Commit fcef01f2 by WeiCong

调整对资源浏览放越权前后端加密方式由md5改为sm3

parent 7080e084
package org.sss.presentation.noui.filter;
import cfca.sadk.algorithm.sm2.SM3Digest;
import log.Log;
import log.LogFactory;
import org.apache.commons.io.FileUtils;
......@@ -184,7 +185,8 @@ public class ResourceAccessFilter implements Filter {
raw.append(rawuid);
raw.append(SALT);
raw.append(res);
String rawsec = StringUtil.encryptMD5(raw.toString());
// String rawsec = StringUtil.encryptMD5(raw.toString());
String rawsec = sm3(raw.toString());
if (!rawsec.equals(sec)) {
log.warn("rawsec is:" + rawsec + ",sec is:" + sec);
return false;
......@@ -212,7 +214,8 @@ public class ResourceAccessFilter implements Filter {
raw.append(rawuid);
raw.append(SALT);
raw.append(res);
String rawsec = StringUtil.encryptMD5(raw.toString());
// String rawsec = StringUtil.encryptMD5(raw.toString());
String rawsec = sm3(raw.toString());
if (!rawsec.equals(sec)) {
log.warn("rawsec is:" + rawsec + ",sec is:" + sec);
return false;
......@@ -297,4 +300,20 @@ public class ResourceAccessFilter implements Filter {
public void destroy() {
}
private String sm3(String msg) {
byte[] z=msg.getBytes(StandardCharsets.UTF_8);
SM3Digest sm3 = new SM3Digest();
sm3.update(z, 0, z.length);
byte[] hash = new byte[32];
sm3.doFinal(hash, 0);
StringBuffer buf = new StringBuffer();
for (int i = 0; i < hash.length; i++) {
if ((hash[i] & 0xff) < 0x10) {
buf.append("0");
}
buf.append(Long.toString(hash[i] & 0xff, 16));
}
return buf.toString();
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment