From 93b2e09679bf65ab1f1c89d32eb11d86186913d1 Mon Sep 17 00:00:00 2001 From: stylefeng Date: Wed, 26 Jun 2024 10:23:51 +0800 Subject: [PATCH] =?UTF-8?q?=E3=80=908.1.8=E3=80=91=E3=80=90guomi=E3=80=91?= =?UTF-8?q?=E6=9B=B4=E6=96=B0SM4=E5=AF=B9=E7=A7=B0=E5=8A=A0=E5=AF=86?= =?UTF-8?q?=E7=9A=84=E7=A7=98=E9=92=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../kernel/security/guomi/GuomiUtil.java | 27 +++++++++++++++++++ .../guomi/config/GuomiConfigStrategyImpl.java | 6 +++++ .../guomi/constants/GuomiConstants.java | 5 ++++ .../guomi/expander/GuomiConfigExpander.java | 10 +++++++ .../V8.1.8_20240625_1109__guomi_config.sql | 3 ++- 5 files changed, 50 insertions(+), 1 deletion(-) diff --git a/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/GuomiUtil.java b/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/GuomiUtil.java index 5e2e89dc8..96046ad0b 100644 --- a/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/GuomiUtil.java +++ b/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/GuomiUtil.java @@ -3,6 +3,7 @@ package cn.stylefeng.roses.kernel.security.guomi; import cn.hutool.crypto.SmUtil; import cn.hutool.crypto.asymmetric.KeyType; import cn.hutool.crypto.asymmetric.SM2; +import cn.hutool.crypto.symmetric.SM4; import cn.stylefeng.roses.kernel.security.guomi.expander.GuomiConfigExpander; import java.nio.charset.StandardCharsets; @@ -55,4 +56,30 @@ public class GuomiUtil { return SmUtil.sm3(text); } + /** + * 国密SM4加密,对称加密 + * + * @author fengshuonan + * @since 2024/6/26 10:16 + */ + public static String sm4Encrypt(String text) { + String sm4Key = GuomiConfigExpander.getSM4Key(); + SM4 sm4 = SmUtil.sm4(sm4Key.getBytes()); + return sm4.encryptBase64(text, StandardCharsets.UTF_8); + } + + /** + * 国密SM4解密,对称加密 + * + * @author fengshuonan + * @since 2024/6/26 10:16 + */ + public static String sm4Decrypt(String encryptedStr) { + String sm4Key = GuomiConfigExpander.getSM4Key(); + SM4 sm4 = SmUtil.sm4(sm4Key.getBytes()); + return sm4.decryptStr(encryptedStr, StandardCharsets.UTF_8); + } + + + } diff --git a/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/config/GuomiConfigStrategyImpl.java b/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/config/GuomiConfigStrategyImpl.java index afc074bbc..1c71c4a5d 100644 --- a/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/config/GuomiConfigStrategyImpl.java +++ b/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/config/GuomiConfigStrategyImpl.java @@ -1,7 +1,9 @@ package cn.stylefeng.roses.kernel.security.guomi.config; import cn.hutool.core.codec.Base64; +import cn.hutool.crypto.KeyUtil; import cn.hutool.crypto.SecureUtil; +import cn.hutool.crypto.symmetric.SM4; import cn.stylefeng.roses.kernel.config.api.ConfigInitStrategyApi; import cn.stylefeng.roses.kernel.config.api.pojo.ConfigInitItem; import cn.stylefeng.roses.kernel.security.guomi.constants.GuomiConstants; @@ -43,6 +45,10 @@ public class GuomiConfigStrategyImpl implements ConfigInitStrategyApi { byte[] privateKey = pair.getPrivate().getEncoded(); configInitItems.add(new ConfigInitItem("国密算法SM2-私钥", GuomiConstants.GUOMI_SM2_PRIVATE_KEY, Base64.encode(privateKey), "国密SM2非对称加密,私钥生成")); + // 生成SM4的对称加密的秘钥 + byte[] sm4Key = KeyUtil.generateKey(SM4.ALGORITHM_NAME, 128).getEncoded(); + configInitItems.add(new ConfigInitItem("国密算法SM4-对称秘钥", GuomiConstants.GUOMI_SM4_KEY, Base64.encode(sm4Key), "国密SM4对称加密,秘钥生成")); + return configInitItems; } diff --git a/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/constants/GuomiConstants.java b/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/constants/GuomiConstants.java index ef36150c2..1df5511a4 100644 --- a/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/constants/GuomiConstants.java +++ b/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/constants/GuomiConstants.java @@ -18,4 +18,9 @@ public interface GuomiConstants { */ String GUOMI_SM2_PUBLIC_KEY = "GUOMI_SM2_PUBLIC_KEY"; + /** + * 国密,SM4对称加密需要的秘钥 + */ + String GUOMI_SM4_KEY = "GUOMI_SM4_KEY"; + } diff --git a/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/expander/GuomiConfigExpander.java b/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/expander/GuomiConfigExpander.java index fa8b76cf3..5bb10fa65 100644 --- a/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/expander/GuomiConfigExpander.java +++ b/kernel-d-security/security-sdk-guomi/src/main/java/cn/stylefeng/roses/kernel/security/guomi/expander/GuomiConfigExpander.java @@ -55,4 +55,14 @@ public class GuomiConfigExpander { return ConfigContext.me().getConfigValue(GuomiConstants.GUOMI_SM2_PUBLIC_KEY, String.class); } + /** + * SM4 对称加密的秘钥 + * + * @author fengshuonan + * @since 2024/6/26 10:15 + */ + public static String getSM4Key() { + return ConfigContext.me().getConfigValue(GuomiConstants.GUOMI_SM4_KEY, String.class); + } + } diff --git a/kernel-d-security/security-spring-boot-starter/src/main/resources/db/migration/mysql/V8.1.8_20240625_1109__guomi_config.sql b/kernel-d-security/security-spring-boot-starter/src/main/resources/db/migration/mysql/V8.1.8_20240625_1109__guomi_config.sql index f61dfb273..8cf4b2b54 100644 --- a/kernel-d-security/security-spring-boot-starter/src/main/resources/db/migration/mysql/V8.1.8_20240625_1109__guomi_config.sql +++ b/kernel-d-security/security-spring-boot-starter/src/main/resources/db/migration/mysql/V8.1.8_20240625_1109__guomi_config.sql @@ -1,4 +1,5 @@ INSERT INTO `sys_dict`(`dict_id`, `dict_type_id`, `dict_code`, `dict_name`, `dict_name_pinyin`, `dict_encode`, `dict_short_name`, `dict_short_code`, `dict_parent_id`, `dict_pids`, `status_flag`, `dict_sort`, `version_flag`, `del_flag`, `create_time`, `create_user`, `update_time`, `update_user`) VALUES (1805439083285716994, 1353547215422132226, 'GUO_MI_SM', '国密秘钥', 'gmmy', NULL, NULL, NULL, -1, '[-1],', 1, 100.00, 1, 'N', '2024-06-25 11:13:16', 1339550467939639299, '2024-06-25 11:13:22', 1339550467939639299); INSERT INTO `sys_config`(`config_id`, `config_name`, `config_code`, `config_value`, `sys_flag`, `remark`, `status_flag`, `group_code`, `del_flag`, `create_time`, `create_user`, `update_time`, `update_user`) VALUES (1805439191234519042, 'SM2私钥', 'GUOMI_SM2_PRIVATE_KEY', '1', 'Y', '请自行生成并替换', 1, 'GUO_MI_SM', 'N', '2024-06-25 11:13:41', 1339550467939639299, '2024-06-25 11:14:14', 1339550467939639299); -INSERT INTO `sys_config`(`config_id`, `config_name`, `config_code`, `config_value`, `sys_flag`, `remark`, `status_flag`, `group_code`, `del_flag`, `create_time`, `create_user`, `update_time`, `update_user`) VALUES (1805439245798219777, 'SM2公钥', 'GUOMI_SM2_PUBLIC_KEY', '1', 'Y', '请自行生成并替换', 1, 'GUO_MI_SM', 'N', '2024-06-25 11:13:54', 1339550467939639299, '2024-06-25 11:14:12', 1339550467939639299); \ No newline at end of file +INSERT INTO `sys_config`(`config_id`, `config_name`, `config_code`, `config_value`, `sys_flag`, `remark`, `status_flag`, `group_code`, `del_flag`, `create_time`, `create_user`, `update_time`, `update_user`) VALUES (1805439245798219777, 'SM2公钥', 'GUOMI_SM2_PUBLIC_KEY', '1', 'Y', '请自行生成并替换', 1, 'GUO_MI_SM', 'N', '2024-06-25 11:13:54', 1339550467939639299, '2024-06-25 11:14:12', 1339550467939639299); +INSERT INTO `sys_config`(`config_id`, `config_name`, `config_code`, `config_value`, `sys_flag`, `remark`, `status_flag`, `group_code`, `del_flag`, `create_time`, `create_user`, `update_time`, `update_user`) VALUES (1805788664473255937, 'SM4对称加密秘钥', 'GUOMI_SM4_KEY', '1', 'Y', '请自行生成并替换', 1, 'GUO_MI_SM', 'N', '2024-06-25 11:13:54', 1339550467939639299, '2024-06-25 11:14:12', 1339550467939639299); \ No newline at end of file