【8.1.8】【security】更新国密SM2的配置和工具类

kernel-d-security/pom.xml

@@ -24,6 +24,7 @@
         <module>security-sdk-xss</module>
         <module>security-sdk-request-encrypt-and-decode</module>
         <module>security-sdk-database-field</module>
+        <module>security-sdk-guomi</module>
         <module>security-spring-boot-starter</module>
     </modules>
 

kernel-d-security/security-sdk-guomi/README.md

@@ -0,0 +1 @@
+# 国密算法封装

kernel-d-security/security-sdk-guomi/pom.xml

@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <parent>
+        <groupId>cn.stylefeng.roses</groupId>
+        <artifactId>kernel-d-security</artifactId>
+        <version>8.1.8</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+
+    <artifactId>security-sdk-guomi</artifactId>
+
+    <dependencies>
+
+        <!--国密算法的支持-->
+        <dependency>
+            <groupId>org.bouncycastle</groupId>
+            <artifactId>bcprov-jdk15to18</artifactId>
+            <version>${bcprov.version}</version>
+        </dependency>
+
+        <!--config-api-->
+        <dependency>
+            <groupId>cn.stylefeng.roses</groupId>
+            <artifactId>config-api</artifactId>
+            <version>${roses.version}</version>
+        </dependency>
+
+    </dependencies>
+</project>

kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/GuomiUtil.java

@@ -0,0 +1,48 @@
+package cn.stylefeng.roses.kernel.security.guomi;
+
+import cn.hutool.crypto.SmUtil;
+import cn.hutool.crypto.asymmetric.KeyType;
+import cn.hutool.crypto.asymmetric.SM2;
+import cn.stylefeng.roses.kernel.security.guomi.expander.GuomiConfigExpander;
+
+import java.nio.charset.StandardCharsets;
+
+/**
+ * 项目中使用的国密算法的封装
+ * <p>
+ * 非对称加密和签名：SM2
+ * 摘要签名算法：SM3
+ * 对称加密：SM4
+ *
+ * @author fengshuonan
+ * @since 2024/6/25 10:07
+ */
+public class GuomiUtil {
+
+    /**
+     * 国密SM2，公钥加密
+     *
+     * @author fengshuonan
+     * @since 2024/6/25 10:50
+     */
+    public static String sm2EncryptWithPublic(String text) {
+        String sm2PrivateKey = GuomiConfigExpander.getSM2PrivateKey();
+        String sm2PublicKey = GuomiConfigExpander.getSM2PublicKey();
+        SM2 sm2 = SmUtil.sm2(sm2PrivateKey, sm2PublicKey);
+        return sm2.encryptBase64(text, StandardCharsets.UTF_8, KeyType.PublicKey);
+    }
+
+    /**
+     * 国密SM2，私钥解密
+     *
+     * @author fengshuonan
+     * @since 2024/6/25 10:53
+     */
+    public static String sm2DecryptWithPrivate(String encryptedStr) {
+        String sm2PrivateKey = GuomiConfigExpander.getSM2PrivateKey();
+        String sm2PublicKey = GuomiConfigExpander.getSM2PublicKey();
+        SM2 sm2 = SmUtil.sm2(sm2PrivateKey, sm2PublicKey);
+        return sm2.decryptStr(encryptedStr, KeyType.PrivateKey, StandardCharsets.UTF_8);
+    }
+
+}

kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/config/GuomiConfigStrategyImpl.java

@@ -0,0 +1,49 @@
+package cn.stylefeng.roses.kernel.security.guomi.config;
+
+import cn.hutool.core.codec.Base64;
+import cn.hutool.crypto.SecureUtil;
+import cn.stylefeng.roses.kernel.config.api.ConfigInitStrategyApi;
+import cn.stylefeng.roses.kernel.config.api.pojo.ConfigInitItem;
+import cn.stylefeng.roses.kernel.security.guomi.constants.GuomiConstants;
+import org.springframework.stereotype.Component;
+
+import java.security.KeyPair;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * 国密算法相关秘钥初始化
+ *
+ * @author fengshuonan
+ * @since 2024/6/25 10:15
+ */
+@Component
+public class GuomiConfigStrategyImpl implements ConfigInitStrategyApi {
+
+    @Override
+    public String getTitle() {
+        return "国密算法配置";
+    }
+
+    @Override
+    public String getDescription() {
+        return "系统自带国密算法工具的秘钥初始化";
+    }
+
+    @Override
+    public List<ConfigInitItem> getInitConfigs() {
+
+        ArrayList<ConfigInitItem> configInitItems = new ArrayList<>();
+
+        // 生成一个公钥私钥对
+        KeyPair pair = SecureUtil.generateKeyPair("SM2");
+        byte[] publicKey = pair.getPublic().getEncoded();
+        configInitItems.add(new ConfigInitItem("国密算法SM2-公钥", GuomiConstants.GUOMI_SM2_PUBLIC_KEY, Base64.encode(publicKey), "国密SM2非对称加密，公钥生成"));
+
+        byte[] privateKey = pair.getPrivate().getEncoded();
+        configInitItems.add(new ConfigInitItem("国密算法SM2-私钥", GuomiConstants.GUOMI_SM2_PRIVATE_KEY, Base64.encode(privateKey), "国密SM2非对称加密，私钥生成"));
+
+        return configInitItems;
+    }
+
+}

kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/constants/GuomiConstants.java

@@ -0,0 +1,21 @@
+package cn.stylefeng.roses.kernel.security.guomi.constants;
+
+/**
+ * 国密算法的常量
+ *
+ * @author fengshuonan
+ * @since 2024/6/25 10:11
+ */
+public interface GuomiConstants {
+
+    /**
+     * 国密，SM2需要的私钥
+     */
+    String GUOMI_SM2_PRIVATE_KEY = "GUOMI_SM2_PRIVATE_KEY";
+
+    /**
+     * 国密，SM2需要的公钥
+     */
+    String GUOMI_SM2_PUBLIC_KEY = "GUOMI_SM2_PUBLIC_KEY";
+
+}

kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/expander/GuomiConfigExpander.java

@@ -0,0 +1,58 @@
+/*
+ * Copyright [2020-2030] [https://www.stylefeng.cn]
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Guns采用APACHE LICENSE 2.0开源协议，您在使用过程中，需要注意以下几点：
+ *
+ * 1.请不要删除和修改根目录下的LICENSE文件。
+ * 2.请不要删除和修改Guns源码头部的版权声明。
+ * 3.请保留源码和相关描述文件的项目出处，作者声明等。
+ * 4.分发源码时候，请注明软件出处 https://gitee.com/stylefeng/guns
+ * 5.在修改包名，模块名称，项目代码等时，请注明软件出处 https://gitee.com/stylefeng/guns
+ * 6.若您的项目无法满足以上几点，可申请商业授权
+ */
+package cn.stylefeng.roses.kernel.security.guomi.expander;
+
+import cn.stylefeng.roses.kernel.config.api.context.ConfigContext;
+import cn.stylefeng.roses.kernel.security.guomi.constants.GuomiConstants;
+
+/**
+ * 国密算法的配置拓展
+ *
+ * @author fengshuonan
+ * @since 2024/6/25 10:09
+ */
+public class GuomiConfigExpander {
+
+    /**
+     * SM2，private key
+     *
+     * @author fengshuonan
+     * @since 2024/6/25 10:09
+     */
+    public static String getSM2PrivateKey() {
+        return ConfigContext.me().getConfigValue(GuomiConstants.GUOMI_SM2_PRIVATE_KEY, String.class);
+    }
+
+    /**
+     * SM2，public key
+     *
+     * @author fengshuonan
+     * @since 2024/6/25 10:09
+     */
+    public static String getSM2PublicKey() {
+        return ConfigContext.me().getConfigValue(GuomiConstants.GUOMI_SM2_PUBLIC_KEY, String.class);
+    }
+
+}

kernel-d-security/security-sdk-request-encrypt-and-decode/pom.xml

@@ -17,12 +17,6 @@
 
     <dependencies>
 
-        <dependency>
-            <groupId>org.bouncycastle</groupId>
-            <artifactId>bcprov-jdk15to18</artifactId>
-            <version>${bcprov.version}</version>
-        </dependency>
-
         <!--安全模块的api-->
         <dependency>
             <groupId>cn.stylefeng.roses</groupId>
@@ -37,6 +31,13 @@
             <version>${roses.version}</version>
         </dependency>
 
+        <!--国密算法-->
+        <dependency>
+            <groupId>cn.stylefeng.roses</groupId>
+            <artifactId>security-sdk-guomi</artifactId>
+            <version>${roses.version}</version>
+        </dependency>
+
         <!--web模块-->
         <dependency>
             <groupId>org.springframework.boot</groupId>