Skip to content

G
gic-cloud
Commit 0bacbfc0 by fudahua
Options

Merge branch 'fix-2023-04' into 'master' 

feat: 解密

See merge request !106
parents 5c287792 98005de7
Showing with 222 additions and 0 deletions
gic-cloud-data-hook-service/src/main/java/com/gic/cloud/data/hook/service/AESEncryptUtils.java 0 → 100644
package com.gic.cloud.data.hook.service;
import org.apache.commons.lang3.StringUtils;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import java.util.HashMap;
import java.util.Map;
public class AESEncryptUtils {
private static final String prefix = "⇈";
private static final String suffix = "↵";
/**
* 加解密密钥, 外部可以
*/
public static final String AES_DATA_SECURITY_KEY = "4%YkW!@g5LGcf9Ut";
/**
* 算法/加密模式/填充方式
*/
private static final String AES_PKCS5P = "AES/ECB/PKCS5Padding";
private static final String AES_PERSON_KEY_SECURITY_KEY = "pisnyMyZYXuCNcRd";
public static ThreadLocal<Map<String, Cipher>> encryptLocal = new ThreadLocal<Map<String, Cipher>>() {
@Override
protected Map<String, Cipher> initialValue() {
return new HashMap<String, Cipher>();
}
};
public static ThreadLocal<Map<String, Cipher>> decryptLocal = new ThreadLocal<Map<String, Cipher>>() {
@Override
protected Map<String, Cipher> initialValue() {
return new HashMap<String, Cipher>();
}
};
/**
* 加密
*
* @param str 需要加密的字符串
* @param key 密钥
* @return
* @throws Exception
*/
public static String encrypt(String str, String key) {
if (StringUtils.isEmpty(key)) {
throw new RuntimeException("key不能为空");
}
try {
if (str == null) {
return null;
}
// 判断Key是否为16位
if (key.length() != 16) {
return null;
}
Map<String, Cipher> cipherMap = encryptLocal.get();
if (!cipherMap.containsKey(key)) {
byte[] raw = key.getBytes("UTF-8");
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
// "算法/模式/补码方式"
Cipher cipher = Cipher.getInstance(AES_PKCS5P);
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
cipherMap.put(key, cipher);
}
byte[] encrypted = cipherMap.get(key).doFinal(str.getBytes("UTF-8"));
// 此处使用BASE64做转码功能,同时能起到2次加密的作用。
String encode = new BASE64Encoder().encode(encrypted);
return prefix + encode + suffix;
// return new String(encrypted);
} catch (Exception ex) {
return null;
}
}
/**
* 解密
*
* @param str 需要解密的字符串
* @param key 密钥
* @return
*/
public static String decrypt(String str, String key) {
if (str.startsWith(prefix) && str.endsWith(suffix)) {
str = str.substring(1, str.length() - 1);
}
if (StringUtils.isEmpty(key)) {
throw new RuntimeException("key不能为空");
}
try {
if (str == null) {
return null;
}
// 判断Key是否为16位
if (key.length() != 16) {
return null;
}
Map<String, Cipher> cipherMap = decryptLocal.get();
if (!cipherMap.containsKey(key)) {
byte[] raw = key.getBytes("UTF-8");
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance(AES_PKCS5P);
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
cipherMap.put(key, cipher);
}
// 先用base64解密
byte[] encrypted = new BASE64Decoder().decodeBuffer(str);
// byte[] encrypted = str.getBytes("UTF-8");
try {
byte[] original = cipherMap.get(key).doFinal(encrypted);
String originalString = new String(original, "UTF-8");
return originalString;
} catch (Exception e) {
return null;
}
} catch (Exception ex) {
return null;
}
}
/**
* 加密
*
* @param str 需要加密的字符串
* @return
* @throws Exception
*/
public static String encrypt(String str) {
return encrypt(str, AES_DATA_SECURITY_KEY);
}
/**
* 解密
*
* @param str 需要解密的字符串
* @return
*/
public static String decrypt(String str) {
return decrypt(str, AES_DATA_SECURITY_KEY);
}
/**
* 查询的时候对某些字段解密
*
* @param str
* @return
*/
public static String aesDecrypt(String str) {
if (StringUtils.isBlank(str)) {
return " ";
}
String sql = " AES_DECRYPT(from_base64(" + str + ")," + "'" + AES_DATA_SECURITY_KEY + "')";
return sql;
}
/**
* 对personKey加密
*
* @param personKey
* @return
*/
public static String encryptPersonKey(String personKey) {
return AESEncryptUtils.encrypt(personKey, AES_PERSON_KEY_SECURITY_KEY);
}
/**
* 对personKey解密
*
* @param personKey
* @return
*/
public static String decryptPersonKey(String personKey) {
return AESEncryptUtils.decrypt(personKey, AES_PERSON_KEY_SECURITY_KEY);
}
public static boolean isEncrypted(String str) {
if (str == null) {
return false;
}
if (str.startsWith(prefix) && str.endsWith(suffix)) {
String substring = str.substring(1, str.length() - 1);
if (substring.length() % 20 == 4) {
return true;
}
}
return false;
}
public static void main(String[] args) {
String originStr = "13777473173";
String key = "YxFAqwocNUXdpteE";
// long startTs = System.currentTimeMillis();
// System.out.println((System.currentTimeMillis() - startTs));
// for (int i = 0; i < 10 * 10000; i++) {
String encrypt = encrypt(originStr, key);
String decrypt = decrypt(encrypt, key);
// }
System.out.println(originStr.length());
System.out.println(encrypt);
System.out.println(encrypt.length());
System.out.println(isEncrypted(encrypt));
System.out.println(decrypt);
}
}
gic-cloud-data-hook-service/src/main/java/com/gic/cloud/data/hook/service/DecryptUtils.java
......@@ -19,6 +19,9 @@ public class DecryptUtils {
private static DecryptUtils instance = null;
private static String encryptSalt = "YxFAqwocNUXdpteE";
static {
DataDecryptionClient.setEnv(SdkEnv.PROD);
decryptionClient = new DataDecryptionClient();
......@@ -57,6 +60,9 @@ public class DecryptUtils {
if (DecryptUtils.checkDecrypt(enterpriseId)){
return DecryptUtils.decrypt(encryptString);
}else{
if (AESEncryptUtils.isEncrypted(encryptString)) {
return AESEncryptUtils.decrypt(encryptString,encryptSalt);
}
return encryptString;
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment