Skip to content

Commit 6e64f1d

Browse files
zhiwen-lwzhiwen-lw
committed
update: 加密sdk版本适配1.6
1 parent 9b2d1ff commit 6e64f1d

File tree

4 files changed

+67
-43
lines changed

4 files changed

+67
-43
lines changed

pom.xml

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -81,6 +81,11 @@
8181
<artifactId>validation-api</artifactId>
8282
<version>2.0.1.Final</version>
8383
</dependency>
84+
<dependency>
85+
<groupId>org.bouncycastle</groupId>
86+
<artifactId>bcprov-jdk15on</artifactId>
87+
<version>1.61</version>
88+
</dependency>
8489
</dependencies>
8590

8691
<build>
@@ -90,8 +95,8 @@
9095
<artifactId>maven-compiler-plugin</artifactId>
9196
<version>2.3.2</version>
9297
<configuration>
93-
<source>8</source>
94-
<target>8</target>
98+
<source>1.6</source>
99+
<target>1.6</target>
95100
<encoding>UTF-8</encoding>
96101
</configuration>
97102
</plugin>

src/main/java/com/alipay/global/api/request/ams/risk/tee/constants/CryptoSdkConstant.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
*/
55
package com.alipay.global.api.request.ams.risk.tee.constants;
66

7-
import java.nio.charset.StandardCharsets;
7+
import java.nio.charset.Charset;
88

99
/**
1010
* necessary constants for encrypt SDK
@@ -14,7 +14,7 @@ public class CryptoSdkConstant {
1414
public static final int TAG_LENGTH = 96;
1515

1616
//to ensure that the same plaintext has the same ciphertext, we use a fixed initialization vector
17-
public static final byte[] COMMON_IV = "i".getBytes(StandardCharsets.UTF_8);
17+
public static final byte[] COMMON_IV = "i".getBytes(Charset.forName("UTF-8"));
1818

1919
public static final String ENCRYPT_ALGORITHM = "AES/GCM/NoPadding";
2020

src/main/java/com/alipay/global/api/request/ams/risk/tee/crypto/AESCrypto.java

Lines changed: 30 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -7,11 +7,16 @@
77
import com.alipay.global.api.request.ams.risk.tee.constants.CryptoSdkConstant;
88
import com.alipay.global.api.request.ams.risk.tee.enums.ErrorCodeEnum;
99
import com.alipay.global.api.request.ams.risk.tee.exception.CryptoException;
10+
import org.bouncycastle.crypto.CipherParameters;
11+
import org.bouncycastle.crypto.engines.AESEngine;
12+
import org.bouncycastle.crypto.modes.GCMBlockCipher;
13+
import org.bouncycastle.crypto.params.AEADParameters;
14+
import org.bouncycastle.crypto.params.KeyParameter;
15+
import org.bouncycastle.jce.provider.BouncyCastleProvider;
1016

11-
import javax.crypto.Cipher;
12-
import javax.crypto.spec.GCMParameterSpec;
1317
import javax.crypto.spec.SecretKeySpec;
14-
import java.util.Base64;
18+
import javax.xml.bind.DatatypeConverter;
19+
import java.security.Security;
1520

1621
/**
1722
* AES crypto implementation
@@ -20,6 +25,10 @@
2025
public class AESCrypto implements Crypto {
2126
private static volatile AESCrypto instance;
2227

28+
static {
29+
Security.addProvider(new BouncyCastleProvider());
30+
}
31+
2332
public static AESCrypto getInstance() {
2433
if (instance == null) {
2534
synchronized (AESCrypto.class) {
@@ -68,19 +77,27 @@ public byte[] encrypt(String dataKeyBase64, byte[] data) {
6877
if (dataKeyBase64 == null || dataKeyBase64.length() == 0) {
6978
throw new CryptoException(ErrorCodeEnum.PARAM_ILLEGAL, "dataKey cannot be empty");
7079
}
71-
return encrypt(Base64.getDecoder().decode(dataKeyBase64), data);
80+
return encrypt(DatatypeConverter.parseBase64Binary(dataKeyBase64), data);
7281
}
7382

7483
private byte[] encrypt(byte[] data, SecretKeySpec keySpec) throws Exception {
75-
GCMParameterSpec parameterSpec = new GCMParameterSpec(CryptoSdkConstant.TAG_LENGTH,
76-
CryptoSdkConstant.COMMON_IV);
77-
Cipher cipher = Cipher.getInstance(CryptoSdkConstant.ENCRYPT_ALGORITHM);
78-
cipher.init(Cipher.ENCRYPT_MODE, keySpec, parameterSpec);
79-
byte[] encrypted = cipher.doFinal(data);
80-
byte[] result = new byte[CryptoSdkConstant.COMMON_IV.length + encrypted.length];
81-
System.arraycopy(CryptoSdkConstant.COMMON_IV, 0, result, encrypted.length,
82-
CryptoSdkConstant.COMMON_IV.length);
83-
System.arraycopy(encrypted, 0, result, 0, encrypted.length);
84+
85+
GCMBlockCipher gcmEngine = new GCMBlockCipher(new AESEngine());
86+
87+
CipherParameters params = new AEADParameters(
88+
new KeyParameter(keySpec.getEncoded()), CryptoSdkConstant.TAG_LENGTH,
89+
CryptoSdkConstant.COMMON_IV
90+
);
91+
92+
gcmEngine.init(true, params);
93+
int encryptedDataLength = gcmEngine.getOutputSize(data.length);
94+
byte[] encryptedData = new byte[encryptedDataLength];
95+
int outputLen = gcmEngine.processBytes(data, 0, data.length, encryptedData, 0);
96+
gcmEngine.doFinal(encryptedData, outputLen);
97+
byte[] result = new byte[CryptoSdkConstant.COMMON_IV.length + encryptedData.length];
98+
System.arraycopy(encryptedData, 0, result, 0, encryptedData.length);
99+
System.arraycopy(CryptoSdkConstant.COMMON_IV, 0, result, encryptedData.length, CryptoSdkConstant.COMMON_IV.length);
84100
return result;
85101
}
102+
86103
}

src/main/java/com/alipay/global/api/request/ams/risk/tee/encryptstrategy/RiskDecideEncryptStrategy.java

Lines changed: 28 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -13,16 +13,18 @@
1313
import com.alipay.global.api.request.ams.risk.tee.enums.EncryptKeyEnum;
1414
import com.alipay.global.api.request.ams.risk.tee.enums.ErrorCodeEnum;
1515
import com.alipay.global.api.request.ams.risk.tee.exception.CryptoException;
16-
17-
import java.nio.charset.StandardCharsets;
18-
import java.util.Base64;
16+
import javax.xml.bind.DatatypeConverter;
17+
import java.nio.charset.Charset;
1918
import java.util.List;
2019

2120
/**
2221
* request encrypt strategy for risk decide API
2322
* risk decide API 的请求加密策略
2423
*/
2524
public class RiskDecideEncryptStrategy implements EncryptStrategy{
25+
26+
Charset utf8Charset = Charset.forName("UTF-8");
27+
2628
@Override
2729
public void encrypt(byte[] data_key, AlipayRequest<?> request, List<EncryptKeyEnum> encryptKeyList) {
2830
if (request == null || encryptKeyList == null) {
@@ -38,7 +40,7 @@ public void encrypt(byte[] data_key, AlipayRequest<?> request, List<EncryptKeyEn
3840

3941
@Override
4042
public void encrypt(String dataKeyBase64, AlipayRequest<?> request, List<EncryptKeyEnum> encryptKeyList) {
41-
encrypt(Base64.getDecoder().decode(dataKeyBase64), request, encryptKeyList);
43+
encrypt(DatatypeConverter.parseBase64Binary(dataKeyBase64), request, encryptKeyList);
4244
}
4345

4446
/**
@@ -64,24 +66,24 @@ private void doEncrypt(byte[] data_key, RiskDecideRequest request, List<EncryptK
6466
if (buyerEmail == null || buyerEmail.isEmpty()) {
6567
continue;
6668
}
67-
encrypt = crypto.encrypt(data_key, buyerEmail.getBytes(StandardCharsets.UTF_8));
68-
request.getBuyer().setBuyerEmail(Base64.getEncoder().encodeToString(encrypt));
69+
encrypt = crypto.encrypt(data_key, buyerEmail.getBytes(utf8Charset));
70+
request.getBuyer().setBuyerEmail(DatatypeConverter.printBase64Binary(encrypt));
6971
break;
7072
case BUYER_PHONE_NO:
7173
String buyerPhoneNo = request.getBuyer().getBuyerPhoneNo();
7274
if (buyerPhoneNo == null || buyerPhoneNo.isEmpty()) {
7375
continue;
7476
}
75-
encrypt = crypto.encrypt(data_key, buyerPhoneNo.getBytes(StandardCharsets.UTF_8));
76-
request.getBuyer().setBuyerPhoneNo(Base64.getEncoder().encodeToString(encrypt));
77+
encrypt = crypto.encrypt(data_key, buyerPhoneNo.getBytes(utf8Charset));
78+
request.getBuyer().setBuyerPhoneNo(DatatypeConverter.printBase64Binary(encrypt));
7779
break;
7880
case BUYER_REGISTRATION_TIME:
7981
String buyerRegistrationTime = request.getBuyer().getBuyerRegistrationTime();
8082
if (buyerRegistrationTime == null || buyerRegistrationTime.isEmpty()) {
8183
continue;
8284
}
83-
encrypt = crypto.encrypt(data_key, buyerRegistrationTime.getBytes(StandardCharsets.UTF_8));
84-
request.getBuyer().setBuyerRegistrationTime(Base64.getEncoder().encodeToString(encrypt));
85+
encrypt = crypto.encrypt(data_key, buyerRegistrationTime.getBytes(utf8Charset));
86+
request.getBuyer().setBuyerRegistrationTime(DatatypeConverter.printBase64Binary(encrypt));
8587
break;
8688
case BILL_TO_NAME:
8789
for (PaymentDetail paymentDetail : paymentDetails) {
@@ -94,8 +96,8 @@ private void doEncrypt(byte[] data_key, RiskDecideRequest request, List<EncryptK
9496
if (address1 == null || address1.isEmpty()) {
9597
continue;
9698
}
97-
encrypt = crypto.encrypt(data_key, address1.getBytes(StandardCharsets.UTF_8));
98-
order.getShipping().getShippingAddress().setAddress1(Base64.getEncoder().encodeToString(encrypt));
99+
encrypt = crypto.encrypt(data_key, address1.getBytes(utf8Charset));
100+
order.getShipping().getShippingAddress().setAddress1(DatatypeConverter.printBase64Binary(encrypt));
99101
}
100102
break;
101103
case SHIPPING_ADDRESS2:
@@ -104,8 +106,8 @@ private void doEncrypt(byte[] data_key, RiskDecideRequest request, List<EncryptK
104106
if (address2 == null || address2.isEmpty()) {
105107
continue;
106108
}
107-
encrypt = crypto.encrypt(data_key, address2.getBytes(StandardCharsets.UTF_8));
108-
order.getShipping().getShippingAddress().setAddress2(Base64.getEncoder().encodeToString(encrypt));
109+
encrypt = crypto.encrypt(data_key, address2.getBytes(utf8Charset));
110+
order.getShipping().getShippingAddress().setAddress2(DatatypeConverter.printBase64Binary(encrypt));
109111
}
110112
break;
111113
case SHIPPING_NAME:
@@ -119,8 +121,8 @@ private void doEncrypt(byte[] data_key, RiskDecideRequest request, List<EncryptK
119121
if (email == null || email.isEmpty()) {
120122
continue;
121123
}
122-
encrypt = crypto.encrypt(data_key, email.getBytes(StandardCharsets.UTF_8));
123-
order.getShipping().setShipToEmail(Base64.getEncoder().encodeToString(encrypt));
124+
encrypt = crypto.encrypt(data_key, email.getBytes(utf8Charset));
125+
order.getShipping().setShipToEmail(DatatypeConverter.printBase64Binary(encrypt));
124126
}
125127
break;
126128
case SHIPPING_PHONE_NO:
@@ -129,8 +131,8 @@ private void doEncrypt(byte[] data_key, RiskDecideRequest request, List<EncryptK
129131
if (phoneNo == null || phoneNo.isEmpty()) {
130132
continue;
131133
}
132-
encrypt = crypto.encrypt(data_key, phoneNo.getBytes(StandardCharsets.UTF_8));
133-
order.getShipping().setShippingPhoneNo(Base64.getEncoder().encodeToString(encrypt));
134+
encrypt = crypto.encrypt(data_key, phoneNo.getBytes(utf8Charset));
135+
order.getShipping().setShippingPhoneNo(DatatypeConverter.printBase64Binary(encrypt));
134136
}
135137
break;
136138
default:
@@ -151,20 +153,20 @@ private void encryptName(byte[] data_key, UserName userName, AESCrypto crypto) {
151153
return;
152154
}
153155
if (userName.getFirstName() != null && !userName.getFirstName().isEmpty()) {
154-
userName.setFirstName(Base64.getEncoder().encodeToString(
155-
crypto.encrypt(data_key, userName.getFirstName().getBytes(StandardCharsets.UTF_8))));
156+
userName.setFirstName(DatatypeConverter.printBase64Binary(
157+
crypto.encrypt(data_key, userName.getFirstName().getBytes(utf8Charset))));
156158
}
157159
if (userName.getMiddleName() != null && !userName.getMiddleName().isEmpty()) {
158-
userName.setMiddleName(Base64.getEncoder().encodeToString(
159-
crypto.encrypt(data_key, userName.getMiddleName().getBytes(StandardCharsets.UTF_8))));
160+
userName.setMiddleName(DatatypeConverter.printBase64Binary(
161+
crypto.encrypt(data_key, userName.getMiddleName().getBytes(utf8Charset))));
160162
}
161163
if (userName.getLastName() != null && !userName.getLastName().isEmpty()) {
162-
userName.setLastName(Base64.getEncoder().encodeToString(
163-
crypto.encrypt(data_key, userName.getLastName().getBytes(StandardCharsets.UTF_8))));
164+
userName.setLastName(DatatypeConverter.printBase64Binary(
165+
crypto.encrypt(data_key, userName.getLastName().getBytes(utf8Charset))));
164166
}
165167
if (userName.getFullName() != null && !userName.getFullName().isEmpty()) {
166-
userName.setFullName(Base64.getEncoder().encodeToString(
167-
crypto.encrypt(data_key, userName.getFullName().getBytes(StandardCharsets.UTF_8))));
168+
userName.setFullName(DatatypeConverter.printBase64Binary(
169+
crypto.encrypt(data_key, userName.getFullName().getBytes(utf8Charset))));
168170
}
169171
}
170172
}

0 commit comments

Comments
 (0)