|
|
@@ -1,226 +1,226 @@
|
|
|
-package com.juxin.client.rpa.utils;
|
|
|
-
|
|
|
-import com.google.gson.Gson;
|
|
|
-import com.juxin.client.rpa.constant.TaieOcConstants;
|
|
|
-import lombok.extern.slf4j.Slf4j;
|
|
|
-import org.apache.commons.lang3.StringUtils;
|
|
|
-import org.bouncycastle.asn1.gm.GMNamedCurves;
|
|
|
-import org.bouncycastle.asn1.x9.X9ECParameters;
|
|
|
-import org.bouncycastle.crypto.CipherParameters;
|
|
|
-import org.bouncycastle.crypto.CryptoException;
|
|
|
-import org.bouncycastle.crypto.digests.SM3Digest;
|
|
|
-import org.bouncycastle.crypto.params.*;
|
|
|
-import org.bouncycastle.crypto.signers.SM2Signer;
|
|
|
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
|
|
-import org.bouncycastle.util.encoders.Hex;
|
|
|
-
|
|
|
-import javax.crypto.Cipher;
|
|
|
-import javax.crypto.spec.SecretKeySpec;
|
|
|
-import java.math.BigInteger;
|
|
|
-import java.security.*;
|
|
|
-import java.util.Base64;
|
|
|
-import java.util.HashMap;
|
|
|
-import java.util.Map;
|
|
|
-
|
|
|
-@Slf4j
|
|
|
-public class SM2Utils {
|
|
|
-
|
|
|
-/* @Value("93f2eca686469186")
|
|
|
- private static String SM4_KEY;
|
|
|
- @Value("00dc5fd5e756731eb744c36b72f2500fee1d1f589b89345b4d5496af66ac2c4911")
|
|
|
- private static String privateKey;
|
|
|
-
|
|
|
- @Value("040fccb5debc513fa63c46dc50ab0e0ab070393a96f9f1d31176f7cf651bfb4449ef1bdc8e3cfa6194563381afaee17603019075112c2d70dc1ec8fefc1a7f920b")
|
|
|
- private static String publicKey;*/
|
|
|
-
|
|
|
- private static final Gson gson = new Gson();
|
|
|
-
|
|
|
- private static final String privateKey = "00dc5fd5e756731eb744c36b72f2500fee1d1f589b89345b4d5496af66ac2c4911";
|
|
|
-
|
|
|
- private static final String publicKey = "040fccb5debc513fa63c46dc50ab0e0ab070393a96f9f1d31176f7cf651bfb4449ef1bdc8e3cfa6194563381afaee17603019075112c2d70dc1ec8fefc1a7f920b";
|
|
|
- private static final String SM4_KEY = "93f2eca686469186";
|
|
|
-
|
|
|
- static{
|
|
|
- try{
|
|
|
- Security.addProvider(new BouncyCastleProvider());
|
|
|
- }catch(Exception e){
|
|
|
- e.printStackTrace();
|
|
|
- }
|
|
|
- }
|
|
|
-
|
|
|
- /**
|
|
|
- * 许可生成
|
|
|
- * @param licenseType
|
|
|
- * @param machineType
|
|
|
- * @param expireTime
|
|
|
- * @param reqMap
|
|
|
- * @return
|
|
|
- */
|
|
|
-
|
|
|
- public static String generateLicense(String licenseType, String machineType, String expireTime, Map<String, Object> reqMap) throws Exception {
|
|
|
- SM2Utils sm = new SM2Utils();
|
|
|
-
|
|
|
-
|
|
|
-// 1.签名内容:{签名内容}={许可类型=机器类型=许可过期时间},设备ID由执行器上传,许可类型,许可有效期由平台填充,可根据需要扩充字段
|
|
|
- String reqStr = reqMap == null? TaieOcConstants.EMPTY_STRING:gson.toJson(reqMap);
|
|
|
- String sign_content = StringUtils.joinWith(TaieOcConstants.SIGN_DELIMA,licenseType,machineType,expireTime,reqStr);
|
|
|
-// 2.签名值:{签名值}+{时间戳}={签名内容}+{SM2私钥}
|
|
|
- //获取SM2密钥,需要保存,公钥用来验签,私钥用来加签
|
|
|
- // Map<String, String> SM2_key = sm.getpublicKey();
|
|
|
- //使用SM2私钥加签{签名内容}
|
|
|
- Map<String, String> map = sm.Sign(sign_content,privateKey, expireTime);
|
|
|
-
|
|
|
-// 3.加密签名内容:{加密签名内容}=({签名内容}=={时间戳})+{SM4加密}
|
|
|
-// 生成16位16进制SM4密钥,SM4加解密使用同一密钥加密({签名内容}=={时间戳}),解密需保存密钥值
|
|
|
- // String SM4_key = sm.generateKey();
|
|
|
-// 根据签名内容SM2加密数据,SM2加签时间组合SM4加密数据
|
|
|
- String sign_content_encrypt = map.get("sign")+ "==" +map.get("timestamp");
|
|
|
-// 使用SM4_key再次加密签名内容
|
|
|
- String cipher = sm.encryptEcb(SM4_KEY, sign_content_encrypt);
|
|
|
- return cipher;
|
|
|
-
|
|
|
- }
|
|
|
-
|
|
|
- /**
|
|
|
- * sm4加密
|
|
|
- *
|
|
|
- * @param hexKey 16进制密钥(忽略大小写)
|
|
|
- * @param paramStr 待加密字符串
|
|
|
- * @return 返回16进制的加密字符串
|
|
|
- * @explain 加密模式:ECB
|
|
|
- * 密文长度不固定,会随着被加密字符串长度的变化而变化
|
|
|
- */
|
|
|
- public String encryptEcb(String hexKey, String paramStr) {
|
|
|
- try {
|
|
|
- String cipherText = "";
|
|
|
- // 16进制字符串-->byte[]
|
|
|
- byte[] keyData = hexKey.getBytes("utf-8");
|
|
|
- // String-->byte[]
|
|
|
- byte[] srcData =paramStr.getBytes("utf-8");
|
|
|
- // 加密后的数组
|
|
|
- byte[] cipherArray = encryptEcbPadding(keyData, srcData);
|
|
|
- // byte[]-->hexString
|
|
|
- cipherText = Base64.getEncoder().encodeToString(cipherArray);
|
|
|
- return cipherText;
|
|
|
- } catch (Exception e) {
|
|
|
- return paramStr;
|
|
|
- }
|
|
|
- }
|
|
|
-
|
|
|
- /**
|
|
|
- * 加密模式之Ecb
|
|
|
- *
|
|
|
- * @param key
|
|
|
- * @param data
|
|
|
- * @return
|
|
|
- * @throws Exception
|
|
|
- * @explain
|
|
|
- */
|
|
|
- public byte[] encryptEcbPadding(byte[] key, byte[] data) throws Exception {
|
|
|
- Cipher cipher = generateEcbCipher(ALGORITHM_NAME_ECB_PADDING, Cipher.ENCRYPT_MODE, key);
|
|
|
- return cipher.doFinal(data);
|
|
|
- }
|
|
|
-
|
|
|
- /**
|
|
|
- * 生成ECB暗号
|
|
|
- *
|
|
|
- * @param algorithmName 算法名称
|
|
|
- * @param mode 模式
|
|
|
- * @param key
|
|
|
- * @return
|
|
|
- * @throws Exception
|
|
|
- * @explain ECB模式(电子密码本模式:Electronic codebook)
|
|
|
- */
|
|
|
- private Cipher generateEcbCipher(String algorithmName, int mode, byte[] key) throws Exception {
|
|
|
- Cipher cipher = Cipher.getInstance(algorithmName, BouncyCastleProvider.PROVIDER_NAME);
|
|
|
- Key sm4Key = new SecretKeySpec(key, ALGORITHM_NAME);
|
|
|
- cipher.init(mode, sm4Key);
|
|
|
- return cipher;
|
|
|
- }
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
- /// <summary>
|
|
|
- /// 签名,国密SM2
|
|
|
- /// </summary>
|
|
|
- /// <param name="body">参数内容</param>
|
|
|
- /// <param name="privateKey">私钥</param>
|
|
|
- /// <param name="sign">签名值</param>
|
|
|
- /// <param name="timestamp">时间戳</param>
|
|
|
- public Map<String, String> Sign(String body, String privateKey, String dateStr)
|
|
|
- {
|
|
|
- Map<String, String> map = new HashMap<>();
|
|
|
- String sign;
|
|
|
- try {
|
|
|
- if (body == null || body.equals("")) return null;
|
|
|
- if (privateKey == null || privateKey.equals("")) return null;
|
|
|
-
|
|
|
- // 加密算法采用SM2加密算法
|
|
|
- sign = Hex.toHexString(Sign(body.getBytes("utf-8"), privateKey, dateStr.getBytes("utf-8")));
|
|
|
- map.put("sign",sign);
|
|
|
- map.put("timestamp",dateStr);
|
|
|
- }catch (Exception e){
|
|
|
- log.error("Sign error", e);
|
|
|
- }
|
|
|
- return map;
|
|
|
- }
|
|
|
-
|
|
|
- /// <summary>
|
|
|
- /// 加签算法 标准C1C2C3模式
|
|
|
- /// </summary>
|
|
|
- /// <param name="sourceData">源数据</param>
|
|
|
- /// <param name="privateKey">私钥</param>
|
|
|
- /// <param name="userId">用户标识</param>
|
|
|
- public byte[] Sign(byte[] sourceData, String privateKey, byte[] userId) throws CryptoException
|
|
|
- {
|
|
|
- //获取一条SM2曲线参数
|
|
|
- X9ECParameters sm2ECParameters = GMNamedCurves.getByName("sm2p256v1");
|
|
|
- //构造domain参数
|
|
|
- ECDomainParameters domainParameters = new ECDomainParameters(sm2ECParameters.getCurve(), sm2ECParameters.getG(), sm2ECParameters.getN());
|
|
|
- BigInteger privateKeyD = new BigInteger(privateKey, 16);
|
|
|
- ECPrivateKeyParameters privateKeyParameters = new ECPrivateKeyParameters(privateKeyD, domainParameters);
|
|
|
- SM2Signer sm2 = new SM2Signer(new SM3Digest());
|
|
|
- CipherParameters cp;
|
|
|
- if (userId != null) cp = new ParametersWithID(new ParametersWithRandom(privateKeyParameters), userId);
|
|
|
- else cp = new ParametersWithRandom(privateKeyParameters);
|
|
|
- sm2.init(true, cp);
|
|
|
- sm2.update(sourceData, 0, sourceData.length);
|
|
|
- return sm2.generateSignature();
|
|
|
- }
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
- private static final String ENCODING = "UTF-8";
|
|
|
- public static final String ALGORITHM_NAME = "SM4";
|
|
|
- // 加密算法/分组加密模式/分组填充方式
|
|
|
- // PKCS5Padding-以8个字节为一组进行分组加密
|
|
|
- // 定义分组加密模式使用:PKCS5Padding
|
|
|
- public static final String ALGORITHM_NAME_ECB_PADDING = "SM4/ECB/PKCS5Padding";
|
|
|
- // 128-32位16进制;256-64位16进制
|
|
|
- public static final int DEFAULT_KEY_SIZE = 64;
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
-}
|
|
|
-
|
|
|
+//package com.juxin.client.rpa.utils;
|
|
|
+//
|
|
|
+//import com.google.gson.Gson;
|
|
|
+//import com.juxin.client.rpa.constant.TaieOcConstants;
|
|
|
+//import lombok.extern.slf4j.Slf4j;
|
|
|
+//import org.apache.commons.lang3.StringUtils;
|
|
|
+//import org.bouncycastle.asn1.gm.GMNamedCurves;
|
|
|
+//import org.bouncycastle.asn1.x9.X9ECParameters;
|
|
|
+//import org.bouncycastle.crypto.CipherParameters;
|
|
|
+//import org.bouncycastle.crypto.CryptoException;
|
|
|
+//import org.bouncycastle.crypto.digests.SM3Digest;
|
|
|
+//import org.bouncycastle.crypto.params.*;
|
|
|
+//import org.bouncycastle.crypto.signers.SM2Signer;
|
|
|
+//import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
|
|
+//import org.bouncycastle.util.encoders.Hex;
|
|
|
+//
|
|
|
+//import javax.crypto.Cipher;
|
|
|
+//import javax.crypto.spec.SecretKeySpec;
|
|
|
+//import java.math.BigInteger;
|
|
|
+//import java.security.*;
|
|
|
+//import java.util.Base64;
|
|
|
+//import java.util.HashMap;
|
|
|
+//import java.util.Map;
|
|
|
+//
|
|
|
+//@Slf4j
|
|
|
+//public class SM2Utils {
|
|
|
+//
|
|
|
+///* @Value("93f2eca686469186")
|
|
|
+// private static String SM4_KEY;
|
|
|
+// @Value("00dc5fd5e756731eb744c36b72f2500fee1d1f589b89345b4d5496af66ac2c4911")
|
|
|
+// private static String privateKey;
|
|
|
+//
|
|
|
+// @Value("040fccb5debc513fa63c46dc50ab0e0ab070393a96f9f1d31176f7cf651bfb4449ef1bdc8e3cfa6194563381afaee17603019075112c2d70dc1ec8fefc1a7f920b")
|
|
|
+// private static String publicKey;*/
|
|
|
+//
|
|
|
+// private static final Gson gson = new Gson();
|
|
|
+//
|
|
|
+// private static final String privateKey = "00dc5fd5e756731eb744c36b72f2500fee1d1f589b89345b4d5496af66ac2c4911";
|
|
|
+//
|
|
|
+// private static final String publicKey = "040fccb5debc513fa63c46dc50ab0e0ab070393a96f9f1d31176f7cf651bfb4449ef1bdc8e3cfa6194563381afaee17603019075112c2d70dc1ec8fefc1a7f920b";
|
|
|
+// private static final String SM4_KEY = "93f2eca686469186";
|
|
|
+//
|
|
|
+// static{
|
|
|
+// try{
|
|
|
+// Security.addProvider(new BouncyCastleProvider());
|
|
|
+// }catch(Exception e){
|
|
|
+// e.printStackTrace();
|
|
|
+// }
|
|
|
+// }
|
|
|
+//
|
|
|
+// /**
|
|
|
+// * 许可生成
|
|
|
+// * @param licenseType
|
|
|
+// * @param machineType
|
|
|
+// * @param expireTime
|
|
|
+// * @param reqMap
|
|
|
+// * @return
|
|
|
+// */
|
|
|
+//
|
|
|
+// public static String generateLicense(String licenseType, String machineType, String expireTime, Map<String, Object> reqMap) throws Exception {
|
|
|
+// SM2Utils sm = new SM2Utils();
|
|
|
+//
|
|
|
+//
|
|
|
+//// 1.签名内容:{签名内容}={许可类型=机器类型=许可过期时间},设备ID由执行器上传,许可类型,许可有效期由平台填充,可根据需要扩充字段
|
|
|
+// String reqStr = reqMap == null? TaieOcConstants.EMPTY_STRING:gson.toJson(reqMap);
|
|
|
+// String sign_content = StringUtils.joinWith(TaieOcConstants.SIGN_DELIMA,licenseType,machineType,expireTime,reqStr);
|
|
|
+//// 2.签名值:{签名值}+{时间戳}={签名内容}+{SM2私钥}
|
|
|
+// //获取SM2密钥,需要保存,公钥用来验签,私钥用来加签
|
|
|
+// // Map<String, String> SM2_key = sm.getpublicKey();
|
|
|
+// //使用SM2私钥加签{签名内容}
|
|
|
+// Map<String, String> map = sm.Sign(sign_content,privateKey, expireTime);
|
|
|
+//
|
|
|
+//// 3.加密签名内容:{加密签名内容}=({签名内容}=={时间戳})+{SM4加密}
|
|
|
+//// 生成16位16进制SM4密钥,SM4加解密使用同一密钥加密({签名内容}=={时间戳}),解密需保存密钥值
|
|
|
+// // String SM4_key = sm.generateKey();
|
|
|
+//// 根据签名内容SM2加密数据,SM2加签时间组合SM4加密数据
|
|
|
+// String sign_content_encrypt = map.get("sign")+ "==" +map.get("timestamp");
|
|
|
+//// 使用SM4_key再次加密签名内容
|
|
|
+// String cipher = sm.encryptEcb(SM4_KEY, sign_content_encrypt);
|
|
|
+// return cipher;
|
|
|
+//
|
|
|
+// }
|
|
|
+//
|
|
|
+// /**
|
|
|
+// * sm4加密
|
|
|
+// *
|
|
|
+// * @param hexKey 16进制密钥(忽略大小写)
|
|
|
+// * @param paramStr 待加密字符串
|
|
|
+// * @return 返回16进制的加密字符串
|
|
|
+// * @explain 加密模式:ECB
|
|
|
+// * 密文长度不固定,会随着被加密字符串长度的变化而变化
|
|
|
+// */
|
|
|
+// public String encryptEcb(String hexKey, String paramStr) {
|
|
|
+// try {
|
|
|
+// String cipherText = "";
|
|
|
+// // 16进制字符串-->byte[]
|
|
|
+// byte[] keyData = hexKey.getBytes("utf-8");
|
|
|
+// // String-->byte[]
|
|
|
+// byte[] srcData =paramStr.getBytes("utf-8");
|
|
|
+// // 加密后的数组
|
|
|
+// byte[] cipherArray = encryptEcbPadding(keyData, srcData);
|
|
|
+// // byte[]-->hexString
|
|
|
+// cipherText = Base64.getEncoder().encodeToString(cipherArray);
|
|
|
+// return cipherText;
|
|
|
+// } catch (Exception e) {
|
|
|
+// return paramStr;
|
|
|
+// }
|
|
|
+// }
|
|
|
+//
|
|
|
+// /**
|
|
|
+// * 加密模式之Ecb
|
|
|
+// *
|
|
|
+// * @param key
|
|
|
+// * @param data
|
|
|
+// * @return
|
|
|
+// * @throws Exception
|
|
|
+// * @explain
|
|
|
+// */
|
|
|
+// public byte[] encryptEcbPadding(byte[] key, byte[] data) throws Exception {
|
|
|
+// Cipher cipher = generateEcbCipher(ALGORITHM_NAME_ECB_PADDING, Cipher.ENCRYPT_MODE, key);
|
|
|
+// return cipher.doFinal(data);
|
|
|
+// }
|
|
|
+//
|
|
|
+// /**
|
|
|
+// * 生成ECB暗号
|
|
|
+// *
|
|
|
+// * @param algorithmName 算法名称
|
|
|
+// * @param mode 模式
|
|
|
+// * @param key
|
|
|
+// * @return
|
|
|
+// * @throws Exception
|
|
|
+// * @explain ECB模式(电子密码本模式:Electronic codebook)
|
|
|
+// */
|
|
|
+// private Cipher generateEcbCipher(String algorithmName, int mode, byte[] key) throws Exception {
|
|
|
+// Cipher cipher = Cipher.getInstance(algorithmName, BouncyCastleProvider.PROVIDER_NAME);
|
|
|
+// Key sm4Key = new SecretKeySpec(key, ALGORITHM_NAME);
|
|
|
+// cipher.init(mode, sm4Key);
|
|
|
+// return cipher;
|
|
|
+// }
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+// /// <summary>
|
|
|
+// /// 签名,国密SM2
|
|
|
+// /// </summary>
|
|
|
+// /// <param name="body">参数内容</param>
|
|
|
+// /// <param name="privateKey">私钥</param>
|
|
|
+// /// <param name="sign">签名值</param>
|
|
|
+// /// <param name="timestamp">时间戳</param>
|
|
|
+// public Map<String, String> Sign(String body, String privateKey, String dateStr)
|
|
|
+// {
|
|
|
+// Map<String, String> map = new HashMap<>();
|
|
|
+// String sign;
|
|
|
+// try {
|
|
|
+// if (body == null || body.equals("")) return null;
|
|
|
+// if (privateKey == null || privateKey.equals("")) return null;
|
|
|
+//
|
|
|
+// // 加密算法采用SM2加密算法
|
|
|
+// sign = Hex.toHexString(Sign(body.getBytes("utf-8"), privateKey, dateStr.getBytes("utf-8")));
|
|
|
+// map.put("sign",sign);
|
|
|
+// map.put("timestamp",dateStr);
|
|
|
+// }catch (Exception e){
|
|
|
+// log.error("Sign error", e);
|
|
|
+// }
|
|
|
+// return map;
|
|
|
+// }
|
|
|
+//
|
|
|
+// /// <summary>
|
|
|
+// /// 加签算法 标准C1C2C3模式
|
|
|
+// /// </summary>
|
|
|
+// /// <param name="sourceData">源数据</param>
|
|
|
+// /// <param name="privateKey">私钥</param>
|
|
|
+// /// <param name="userId">用户标识</param>
|
|
|
+// public byte[] Sign(byte[] sourceData, String privateKey, byte[] userId) throws CryptoException
|
|
|
+// {
|
|
|
+// //获取一条SM2曲线参数
|
|
|
+// X9ECParameters sm2ECParameters = GMNamedCurves.getByName("sm2p256v1");
|
|
|
+// //构造domain参数
|
|
|
+// ECDomainParameters domainParameters = new ECDomainParameters(sm2ECParameters.getCurve(), sm2ECParameters.getG(), sm2ECParameters.getN());
|
|
|
+// BigInteger privateKeyD = new BigInteger(privateKey, 16);
|
|
|
+// ECPrivateKeyParameters privateKeyParameters = new ECPrivateKeyParameters(privateKeyD, domainParameters);
|
|
|
+// SM2Signer sm2 = new SM2Signer(new SM3Digest());
|
|
|
+// CipherParameters cp;
|
|
|
+// if (userId != null) cp = new ParametersWithID(new ParametersWithRandom(privateKeyParameters), userId);
|
|
|
+// else cp = new ParametersWithRandom(privateKeyParameters);
|
|
|
+// sm2.init(true, cp);
|
|
|
+// sm2.update(sourceData, 0, sourceData.length);
|
|
|
+// return sm2.generateSignature();
|
|
|
+// }
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+// private static final String ENCODING = "UTF-8";
|
|
|
+// public static final String ALGORITHM_NAME = "SM4";
|
|
|
+// // 加密算法/分组加密模式/分组填充方式
|
|
|
+// // PKCS5Padding-以8个字节为一组进行分组加密
|
|
|
+// // 定义分组加密模式使用:PKCS5Padding
|
|
|
+// public static final String ALGORITHM_NAME_ECB_PADDING = "SM4/ECB/PKCS5Padding";
|
|
|
+// // 128-32位16进制;256-64位16进制
|
|
|
+// public static final int DEFAULT_KEY_SIZE = 64;
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//
|
|
|
+//}
|
|
|
+//
|
juxin_zhenghao