liuchang/mall-ebtp-cloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

区块链 加密解密公共方法提供

Browse Source
This commit is contained in:
zhangqinbin
2021-08-31 09:14:51 +08:00
parent 605e3ac9a4
commit d572127d29
4 changed files with 256 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/config/FeignConfig.java
View File

@ -40,8 +40,6 @@ public class FeignConfig implements RequestInterceptor {
@Override @Override
public void apply(RequestTemplate template) { public void apply(RequestTemplate template) {
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes(); ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
log.info("--------白名单-"+tokenWhiteList);
log.info("--------请求url-"+template.url()); log.info("--------请求url-"+template.url());
if (Objects.nonNull(attributes)) { if (Objects.nonNull(attributes)) {
if (isNonExistsWhiteList(template.url())) { if (isNonExistsWhiteList(template.url())) {

235
uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/crypto/service/CrypServiceImpl.java Normal file
View File

@ -0,0 +1,235 @@
package com.chinaunicom.mall.ebtp.common.crypto.service;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.serializer.SerializerFeature;
import com.chinaunicom.mall.ebtp.common.crypto.exception.InvalidArgumentException;
import com.chinaunicom.mall.ebtp.common.crypto.security.CryptoPrimitives;
import com.chinaunicom.mall.ebtp.common.crypto.tenderfee.BidTenderFeeBaseParam;
import com.chinaunicom.mall.ebtp.common.crypto.tenderfee.test;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.io.IOUtils;
import org.bouncycastle.crypto.CryptoException;
import org.bouncycastle.util.encoders.Base64;
import java.io.*;
import java.net.URL;
import java.security.PrivateKey;
import java.util.ArrayList;
import java.util.List;
@Slf4j
public class CrypServiceImpl {
private static final String SIGNING_ALGORITHM = "SHA256withECDSA";
private static final String DATA_PATH = "C:\\Users\\user\\Downloads\\debian-edu-10.8.0-amd64-netinst.iso.torrent";
// 私钥文件路径 - 加密
private static String PEM_PATH = "admin_certPrivate.pem";
// 证书文件路径 - 解密
private static String CRT_PATH = "admin.crt";
public static void main(String[] args) throws ClassNotFoundException, IllegalAccessException, InstantiationException, CryptoException, InvalidArgumentException, UnsupportedEncodingException {
URL pem = test.class.getClassLoader().getResource(PEM_PATH);
URL crt = test.class.getClassLoader().getResource(CRT_PATH);
PEM_PATH = pem.getPath();
CRT_PATH = crt.getPath();
// example of HashMap entity, treeMap can also work out,
// but LinkedHashMap is NOT supported
// Map<String,String> map = new HashMap<>(1);
// map.put("SECTION_ID","L3307");
// map.put("DOCUMENT_ID","8533");
// map.put("CONTENT_FILE_HASH","12321123");
// map.put("TP_ID","L3307A");
//
// String signature = signObject(map,PEM_PATH);
// System.out.println("signature of Map: "+signature);
// boolean isOk = verifyObject(signature,map,CRT_PATH);
// System.out.println("verify result of Map: "+ isOk);
// example of bean entity
String pemVal = "-----BEGIN PRIVATE KEY-----\n" +
"MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgjF+tq8oc1tNjot69\n" +
"9OQgzr7Dqg1OkVo4PY4tKBL8+82hRANCAARKLIuOloTZe1B0J0k+CITZdsx8Gham\n" +
"JTuxCRGLdCLpq6wHHGEqWn9VDkwk5eX6OYQxYuBRiPZp7gP/njpx5CkF\n" +
"-----END PRIVATE KEY-----";
String crtVal = "-----BEGIN CERTIFICATE-----\n" +
"MIICgzCCAimgAwIBAgIULDLuWrkCL3UaWO5u7yiu8UghEjEwCgYIKoZIzj0EAwIw\n" +
"ZzELMAkGA1UEBhMCQ04xETAPBgNVBAgTCFNoYW5Eb25nMQ4wDAYDVQQHEwVKaU5h\n" +
"bjEYMBYGA1UEChMPYWRtaW50MDgxMmFvcmczMRswGQYDVQQDExJjYS5hZG1pbnQw\n" +
"ODEyYW9yZzMwHhcNMjEwODE3MDExODAwWhcNMjIwODE3MDEyMzAwWjAzMRwwDQYD\n" +
"VQQLEwZjbGllbnQwCwYDVQQLEwRvcmczMRMwEQYDVQQDDAphZG1pbkBvcmczMFkw\n" +
"EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAESiyLjpaE2XtQdCdJPgiE2XbMfBoWpiU7\n" +
"sQkRi3Qi6ausBxxhKlp/VQ5MJOXl+jmEMWLgUYj2ae4D/546ceQpBaOB5jCB4zAO\n" +
"BgNVHQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUcyAwVSk9V615\n" +
"ryVrpykYwJbUs7UwKwYDVR0jBCQwIoAgOIS8Yvvj2hRg0V3+x659Mn60B09bt8Fl\n" +
"eRcf79zjGRkwFAYDVR0RBA0wC4IJSlpaSEpTLTcyMGEGCCoDBAUGBwgBBFV7ImF0\n" +
"dHJzIjp7ImhmLkFmZmlsaWF0aW9uIjoib3JnMyIsImhmLkVucm9sbG1lbnRJRCI6\n" +
"ImFkbWluQG9yZzMiLCJoZi5UeXBlIjoiY2xpZW50In19MAoGCCqGSM49BAMCA0gA\n" +
"MEUCIQCi/6V6gmt4k5MUSfym9RFGqPwmD1hyWmtWKj448PXALAIgQfHHiX+P2M6k\n" +
"GqneZYuHHxazU37s5ZaFBPylOJJEO2Y=\n" +
"-----END CERTIFICATE-----";
// 需正确设置bean的@JSONField以确保解析到的字段名称与文档一致
List<BidTenderFeeBaseParam> paramList = new ArrayList<>();
BidTenderFeeBaseParam bean = new BidTenderFeeBaseParam();
bean.setTenderId("8533");
bean.setShoppingCartId("L3307");
bean.setAmount("1000");
bean.setTpId("L3307A");
bean.setSectionId("1111");
paramList.add(bean);
// 用于签名的Bean将被signObject转换为json(String,然后转换为byte[]),请确保该json只包含文档规定的业务字段且“SGIN"不应包含其中
String signatureOfBean = signObject2(paramList,pemVal);
// 生成的签名现在可以追加到签名字段
System.out.println("signature of Bean: "+signatureOfBean);
boolean isOkBean = verifyValue(signatureOfBean,paramList,crtVal);
System.out.println("verify result of Bean: "+ isOkBean);
}
/**
* 验证数据实体
* @param signatureString Base64加密的密钥
* @param entity 数据实体
* @param crtKey 证书路径
* @return
*/
public static boolean verifyValue(String signatureString, Object entity, String crtKey){
return verifyValue(signatureString,JSON.toJSONBytes(entity,SerializerFeature.MapSortField,SerializerFeature.SortField),crtKey);
}
/**
* 验证二进制数据串
* @param signatureString Base64加密的密钥
* @param plainData 源数据
* @param crtKey 证书路径
* @return
*/
public static boolean verifyValue(String signatureString, byte[] plainData, String crtKey){
byte[] signature = Base64.decode(signatureString);
CryptoPrimitives cp = null;
boolean result = false;
try {
cp = new CryptoPrimitives();
cp.init();
byte[] crtBytes = crtKey.getBytes();
result = cp.verify(crtBytes, SIGNING_ALGORITHM, signature, plainData);
} catch (ClassNotFoundException | IllegalAccessException | InstantiationException | InvalidArgumentException | com.chinaunicom.mall.ebtp.common.crypto.exception.CryptoException e) {
e.printStackTrace();
}
return result;
}
/**
* 验证二进制数据串
* @param signatureString Base64加密的密钥
* @param plainData 源数据
* @param crtPath 证书路径
* @return
*/
public static boolean verifyBytes(String signatureString, byte[] plainData, String crtPath){
byte[] signature = Base64.decode(signatureString);
CryptoPrimitives cp = null;
boolean result = false;
try {
cp = new CryptoPrimitives();
cp.init();
byte[] crtBytes = readAsBytes(crtPath);
result = cp.verify(crtBytes, SIGNING_ALGORITHM, signature, plainData);
} catch (ClassNotFoundException | IllegalAccessException | InstantiationException | InvalidArgumentException | com.chinaunicom.mall.ebtp.common.crypto.exception.CryptoException e) {
e.printStackTrace();
}
return result;
}
/**
* 验证数据实体
* @param signatureString Base64加密的密钥
* @param entity 数据实体
* @return
*/
public static boolean verifyObject(String signatureString, Object entity){
URL crt = test.class.getClassLoader().getResource(CRT_PATH);
return verifyObject(signatureString,entity,crt.getPath());
}
/**
* 验证数据实体
* @param signatureString Base64加密的密钥
* @param entity 数据实体
* @param crtPath 证书路径
* @return
*/
public static boolean verifyObject(String signatureString, Object entity, String crtPath){
return verifyBytes(signatureString,JSON.toJSONBytes(entity,SerializerFeature.MapSortField,SerializerFeature.SortField),crtPath);
}
/**
* 生成签名
* @param object 数据实体
* @return Base64加密的密钥
*/
public static String signObject(Object object){
URL pem = test.class.getClassLoader().getResource(PEM_PATH);
return signObject(object,pem.getPath());
}
/**
* 生成签名
* @param object 数据实体
* @param privateVal 密钥路径
* @return Base64加密的密钥
*/
public static String signObject2(Object object, String privateVal){
CryptoPrimitives cp = null;
byte[] signature = null;
try {
cp = new CryptoPrimitives();
cp.init();
byte[] pemBytes = privateVal.getBytes();
PrivateKey key = cp.bytesToPrivateKey(pemBytes);
signature = cp.sign(key, JSON.toJSONBytes(object, SerializerFeature.MapSortField,SerializerFeature.SortField));
} catch (ClassNotFoundException | IllegalAccessException | InstantiationException | InvalidArgumentException | com.chinaunicom.mall.ebtp.common.crypto.exception.CryptoException e) {
e.printStackTrace();
}
return signature==null?"":Base64.toBase64String(signature);
}
/**
* 生成签名
* @param object 数据实体
* @param privatePath 密钥路径
* @return Base64加密的密钥
*/
public static String signObject(Object object, String privatePath){
CryptoPrimitives cp = null;
byte[] signature = null;
try {
cp = new CryptoPrimitives();
cp.init();
byte[] pemBytes = readAsBytes(privatePath);
PrivateKey key = cp.bytesToPrivateKey(pemBytes);
signature = cp.sign(key, JSON.toJSONBytes(object, SerializerFeature.MapSortField,SerializerFeature.SortField));
} catch (ClassNotFoundException | IllegalAccessException | InstantiationException | InvalidArgumentException | com.chinaunicom.mall.ebtp.common.crypto.exception.CryptoException e) {
e.printStackTrace();
}
return signature==null?"":Base64.toBase64String(signature);
}
private static byte[] readAsBytes(String path) {
File file = new File(path);
byte[] result={};
try(FileInputStream is = new FileInputStream(file);
BufferedInputStream bis =new BufferedInputStream(is);)
{
result = IOUtils.toByteArray(bis);
}catch (FileNotFoundException e){
log.error(path+" not found");
}catch (IOException e){
log.error(e.toString());
}
return result;
}
}

16
uboot-common/src/main/resources/admin.crt Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN CERTIFICATE-----
MIICgzCCAimgAwIBAgIULDLuWrkCL3UaWO5u7yiu8UghEjEwCgYIKoZIzj0EAwIw
ZzELMAkGA1UEBhMCQ04xETAPBgNVBAgTCFNoYW5Eb25nMQ4wDAYDVQQHEwVKaU5h
bjEYMBYGA1UEChMPYWRtaW50MDgxMmFvcmczMRswGQYDVQQDExJjYS5hZG1pbnQw
ODEyYW9yZzMwHhcNMjEwODE3MDExODAwWhcNMjIwODE3MDEyMzAwWjAzMRwwDQYD
VQQLEwZjbGllbnQwCwYDVQQLEwRvcmczMRMwEQYDVQQDDAphZG1pbkBvcmczMFkw
EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAESiyLjpaE2XtQdCdJPgiE2XbMfBoWpiU7
sQkRi3Qi6ausBxxhKlp/VQ5MJOXl+jmEMWLgUYj2ae4D/546ceQpBaOB5jCB4zAO
BgNVHQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUcyAwVSk9V615
ryVrpykYwJbUs7UwKwYDVR0jBCQwIoAgOIS8Yvvj2hRg0V3+x659Mn60B09bt8Fl
eRcf79zjGRkwFAYDVR0RBA0wC4IJSlpaSEpTLTcyMGEGCCoDBAUGBwgBBFV7ImF0
dHJzIjp7ImhmLkFmZmlsaWF0aW9uIjoib3JnMyIsImhmLkVucm9sbG1lbnRJRCI6
ImFkbWluQG9yZzMiLCJoZi5UeXBlIjoiY2xpZW50In19MAoGCCqGSM49BAMCA0gA
MEUCIQCi/6V6gmt4k5MUSfym9RFGqPwmD1hyWmtWKj448PXALAIgQfHHiX+P2M6k
GqneZYuHHxazU37s5ZaFBPylOJJEO2Y=
-----END CERTIFICATE-----

5
uboot-common/src/main/resources/admin_certPrivate.pem Normal file
View File

@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgjF+tq8oc1tNjot69
9OQgzr7Dqg1OkVo4PY4tKBL8+82hRANCAARKLIuOloTZe1B0J0k+CITZdsx8Gham
JTuxCRGLdCLpq6wHHGEqWn9VDkwk5eX6OYQxYuBRiPZp7gP/njpx5CkF
-----END PRIVATE KEY-----