - */ -@Slf4j -public final class CryptoAsymmetricUtil { - - /** Crypto KEY */ - private static final String CRYPTO_KEY = "data"; - - /** - * 创建公私钥 - * @param cryptoAsymmetricType 枚举 - * @return Model - */ - public static CryptoAsymmetricUtil.CryptoAsymmetric create(final CryptoAsymmetricType cryptoAsymmetricType){ - CryptoAsymmetricUtil.CryptoAsymmetric model = new CryptoAsymmetricUtil.CryptoAsymmetric(); - model.setCryptoType(cryptoAsymmetricType.getCode()); - switch (cryptoAsymmetricType){ - case RSA: - RSA rsa = SecureUtil.rsa(); - model.setPublicKey(rsa.getPublicKeyBase64()); - model.setPrivateKey(rsa.getPrivateKeyBase64()); - break; - case SM2: - SM2 sm2 = SmUtil.sm2(); - model.setPublicKey(sm2.getPublicKeyBase64()); - model.setPrivateKey(sm2.getPrivateKeyBase64()); - break; - case ECIES: - ECIES ecies = new ECIES(); - model.setPublicKey(ecies.getPublicKeyBase64()); - model.setPrivateKey(ecies.getPrivateKeyBase64()); - break; - default: - break; - } - return model; - } - - - /** - * 加密数据 - * @param data 数据 - * @return String - */ - public static String encrypt(final Object data){ - - JSONObject jsonObject = new JSONObject(); - jsonObject.put(CRYPTO_KEY, data); - - // 原始/加密 数据 - String encryptedStr = jsonObject.toString(); - - - try { - // 加解密方式 - OptionsModel cryptoAsymmetric = OptionsUtil.getOptionByCode(OptionsType.CRYPTO_ASYMMETRIC); - // 公钥 - OptionsModel cryptoAsymmetricPublicKey = - OptionsUtil.getOptionByCode(OptionsType.CRYPTO_ASYMMETRIC_PUBLIC_KEY); - // 私钥 - OptionsModel cryptoAsymmetricPrivateKey = - OptionsUtil.getOptionByCode(OptionsType.CRYPTO_ASYMMETRIC_PRIVATE_KEY); - - // 非法验证 - if(cryptoAsymmetric == null || cryptoAsymmetricPublicKey == null || - cryptoAsymmetricPrivateKey == null - ){ - throw new RuntimeException(); - } - - // 加解密方式枚举 - CryptoAsymmetricType cryptoType = CryptoAsymmetricType.getCryptoType( - cryptoAsymmetric.getOptionValue()); - // 非法验证 - if(cryptoType == null){ - throw new RuntimeException(); - } - - - switch (cryptoType){ - case RSA: - RSA rsa = SecureUtil.rsa(cryptoAsymmetricPrivateKey.getOptionValue(), - cryptoAsymmetricPublicKey.getOptionValue()); - encryptedStr = rsa.encryptBase64( - StrUtil.bytes(encryptedStr, CharsetUtil.CHARSET_UTF_8), KeyType.PublicKey); - break; - case SM2: - SM2 sm2 = SmUtil.sm2(cryptoAsymmetricPrivateKey.getOptionValue(), - cryptoAsymmetricPublicKey.getOptionValue()); - encryptedStr = sm2.encryptBase64( - StrUtil.bytes(encryptedStr, CharsetUtil.CHARSET_UTF_8), KeyType.PublicKey); - break; - case ECIES: - ECIES ecies = new ECIES(cryptoAsymmetricPrivateKey.getOptionValue(), - cryptoAsymmetricPublicKey.getOptionValue()); - encryptedStr = ecies.encryptBase64( - StrUtil.bytes(encryptedStr, CharsetUtil.CHARSET_UTF_8), KeyType.PublicKey); - break; - default: - throw new RuntimeException(); - } - }catch (Exception e){ - // 加密失败 - throw new ServiceException(CoreMsg.OTHER_EXCEPTION_CRYPTO_EN); - } - return encryptedStr; - } - - - /** - * RSA 解密数据 - * @param data 数据 - * @return Object - */ - public static Object decryptToObj(final String data){ - Object obj; - String decryptedData = decrypt(data); - try{ - obj = JSONObject.parse(decryptedData); - }catch (Exception e){ - // 非对称解密反射失败 - throw new ServiceException(CoreMsg.OTHER_EXCEPTION_CRYPTO_REFLEX); - } - return obj; - } - - /** - * 解密数据 - * @param data 数据 - * @return String - */ - public static String decrypt(final String data){ - String decryptStr; - try { - if(StringUtils.isEmpty(data)){ - throw new RuntimeException(); - } - - // 加解密方式 - OptionsModel cryptoAsymmetric = OptionsUtil.getOptionByCode(OptionsType.CRYPTO_ASYMMETRIC); - // 公钥 - OptionsModel cryptoAsymmetricPublicKey = - OptionsUtil.getOptionByCode(OptionsType.CRYPTO_ASYMMETRIC_PUBLIC_KEY); - // 私钥 - OptionsModel cryptoAsymmetricPrivateKey = - OptionsUtil.getOptionByCode(OptionsType.CRYPTO_ASYMMETRIC_PRIVATE_KEY); - - // 非法验证 - if(cryptoAsymmetric == null || cryptoAsymmetricPublicKey == null || - cryptoAsymmetricPrivateKey == null - ){ - throw new RuntimeException(); - } - - // 加解密方式枚举 - CryptoAsymmetricType cryptoType = CryptoAsymmetricType.getCryptoType( - cryptoAsymmetric.getOptionValue()); - // 非法验证 - if(cryptoType == null){ - throw new RuntimeException(); - } - - String tmp; - String currData = data.replaceAll(" ", "+"); - switch (cryptoType){ - case RSA: - RSA rsa = SecureUtil.rsa(cryptoAsymmetricPrivateKey.getOptionValue(), cryptoAsymmetricPublicKey.getOptionValue()); - tmp = rsa.decryptStr(data, KeyType.PrivateKey); - break; - case SM2: - SM2 sm2 = SmUtil.sm2(cryptoAsymmetricPrivateKey.getOptionValue(), cryptoAsymmetricPublicKey.getOptionValue()); - tmp = sm2.decryptStr(currData, KeyType.PrivateKey); - break; - case ECIES: - ECIES ecies = new ECIES(cryptoAsymmetricPrivateKey.getOptionValue(), cryptoAsymmetricPublicKey.getOptionValue()); - tmp = ecies.decryptStr(currData, KeyType.PrivateKey); - break; - default: - throw new RuntimeException(); - } - - // 转换对象 - JSONObject jsonObject = JSONObject.parseObject(tmp); - Object obj = jsonObject.get(CRYPTO_KEY); - if(obj instanceof Collection){ - decryptStr = jsonObject.getJSONArray(CRYPTO_KEY).toJSONString(); - }else{ - decryptStr = jsonObject.getJSONObject(CRYPTO_KEY).toJSONString(); - } - }catch (Exception e){ - // 解密失败 - throw new ServiceException(CoreMsg.OTHER_EXCEPTION_CRYPTO_DE); - } - - return decryptStr; - } - - // ===================================== - - @Data - public static class CryptoAsymmetric { - - /** 加解密类别 */ - private String cryptoType; - - /** 公钥 */ - private String publicKey; - - /** 私钥 */ - private String privateKey; - } - - private CryptoAsymmetricUtil(){} - -} diff --git a/opsli-modulars/opsli-modulars-system/src/main/java/org/opsli/modulars/system/options/web/SysOptionsRestController.java b/opsli-modulars/opsli-modulars-system/src/main/java/org/opsli/modulars/system/options/web/SysOptionsRestController.java index 3f14fef..18b9593 100644 --- a/opsli-modulars/opsli-modulars-system/src/main/java/org/opsli/modulars/system/options/web/SysOptionsRestController.java +++ b/opsli-modulars/opsli-modulars-system/src/main/java/org/opsli/modulars/system/options/web/SysOptionsRestController.java @@ -23,6 +23,10 @@ import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import lombok.extern.slf4j.Slf4j; +import opsli.plugins.crypto.CryptoPlugin; +import opsli.plugins.crypto.enums.CryptoAsymmetricType; +import opsli.plugins.crypto.model.CryptoAsymmetric; +import opsli.plugins.crypto.strategy.CryptoAsymmetricService; import org.apache.shiro.authz.annotation.RequiresPermissions; import org.opsli.api.base.result.ResultVo; import org.opsli.api.web.system.options.OptionsApi; @@ -30,14 +34,12 @@ import org.opsli.api.wrapper.system.options.OptionsModel; import org.opsli.common.annotation.ApiRestController; import org.opsli.common.annotation.EnableLog; import org.opsli.common.annotation.RequiresPermissionsCus; -import org.opsli.common.enums.CryptoAsymmetricType; import org.opsli.common.enums.DictType; import org.opsli.common.utils.WrapperUtil; import org.opsli.core.base.controller.BaseRestController; import org.opsli.core.persistence.Page; import org.opsli.core.persistence.querybuilder.QueryBuilder; import org.opsli.core.persistence.querybuilder.WebQueryBuilder; -import org.opsli.core.utils.CryptoAsymmetricUtil; import org.opsli.core.utils.OptionsUtil; import org.opsli.modulars.system.options.entity.SysOptions; import org.opsli.modulars.system.options.service.ISysOptionsService; @@ -311,8 +313,10 @@ public class SysOptionsRestController extends BaseRestController