msb_6557
/
opsli-boot
mirror of https://github.com/hiparker/opsli-boot.git
1
1
Code Issues Projects Releases Wiki Activity

优化 非对称加密

Browse Source
v1.4.1
Parker 4 years ago
parent c086cd882d
commit 7abfd65bad
5 changed files with 33 additions and 376 deletions
Show Stats Download Patch File Download Diff File

61
opsli-base-support/opsli-common/src/main/java/org/opsli/common/enums/CryptoAsymmetricType.java
Unescape View File

@ -1,61 +0,0 @@
/**
* Copyright 2020 OPSLI https://www.opsli.com
* <p>
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of
* the License at
* <p>
* http://www.apache.org/licenses/LICENSE-2.0
* <p>
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations under
* the License.
*/
package org.opsli.common.enums;
/**
*
*
* @author Parker
* @date 2020-09-16 17:42
*/
public enum CryptoAsymmetricType {
/** 非对称算法类型 */
RSA("RSA", "RSA 算法"),
SM2("SM2", "SM2 算法"),
ECIES("ECIES", "ECIES 算法"),
;
private final String code;
private final String desc;
public static CryptoAsymmetricType getCryptoType(String code) {
CryptoAsymmetricType[] types = values();
for (CryptoAsymmetricType type : types) {
if (type.code.equalsIgnoreCase(code)) {
return type;
}
}
return null;
}
public String getCode() {
return this.code;
}
public String getDesc() {
return this.desc;
}
// =================
CryptoAsymmetricType(final String code, final String desc) {
this.code = code;
this.desc = desc;
}
}

75
opsli-base-support/opsli-core/src/main/java/org/opsli/core/filters/aspect/ApiCryptoAsymmetricAop.java
Unescape View File

@ -21,7 +21,6 @@ import cn.hutool.core.util.ReflectUtil;
import cn.hutool.core.util.TypeUtil;
import lombok.extern.slf4j.Slf4j;
import opsli.plugins.crypto.CryptoPlugin;
import opsli.plugins.crypto.enums.CryptoAsymmetricType;
import opsli.plugins.crypto.model.CryptoAsymmetric;
import opsli.plugins.crypto.strategy.CryptoAsymmetricService;
import org.aspectj.lang.ProceedingJoinPoint;
@ -31,12 +30,9 @@ import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.opsli.api.base.encrypt.BaseEncrypt;
import org.opsli.api.base.result.ResultVo;
import org.opsli.api.wrapper.system.options.OptionsModel;
import org.opsli.common.annotation.ApiCryptoAsymmetric;
import org.opsli.common.enums.OptionsType;
import org.opsli.common.exception.ServiceException;
import org.opsli.core.msg.CoreMsg;
import org.opsli.core.utils.CryptoAsymmetricUtil;
import org.opsli.core.utils.OptionsUtil;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;
@ -82,60 +78,32 @@ public class ApiCryptoAsymmetricAop {
// 获得方法注解
ApiCryptoAsymmetric annotation =
method.getAnnotation(ApiCryptoAsymmetric.class);
if(annotation != null){
// TODO 后期引入 享元池设计 防止过度创建对象 先保障能跑起来 2021年5月17日18:23:56 以下全是要优化的地方
// 获得非对称加解密 执行器
CryptoAsymmetricService asymmetric = CryptoPlugin.getAsymmetric();
// 加解密模型
CryptoAsymmetric cryptoModel = asymmetric.createNilModel();
// 获得缓存配置
// 加解密方式
OptionsModel cryptoAsymmetric = OptionsUtil.getOptionByCode(OptionsType.CRYPTO_ASYMMETRIC);
// 公钥
OptionsModel cryptoAsymmetricPublicKey =
OptionsUtil.getOptionByCode(OptionsType.CRYPTO_ASYMMETRIC_PUBLIC_KEY);
// 私钥
OptionsModel cryptoAsymmetricPrivateKey =
OptionsUtil.getOptionByCode(OptionsType.CRYPTO_ASYMMETRIC_PRIVATE_KEY);
// 非法验证
if(cryptoAsymmetric == null || cryptoAsymmetricPublicKey == null ||
cryptoAsymmetricPrivateKey == null
){
throw new RuntimeException();
}
// 加解密方式枚举
CryptoAsymmetricType cryptoType = CryptoAsymmetricType.getCryptoType(
cryptoAsymmetric.getOptionValue());
// 非法验证
if(cryptoType == null){
throw new RuntimeException();
}
// TODO 都需要优化掉
cryptoModel.setCryptoType(cryptoType);
cryptoModel.setPublicKey(cryptoAsymmetricPublicKey.getOptionValue());
cryptoModel.setPrivateKey(cryptoAsymmetricPrivateKey.getOptionValue());
// 1. 拆解请求数据
// request 解密
if (annotation.enable() && annotation.requestDecrypt()){
enterDecrypt(args, method, asymmetric, cryptoModel);
}
// 2. 执行方法
returnValue = point.proceed(args);
// 获得非对称加解密 执行器
CryptoAsymmetricService asymmetric = null;
// 加解密模型
CryptoAsymmetric cryptoAsymmetric = null;
if(annotation != null && annotation.enable()){
asymmetric = CryptoPlugin.getAsymmetric();
cryptoAsymmetric =
OptionsUtil.getOptionByBean(asymmetric.createNilModel());
}
// 3. 返回响应数据
// response 加密
if (annotation.enable() && annotation.responseEncrypt()){
returnValue = resultEncrypt(returnValue, asymmetric, cryptoModel);
// 1. 请求解密
if(annotation != null && annotation.enable() && annotation.requestDecrypt()){
if(cryptoAsymmetric != null){
enterDecrypt(args, method, asymmetric, cryptoAsymmetric);
}
return returnValue;
}
// 2. 执行方法
returnValue = point.proceed(args);
}else{
returnValue = point.proceed(args);
// 3. 返回加密
if(annotation != null && annotation.enable() && annotation.responseEncrypt()){
if(cryptoAsymmetric != null){
returnValue = resultEncrypt(returnValue, asymmetric, cryptoAsymmetric);
}
}
return returnValue;
}
@ -203,7 +171,6 @@ public class ApiCryptoAsymmetricAop {
returnValue = ret;
}else {
returnValue = asymmetric.encrypt(cryptoModel, returnValue);
CryptoAsymmetricUtil.encrypt(returnValue);
}
}catch (Exception e){
// 非对称加密失败

257
opsli-base-support/opsli-core/src/main/java/org/opsli/core/utils/CryptoAsymmetricUtil.java
Unescape View File

@ -1,257 +0,0 @@
/**
* Copyright 2020 OPSLI https://www.opsli.com
* <p>
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of
* the License at
* <p>
* http://www.apache.org/licenses/LICENSE-2.0
* <p>
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations under
* the License.
*/
package org.opsli.core.utils;
import cn.hutool.core.util.CharsetUtil;
import cn.hutool.core.util.StrUtil;
import cn.hutool.crypto.SecureUtil;
import cn.hutool.crypto.SmUtil;
import cn.hutool.crypto.asymmetric.ECIES;
import cn.hutool.crypto.asymmetric.KeyType;
import cn.hutool.crypto.asymmetric.RSA;
import cn.hutool.crypto.asymmetric.SM2;
import com.alibaba.fastjson.JSONObject;
import lombok.Data;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.opsli.api.wrapper.system.options.OptionsModel;
import org.opsli.common.enums.CryptoAsymmetricType;
import org.opsli.common.enums.OptionsType;
import org.opsli.common.exception.ServiceException;
import org.opsli.core.msg.CoreMsg;
import java.util.Collection;
/**
* @BelongsProject: opsli-boot
* @BelongsPackage: org.opsli.core.utils
* @Author: Parker
* @CreateTime: 2020-09-19 20:03
* @Description:
*/
@Slf4j
public final class CryptoAsymmetricUtil {
/** Crypto KEY */
private static final String CRYPTO_KEY = "data";
/**
*
* @param cryptoAsymmetricType
* @return Model
*/
public static CryptoAsymmetricUtil.CryptoAsymmetric create(final CryptoAsymmetricType cryptoAsymmetricType){
CryptoAsymmetricUtil.CryptoAsymmetric model = new CryptoAsymmetricUtil.CryptoAsymmetric();
model.setCryptoType(cryptoAsymmetricType.getCode());
switch (cryptoAsymmetricType){
case RSA:
RSA rsa = SecureUtil.rsa();
model.setPublicKey(rsa.getPublicKeyBase64());
model.setPrivateKey(rsa.getPrivateKeyBase64());
break;
case SM2:
SM2 sm2 = SmUtil.sm2();
model.setPublicKey(sm2.getPublicKeyBase64());
model.setPrivateKey(sm2.getPrivateKeyBase64());
break;
case ECIES:
ECIES ecies = new ECIES();
model.setPublicKey(ecies.getPublicKeyBase64());
model.setPrivateKey(ecies.getPrivateKeyBase64());
break;
default:
break;
}
return model;
}
/**
*
* @param data
* @return String
*/
public static String encrypt(final Object data){
JSONObject jsonObject = new JSONObject();
jsonObject.put(CRYPTO_KEY, data);
// 原始/加密 数据
String encryptedStr = jsonObject.toString();
try {
// 加解密方式
OptionsModel cryptoAsymmetric = OptionsUtil.getOptionByCode(OptionsType.CRYPTO_ASYMMETRIC);
// 公钥
OptionsModel cryptoAsymmetricPublicKey =
OptionsUtil.getOptionByCode(OptionsType.CRYPTO_ASYMMETRIC_PUBLIC_KEY);
// 私钥
OptionsModel cryptoAsymmetricPrivateKey =
OptionsUtil.getOptionByCode(OptionsType.CRYPTO_ASYMMETRIC_PRIVATE_KEY);
// 非法验证
if(cryptoAsymmetric == null || cryptoAsymmetricPublicKey == null ||
cryptoAsymmetricPrivateKey == null
){
throw new RuntimeException();
}
// 加解密方式枚举
CryptoAsymmetricType cryptoType = CryptoAsymmetricType.getCryptoType(
cryptoAsymmetric.getOptionValue());
// 非法验证
if(cryptoType == null){
throw new RuntimeException();
}
switch (cryptoType){
case RSA:
RSA rsa = SecureUtil.rsa(cryptoAsymmetricPrivateKey.getOptionValue(),
cryptoAsymmetricPublicKey.getOptionValue());
encryptedStr = rsa.encryptBase64(
StrUtil.bytes(encryptedStr, CharsetUtil.CHARSET_UTF_8), KeyType.PublicKey);
break;
case SM2:
SM2 sm2 = SmUtil.sm2(cryptoAsymmetricPrivateKey.getOptionValue(),
cryptoAsymmetricPublicKey.getOptionValue());
encryptedStr = sm2.encryptBase64(
StrUtil.bytes(encryptedStr, CharsetUtil.CHARSET_UTF_8), KeyType.PublicKey);
break;
case ECIES:
ECIES ecies = new ECIES(cryptoAsymmetricPrivateKey.getOptionValue(),
cryptoAsymmetricPublicKey.getOptionValue());
encryptedStr = ecies.encryptBase64(
StrUtil.bytes(encryptedStr, CharsetUtil.CHARSET_UTF_8), KeyType.PublicKey);
break;
default:
throw new RuntimeException();
}
}catch (Exception e){
// 加密失败
throw new ServiceException(CoreMsg.OTHER_EXCEPTION_CRYPTO_EN);
}
return encryptedStr;
}
/**
* RSA
* @param data
* @return Object
*/
public static Object decryptToObj(final String data){
Object obj;
String decryptedData = decrypt(data);
try{
obj = JSONObject.parse(decryptedData);
}catch (Exception e){
// 非对称解密反射失败
throw new ServiceException(CoreMsg.OTHER_EXCEPTION_CRYPTO_REFLEX);
}
return obj;
}
/**
*
* @param data
* @return String
*/
public static String decrypt(final String data){
String decryptStr;
try {
if(StringUtils.isEmpty(data)){
throw new RuntimeException();
}
// 加解密方式
OptionsModel cryptoAsymmetric = OptionsUtil.getOptionByCode(OptionsType.CRYPTO_ASYMMETRIC);
// 公钥
OptionsModel cryptoAsymmetricPublicKey =
OptionsUtil.getOptionByCode(OptionsType.CRYPTO_ASYMMETRIC_PUBLIC_KEY);
// 私钥
OptionsModel cryptoAsymmetricPrivateKey =
OptionsUtil.getOptionByCode(OptionsType.CRYPTO_ASYMMETRIC_PRIVATE_KEY);
// 非法验证
if(cryptoAsymmetric == null || cryptoAsymmetricPublicKey == null ||
cryptoAsymmetricPrivateKey == null
){
throw new RuntimeException();
}
// 加解密方式枚举
CryptoAsymmetricType cryptoType = CryptoAsymmetricType.getCryptoType(
cryptoAsymmetric.getOptionValue());
// 非法验证
if(cryptoType == null){
throw new RuntimeException();
}
String tmp;
String currData = data.replaceAll(" ", "+");
switch (cryptoType){
case RSA:
RSA rsa = SecureUtil.rsa(cryptoAsymmetricPrivateKey.getOptionValue(), cryptoAsymmetricPublicKey.getOptionValue());
tmp = rsa.decryptStr(data, KeyType.PrivateKey);
break;
case SM2:
SM2 sm2 = SmUtil.sm2(cryptoAsymmetricPrivateKey.getOptionValue(), cryptoAsymmetricPublicKey.getOptionValue());
tmp = sm2.decryptStr(currData, KeyType.PrivateKey);
break;
case ECIES:
ECIES ecies = new ECIES(cryptoAsymmetricPrivateKey.getOptionValue(), cryptoAsymmetricPublicKey.getOptionValue());
tmp = ecies.decryptStr(currData, KeyType.PrivateKey);
break;
default:
throw new RuntimeException();
}
// 转换对象
JSONObject jsonObject = JSONObject.parseObject(tmp);
Object obj = jsonObject.get(CRYPTO_KEY);
if(obj instanceof Collection){
decryptStr = jsonObject.getJSONArray(CRYPTO_KEY).toJSONString();
}else{
decryptStr = jsonObject.getJSONObject(CRYPTO_KEY).toJSONString();
}
}catch (Exception e){
// 解密失败
throw new ServiceException(CoreMsg.OTHER_EXCEPTION_CRYPTO_DE);
}
return decryptStr;
}
// =====================================
@Data
public static class CryptoAsymmetric {
/** 加解密类别 */
private String cryptoType;
/** 公钥 */
private String publicKey;
/** 私钥 */
private String privateKey;
}
private CryptoAsymmetricUtil(){}
}

10
opsli-modulars/opsli-modulars-system/src/main/java/org/opsli/modulars/system/options/web/SysOptionsRestController.java
Unescape View File

@ -23,6 +23,10 @@ import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
import opsli.plugins.crypto.CryptoPlugin;
import opsli.plugins.crypto.enums.CryptoAsymmetricType;
import opsli.plugins.crypto.model.CryptoAsymmetric;
import opsli.plugins.crypto.strategy.CryptoAsymmetricService;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.opsli.api.base.result.ResultVo;
import org.opsli.api.web.system.options.OptionsApi;
@ -30,14 +34,12 @@ import org.opsli.api.wrapper.system.options.OptionsModel;
import org.opsli.common.annotation.ApiRestController;
import org.opsli.common.annotation.EnableLog;
import org.opsli.common.annotation.RequiresPermissionsCus;
import org.opsli.common.enums.CryptoAsymmetricType;
import org.opsli.common.enums.DictType;
import org.opsli.common.utils.WrapperUtil;
import org.opsli.core.base.controller.BaseRestController;
import org.opsli.core.persistence.Page;
import org.opsli.core.persistence.querybuilder.QueryBuilder;
import org.opsli.core.persistence.querybuilder.WebQueryBuilder;
import org.opsli.core.utils.CryptoAsymmetricUtil;
import org.opsli.core.utils.OptionsUtil;
import org.opsli.modulars.system.options.entity.SysOptions;
import org.opsli.modulars.system.options.service.ISysOptionsService;
@ -311,8 +313,10 @@ public class SysOptionsRestController extends BaseRestController<SysOptions, Opt
return ResultVo.error();
}
CryptoAsymmetricService asymmetricService = CryptoPlugin.getAsymmetric();
CryptoAsymmetric keyModel = asymmetricService.createKeyModel(cryptoType);
return ResultVo.success(
CryptoAsymmetricUtil.create(cryptoType)
keyModel
);
}
}

4
opsli-plugins/opsli-plugins-crypto/src/main/java/opsli/plugins/crypto/model/CryptoAsymmetric.java
Unescape View File

@ -17,6 +17,7 @@ package opsli.plugins.crypto.model;
import lombok.Data;
import opsli.plugins.crypto.enums.CryptoAsymmetricType;
import org.opsli.common.annotation.OptionDict;
/**
*
@ -28,11 +29,14 @@ import opsli.plugins.crypto.enums.CryptoAsymmetricType;
public class CryptoAsymmetric {
/** 加解密类别 */
@OptionDict("crypto_asymmetric")
private CryptoAsymmetricType cryptoType;
/** 公钥 */
@OptionDict("crypto_asymmetric_public_key")
private String publicKey;
/** 私钥 */
@OptionDict("crypto_asymmetric_private_key")
private String privateKey;
}
Write Preview
Loading…
Cancel
Save