diff --git a/README.md b/README.md index 1e6e246e..467afe1f 100644 --- a/README.md +++ b/README.md @@ -160,8 +160,11 @@ continew-starter │ ├─ continew-starter-data-core(核心模块) │ ├─ continew-starter-data-mp(MyBatis Plus) │ └─ continew-starter-data-mf(MyBatis Flex) +├─ continew-starter-encrypt(加密模块) +│ ├─ continew-starter-encrypt-core(核心模块) +│ ├─ continew-starter-encrypt-field(字段加密) +│ └─ continew-starter-encrypt-api(API 加密) ├─ continew-starter-security(安全模块) -│ ├─ continew-starter-security-crypto(加密:字段加解密) │ ├─ continew-starter-security-mask(脱敏:JSON 数据脱敏) │ ├─ continew-starter-security-xss(XSS 过滤) │ └─ continew-starter-security-sensitivewords(敏感词) diff --git a/continew-starter-bom/pom.xml b/continew-starter-bom/pom.xml index 457ca5ed..0a6f532a 100644 --- a/continew-starter-bom/pom.xml +++ b/continew-starter-bom/pom.xml @@ -104,12 +104,25 @@ ${revision} - + top.continew.starter - continew-starter-security-crypto + continew-starter-encrypt-field ${revision} + + + top.continew.starter + continew-starter-encrypt-api + ${revision} + + + + top.continew.starter + continew-starter-encrypt-core + ${revision} + + top.continew.starter diff --git a/continew-starter-core/src/main/java/top/continew/starter/core/constant/OrderedConstants.java b/continew-starter-core/src/main/java/top/continew/starter/core/constant/OrderedConstants.java index e81410d2..734e34ba 100644 --- a/continew-starter-core/src/main/java/top/continew/starter/core/constant/OrderedConstants.java +++ b/continew-starter-core/src/main/java/top/continew/starter/core/constant/OrderedConstants.java @@ -32,9 +32,9 @@ public class OrderedConstants { public static final class Filter { /** - * API加/密过滤器顺序 + * API 加密过滤器顺序 */ - public static final int API_CRYPTO_FILTER = Ordered.HIGHEST_PRECEDENCE; + public static final int API_ENCRYPT_FILTER = Ordered.HIGHEST_PRECEDENCE; /** * 链路追踪过滤器顺序 diff --git a/continew-starter-core/src/main/java/top/continew/starter/core/constant/PropertiesConstants.java b/continew-starter-core/src/main/java/top/continew/starter/core/constant/PropertiesConstants.java index dc495ece..0f2e8644 100644 --- a/continew-starter-core/src/main/java/top/continew/starter/core/constant/PropertiesConstants.java +++ b/continew-starter-core/src/main/java/top/continew/starter/core/constant/PropertiesConstants.java @@ -49,31 +49,41 @@ public class PropertiesConstants { */ public static final String WEB_RESPONSE = WEB + StringConstants.DOT + "response"; + /** + * 加密配置 + */ + public static final String ENCRYPT = CONTINEW_STARTER + StringConstants.DOT + "encrypt"; + + /** + * 加密-密码编码器 + */ + public static final String ENCRYPT_PASSWORD_ENCODER = ENCRYPT + StringConstants.DOT + "password-encoder"; + + /** + * 加密-字段加密 + */ + public static final String ENCRYPT_FIELD = ENCRYPT + StringConstants.DOT + "field"; + + /** + * 加密-API 加密 + */ + public static final String ENCRYPT_API = ENCRYPT + StringConstants.DOT + "api"; + /** * 安全配置 */ public static final String SECURITY = CONTINEW_STARTER + StringConstants.DOT + "security"; /** - * 安全-数据加/解密配置 + * 安全-XSS 配置 */ - public static final String SECURITY_CRYPTO = SECURITY + StringConstants.DOT + "crypto"; - - /** - * 安全-API加/解密配置 - */ - public static final String SECURITY_API_CRYPTO = SECURITY + StringConstants.DOT + "api-crypto"; + public static final String SECURITY_XSS = SECURITY + StringConstants.DOT + "xss"; /** * 安全-敏感词配置 */ public static final String SECURITY_SENSITIVE_WORDS = SECURITY + StringConstants.DOT + "sensitive-words"; - /** - * 安全-XSS 配置 - */ - public static final String SECURITY_XSS = SECURITY + StringConstants.DOT + "xss"; - /** * 限流配置 */ diff --git a/continew-starter-core/src/main/java/top/continew/starter/core/util/SpringWebUtils.java b/continew-starter-core/src/main/java/top/continew/starter/core/util/SpringWebUtils.java index e687f9dc..031d54a9 100644 --- a/continew-starter-core/src/main/java/top/continew/starter/core/util/SpringWebUtils.java +++ b/continew-starter-core/src/main/java/top/continew/starter/core/util/SpringWebUtils.java @@ -20,12 +20,16 @@ import cn.hutool.core.text.CharSequenceUtil; import cn.hutool.core.util.ReflectUtil; import cn.hutool.extra.spring.SpringUtil; import jakarta.servlet.ServletContext; +import jakarta.servlet.http.HttpServletRequest; import org.springframework.context.ApplicationContext; import org.springframework.http.server.PathContainer; import org.springframework.web.accept.ContentNegotiationManager; +import org.springframework.web.method.HandlerMethod; +import org.springframework.web.servlet.HandlerExecutionChain; import org.springframework.web.servlet.HandlerMapping; import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; import org.springframework.web.servlet.handler.SimpleUrlHandlerMapping; +import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping; import org.springframework.web.util.UrlPathHelper; import org.springframework.web.util.pattern.PathPattern; import org.springframework.web.util.pattern.PathPatternParser; @@ -135,4 +139,31 @@ public class SpringWebUtils { .getUrlMap(); ReflectUtil.invoke(resourceHandlerMapping, "registerHandlers", additionalUrlMap); } + + /** + * 获取处理器方法 + * + * @param request 请求 + * @return 处理器方法 + * @since 2.14.0 + */ + public static HandlerMethod getHandlerMethod(HttpServletRequest request) { + try { + RequestMappingHandlerMapping handlerMapping = SpringUtil + .getBean("requestMappingHandlerMapping", RequestMappingHandlerMapping.class); + HandlerExecutionChain handlerExecutionChain = handlerMapping.getHandler(request); + // 检查是否存在处理链 + if (handlerExecutionChain == null) { + return null; + } + // 获取处理器 + Object handler = handlerExecutionChain.getHandler(); + if (handler instanceof HandlerMethod handlerMethod) { + return handlerMethod; + } + return null; + } catch (Exception e) { + return null; + } + } } diff --git a/continew-starter-encrypt/continew-starter-encrypt-api/pom.xml b/continew-starter-encrypt/continew-starter-encrypt-api/pom.xml new file mode 100644 index 00000000..48628187 --- /dev/null +++ b/continew-starter-encrypt/continew-starter-encrypt-api/pom.xml @@ -0,0 +1,25 @@ + + + 4.0.0 + + top.continew.starter + continew-starter-encrypt + ${revision} + + + continew-starter-encrypt-api + jar + + ${project.artifactId} + ContiNew Starter 加密模块 - API 加密 + + + + + top.continew.starter + continew-starter-encrypt-core + + + \ No newline at end of file diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/annotation/ApiEncrypt.java b/continew-starter-encrypt/continew-starter-encrypt-api/src/main/java/top/continew/starter/encrypt/api/annotation/ApiEncrypt.java similarity index 89% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/annotation/ApiEncrypt.java rename to continew-starter-encrypt/continew-starter-encrypt-api/src/main/java/top/continew/starter/encrypt/api/annotation/ApiEncrypt.java index 7d5b1e78..593d789d 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/annotation/ApiEncrypt.java +++ b/continew-starter-encrypt/continew-starter-encrypt-api/src/main/java/top/continew/starter/encrypt/api/annotation/ApiEncrypt.java @@ -14,12 +14,12 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.annotation; +package top.continew.starter.encrypt.api.annotation; import java.lang.annotation.*; /** - * API加密注解 + * API 加密注解 * * @author lishuyan * @since 2.14.0 @@ -30,8 +30,7 @@ import java.lang.annotation.*; public @interface ApiEncrypt { /** - * 默认API响应加密 + * 是否加密响应 */ boolean response() default true; - } diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/ApiCryptoAutoConfiguration.java b/continew-starter-encrypt/continew-starter-encrypt-api/src/main/java/top/continew/starter/encrypt/api/autoconfigure/ApiEncryptAutoConfiguration.java similarity index 55% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/ApiCryptoAutoConfiguration.java rename to continew-starter-encrypt/continew-starter-encrypt-api/src/main/java/top/continew/starter/encrypt/api/autoconfigure/ApiEncryptAutoConfiguration.java index 8f9dea20..805973ab 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/ApiCryptoAutoConfiguration.java +++ b/continew-starter-encrypt/continew-starter-encrypt-api/src/main/java/top/continew/starter/encrypt/api/autoconfigure/ApiEncryptAutoConfiguration.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.autoconfigure; +package top.continew.starter.encrypt.api.autoconfigure; import jakarta.annotation.PostConstruct; import jakarta.servlet.DispatcherType; @@ -27,40 +27,38 @@ import org.springframework.boot.web.servlet.FilterRegistrationBean; import org.springframework.context.annotation.Bean; import top.continew.starter.core.constant.OrderedConstants; import top.continew.starter.core.constant.PropertiesConstants; -import top.continew.starter.security.crypto.filter.ApiCryptoFilter; +import top.continew.starter.core.constant.StringConstants; +import top.continew.starter.encrypt.api.filter.ApiEncryptFilter; /** - * API加/解密自动配置 + * API 加密自动配置 * * @author lishuyan + * @author Charles7c * @since 2.14.0 */ @AutoConfiguration -@EnableConfigurationProperties(ApiCryptoProperties.class) -@ConditionalOnProperty(prefix = PropertiesConstants.SECURITY_API_CRYPTO, name = PropertiesConstants.ENABLED, havingValue = "true", matchIfMissing = true) -public class ApiCryptoAutoConfiguration { +@EnableConfigurationProperties(ApiEncryptProperties.class) +@ConditionalOnProperty(prefix = PropertiesConstants.ENCRYPT_API, name = PropertiesConstants.ENABLED, havingValue = "true", matchIfMissing = true) +public class ApiEncryptAutoConfiguration { - private static final Logger log = LoggerFactory.getLogger(ApiCryptoAutoConfiguration.class); + private static final Logger log = LoggerFactory.getLogger(ApiEncryptAutoConfiguration.class); /** - * API加/解密过滤器 - * - * @param properties 配置 - * @return 过滤器 + * API 加密过滤器 */ @Bean - public FilterRegistrationBean apiCryptoFilterRegistration(ApiCryptoProperties properties) { - FilterRegistrationBean registration = new FilterRegistrationBean<>(); - registration.setDispatcherTypes(DispatcherType.REQUEST); - registration.setFilter(new ApiCryptoFilter(properties)); - registration.addUrlPatterns("/*"); - registration.setName("apiCryptoFilter"); - registration.setOrder(OrderedConstants.Filter.API_CRYPTO_FILTER); - return registration; + public FilterRegistrationBean apiEncryptFilter(ApiEncryptProperties properties) { + FilterRegistrationBean registrationBean = new FilterRegistrationBean<>(); + registrationBean.setFilter(new ApiEncryptFilter(properties)); + registrationBean.setOrder(OrderedConstants.Filter.API_ENCRYPT_FILTER); + registrationBean.addUrlPatterns(StringConstants.PATH_PATTERN_CURRENT_DIR); + registrationBean.setDispatcherTypes(DispatcherType.REQUEST); + return registrationBean; } @PostConstruct public void postConstruct() { - log.debug("[ContiNew Starter] - Auto Configuration 'Security-API-Crypto' completed initialization."); + log.debug("[ContiNew Starter] - Auto Configuration 'Encrypt-API' completed initialization."); } } diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/ApiCryptoProperties.java b/continew-starter-encrypt/continew-starter-encrypt-api/src/main/java/top/continew/starter/encrypt/api/autoconfigure/ApiEncryptProperties.java similarity index 87% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/ApiCryptoProperties.java rename to continew-starter-encrypt/continew-starter-encrypt-api/src/main/java/top/continew/starter/encrypt/api/autoconfigure/ApiEncryptProperties.java index 3f093c78..64610bd4 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/ApiCryptoProperties.java +++ b/continew-starter-encrypt/continew-starter-encrypt-api/src/main/java/top/continew/starter/encrypt/api/autoconfigure/ApiEncryptProperties.java @@ -14,19 +14,19 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.autoconfigure; +package top.continew.starter.encrypt.api.autoconfigure; import org.springframework.boot.context.properties.ConfigurationProperties; import top.continew.starter.core.constant.PropertiesConstants; /** - * API加/解密属性配置 + * API 加密配置属性 * * @author lishuyan * @since 2.14.0 */ -@ConfigurationProperties(PropertiesConstants.SECURITY_API_CRYPTO) -public class ApiCryptoProperties { +@ConfigurationProperties(PropertiesConstants.ENCRYPT_API) +public class ApiEncryptProperties { /** * 是否启用 @@ -36,7 +36,7 @@ public class ApiCryptoProperties { /** * 请求头中 AES 密钥 键名 */ - private String secretKeyHeader = "X-Api-Crypto"; + private String secretKeyHeader = "X-Api-Encrypt"; /** * 响应加密公钥 diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/filter/ApiCryptoFilter.java b/continew-starter-encrypt/continew-starter-encrypt-api/src/main/java/top/continew/starter/encrypt/api/filter/ApiEncryptFilter.java similarity index 59% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/filter/ApiCryptoFilter.java rename to continew-starter-encrypt/continew-starter-encrypt-api/src/main/java/top/continew/starter/encrypt/api/filter/ApiEncryptFilter.java index d6a89fd5..ba9930e0 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/filter/ApiCryptoFilter.java +++ b/continew-starter-encrypt/continew-starter-encrypt-api/src/main/java/top/continew/starter/encrypt/api/filter/ApiEncryptFilter.java @@ -14,37 +14,33 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.filter; +package top.continew.starter.encrypt.api.filter; import cn.hutool.core.text.CharSequenceUtil; import cn.hutool.core.util.ObjectUtil; -import cn.hutool.extra.spring.SpringUtil; import jakarta.servlet.*; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import org.springframework.http.HttpMethod; -import org.springframework.web.method.HandlerMethod; -import org.springframework.web.servlet.HandlerExecutionChain; -import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping; -import top.continew.starter.security.crypto.annotation.ApiEncrypt; -import top.continew.starter.security.crypto.autoconfigure.ApiCryptoProperties; +import top.continew.starter.core.util.SpringWebUtils; +import top.continew.starter.encrypt.api.annotation.ApiEncrypt; +import top.continew.starter.encrypt.api.autoconfigure.ApiEncryptProperties; import java.io.IOException; +import java.util.Optional; /** - * API加/解密过滤器 + * API 加密过滤器 * * @author lishuyan + * @author Charles7c * @since 2.14.0 */ -public class ApiCryptoFilter implements Filter { +public class ApiEncryptFilter implements Filter { - /** - * API加/密配置 - */ - private final ApiCryptoProperties properties; + private final ApiEncryptProperties properties; - public ApiCryptoFilter(ApiCryptoProperties properties) { + public ApiEncryptFilter(ApiEncryptProperties properties) { this.properties = properties; } @@ -54,10 +50,8 @@ public class ApiCryptoFilter implements Filter { FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest)servletRequest; HttpServletResponse response = (HttpServletResponse)servletResponse; - // 获取API加密注解 - ApiEncrypt apiEncrypt = this.getApiEncryptAnnotation(request); - // 响应加密标识 - boolean responseEncryptFlag = ObjectUtil.isNotNull(apiEncrypt) && apiEncrypt.response(); + // 是否加密响应 + boolean isResponseEncrypt = this.isResponseEncrypt(request); // 密钥标头 String secretKeyHeader = properties.getSecretKeyHeader(); ServletRequest requestWrapper = null; @@ -73,7 +67,7 @@ public class ApiCryptoFilter implements Filter { } } // 响应加密,响应包装器替换响应体加密包装器 - if (responseEncryptFlag) { + if (isResponseEncrypt) { responseBodyEncryptWrapper = new ResponseBodyEncryptWrapper(response); responseWrapper = responseBodyEncryptWrapper; } @@ -81,7 +75,7 @@ public class ApiCryptoFilter implements Filter { chain.doFilter(ObjectUtil.defaultIfNull(requestWrapper, request), ObjectUtil .defaultIfNull(responseWrapper, response)); // 响应加密,执行完成后,响应密文 - if (responseEncryptFlag) { + if (isResponseEncrypt) { servletResponse.reset(); // 获取密文 String encryptContent = responseBodyEncryptWrapper.getEncryptContent(response, properties @@ -92,30 +86,16 @@ public class ApiCryptoFilter implements Filter { } /** - * 获取 ApiEncrypt 注解 + * 是否加密响应 * - * @param request HTTP请求 - * @return ApiEncrypt注解,如果未找到则返回null + * @param request 请求对象 + * @return 是否加密响应 */ - private ApiEncrypt getApiEncryptAnnotation(HttpServletRequest request) { - try { - RequestMappingHandlerMapping handlerMapping = SpringUtil - .getBean("requestMappingHandlerMapping", RequestMappingHandlerMapping.class); - HandlerExecutionChain mappingHandler = handlerMapping.getHandler(request); - // 检查是否存在处理链 - if (ObjectUtil.isNull(mappingHandler)) { - return null; - } - // 获取处理器 - Object handler = mappingHandler.getHandler(); - // 检查是否为HandlerMethod类型 - if (!(handler instanceof HandlerMethod handlerMethod)) { - return null; - } - // 获取方法上的ApiEncrypt注解 - return handlerMethod.getMethodAnnotation(ApiEncrypt.class); - } catch (Exception e) { - return null; - } + private boolean isResponseEncrypt(HttpServletRequest request) { + // 获取 API 加密注解 + ApiEncrypt apiEncrypt = Optional.ofNullable(SpringWebUtils.getHandlerMethod(request)) + .map(h -> h.getMethodAnnotation(ApiEncrypt.class)) + .orElse(null); + return apiEncrypt != null && apiEncrypt.response(); } } \ No newline at end of file diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/filter/RequestBodyDecryptWrapper.java b/continew-starter-encrypt/continew-starter-encrypt-api/src/main/java/top/continew/starter/encrypt/api/filter/RequestBodyDecryptWrapper.java similarity index 90% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/filter/RequestBodyDecryptWrapper.java rename to continew-starter-encrypt/continew-starter-encrypt-api/src/main/java/top/continew/starter/encrypt/api/filter/RequestBodyDecryptWrapper.java index 8e1210f2..220a7e83 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/filter/RequestBodyDecryptWrapper.java +++ b/continew-starter-encrypt/continew-starter-encrypt-api/src/main/java/top/continew/starter/encrypt/api/filter/RequestBodyDecryptWrapper.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.filter; +package top.continew.starter.encrypt.api.filter; import cn.hutool.core.io.IoUtil; import cn.hutool.core.util.CharsetUtil; @@ -23,7 +23,7 @@ import jakarta.servlet.ServletInputStream; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequestWrapper; import org.springframework.http.MediaType; -import top.continew.starter.security.crypto.util.EncryptHelper; +import top.continew.starter.encrypt.util.EncryptUtils; import java.io.BufferedReader; import java.io.ByteArrayInputStream; @@ -63,14 +63,14 @@ public class RequestBodyDecryptWrapper extends HttpServletRequestWrapper { // 通过 请求头 获取 AES 密钥,密钥内容经过 RSA 加密 String secretKeyByRsa = request.getHeader(secretKeyHeader); // 通过 RSA 解密,获取 AES 密钥,密钥内容经过 Base64 编码 - String secretKeyByBase64 = EncryptHelper.decryptByRsa(secretKeyByRsa, privateKey); + String secretKeyByBase64 = EncryptUtils.decryptByRsa(secretKeyByRsa, privateKey); // 通过 Base64 解码,获取 AES 密钥 - String aesSecretKey = EncryptHelper.decodeByBase64(secretKeyByBase64); + String aesSecretKey = EncryptUtils.decodeByBase64(secretKeyByBase64); request.setCharacterEncoding(CharsetUtil.UTF_8); byte[] readBytes = IoUtil.readBytes(request.getInputStream(), false); String requestBody = new String(readBytes, StandardCharsets.UTF_8); // 通过 AES 密钥,解密 请求体 - return EncryptHelper.decryptByAes(requestBody, aesSecretKey).getBytes(StandardCharsets.UTF_8); + return EncryptUtils.decryptByAes(requestBody, aesSecretKey).getBytes(StandardCharsets.UTF_8); } @Override diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/filter/ResponseBodyEncryptWrapper.java b/continew-starter-encrypt/continew-starter-encrypt-api/src/main/java/top/continew/starter/encrypt/api/filter/ResponseBodyEncryptWrapper.java similarity index 92% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/filter/ResponseBodyEncryptWrapper.java rename to continew-starter-encrypt/continew-starter-encrypt-api/src/main/java/top/continew/starter/encrypt/api/filter/ResponseBodyEncryptWrapper.java index 2e4755ff..e9210a0e 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/filter/ResponseBodyEncryptWrapper.java +++ b/continew-starter-encrypt/continew-starter-encrypt-api/src/main/java/top/continew/starter/encrypt/api/filter/ResponseBodyEncryptWrapper.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.filter; +package top.continew.starter.encrypt.api.filter; import cn.hutool.core.util.CharsetUtil; import cn.hutool.core.util.RandomUtil; @@ -24,7 +24,7 @@ import jakarta.servlet.http.HttpServletResponse; import jakarta.servlet.http.HttpServletResponseWrapper; import org.springframework.http.HttpHeaders; import top.continew.starter.core.constant.StringConstants; -import top.continew.starter.security.crypto.util.EncryptHelper; +import top.continew.starter.encrypt.util.EncryptUtils; import java.io.ByteArrayOutputStream; import java.io.IOException; @@ -94,9 +94,9 @@ public class ResponseBodyEncryptWrapper extends HttpServletResponseWrapper { // 生成 AES 密钥 String aesSecretKey = RandomUtil.randomString(32); // Base64 编码 - String secretKeyByBase64 = EncryptHelper.encodeByBase64(aesSecretKey); + String secretKeyByBase64 = EncryptUtils.encodeByBase64(aesSecretKey); // RSA 加密 - String secretKeyByRsa = EncryptHelper.encryptByRsa(secretKeyByBase64, publicKey); + String secretKeyByRsa = EncryptUtils.encryptByRsa(secretKeyByBase64, publicKey); // 设置响应头 response.addHeader(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, secretKeyHeader); response.setHeader(secretKeyHeader, secretKeyByRsa); @@ -104,7 +104,7 @@ public class ResponseBodyEncryptWrapper extends HttpServletResponseWrapper { response.setHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, StringConstants.ASTERISK); response.setCharacterEncoding(CharsetUtil.UTF_8); // 通过 AES 密钥,对原始内容进行加密 - return EncryptHelper.encryptByAes(this.getContent(), aesSecretKey); + return EncryptUtils.encryptByAes(this.getContent(), aesSecretKey); } @Override diff --git a/continew-starter-encrypt/continew-starter-encrypt-api/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/continew-starter-encrypt/continew-starter-encrypt-api/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports new file mode 100644 index 00000000..63848137 --- /dev/null +++ b/continew-starter-encrypt/continew-starter-encrypt-api/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports @@ -0,0 +1 @@ +top.continew.starter.encrypt.api.autoconfigure.ApiEncryptAutoConfiguration \ No newline at end of file diff --git a/continew-starter-security/continew-starter-security-crypto/pom.xml b/continew-starter-encrypt/continew-starter-encrypt-core/pom.xml similarity index 70% rename from continew-starter-security/continew-starter-security-crypto/pom.xml rename to continew-starter-encrypt/continew-starter-encrypt-core/pom.xml index 4b0ca8cc..0836e2d0 100644 --- a/continew-starter-security/continew-starter-security-crypto/pom.xml +++ b/continew-starter-encrypt/continew-starter-encrypt-core/pom.xml @@ -5,17 +5,23 @@ 4.0.0 top.continew.starter - continew-starter-security + continew-starter-encrypt ${revision} - continew-starter-security-crypto + continew-starter-encrypt-core jar ${project.artifactId} - ContiNew Starter 安全模块 - 加密 + ContiNew Starter 加密模块 - 核心模块 + + + top.continew.starter + continew-starter-core + + cn.hutool @@ -27,11 +33,5 @@ org.springframework.security spring-security-crypto - - - - com.baomidou - mybatis-plus-extension - \ No newline at end of file diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoAutoConfiguration.java b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/autoconfigure/PasswordEncoderAutoConfiguration.java similarity index 54% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoAutoConfiguration.java rename to continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/autoconfigure/PasswordEncoderAutoConfiguration.java index 272d80d8..b4700d85 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoAutoConfiguration.java +++ b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/autoconfigure/PasswordEncoderAutoConfiguration.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.autoconfigure; +package top.continew.starter.encrypt.autoconfigure; import jakarta.annotation.PostConstruct; import org.slf4j.Logger; @@ -24,59 +24,29 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.PropertySource; import org.springframework.security.crypto.factory.PasswordEncoderFactories; import org.springframework.security.crypto.password.DelegatingPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import top.continew.starter.core.constant.PropertiesConstants; -import top.continew.starter.core.util.GeneralPropertySourceFactory; import top.continew.starter.core.util.validation.CheckUtils; -import top.continew.starter.security.crypto.enums.PasswordEncoderAlgorithm; -import top.continew.starter.security.crypto.mybatis.MyBatisDecryptInterceptor; -import top.continew.starter.security.crypto.mybatis.MyBatisEncryptInterceptor; -import top.continew.starter.security.crypto.util.EncryptHelper; -import top.continew.starter.security.crypto.util.PasswordEncoderUtil; +import top.continew.starter.encrypt.enums.PasswordEncoderAlgorithm; +import top.continew.starter.encrypt.util.PasswordEncoderUtil; import java.util.HashMap; import java.util.Map; /** - * 加/解密自动配置 + * 密码编码器自动配置 * * @author Charles7c - * @author lishuyan - * @since 1.4.0 + * @since 2.14.0 */ @AutoConfiguration -@EnableConfigurationProperties(CryptoProperties.class) -@ConditionalOnProperty(prefix = PropertiesConstants.SECURITY_CRYPTO, name = PropertiesConstants.ENABLED, havingValue = "true", matchIfMissing = true) -@PropertySource(value = "classpath:default-crypto.yml", factory = GeneralPropertySourceFactory.class) -public class CryptoAutoConfiguration { +@EnableConfigurationProperties(PasswordEncoderProperties.class) +@ConditionalOnProperty(prefix = PropertiesConstants.ENCRYPT_PASSWORD_ENCODER, name = PropertiesConstants.ENABLED, havingValue = "true") +public class PasswordEncoderAutoConfiguration { - private static final Logger log = LoggerFactory.getLogger(CryptoAutoConfiguration.class); - private final CryptoProperties properties; - - public CryptoAutoConfiguration(CryptoProperties properties) { - this.properties = properties; - } - - /** - * MyBatis 加密拦截器配置 - */ - @Bean - @ConditionalOnMissingBean - public MyBatisEncryptInterceptor mybatisEncryptInterceptor() { - return new MyBatisEncryptInterceptor(); - } - - /** - * MyBatis 解密拦截器配置 - */ - @Bean - @ConditionalOnMissingBean(MyBatisDecryptInterceptor.class) - public MyBatisDecryptInterceptor mybatisDecryptInterceptor() { - return new MyBatisDecryptInterceptor(); - } + private static final Logger log = LoggerFactory.getLogger(PasswordEncoderAutoConfiguration.class); /** * 密码编码器配置 @@ -86,9 +56,7 @@ public class CryptoAutoConfiguration { */ @Bean @ConditionalOnMissingBean - @ConditionalOnProperty(prefix = PropertiesConstants.SECURITY_CRYPTO + ".password-encoder", name = PropertiesConstants.ENABLED, havingValue = "true") - public PasswordEncoder passwordEncoder() { - PasswordEncoderProperties passwordEncoderProperties = properties.getPasswordEncoder(); + public PasswordEncoder passwordEncoder(PasswordEncoderProperties properties) { Map encoders = new HashMap<>(); encoders.put(PasswordEncoderAlgorithm.BCRYPT.name().toLowerCase(), PasswordEncoderUtil .getEncoder(PasswordEncoderAlgorithm.BCRYPT)); @@ -98,14 +66,13 @@ public class CryptoAutoConfiguration { .getEncoder(PasswordEncoderAlgorithm.PBKDF2)); encoders.put(PasswordEncoderAlgorithm.ARGON2.name().toLowerCase(), PasswordEncoderUtil .getEncoder(PasswordEncoderAlgorithm.ARGON2)); - PasswordEncoderAlgorithm algorithm = passwordEncoderProperties.getAlgorithm(); + PasswordEncoderAlgorithm algorithm = properties.getAlgorithm(); CheckUtils.throwIf(PasswordEncoderUtil.getEncoder(algorithm) == null, "不支持的加密算法: {}", algorithm); return new DelegatingPasswordEncoder(algorithm.name().toLowerCase(), encoders); } @PostConstruct public void postConstruct() { - EncryptHelper.init(properties); - log.debug("[ContiNew Starter] - Auto Configuration 'Security-Crypto' completed initialization."); + log.debug("[ContiNew Starter] - Auto Configuration 'Encrypt-Password Encoder' completed initialization."); } } diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/PasswordEncoderProperties.java b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/autoconfigure/PasswordEncoderProperties.java similarity index 83% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/PasswordEncoderProperties.java rename to continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/autoconfigure/PasswordEncoderProperties.java index 380fbe8a..d68b6c2f 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/PasswordEncoderProperties.java +++ b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/autoconfigure/PasswordEncoderProperties.java @@ -14,14 +14,15 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.autoconfigure; +package top.continew.starter.encrypt.autoconfigure; -import top.continew.starter.security.crypto.enums.PasswordEncoderAlgorithm; +import top.continew.starter.encrypt.enums.PasswordEncoderAlgorithm; /** * 密码编码器配置属性 * * @author Jasmine + * @author Charles7c * @since 1.3.0 */ public class PasswordEncoderProperties { @@ -29,18 +30,18 @@ public class PasswordEncoderProperties { /** * 是否启用 */ - private boolean enabled = true; + private Boolean enabled; /** * 默认启用的编码器算法(默认:BCrypt 加密算法) */ private PasswordEncoderAlgorithm algorithm = PasswordEncoderAlgorithm.BCRYPT; - public boolean isEnabled() { + public Boolean getEnabled() { return enabled; } - public void setEnabled(boolean enabled) { + public void setEnabled(Boolean enabled) { this.enabled = enabled; } diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoContext.java b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/context/CryptoContext.java similarity index 93% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoContext.java rename to continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/context/CryptoContext.java index 1db221aa..1466c7a9 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoContext.java +++ b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/context/CryptoContext.java @@ -14,10 +14,10 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.autoconfigure; +package top.continew.starter.encrypt.context; -import top.continew.starter.security.crypto.encryptor.IEncryptor; -import top.continew.starter.security.crypto.enums.Algorithm; +import top.continew.starter.encrypt.encryptor.IEncryptor; +import top.continew.starter.encrypt.enums.Algorithm; import java.util.Objects; diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AbstractEncryptor.java b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/AbstractEncryptor.java similarity index 87% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AbstractEncryptor.java rename to continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/AbstractEncryptor.java index 46f50e76..1248c1d7 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AbstractEncryptor.java +++ b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/AbstractEncryptor.java @@ -14,9 +14,9 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.encryptor; +package top.continew.starter.encrypt.encryptor; -import top.continew.starter.security.crypto.autoconfigure.CryptoContext; +import top.continew.starter.encrypt.context.CryptoContext; /** * 加密器基类 diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AbstractSymmetricCryptoEncryptor.java b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/AbstractSymmetricCryptoEncryptor.java similarity index 94% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AbstractSymmetricCryptoEncryptor.java rename to continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/AbstractSymmetricCryptoEncryptor.java index 05315e47..00705ef2 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AbstractSymmetricCryptoEncryptor.java +++ b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/AbstractSymmetricCryptoEncryptor.java @@ -14,20 +14,20 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.encryptor; +package top.continew.starter.encrypt.encryptor; import cn.hutool.core.text.CharSequenceUtil; import cn.hutool.crypto.symmetric.SymmetricAlgorithm; import cn.hutool.crypto.symmetric.SymmetricCrypto; import top.continew.starter.core.constant.StringConstants; -import top.continew.starter.security.crypto.autoconfigure.CryptoContext; +import top.continew.starter.encrypt.context.CryptoContext; import java.nio.charset.StandardCharsets; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; /** - * 对称加/解密处理器 + * 对称加密器 * * @author Charles7c * @author lishuyan diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AesEncryptor.java b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/AesEncryptor.java similarity index 86% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AesEncryptor.java rename to continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/AesEncryptor.java index a31f1b91..0dd61638 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/AesEncryptor.java +++ b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/AesEncryptor.java @@ -14,13 +14,13 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.encryptor; +package top.continew.starter.encrypt.encryptor; import cn.hutool.crypto.symmetric.SymmetricAlgorithm; -import top.continew.starter.security.crypto.autoconfigure.CryptoContext; +import top.continew.starter.encrypt.context.CryptoContext; /** - * AES(Advanced Encryption Standard) 加/解密处理器 + * AES(Advanced Encryption Standard) 加密器 *

* 美国国家标准与技术研究院(NIST)采纳的对称加密算法标准,提供128位、192位和256位三种密钥长度,以高效和安全性著称。 *

diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/Base64Encryptor.java b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/Base64Encryptor.java similarity index 93% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/Base64Encryptor.java rename to continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/Base64Encryptor.java index 8e08dcfa..56b4fd8e 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/Base64Encryptor.java +++ b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/Base64Encryptor.java @@ -14,12 +14,12 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.encryptor; +package top.continew.starter.encrypt.encryptor; import cn.hutool.core.codec.Base64; /** - * Base64 加/解密处理器 + * Base64 加密器 *

* 一种用于编码二进制数据到文本格式的算法,常用于邮件附件、网页传输等场合,但它不是一种加密算法,只提供数据的编码和解码,不保证数据的安全性。 *

diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/DesEncryptor.java b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/DesEncryptor.java similarity index 86% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/DesEncryptor.java rename to continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/DesEncryptor.java index 49d1b132..24391a54 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/DesEncryptor.java +++ b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/DesEncryptor.java @@ -14,13 +14,13 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.encryptor; +package top.continew.starter.encrypt.encryptor; import cn.hutool.crypto.symmetric.SymmetricAlgorithm; -import top.continew.starter.security.crypto.autoconfigure.CryptoContext; +import top.continew.starter.encrypt.context.CryptoContext; /** - * DES(Data Encryption Standard) 加/解密处理器 + * DES(Data Encryption Standard) 加密器 *

* 一种对称加密算法,使用相同的密钥进行加密和解密。DES 使用 56 位密钥(实际上有 64 位,但有 8 位用于奇偶校验)和一系列置换和替换操作来加密数据。 *

diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/IEncryptor.java b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/IEncryptor.java similarity index 93% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/IEncryptor.java rename to continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/IEncryptor.java index 1ff83cf6..c49412f9 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/IEncryptor.java +++ b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/IEncryptor.java @@ -14,10 +14,10 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.encryptor; +package top.continew.starter.encrypt.encryptor; /** - * 加/解密接口 + * 加密器接口 * * @author Charles7c * @author lishuyan diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PasswordEncoderEncryptor.java b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/PasswordEncoderEncryptor.java similarity index 67% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PasswordEncoderEncryptor.java rename to continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/PasswordEncoderEncryptor.java index 2d11b7b5..809abe6a 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PasswordEncoderEncryptor.java +++ b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/PasswordEncoderEncryptor.java @@ -14,16 +14,16 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.encryptor; +package top.continew.starter.encrypt.encryptor; import cn.hutool.extra.spring.SpringUtil; import org.springframework.security.crypto.password.PasswordEncoder; -import top.continew.starter.security.crypto.autoconfigure.CryptoContext; -import top.continew.starter.security.crypto.autoconfigure.CryptoProperties; -import top.continew.starter.security.crypto.autoconfigure.PasswordEncoderProperties; +import top.continew.starter.core.util.SpringUtils; +import top.continew.starter.encrypt.autoconfigure.PasswordEncoderProperties; +import top.continew.starter.encrypt.context.CryptoContext; /** - * 密码编码器加/解密处理器 + * 密码编码器加密器 * *

* 使用前必须注入 {@link PasswordEncoder},此加密方式不可逆,适合于密码场景 @@ -37,8 +37,7 @@ import top.continew.starter.security.crypto.autoconfigure.PasswordEncoderPropert */ public class PasswordEncoderEncryptor extends AbstractEncryptor { - private final PasswordEncoder passwordEncoder = SpringUtil.getBean(PasswordEncoder.class); - private final CryptoProperties properties = SpringUtil.getBean(CryptoProperties.class); + private final PasswordEncoderProperties properties = SpringUtils.getBean(PasswordEncoderProperties.class, true); public PasswordEncoderEncryptor(CryptoContext context) { super(context); @@ -47,10 +46,10 @@ public class PasswordEncoderEncryptor extends AbstractEncryptor { @Override public String encrypt(String plaintext) { // 如果已经是加密格式,直接返回 - if (properties.getPasswordEncoder().getAlgorithm().getPattern().matcher(plaintext).matches()) { + if (properties == null || properties.getAlgorithm().getPattern().matcher(plaintext).matches()) { return plaintext; } - return passwordEncoder.encode(plaintext); + return SpringUtil.getBean(PasswordEncoder.class).encode(plaintext); } @Override diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PbeWithMd5AndDesEncryptor.java b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/PbeWithMd5AndDesEncryptor.java similarity index 88% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PbeWithMd5AndDesEncryptor.java rename to continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/PbeWithMd5AndDesEncryptor.java index c101577b..0e59b552 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/PbeWithMd5AndDesEncryptor.java +++ b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/PbeWithMd5AndDesEncryptor.java @@ -14,13 +14,13 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.encryptor; +package top.continew.starter.encrypt.encryptor; import cn.hutool.crypto.symmetric.SymmetricAlgorithm; -import top.continew.starter.security.crypto.autoconfigure.CryptoContext; +import top.continew.starter.encrypt.context.CryptoContext; /** - * PBEWithMD5AndDES(Password Based Encryption With MD5 And DES) 加/解密处理器 + * PBEWithMD5AndDES(Password Based Encryption With MD5 And DES) 加密器 *

* 混合加密算法,结合了 MD5 散列算法和 DES(Data Encryption Standard)加密算法 *

diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/RsaEncryptor.java b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/RsaEncryptor.java similarity index 91% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/RsaEncryptor.java rename to continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/RsaEncryptor.java index efa9f73b..ec24bf43 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/encryptor/RsaEncryptor.java +++ b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/encryptor/RsaEncryptor.java @@ -14,15 +14,15 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.encryptor; +package top.continew.starter.encrypt.encryptor; import cn.hutool.core.codec.Base64; import cn.hutool.crypto.SecureUtil; import cn.hutool.crypto.asymmetric.KeyType; -import top.continew.starter.security.crypto.autoconfigure.CryptoContext; +import top.continew.starter.encrypt.context.CryptoContext; /** - * RSA 加/解密处理器 + * RSA 加密器 *

* 非对称加密算法,由罗纳德·李维斯特(Ron Rivest)、阿迪·沙米尔(Adi Shamir)和伦纳德·阿德曼(Leonard Adleman)于1977年提出,安全性基于大数因子分解问题的困难性。 *

diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/enums/Algorithm.java b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/enums/Algorithm.java similarity index 91% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/enums/Algorithm.java rename to continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/enums/Algorithm.java index e19c4c37..5cfccb44 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/enums/Algorithm.java +++ b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/enums/Algorithm.java @@ -14,12 +14,12 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.enums; +package top.continew.starter.encrypt.enums; -import top.continew.starter.security.crypto.encryptor.*; +import top.continew.starter.encrypt.encryptor.*; /** - * 加密/解密算法枚举 + * 加密算法枚举 * * @author Charles7c * @author lishuyan diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/enums/PasswordEncoderAlgorithm.java b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/enums/PasswordEncoderAlgorithm.java similarity index 96% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/enums/PasswordEncoderAlgorithm.java rename to continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/enums/PasswordEncoderAlgorithm.java index 1a156177..cd9bcdd1 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/enums/PasswordEncoderAlgorithm.java +++ b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/enums/PasswordEncoderAlgorithm.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.enums; +package top.continew.starter.encrypt.enums; import java.util.regex.Pattern; diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/exception/PasswordEncodeException.java b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/exception/PasswordEncodeException.java similarity index 95% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/exception/PasswordEncodeException.java rename to continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/exception/PasswordEncodeException.java index 71e1958a..4c7c5f29 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/exception/PasswordEncodeException.java +++ b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/exception/PasswordEncodeException.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.exception; +package top.continew.starter.encrypt.exception; import top.continew.starter.core.exception.BaseException; diff --git a/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/util/EncryptUtils.java b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/util/EncryptUtils.java new file mode 100644 index 00000000..aca8bc07 --- /dev/null +++ b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/util/EncryptUtils.java @@ -0,0 +1,132 @@ +/* + * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved. + *

+ * Licensed under the GNU LESSER GENERAL PUBLIC LICENSE 3.0; + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + *

+ * http://www.gnu.org/licenses/lgpl.html + *

+ * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package top.continew.starter.encrypt.util; + +import cn.hutool.core.codec.Base64; +import cn.hutool.core.text.CharSequenceUtil; +import cn.hutool.core.util.ArrayUtil; +import cn.hutool.crypto.SecureUtil; +import cn.hutool.crypto.asymmetric.KeyType; +import cn.hutool.crypto.asymmetric.RSA; + +import java.nio.charset.StandardCharsets; + +/** + * 加密工具类 + * + * @author Charles7c + * @since 2.14.0 + */ +public class EncryptUtils { + + /** + * Base64 编码 + * + * @param data 待编码数据 + * @return 编码后字符串 + * @author lishuyan + */ + public static String encodeByBase64(String data) { + return Base64.encode(data, StandardCharsets.UTF_8); + } + + /** + * Base64 解码 + * + * @param data 待解码数据 + * @return 解码后字符串 + * @author lishuyan + */ + public static String decodeByBase64(String data) { + return Base64.decodeStr(data, StandardCharsets.UTF_8); + } + + /** + * AES 加密 + * + * @param data 待加密数据 + * @param password 秘钥字符串 + * @return 加密后字符串, 采用 Base64 编码 + * @author lishuyan + */ + public static String encryptByAes(String data, String password) { + if (CharSequenceUtil.isBlank(password)) { + throw new IllegalArgumentException("AES需要传入秘钥信息"); + } + // AES算法的秘钥要求是16位、24位、32位 + int[] array = {16, 24, 32}; + if (!ArrayUtil.contains(array, password.length())) { + throw new IllegalArgumentException("AES秘钥长度要求为16位、24位、32位"); + } + return SecureUtil.aes(password.getBytes(StandardCharsets.UTF_8)).encryptBase64(data, StandardCharsets.UTF_8); + } + + /** + * AES 解密 + * + * @param data 待解密数据 + * @param password 秘钥字符串 + * @return 解密后字符串 + * @author lishuyan + */ + public static String decryptByAes(String data, String password) { + if (CharSequenceUtil.isBlank(password)) { + throw new IllegalArgumentException("AES需要传入秘钥信息"); + } + // AES算法的秘钥要求是16位、24位、32位 + int[] array = {16, 24, 32}; + if (!ArrayUtil.contains(array, password.length())) { + throw new IllegalArgumentException("AES秘钥长度要求为16位、24位、32位"); + } + return SecureUtil.aes(password.getBytes(StandardCharsets.UTF_8)).decryptStr(data, StandardCharsets.UTF_8); + } + + /** + * RSA 公钥加密 + * + * @param data 待加密数据 + * @param publicKey 公钥 + * @return 加密后字符串, 采用Base64编码 + * @author lishuyan + */ + public static String encryptByRsa(String data, String publicKey) { + if (CharSequenceUtil.isBlank(publicKey)) { + throw new IllegalArgumentException("RSA需要传入公钥进行加密"); + } + RSA rsa = SecureUtil.rsa(null, publicKey); + return rsa.encryptBase64(data, StandardCharsets.UTF_8, KeyType.PublicKey); + } + + /** + * RSA 私钥解密 + * + * @param data 待解密数据 + * @param privateKey 私钥 + * @return 解密后字符串 + * @author lishuyan + */ + public static String decryptByRsa(String data, String privateKey) { + if (CharSequenceUtil.isBlank(privateKey)) { + throw new IllegalArgumentException("RSA需要传入私钥进行解密"); + } + RSA rsa = SecureUtil.rsa(privateKey, null); + return rsa.decryptStr(data, KeyType.PrivateKey, StandardCharsets.UTF_8); + } + + private EncryptUtils() { + } +} diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/util/PasswordEncoderUtil.java b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/util/PasswordEncoderUtil.java similarity index 95% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/util/PasswordEncoderUtil.java rename to continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/util/PasswordEncoderUtil.java index a2cc387f..04fe36d6 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/util/PasswordEncoderUtil.java +++ b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/java/top/continew/starter/encrypt/util/PasswordEncoderUtil.java @@ -14,15 +14,15 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.util; +package top.continew.starter.encrypt.util; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.argon2.Argon2PasswordEncoder; import org.springframework.security.crypto.password.Pbkdf2PasswordEncoder; import org.springframework.security.crypto.scrypt.SCryptPasswordEncoder; -import top.continew.starter.security.crypto.enums.PasswordEncoderAlgorithm; -import top.continew.starter.security.crypto.exception.PasswordEncodeException; +import top.continew.starter.encrypt.enums.PasswordEncoderAlgorithm; +import top.continew.starter.encrypt.exception.PasswordEncodeException; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; diff --git a/continew-starter-encrypt/continew-starter-encrypt-core/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports new file mode 100644 index 00000000..9e47c38a --- /dev/null +++ b/continew-starter-encrypt/continew-starter-encrypt-core/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports @@ -0,0 +1 @@ +top.continew.starter.encrypt.autoconfigure.PasswordEncoderAutoConfiguration \ No newline at end of file diff --git a/continew-starter-encrypt/continew-starter-encrypt-field/pom.xml b/continew-starter-encrypt/continew-starter-encrypt-field/pom.xml new file mode 100644 index 00000000..e8472d64 --- /dev/null +++ b/continew-starter-encrypt/continew-starter-encrypt-field/pom.xml @@ -0,0 +1,31 @@ + + + 4.0.0 + + top.continew.starter + continew-starter-encrypt + ${revision} + + + continew-starter-encrypt-field + jar + + ${project.artifactId} + ContiNew Starter 加密模块 - 字段加密 + + + + + top.continew.starter + continew-starter-encrypt-core + + + + + com.baomidou + mybatis-plus-extension + + + \ No newline at end of file diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/annotation/FieldEncrypt.java b/continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/annotation/FieldEncrypt.java similarity index 82% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/annotation/FieldEncrypt.java rename to continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/annotation/FieldEncrypt.java index 93c297bb..bd33411b 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/annotation/FieldEncrypt.java +++ b/continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/annotation/FieldEncrypt.java @@ -14,10 +14,10 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.annotation; +package top.continew.starter.encrypt.field.annotation; -import top.continew.starter.security.crypto.encryptor.IEncryptor; -import top.continew.starter.security.crypto.enums.Algorithm; +import top.continew.starter.encrypt.encryptor.IEncryptor; +import top.continew.starter.encrypt.enums.Algorithm; import java.lang.annotation.ElementType; import java.lang.annotation.Retention; @@ -25,7 +25,7 @@ import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; /** - * 字段加/解密注解 + * 字段加密注解 * * @author Charles7c * @author lishuyan @@ -36,14 +36,14 @@ import java.lang.annotation.Target; public @interface FieldEncrypt { /** - * 加密/解密算法 + * 加密算法 */ Algorithm value() default Algorithm.DEFAULT; /** - * 加密/解密处理器 + * 加密处理器 *

- * 优先级高于加密/解密算法 + * 优先级高于加密算法 *

*/ Class encryptor() default IEncryptor.class; diff --git a/continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/autoconfigure/FieldEncryptAutoConfiguration.java b/continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/autoconfigure/FieldEncryptAutoConfiguration.java new file mode 100644 index 00000000..3184240a --- /dev/null +++ b/continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/autoconfigure/FieldEncryptAutoConfiguration.java @@ -0,0 +1,74 @@ +/* + * Copyright (c) 2022-present Charles7c Authors. All Rights Reserved. + *

+ * Licensed under the GNU LESSER GENERAL PUBLIC LICENSE 3.0; + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + *

+ * http://www.gnu.org/licenses/lgpl.html + *

+ * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package top.continew.starter.encrypt.field.autoconfigure; + +import jakarta.annotation.PostConstruct; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.boot.autoconfigure.AutoConfiguration; +import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.boot.context.properties.EnableConfigurationProperties; +import org.springframework.context.annotation.Bean; +import top.continew.starter.core.constant.PropertiesConstants; +import top.continew.starter.encrypt.field.interceptor.MyBatisDecryptInterceptor; +import top.continew.starter.encrypt.field.interceptor.MyBatisEncryptInterceptor; +import top.continew.starter.encrypt.field.util.EncryptHelper; + +/** + * 字段加密自动配置 + * + * @author Charles7c + * @author lishuyan + * @since 1.4.0 + */ +@AutoConfiguration +@EnableConfigurationProperties(FieldEncryptProperties.class) +@ConditionalOnProperty(prefix = PropertiesConstants.ENCRYPT_FIELD, name = PropertiesConstants.ENABLED, havingValue = "true", matchIfMissing = true) +public class FieldEncryptAutoConfiguration { + + private static final Logger log = LoggerFactory.getLogger(FieldEncryptAutoConfiguration.class); + private final FieldEncryptProperties properties; + + public FieldEncryptAutoConfiguration(FieldEncryptProperties properties) { + this.properties = properties; + } + + /** + * MyBatis 加密拦截器配置 + */ + @Bean + @ConditionalOnMissingBean + public MyBatisEncryptInterceptor mybatisEncryptInterceptor() { + return new MyBatisEncryptInterceptor(); + } + + /** + * MyBatis 解密拦截器配置 + */ + @Bean + @ConditionalOnMissingBean(MyBatisDecryptInterceptor.class) + public MyBatisDecryptInterceptor mybatisDecryptInterceptor() { + return new MyBatisDecryptInterceptor(); + } + + @PostConstruct + public void postConstruct() { + EncryptHelper.init(properties); + log.debug("[ContiNew Starter] - Auto Configuration 'Encrypt-Field' completed initialization."); + } +} diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoProperties.java b/continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/autoconfigure/FieldEncryptProperties.java similarity index 84% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoProperties.java rename to continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/autoconfigure/FieldEncryptProperties.java index 78ce2363..fa50e070 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/autoconfigure/CryptoProperties.java +++ b/continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/autoconfigure/FieldEncryptProperties.java @@ -14,27 +14,28 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.autoconfigure; +package top.continew.starter.encrypt.field.autoconfigure; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.boot.context.properties.NestedConfigurationProperty; import top.continew.starter.core.constant.PropertiesConstants; -import top.continew.starter.security.crypto.enums.Algorithm; +import top.continew.starter.encrypt.autoconfigure.PasswordEncoderProperties; +import top.continew.starter.encrypt.enums.Algorithm; /** - * 加/解密配置属性 + * 字段加密配置属性 * * @author Charles7c * @author lishuyan * @since 1.4.0 */ -@ConfigurationProperties(PropertiesConstants.SECURITY_CRYPTO) -public class CryptoProperties { +@ConfigurationProperties(PropertiesConstants.ENCRYPT_FIELD) +public class FieldEncryptProperties { /** * 是否启用 */ - private boolean enabled = true; + private Boolean enabled; /** * 默认算法 @@ -62,11 +63,11 @@ public class CryptoProperties { @NestedConfigurationProperty private PasswordEncoderProperties passwordEncoder; - public boolean isEnabled() { + public Boolean getEnabled() { return enabled; } - public void setEnabled(boolean enabled) { + public void setEnabled(Boolean enabled) { this.enabled = enabled; } diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/AbstractMyBatisInterceptor.java b/continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/interceptor/AbstractMyBatisInterceptor.java similarity index 97% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/AbstractMyBatisInterceptor.java rename to continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/interceptor/AbstractMyBatisInterceptor.java index b434adc3..e67127d4 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/AbstractMyBatisInterceptor.java +++ b/continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/interceptor/AbstractMyBatisInterceptor.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.mybatis; +package top.continew.starter.encrypt.field.interceptor; import cn.hutool.core.text.CharSequenceUtil; import cn.hutool.core.util.ReflectUtil; @@ -22,7 +22,7 @@ import org.apache.ibatis.annotations.Param; import org.apache.ibatis.mapping.MappedStatement; import top.continew.starter.core.constant.StringConstants; import top.continew.starter.core.exception.BaseException; -import top.continew.starter.security.crypto.annotation.FieldEncrypt; +import top.continew.starter.encrypt.field.annotation.FieldEncrypt; import java.lang.reflect.Field; import java.lang.reflect.Method; diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/MyBatisDecryptInterceptor.java b/continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/interceptor/MyBatisDecryptInterceptor.java similarity index 95% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/MyBatisDecryptInterceptor.java rename to continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/interceptor/MyBatisDecryptInterceptor.java index 0f6f7621..fb78d99e 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/MyBatisDecryptInterceptor.java +++ b/continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/interceptor/MyBatisDecryptInterceptor.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.mybatis; +package top.continew.starter.encrypt.field.interceptor; import cn.hutool.core.collection.CollUtil; import cn.hutool.core.text.CharSequenceUtil; @@ -26,8 +26,8 @@ import org.apache.ibatis.plugin.Intercepts; import org.apache.ibatis.plugin.Invocation; import org.apache.ibatis.plugin.Signature; import org.apache.ibatis.type.SimpleTypeRegistry; -import top.continew.starter.security.crypto.annotation.FieldEncrypt; -import top.continew.starter.security.crypto.util.EncryptHelper; +import top.continew.starter.encrypt.field.annotation.FieldEncrypt; +import top.continew.starter.encrypt.field.util.EncryptHelper; import java.lang.reflect.Field; import java.sql.Statement; diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/MyBatisEncryptInterceptor.java b/continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/interceptor/MyBatisEncryptInterceptor.java similarity index 97% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/MyBatisEncryptInterceptor.java rename to continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/interceptor/MyBatisEncryptInterceptor.java index 371bdba9..9257ba87 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/mybatis/MyBatisEncryptInterceptor.java +++ b/continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/interceptor/MyBatisEncryptInterceptor.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.mybatis; +package top.continew.starter.encrypt.field.interceptor; import cn.hutool.core.text.CharSequenceUtil; import cn.hutool.core.util.ClassUtil; @@ -29,8 +29,8 @@ import org.apache.ibatis.mapping.MappedStatement; import org.apache.ibatis.session.ResultHandler; import org.apache.ibatis.session.RowBounds; import top.continew.starter.core.constant.StringConstants; -import top.continew.starter.security.crypto.annotation.FieldEncrypt; -import top.continew.starter.security.crypto.util.EncryptHelper; +import top.continew.starter.encrypt.field.annotation.FieldEncrypt; +import top.continew.starter.encrypt.field.util.EncryptHelper; import java.lang.reflect.Field; import java.util.Arrays; diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/util/EncryptHelper.java b/continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/util/EncryptHelper.java similarity index 63% rename from continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/util/EncryptHelper.java rename to continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/util/EncryptHelper.java index d891726d..c86f85d8 100644 --- a/continew-starter-security/continew-starter-security-crypto/src/main/java/top/continew/starter/security/crypto/util/EncryptHelper.java +++ b/continew-starter-encrypt/continew-starter-encrypt-field/src/main/java/top/continew/starter/encrypt/field/util/EncryptHelper.java @@ -14,25 +14,19 @@ * limitations under the License. */ -package top.continew.starter.security.crypto.util; +package top.continew.starter.encrypt.field.util; -import cn.hutool.core.codec.Base64; import cn.hutool.core.text.CharSequenceUtil; -import cn.hutool.core.util.ArrayUtil; import cn.hutool.core.util.ReflectUtil; -import cn.hutool.crypto.SecureUtil; -import cn.hutool.crypto.asymmetric.KeyType; -import cn.hutool.crypto.asymmetric.RSA; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import top.continew.starter.security.crypto.annotation.FieldEncrypt; -import top.continew.starter.security.crypto.autoconfigure.CryptoContext; -import top.continew.starter.security.crypto.autoconfigure.CryptoProperties; -import top.continew.starter.security.crypto.encryptor.IEncryptor; -import top.continew.starter.security.crypto.enums.Algorithm; +import top.continew.starter.encrypt.context.CryptoContext; +import top.continew.starter.encrypt.encryptor.IEncryptor; +import top.continew.starter.encrypt.enums.Algorithm; +import top.continew.starter.encrypt.field.annotation.FieldEncrypt; +import top.continew.starter.encrypt.field.autoconfigure.FieldEncryptProperties; import java.lang.reflect.Field; -import java.nio.charset.StandardCharsets; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; @@ -49,7 +43,7 @@ public class EncryptHelper { /** * 默认加密配置 */ - private static CryptoProperties defaultProperties; + private static FieldEncryptProperties defaultProperties; /** * 加密器缓存 @@ -64,7 +58,7 @@ public class EncryptHelper { * * @param properties 加密配置 */ - public static void init(CryptoProperties properties) { + public static void init(FieldEncryptProperties properties) { defaultProperties = properties; } @@ -105,7 +99,7 @@ public class EncryptHelper { * @return 加密后的字符串 */ public static String encrypt(String value, FieldEncrypt fieldEncrypt) { - if (CharSequenceUtil.isBlank(value) || fieldEncrypt == null || !defaultProperties.isEnabled()) { + if (CharSequenceUtil.isBlank(value) || fieldEncrypt == null) { return value; } String ciphertext = value; @@ -126,7 +120,7 @@ public class EncryptHelper { * @return 加密后的字符串 */ public static String encrypt(String value) { - if (CharSequenceUtil.isBlank(value) || !defaultProperties.isEnabled()) { + if (CharSequenceUtil.isBlank(value)) { return value; } String ciphertext = value; @@ -148,7 +142,7 @@ public class EncryptHelper { * @return 解密后的字符串 */ public static String decrypt(String value, FieldEncrypt fieldEncrypt) { - if (CharSequenceUtil.isBlank(value) || fieldEncrypt == null || !defaultProperties.isEnabled()) { + if (CharSequenceUtil.isBlank(value) || fieldEncrypt == null) { return value; } String plaintext = value; @@ -169,7 +163,7 @@ public class EncryptHelper { * @return 解密后的字符串 */ public static String decrypt(String value) { - if (CharSequenceUtil.isBlank(value) || !defaultProperties.isEnabled()) { + if (CharSequenceUtil.isBlank(value)) { return value; } String plaintext = value; @@ -223,98 +217,4 @@ public class EncryptHelper { cryptoContext.setPublicKey(defaultProperties.getPublicKey()); return cryptoContext; } - - /** - * Base64编码 - * - * @param data 待编码数据 - * @return 编码后字符串 - * @since 2.14.0 - */ - public static String encodeByBase64(String data) { - return Base64.encode(data, StandardCharsets.UTF_8); - } - - /** - * Base64解码 - * - * @param data 待解码数据 - * @return 解码后字符串 - * @since 2.14.0 - */ - public static String decodeByBase64(String data) { - return Base64.decodeStr(data, StandardCharsets.UTF_8); - } - - /** - * AES加密 - * - * @param data 待加密数据 - * @param password 秘钥字符串 - * @return 加密后字符串, 采用Base64编码 - * @since 2.14.0 - */ - public static String encryptByAes(String data, String password) { - if (CharSequenceUtil.isBlank(password)) { - throw new IllegalArgumentException("AES需要传入秘钥信息"); - } - // AES算法的秘钥要求是16位、24位、32位 - int[] array = {16, 24, 32}; - if (!ArrayUtil.contains(array, password.length())) { - throw new IllegalArgumentException("AES秘钥长度要求为16位、24位、32位"); - } - return SecureUtil.aes(password.getBytes(StandardCharsets.UTF_8)).encryptBase64(data, StandardCharsets.UTF_8); - } - - /** - * AES解密 - * - * @param data 待解密数据 - * @param password 秘钥字符串 - * @return 解密后字符串 - * @since 2.14.0 - */ - public static String decryptByAes(String data, String password) { - if (CharSequenceUtil.isBlank(password)) { - throw new IllegalArgumentException("AES需要传入秘钥信息"); - } - // AES算法的秘钥要求是16位、24位、32位 - int[] array = {16, 24, 32}; - if (!ArrayUtil.contains(array, password.length())) { - throw new IllegalArgumentException("AES秘钥长度要求为16位、24位、32位"); - } - return SecureUtil.aes(password.getBytes(StandardCharsets.UTF_8)).decryptStr(data, StandardCharsets.UTF_8); - } - - /** - * RSA公钥加密 - * - * @param data 待加密数据 - * @param publicKey 公钥 - * @return 加密后字符串, 采用Base64编码 - * @since 2.14.0 - */ - public static String encryptByRsa(String data, String publicKey) { - if (CharSequenceUtil.isBlank(publicKey)) { - throw new IllegalArgumentException("RSA需要传入公钥进行加密"); - } - RSA rsa = SecureUtil.rsa(null, publicKey); - return rsa.encryptBase64(data, StandardCharsets.UTF_8, KeyType.PublicKey); - } - - /** - * RSA私钥解密 - * - * @param data 待解密数据 - * @param privateKey 私钥 - * @return 解密后字符串 - * @since 2.14.0 - */ - public static String decryptByRsa(String data, String privateKey) { - if (CharSequenceUtil.isBlank(privateKey)) { - throw new IllegalArgumentException("RSA需要传入私钥进行解密"); - } - RSA rsa = SecureUtil.rsa(privateKey, null); - return rsa.decryptStr(data, KeyType.PrivateKey, StandardCharsets.UTF_8); - } } diff --git a/continew-starter-encrypt/continew-starter-encrypt-field/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/continew-starter-encrypt/continew-starter-encrypt-field/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports new file mode 100644 index 00000000..8fff51d5 --- /dev/null +++ b/continew-starter-encrypt/continew-starter-encrypt-field/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports @@ -0,0 +1 @@ +top.continew.starter.encrypt.field.autoconfigure.FieldEncryptAutoConfiguration \ No newline at end of file diff --git a/continew-starter-encrypt/pom.xml b/continew-starter-encrypt/pom.xml new file mode 100644 index 00000000..14c393eb --- /dev/null +++ b/continew-starter-encrypt/pom.xml @@ -0,0 +1,23 @@ + + + 4.0.0 + + top.continew.starter + continew-starter + ${revision} + + + continew-starter-encrypt + pom + + ${project.artifactId} + ContiNew Starter 加密模块 + + + continew-starter-encrypt-core + continew-starter-encrypt-field + continew-starter-encrypt-api + + \ No newline at end of file diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/continew-starter-security/continew-starter-security-crypto/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports deleted file mode 100644 index f8fe1748..00000000 --- a/continew-starter-security/continew-starter-security-crypto/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports +++ /dev/null @@ -1,2 +0,0 @@ -top.continew.starter.security.crypto.autoconfigure.CryptoAutoConfiguration -top.continew.starter.security.crypto.autoconfigure.ApiCryptoAutoConfiguration \ No newline at end of file diff --git a/continew-starter-security/continew-starter-security-crypto/src/main/resources/default-crypto.yml b/continew-starter-security/continew-starter-security-crypto/src/main/resources/default-crypto.yml deleted file mode 100644 index 200adcca..00000000 --- a/continew-starter-security/continew-starter-security-crypto/src/main/resources/default-crypto.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- ### 安全配置:字段加/解密配置 -continew-starter.security: - crypto: - enabled: true - # 默认算法,即 @FieldEncrypt 默认采用的算法(默认:AES 对称加密算法) - algorithm: AES \ No newline at end of file diff --git a/continew-starter-security/pom.xml b/continew-starter-security/pom.xml index c410bf3c..57f6107d 100644 --- a/continew-starter-security/pom.xml +++ b/continew-starter-security/pom.xml @@ -16,7 +16,6 @@ ContiNew Starter 安全模块 - continew-starter-security-crypto continew-starter-security-mask continew-starter-security-xss continew-starter-security-sensitivewords diff --git a/pom.xml b/pom.xml index 593c791a..64f861f8 100644 --- a/pom.xml +++ b/pom.xml @@ -42,6 +42,7 @@ continew-starter-cache continew-starter-auth continew-starter-data + continew-starter-encrypt continew-starter-security continew-starter-ratelimiter continew-starter-idempotent