调整对资源浏览放越权前后端加密方式由md5改为sm3

src/main/java/org/sss/presentation/noui/filter/ResourceAccessFilter.java

 package org.sss.presentation.noui.filter;
 
+import cfca.sadk.algorithm.sm2.SM3Digest;
 import log.Log;
 import log.LogFactory;
 import org.apache.commons.io.FileUtils;
@@ -184,7 +185,8 @@ public class ResourceAccessFilter implements Filter {
         raw.append(rawuid);
         raw.append(SALT);
         raw.append(res);
-        String rawsec = StringUtil.encryptMD5(raw.toString());
+//        String rawsec = StringUtil.encryptMD5(raw.toString());
+        String rawsec = sm3(raw.toString());
         if (!rawsec.equals(sec)) {
             log.warn("rawsec is:" + rawsec + ",sec is:" + sec);
             return false;
@@ -212,7 +214,8 @@ public class ResourceAccessFilter implements Filter {
         raw.append(rawuid);
         raw.append(SALT);
         raw.append(res);
-        String rawsec = StringUtil.encryptMD5(raw.toString());
+//        String rawsec = StringUtil.encryptMD5(raw.toString());
+        String rawsec = sm3(raw.toString());
         if (!rawsec.equals(sec)) {
             log.warn("rawsec is:" + rawsec + ",sec is:" + sec);
             return false;
@@ -297,4 +300,20 @@ public class ResourceAccessFilter implements Filter {
 
     public void destroy() {
     }
+
+    private String sm3(String msg) {
+        byte[] z=msg.getBytes(StandardCharsets.UTF_8);
+        SM3Digest sm3 = new SM3Digest();
+        sm3.update(z, 0, z.length);
+        byte[] hash = new byte[32];
+        sm3.doFinal(hash, 0);
+        StringBuffer buf = new StringBuffer();
+        for (int i = 0; i < hash.length; i++) {
+            if ((hash[i] & 0xff) < 0x10) {
+                buf.append("0");
+            }
+            buf.append(Long.toString(hash[i] & 0xff, 16));
+        }
+        return buf.toString();
+    }
 }