Home Explore Help
Register Sign In
wuyongqiang
/
framework
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

优化敏感信息加解密逻辑

woody 1 year ago
parent
ccaa2fe930
commit
526c9ac24d
1 changed files with 37 additions and 2 deletions
Unified View Show Diff Stats
  1. 37 2
      framework-security/src/main/java/com/chelvc/framework/security/context/SecurityContextHolder.java

+ 37 - 2
framework-security/src/main/java/com/chelvc/framework/security/context/SecurityContextHolder.java
View File 

@@ -25,6 +25,16 @@ import org.springframework.util.CollectionUtils;
 
  */
 
  */
 
 @Slf4j
 
 @Slf4j
 
 public class SecurityContextHolder {
 
 public class SecurityContextHolder {
 
+    /**
 
+     * 加解密字符串特征前缀
 
+     */
 
+    public static final String CODEC_CHARACTERISTIC_PREFIX = "ENC(";
 
+
 
+    /**
 
+     * 加解密字符串特征后缀
 
+     */
 
+    public static final String CODEC_CHARACTERISTIC_SUFFIX = ")";
 
+
 
     /**
 
     /**
 
      * 权限属性名称
 
      * 权限属性名称
 
      */
 
      */
 
@@ -56,11 +66,36 @@ public class SecurityContextHolder {
 
         String secret = Objects.requireNonNull(properties.getSecret(), "secret invalid");
 
         String secret = Objects.requireNonNull(properties.getSecret(), "secret invalid");
 
         String device = Objects.requireNonNull(SessionContextHolder.getDevice(), "device invalid");
 
         String device = Objects.requireNonNull(SessionContextHolder.getDevice(), "device invalid");
 
         String iv = StringUtils.substring(device, 0, 16);
 
         String iv = StringUtils.substring(device, 0, 16);
 
-        String ciphertext = String.format("ENC(%s)", AESUtils.encode(plaintext, secret, iv));
 
+        String ciphertext = AESUtils.encode(plaintext, secret, iv);
 
         if (log.isDebugEnabled()) {
 
         if (log.isDebugEnabled()) {
 
             log.debug("Data encrypt: {} -> {}", plaintext, ciphertext);
 
             log.debug("Data encrypt: {} -> {}", plaintext, ciphertext);
 
         }
 
         }
 
-        return ciphertext;
 
+        return CODEC_CHARACTERISTIC_PREFIX + ciphertext + CODEC_CHARACTERISTIC_SUFFIX;
 
+    }
 
+
 
+    /**
 
+     * 数据解密
 
+     *
 
+     * @param ciphertext 数据密文
 
+     * @return 数据明文
 
+     */
 
+    public static String decrypt(String ciphertext) {
 
+        if (StringUtils.isEmpty(ciphertext) || !(ciphertext.startsWith(CODEC_CHARACTERISTIC_PREFIX)
 
+                && ciphertext.endsWith(CODEC_CHARACTERISTIC_SUFFIX))) {
 
+            return ciphertext;
 
+        }
 
+        SecurityProperties properties = ApplicationContextHolder.getBean(SecurityProperties.class);
 
+        String secret = Objects.requireNonNull(properties.getSecret(), "secret invalid");
 
+        String device = Objects.requireNonNull(SessionContextHolder.getDevice(), "device invalid");
 
+        String iv = StringUtils.substring(device, 0, 16);
 
+        ciphertext = ciphertext.substring(
 
+                CODEC_CHARACTERISTIC_PREFIX.length(), ciphertext.length() - CODEC_CHARACTERISTIC_SUFFIX.length()
 
+        );
 
+        String plaintext = AESUtils.decode(ciphertext, secret, iv);
 
+        if (log.isDebugEnabled()) {
 
+            log.debug("Data decrypt: {} -> {}", ciphertext, plaintext);
 
+        }
 
+        return plaintext;
 
     }
 
     }
 
 
 
     /**
 
     /**