feat:support partial configuration encrypt.

Author: SkyeBeFreeman

polaris-common/polaris-encrypt/pom.xml

@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>polaris-common</artifactId>
+        <groupId>com.tencent.polaris</groupId>
+        <version>${revision}</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>polaris-encrypt</artifactId>
+    <name>Polaris Common Encrypt</name>
+    <description>Polaris Common Encrypt JAR</description>
+
+    <dependencies>
+        <dependency>
+            <groupId>com.tencent.polaris</groupId>
+            <artifactId>polaris-model</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+            <version>${slf4j.version}</version>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.bouncycastle</groupId>
+            <artifactId>bcpkix-jdk15to18</artifactId>
+            <version>${bouncycastle.version}</version>
+        </dependency>
+    </dependencies>
+</project>

polaris-common/polaris-encrypt/src/main/java/com/tencent/polaris/encrypt/ConfigEncryptProvider.java

@@ -0,0 +1,44 @@
+/*
+ * Tencent is pleased to support the open source community by making Polaris available.
+ *
+ * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
+ *
+ *  Licensed under the BSD 3-Clause License (the "License");
+ *  you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://opensource.org/licenses/BSD-3-Clause
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed
+ * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+ * CONDITIONS OF ANY KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+
+package com.tencent.polaris.encrypt;
+
+/**
+ * TSF 配置加密提供器接口
+ *
+ * @author hongweizhu
+ */
+public abstract class ConfigEncryptProvider {
+
+    /**
+     * 加密
+     *
+     * @param content  明文
+     * @param password 密码
+     * @return 密文
+     */
+    public abstract String encrypt(String content, String password);
+
+    /**
+     * 解密
+     *
+     * @param encryptedContent 密文
+     * @param password         密码
+     * @return 明文
+     */
+    public abstract String decrypt(String encryptedContent, String password);
+}

polaris-common/polaris-encrypt/src/main/java/com/tencent/polaris/encrypt/ConfigEncryptProviderFactory.java

@@ -0,0 +1,40 @@
+/*
+ * Tencent is pleased to support the open source community by making Polaris available.
+ *
+ * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
+ *
+ *  Licensed under the BSD 3-Clause License (the "License");
+ *  you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://opensource.org/licenses/BSD-3-Clause
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed
+ * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+ * CONDITIONS OF ANY KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+
+package com.tencent.polaris.encrypt;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class ConfigEncryptProviderFactory {
+
+    private static final Logger log = LoggerFactory.getLogger(ConfigEncryptProviderFactory.class);
+
+    private static ConfigEncryptProvider configEncryptProvider = null;
+
+    public static ConfigEncryptProvider getInstance() {
+        if (null == configEncryptProvider) {
+            try {
+                Class<?> providerClass = Class.forName(EncryptConfig.getProviderClass());
+                configEncryptProvider = (ConfigEncryptProvider) providerClass.newInstance();
+            } catch (ClassNotFoundException | InstantiationException | IllegalAccessException e) {
+                log.error("get config encrypt provider error", e);
+            }
+        }
+        return configEncryptProvider;
+    }
+}

polaris-common/polaris-encrypt/src/main/java/com/tencent/polaris/encrypt/EncryptConfig.java

@@ -0,0 +1,121 @@
+/*
+ * Tencent is pleased to support the open source community by making Polaris available.
+ *
+ * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
+ *
+ *  Licensed under the BSD 3-Clause License (the "License");
+ *  you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://opensource.org/licenses/BSD-3-Clause
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed
+ * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+ * CONDITIONS OF ANY KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+
+package com.tencent.polaris.encrypt;
+
+import com.tencent.polaris.api.utils.StringUtils;
+
+public class EncryptConfig {
+
+    private static final String TSF_PASSWORD_KEY = "tsf_config_encrypt_password";
+
+    private static final String PASSWORD_KEY = "config_encrypt_password";
+
+    static {
+        // TSF 环境变量
+        if (null != System.getenv(TSF_PASSWORD_KEY)) {
+            password = System.getenv(TSF_PASSWORD_KEY);
+        }
+        // TSF JVM参数
+        if (null != System.getProperty(TSF_PASSWORD_KEY)) {
+            password = System.getProperty(TSF_PASSWORD_KEY);
+        }
+        // 环境变量
+        if (null != System.getenv(PASSWORD_KEY)) {
+            password = System.getenv(PASSWORD_KEY);
+        }
+        // JVM参数
+        if (null != System.getProperty(PASSWORD_KEY)) {
+            password = System.getProperty(PASSWORD_KEY);
+        }
+    }
+
+    /**
+     * 加密前缀
+     */
+    public static String ENCRYPT_PREFIX = "ENC(";
+    /**
+     * 加密后缀
+     */
+    public static String ENCRYPT_SUFFIX = ")";
+
+    /**
+     * 密码
+     */
+    private static String password;
+
+    /**
+     * 加解密提供器类名
+     */
+    private static String providerClass = "com.tencent.polaris.encrypt.impl.ConfigEncryptAESProvider";
+
+    /**
+     * 是否开启配置，判断 password 是否为空
+     */
+    public static Boolean getEnabled() {
+        return StringUtils.isNotBlank(password);
+    }
+
+    public static String getPassword() {
+        return EncryptConfig.password;
+    }
+
+    public static void setPassword(String password) {
+        EncryptConfig.password = password;
+    }
+
+    public static ConfigEncryptProvider getProvider() {
+        return ConfigEncryptProviderFactory.getInstance();
+    }
+
+    public static String getProviderClass() {
+        return providerClass;
+    }
+
+    public static void setProviderClass(String providerClass) {
+        EncryptConfig.providerClass = providerClass;
+    }
+
+    /**
+     * 是否需要进行解密
+     *
+     * @param content 判断对象
+     * @return true：需要解密；false：不需要解密
+     */
+    public static Boolean needDecrypt(Object content) {
+        if (null == content) {
+            return false;
+        } else {
+            String stringValue = String.valueOf(content);
+            return stringValue.startsWith(ENCRYPT_PREFIX) && stringValue.endsWith(ENCRYPT_SUFFIX);
+        }
+    }
+
+    /**
+     * 获取真实密文
+     *
+     * @param content 原始配置值
+     * @return 真实密文
+     */
+    public static String realContent(Object content) {
+        if (null != content) {
+            String stringValue = String.valueOf(content);
+            return stringValue.substring(ENCRYPT_PREFIX.length(), stringValue.length() - ENCRYPT_SUFFIX.length());
+        }
+        return null;
+    }
+}

polaris-common/polaris-encrypt/src/main/java/com/tencent/polaris/encrypt/impl/ConfigEncryptAESProvider.java

@@ -0,0 +1,48 @@
+/*
+ * Tencent is pleased to support the open source community by making Polaris available.
+ *
+ * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved.
+ *
+ *  Licensed under the BSD 3-Clause License (the "License");
+ *  you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://opensource.org/licenses/BSD-3-Clause
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed
+ * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+ * CONDITIONS OF ANY KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+
+package com.tencent.polaris.encrypt.impl;
+
+import com.tencent.polaris.encrypt.ConfigEncryptProvider;
+import com.tencent.polaris.encrypt.util.AESUtil;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class ConfigEncryptAESProvider extends ConfigEncryptProvider {
+
+    private static final Logger log = LoggerFactory.getLogger(ConfigEncryptAESProvider.class);
+
+    @Override
+    public String encrypt(String content, String password) {
+        try {
+            return AESUtil.encrypt(content, password);
+        } catch (Exception e) {
+            log.error("[TSF SDK] Error on encrypting.", e);
+            throw e;
+        }
+    }
+
+    @Override
+    public String decrypt(String encryptedContent, String password) {
+        try {
+            return AESUtil.decrypt(encryptedContent, password);
+        } catch (Exception e) {
+            log.error("[TSF SDK] Error on decrypting.", e);
+            throw e;
+        }
+    }
+}