fixed encryption

PCS/src/main/java/cn/cslg/permission/common/model/vo/EncryptionFunctionFinalVO.java

@@ -0,0 +1,13 @@
+package cn.cslg.permission.common.model.vo;
+
+import lombok.Data;
+
+import java.util.List;
+
+@Data
+public class EncryptionFunctionFinalVO {
+
+    private String key;
+
+    private List<EncryptionFunctionVO> functionVOS;
+}

PCS/src/main/java/cn/cslg/permission/common/utils/AESUtils.java

@@ -0,0 +1,39 @@
+package cn.cslg.permission.common.utils;
+
+import org.springframework.stereotype.Component;
+
+import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+import java.security.SecureRandom;
+import java.util.Base64;
+
+@Component
+public class AESUtils {
+
+    private static final String ALGORITHM = "AES";
+    private static final int KEY_SIZE = 128;
+
+    public static String generateKey() throws Exception {
+        KeyGenerator keyGenerator = KeyGenerator.getInstance(ALGORITHM);
+        keyGenerator.init(KEY_SIZE, new SecureRandom());
+        SecretKey secretKey = keyGenerator.generateKey();
+        return Base64.getEncoder().encodeToString(secretKey.getEncoded());
+    }
+
+    public static String encrypt(String data, String key) throws Exception {
+        Cipher cipher = Cipher.getInstance(ALGORITHM);
+        cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(Base64.getDecoder().decode(key), ALGORITHM));
+        byte[] encryptedData = cipher.doFinal(data.getBytes());
+        return Base64.getEncoder().encodeToString(encryptedData);
+    }
+
+    public static String decrypt(String encryptedData, String key) throws Exception {
+        Cipher cipher = Cipher.getInstance(ALGORITHM);
+        cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(Base64.getDecoder().decode(key), ALGORITHM));
+        byte[] decryptedData = cipher.doFinal(Base64.getDecoder().decode(encryptedData));
+        return new String(decryptedData);
+    }
+
+}

PCS/src/main/java/cn/cslg/permission/common/utils/RSAUtils.java

@@ -60,7 +60,7 @@ public class RSAUtils {
     }
 
     /**
-     * 公钥加密(用于数据加密)
+     * 公钥加密(用于数据加密) 分段加密
      *
      * @param data         加密前的字符串
      * @param publicKeyStr base64编码后的公钥
@@ -104,7 +104,7 @@ public class RSAUtils {
     }
 
     /**
-     * 私钥解密(用于数据解密)
+     * 私钥解密(用于数据解密)    分段解密
      *
      * @param data          解密前的字符串
      * @param privateKeyStr 私钥
@@ -149,6 +149,60 @@ public class RSAUtils {
     }
 
     /**
+     * 公钥加密(用于数据加密)
+     *
+     * @param data         加密前的字符串
+     * @param publicKeyStr base64编码后的公钥
+     * @return base64编码后的字符串
+     * @throws Exception
+     */
+    public static String encryptByPublicKey1(String data, String publicKeyStr) throws Exception {
+        //Java原生base64解码
+        byte[] pubKey = Base64.getDecoder().decode(publicKeyStr);
+        //创建X509编码密钥规范
+        X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(pubKey);
+        //返回转换指定算法的KeyFactory对象
+        KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM);
+        //根据X509编码密钥规范产生公钥对象
+        PublicKey publicKey = keyFactory.generatePublic(x509KeySpec);
+        //根据转换的名称获取密码对象Cipher（转换的名称：算法/工作模式/填充模式）
+        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
+        //用公钥初始化此Cipher对象（加密模式）
+        cipher.init(Cipher.ENCRYPT_MODE, publicKey);
+        //对数据加密
+        byte[] encrypt = cipher.doFinal(data.getBytes());
+        //返回base64编码后的字符串
+        return Base64.getEncoder().encodeToString(encrypt);
+    }
+
+    /**
+     * 私钥解密(用于数据解密)
+     *
+     * @param data          解密前的字符串
+     * @param privateKeyStr 私钥
+     * @return 解密后的字符串
+     * @throws Exception
+     */
+    public static String decryptByPrivateKey1(String data, String privateKeyStr) throws Exception {
+        //Java原生base64解码
+        byte[] priKey = Base64.getDecoder().decode(privateKeyStr);
+        //创建PKCS8编码密钥规范
+        PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(priKey);
+        //返回转换指定算法的KeyFactory对象
+        KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM);
+        //根据PKCS8编码密钥规范产生私钥对象
+        PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
+        //根据转换的名称获取密码对象Cipher（转换的名称：算法/工作模式/填充模式）
+        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
+        //用私钥初始化此Cipher对象（解密模式）
+        cipher.init(Cipher.DECRYPT_MODE, privateKey);
+        //对数据解密
+        byte[] decrypt = cipher.doFinal(Base64.getDecoder().decode(data));
+        //返回字符串
+        return new String(decrypt);
+    }
+
+    /**
      * 私钥加密(用于数据签名)
      *
      * @param data          加密前的字符串

PCS/src/main/java/cn/cslg/permission/domain/Personnel.java

@@ -104,4 +104,10 @@ public class Personnel extends BaseEntity<Personnel> {
      */
     @TableField(value = "PUBLIC_KEY")
     private String publicKey;
+
+    /**
+     * 对称密钥
+     */
+    @TableField(value = "SYMMETRY_KEY")
+    private String symmetryKey;
 }

PCS/src/main/java/cn/cslg/permission/service/LoginService.java

@@ -342,7 +342,7 @@ public class LoginService extends ServiceImpl<PersonnelMapper, Personnel> {
      * @throws Exception
      */
     @Transactional(propagation = Propagation.REQUIRED, rollbackFor = Throwable.class)
-    public String loginByEncryption(EncryptionLoginDTO vo) {
+    public String loginByEncryption(EncryptionLoginDTO vo) throws Exception {
         final String username = vo.getUsername();
         final String password = vo.getPassword();
         String machineCode = vo.getMachineCode();
@@ -379,7 +379,7 @@ public class LoginService extends ServiceImpl<PersonnelMapper, Personnel> {
             return Response.error(ResponseEnum.PASSWORD_ERROR);
         }
         //人员信息中私钥或公钥为空则添加进去
-        updatePersonnel(personnel.getPrivateKey(), personnel.getPublicKey(), personId);
+        updatePersonnel(personnel.getPrivateKey(), personnel.getPublicKey(), personnel.getSymmetryKey(), personId);
 
         personnel = personnelMapper.selectById(personnel.getId());
         List<AssoPersonnelMachine> machineList = assoPersonnelMachineMapper.selectList(new LambdaQueryWrapper<AssoPersonnelMachine>()
@@ -404,14 +404,16 @@ public class LoginService extends ServiceImpl<PersonnelMapper, Personnel> {
         return Response.success(loginVO);
     }
 
-    public void updatePersonnel(String privateKey, String publicKey, Integer personId) {
-        if (StringUtils.isEmpty(privateKey) || StringUtils.isEmpty(publicKey)) {
+    public void updatePersonnel(String privateKey, String publicKey, String symmetryKey, Integer personId) throws Exception {
+        if (StringUtils.isEmpty(privateKey) || StringUtils.isEmpty(publicKey) || StringUtils.isEmpty(symmetryKey)) {
             Map<String, String> map = RSAUtils.generateKey();
             String publicKeyStr = map.get("publicKeyStr");
             String privateKeyStr = map.get("privateKeyStr");
+            String generateKey = AESUtils.generateKey();
             Personnel newPersonnel = personnelMapper.selectById(personId);
             newPersonnel.setPrivateKey(privateKeyStr);
             newPersonnel.setPublicKey(publicKeyStr);
+            newPersonnel.setSymmetryKey(generateKey);
             newPersonnel.updateById();
         }
     }
@@ -470,6 +472,8 @@ public class LoginService extends ServiceImpl<PersonnelMapper, Personnel> {
             return Response.error(ResponseEnum.THE_TOKEN_IS_INVALID);
         }
         String publicKey = personnel.getPublicKey();
+        String symmetryKey = personnel.getSymmetryKey();
+        EncryptionFunctionFinalVO finalVO = new EncryptionFunctionFinalVO();
         List<EncryptionFunctionVO> functionVOS = new ArrayList<>();
 
         List<String> permissions = new ArrayList<>();
@@ -483,7 +487,7 @@ public class LoginService extends ServiceImpl<PersonnelMapper, Personnel> {
                 permissions.add(i.getFunctionPath());
             });
         }
-        List<EncryptionFunctionVO> list = this.loadFunctionVOS(permissions, 2, publicKey);
+        List<EncryptionFunctionVO> list = this.loadFunctionVOS(permissions, 2, symmetryKey);
         functionVOS.addAll(list);
 
         List<String> permissions1 = new ArrayList<>();
@@ -494,12 +498,15 @@ public class LoginService extends ServiceImpl<PersonnelMapper, Personnel> {
             permissions1.add(i.getFunctionPath());
         });
         permissions1.removeAll(permissions);
-        List<EncryptionFunctionVO> list1 = this.loadFunctionVOS(permissions1, 1, publicKey);
+        List<EncryptionFunctionVO> list1 = this.loadFunctionVOS(permissions1, 1, symmetryKey);
         functionVOS.addAll(list1);
-        return Response.success(functionVOS);
+        finalVO.setFunctionVOS(functionVOS);
+        String key = RSAUtils.encryptByPublicKey(symmetryKey, publicKey);
+        finalVO.setKey(key);
+        return Response.success(finalVO);
     }
 
-    private List<EncryptionFunctionVO> loadFunctionVOS(List<String> permissions, Integer type, String publicKey) throws Exception {
+    private List<EncryptionFunctionVO> loadFunctionVOS(List<String> permissions, Integer type, String symmetryKey) throws Exception {
         List<EncryptionFunctionVO> functionVOS = new ArrayList<>();
         List<Function> functions = functionMapper.selectList(new LambdaQueryWrapper<Function>()
                 .in(Function::getFunctionPath, permissions));
@@ -511,7 +518,8 @@ public class LoginService extends ServiceImpl<PersonnelMapper, Personnel> {
                     .eq(AssoFunctionModule::getAuthType, type));
             if (ObjectUtils.isNotEmpty(functionModule) && StringUtils.isNotEmpty(functionModule.getCode())) {
                 String moduleCode = functionModule.getCode();
-                String encryptInfo = RSAUtils.encryptByPublicKey(moduleCode, publicKey);
+//                String encryptInfo = RSAUtils.encryptByPublicKey(moduleCode, publicKey);
+                String encryptInfo = AESUtils.encrypt(moduleCode, symmetryKey);
                 EncryptionFunctionVO functionVO = new EncryptionFunctionVO();
                 functionVO.setPermission(functionPath);
                 functionVO.setEncryptionModuleCode(encryptInfo);