diff --git a/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/GuomiUtil.java b/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/GuomiUtil.java index 5e2e89dc8..96046ad0b 100644 --- a/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/GuomiUtil.java +++ b/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/GuomiUtil.java @@ -3,6 +3,7 @@ package cn.stylefeng.roses.kernel.security.guomi; import cn.hutool.crypto.SmUtil; import cn.hutool.crypto.asymmetric.KeyType; import cn.hutool.crypto.asymmetric.SM2; +import cn.hutool.crypto.symmetric.SM4; import cn.stylefeng.roses.kernel.security.guomi.expander.GuomiConfigExpander; import java.nio.charset.StandardCharsets; @@ -55,4 +56,30 @@ public class GuomiUtil { return SmUtil.sm3(text); } + /** + * 国密SM4加密,对称加密 + * + * @author fengshuonan + * @since 2024/6/26 10:16 + */ + public static String sm4Encrypt(String text) { + String sm4Key = GuomiConfigExpander.getSM4Key(); + SM4 sm4 = SmUtil.sm4(sm4Key.getBytes()); + return sm4.encryptBase64(text, StandardCharsets.UTF_8); + } + + /** + * 国密SM4解密,对称加密 + * + * @author fengshuonan + * @since 2024/6/26 10:16 + */ + public static String sm4Decrypt(String encryptedStr) { + String sm4Key = GuomiConfigExpander.getSM4Key(); + SM4 sm4 = SmUtil.sm4(sm4Key.getBytes()); + return sm4.decryptStr(encryptedStr, StandardCharsets.UTF_8); + } + + + } diff --git a/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/config/GuomiConfigStrategyImpl.java b/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/config/GuomiConfigStrategyImpl.java index afc074bbc..1c71c4a5d 100644 --- a/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/config/GuomiConfigStrategyImpl.java +++ b/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/config/GuomiConfigStrategyImpl.java @@ -1,7 +1,9 @@ package cn.stylefeng.roses.kernel.security.guomi.config; import cn.hutool.core.codec.Base64; +import cn.hutool.crypto.KeyUtil; import cn.hutool.crypto.SecureUtil; +import cn.hutool.crypto.symmetric.SM4; import cn.stylefeng.roses.kernel.config.api.ConfigInitStrategyApi; import cn.stylefeng.roses.kernel.config.api.pojo.ConfigInitItem; import cn.stylefeng.roses.kernel.security.guomi.constants.GuomiConstants; @@ -43,6 +45,10 @@ public class GuomiConfigStrategyImpl implements ConfigInitStrategyApi { byte[] privateKey = pair.getPrivate().getEncoded(); configInitItems.add(new ConfigInitItem("国密算法SM2-私钥", GuomiConstants.GUOMI_SM2_PRIVATE_KEY, Base64.encode(privateKey), "国密SM2非对称加密,私钥生成")); + // 生成SM4的对称加密的秘钥 + byte[] sm4Key = KeyUtil.generateKey(SM4.ALGORITHM_NAME, 128).getEncoded(); + configInitItems.add(new ConfigInitItem("国密算法SM4-对称秘钥", GuomiConstants.GUOMI_SM4_KEY, Base64.encode(sm4Key), "国密SM4对称加密,秘钥生成")); + return configInitItems; } diff --git a/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/constants/GuomiConstants.java b/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/constants/GuomiConstants.java index ef36150c2..1df5511a4 100644 --- a/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/constants/GuomiConstants.java +++ b/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/constants/GuomiConstants.java @@ -18,4 +18,9 @@ public interface GuomiConstants { */ String GUOMI_SM2_PUBLIC_KEY = "GUOMI_SM2_PUBLIC_KEY"; + /** + * 国密,SM4对称加密需要的秘钥 + */ + String GUOMI_SM4_KEY = "GUOMI_SM4_KEY"; + } diff --git a/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/expander/GuomiConfigExpander.java b/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/expander/GuomiConfigExpander.java index fa8b76cf3..5bb10fa65 100644 --- a/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/expander/GuomiConfigExpander.java +++ b/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/expander/GuomiConfigExpander.java @@ -55,4 +55,14 @@ public class GuomiConfigExpander { return ConfigContext.me().getConfigValue(GuomiConstants.GUOMI_SM2_PUBLIC_KEY, String.class); } + /** + * SM4 对称加密的秘钥 + * + * @author fengshuonan + * @since 2024/6/26 10:15 + */ + public static String getSM4Key() { + return ConfigContext.me().getConfigValue(GuomiConstants.GUOMI_SM4_KEY, String.class); + } + } diff --git a/kernel-d-security/security-spring-boot-starter/src/main/resources/db/migration/mysql/V8.1.8_20240625_1109__guomi_config.sql b/kernel-d-security/security-spring-boot-starter/src/main/resources/db/migration/mysql/V8.1.8_20240625_1109__guomi_config.sql index f61dfb273..8cf4b2b54 100644 --- a/kernel-d-security/security-spring-boot-starter/src/main/resources/db/migration/mysql/V8.1.8_20240625_1109__guomi_config.sql +++ b/kernel-d-security/security-spring-boot-starter/src/main/resources/db/migration/mysql/V8.1.8_20240625_1109__guomi_config.sql @@ -1,4 +1,5 @@ INSERT INTO `sys_dict`(`dict_id`, `dict_type_id`, `dict_code`, `dict_name`, `dict_name_pinyin`, `dict_encode`, `dict_short_name`, `dict_short_code`, `dict_parent_id`, `dict_pids`, `status_flag`, `dict_sort`, `version_flag`, `del_flag`, `create_time`, `create_user`, `update_time`, `update_user`) VALUES (1805439083285716994, 1353547215422132226, 'GUO_MI_SM', '国密秘钥', 'gmmy', NULL, NULL, NULL, -1, '[-1],', 1, 100.00, 1, 'N', '2024-06-25 11:13:16', 1339550467939639299, '2024-06-25 11:13:22', 1339550467939639299); INSERT INTO `sys_config`(`config_id`, `config_name`, `config_code`, `config_value`, `sys_flag`, `remark`, `status_flag`, `group_code`, `del_flag`, `create_time`, `create_user`, `update_time`, `update_user`) VALUES (1805439191234519042, 'SM2私钥', 'GUOMI_SM2_PRIVATE_KEY', '1', 'Y', '请自行生成并替换', 1, 'GUO_MI_SM', 'N', '2024-06-25 11:13:41', 1339550467939639299, '2024-06-25 11:14:14', 1339550467939639299); -INSERT INTO `sys_config`(`config_id`, `config_name`, `config_code`, `config_value`, `sys_flag`, `remark`, `status_flag`, `group_code`, `del_flag`, `create_time`, `create_user`, `update_time`, `update_user`) VALUES (1805439245798219777, 'SM2公钥', 'GUOMI_SM2_PUBLIC_KEY', '1', 'Y', '请自行生成并替换', 1, 'GUO_MI_SM', 'N', '2024-06-25 11:13:54', 1339550467939639299, '2024-06-25 11:14:12', 1339550467939639299); \ No newline at end of file +INSERT INTO `sys_config`(`config_id`, `config_name`, `config_code`, `config_value`, `sys_flag`, `remark`, `status_flag`, `group_code`, `del_flag`, `create_time`, `create_user`, `update_time`, `update_user`) VALUES (1805439245798219777, 'SM2公钥', 'GUOMI_SM2_PUBLIC_KEY', '1', 'Y', '请自行生成并替换', 1, 'GUO_MI_SM', 'N', '2024-06-25 11:13:54', 1339550467939639299, '2024-06-25 11:14:12', 1339550467939639299); +INSERT INTO `sys_config`(`config_id`, `config_name`, `config_code`, `config_value`, `sys_flag`, `remark`, `status_flag`, `group_code`, `del_flag`, `create_time`, `create_user`, `update_time`, `update_user`) VALUES (1805788664473255937, 'SM4对称加密秘钥', 'GUOMI_SM4_KEY', '1', 'Y', '请自行生成并替换', 1, 'GUO_MI_SM', 'N', '2024-06-25 11:13:54', 1339550467939639299, '2024-06-25 11:14:12', 1339550467939639299); \ No newline at end of file