通用加解密引擎

 

import java.security.Key;
import java.util.Properties;

import com.lenovo.lps.log.Log;
import com.lenovo.lps.psb.pt.service.PTServiceHelper;
import com.lenovo.lps.psb.pt.util.Constants;

/**
 * 通用加解密引擎
  */
public class CryptogramEngine {

 private static final Log log = Log.getInstance(CryptogramEngine.class);
 
 //算法 or signMode
 public static final String AES = "AES";
 public static final String DES = "DES";
 public static final String RSA = "RSA";
 
 public static final String DSA = "DSA";
 public static final String SHA = "SHA";
 public static final String HMAC = "HMACSHA";

 //该类的唯一实例
 private static CryptogramEngine instance = null;

 //私有构造方法
 private CryptogramEngine() {}

 /**
  * 获取该类的唯一实例
  */
 public static CryptogramEngine getInstance() {
  if (instance == null) {
   instance = new CryptogramEngine();
  }
  return instance;
 }

 /**
  * 将Properties加密成字符串(密文)，使用默认算法3DES
  */
 @SuppressWarnings("unchecked")
 public String doEncrypt(Properties properties, String key, String encryptType, Class c) throws CryptogramException {
  String content = SignatureHelper.getSignatureContent(properties, c);
  System.out.println("Before Encrypt : " + content);
  String encrypt = "";
  try {
   if(CryptogramEngine.DES.equals(encryptType)) {
    encrypt = DESUtil.encrypt(content, key, new byte[8]);
   } else if(CryptogramEngine.RSA.equals(encryptType)) {
    encrypt = RSAUtil.encodeSecret(key, content);
   }
  } catch(Exception e) {
   e.printStackTrace();
   throw new CryptogramException(e);
  } 
  return encrypt;
 }

 /**
  * 将Properties加密成字符串(密文)，使用默认算法3DES
  */
 public String doEncrypt(Properties properties, String key, String encryptType) throws CryptogramException {
  String content = SignatureHelper.getSignatureContent(properties);
  System.out.println("Before Encrypt : " + content);
  String encrypt = "";
  try {
   if(Constants.PT_ENCRYPT_TYPE_DES.equals(encryptType)) {
    encrypt = DESUtil.encrypt(content, key, new byte[8]);
   } else if(Constants.PT_ENCRYPT_TYPE_RSA.equals(encryptType)) {
    encrypt = RSAUtil.encodeSecret(key, content);
   } else if(Constants.PT_ENCRYPT_TYPE_AES.equals(encryptType)) {
    //encrypt = AESUtil.encryptAES(key, content.getBytes());
   }
  } catch(Exception e) {
   e.printStackTrace();
   throw new CryptogramException(e);
  } 
  return encrypt;
 }

 /**
  * 将字符串(密文)解密成Properties，使用默认算法3DES
  */
 public Properties doDecrypt(String content, String key, String encryptType) throws CryptogramException {
  String decrypt = null;
  try {
   if(Constants.PT_ENCRYPT_TYPE_DES.equals(encryptType)) {
    decrypt = DESUtil.decrypt(content, key, new byte[8]);
   } else if(Constants.PT_ENCRYPT_TYPE_RSA.equals(encryptType)) {
    decrypt = RSAUtil.decodeSecret(key, content);
   }
  } catch (Exception e) {
   //e.printStackTrace();客户端不可见异常日志
   throw new CryptogramException(e);
  }
  Properties properties = SignatureHelper.getSignatureProperties(decrypt);
  return properties;
 }

 /**
  * 将Properties生成数字签名
  */
 public String doDigitSign(Properties properties, String signType) throws CryptogramException {
  String content = SignatureHelper.getSignatureContent(properties);
  String sign = "";
  try {
   if(CryptogramEngine.SHA.equals(signType)) {
    sign = DESUtil.GenerateDigest(content);
   } else if(CryptogramEngine.DSA.equals(signType)) {
    //暂不实现
   }
  } catch (Exception e) {
   e.printStackTrace();
   throw new CryptogramException(e);
  }
  return sign;
 }

 /**
  * 将Properties生成数字签名
  */
 public String doDigitSign(Properties properties, String signType,String signKey) throws CryptogramException {
  String content = SignatureHelper.getSignatureContent(properties);
  String sign = "";
  try {
   if(Constants.PT_SHA_SIGN.equals(signType)) {
    sign = DESUtil.GenerateDigest(content);
   } else if(Constants.PT_MAC_SIGN.equals(signType)) {
    Key sk=DESUtil.retrieveHMACKey(signKey);
    sign = DESUtil.toHexString(DESUtil.HMACSHA256_128(sk, content.getBytes("utf-8")));
   }else if(Constants.PT_DSA_SIGN.equals(signType)) {
    //暂不实现
   }
  } catch (Exception e) {
   e.printStackTrace();
   throw new CryptogramException(e);
  }
  return sign;
 }
 
 /**
  *  将Properties生成数字签名
  * @param properties hashtable属性映射
  * @param signType 签名方式
  * @return  数字签名
  */
 @SuppressWarnings("unchecked")
 public String doDigitSign(Properties properties, String signType, Class c) throws CryptogramException {
  log.info("yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy");
  String content = SignatureHelper.getHmacContent(properties, c);
  System.out.println("Sign content : " + content);
  String sign = "";
  try {
   if(CryptogramEngine.SHA.equals(signType)) {
    sign = DESUtil.GenerateDigest(content);
   } else if(CryptogramEngine.DSA.equals(signType)) {
    
   }
  } catch (Exception e) {
   e.printStackTrace();
   throw new CryptogramException(e);
  }
  return sign;
 }

 /**
  * 校验数字签名
  * @throws CryptogramException
  */
 public String checkDigitSign(Properties properties, String signHmac, String signType,String[] signKeys,long oldHmacKeyDeadTime) throws CryptogramException {
  
  if(Constants.PT_SHA_SIGN.equals(signType)) {
   //重新生成签名
   properties.remove("Sign_hmac");
   CryptogramEngine signatureEngine = CryptogramEngine.getInstance();
   String thisSignHmac = signatureEngine.doDigitSign(properties, signType, signKeys[0]);
   if(thisSignHmac != null && thisSignHmac.equals(signHmac)) {
    return PTServiceHelper.SIGN_TRUE;
   } else {
    return PTServiceHelper.SIGN_FALSE;
   }
  } else if(Constants.PT_MAC_SIGN.equals(signType)){
   //重新生成签名
   properties.remove("Sign_hmac");
   CryptogramEngine signatureEngine = CryptogramEngine.getInstance();
   String thisSignHmac = signatureEngine.doDigitSign(properties, signType,signKeys[0]);
   if(thisSignHmac != null && thisSignHmac.equals(signHmac)) {
    //当前HMACKEY校验成功
    log.info("当前HMACKEY校验成功");
    return PTServiceHelper.SIGN_TRUE;
   } else {
    log.info("当前HMACKEY校验失败");
    if( oldHmacKeyDeadTime<1 || System.currentTimeMillis()>oldHmacKeyDeadTime ){
     //旧的HmacKey已失效
     log.info("旧的HmacKey已失效");
     return PTServiceHelper.SIGN_FALSE;
    }
    String thisOldSignHmac = signatureEngine.doDigitSign(properties, signType,signKeys[1]);
    if(thisOldSignHmac != null && thisOldSignHmac.equals(signHmac)) {
     //历史HMACKEY校验成功
     log.info("历史HMACKEY校验成功");
     return PTServiceHelper.SIGN_TRUE;
    } else {
     log.info("历史HMACKEY校验失败");
     return PTServiceHelper.SIGN_FALSE;
    }
   }
  } else if(Constants.PT_DSA_SIGN.equals(signType)) {
   
   return null;
  }
  return "";
 }

 /**
  * 校验数字签名
  * @throws CryptogramException
  */
 @SuppressWarnings("unchecked")
 public String checkDigitSign(Properties properties, String signHmac, String signType, Class c) throws CryptogramException {

  
  if(CryptogramEngine.SHA.equals(signType)) {
   //重新生成签名
   properties.remove("Sign_hmac");
   CryptogramEngine signatureEngine = CryptogramEngine.getInstance();
   String thisSignHmac = signatureEngine.doDigitSign(properties, signType, c);
   if(thisSignHmac != null && thisSignHmac.equals(signHmac)) {
    return PTServiceHelper.SIGN_TRUE;
   } else {
    return PTServiceHelper.SIGN_FALSE;
   }
  } else if(CryptogramEngine.DSA.equals(signType)) {
   
   return null;
  }
  return "";
 }
}