敏感信息接口加密说明

SM4/ECB/PKCS5Padding(国密算法)

接口加密

接口整体报文进行加密。
按各个API接口说明，分为：请求加密、响应加密、请求响应均加密、单字段加解密、整报文加解密。请仔细阅读文档。

单字段加密

报文单字段进行加密。
按各个API接口文档说明，对相应字段进行加密，请仔细阅读文档。

秘钥申请

直接发送到接入时提供的密钥接收邮箱。

秘钥示例

dRzPaYd7z6vYn9sL/JTZ3A==

加解密示例

public static void main(String[] args) {
    try {
        String key = "dRzPaYd7z6vYn9sL/JTZ3A==";
 
        String data="{\n" +
                "    \"req_time\": \"20211207145023\",\n" +
                "    \"version\": \"3.0\",\n" +
                "    \"req_id\": \"20211203091231011\",\n" +
                "    \"req_data\": {\n" +
                "        \"member_id\": \"AAA200154561278\",\n" +
                "        \"activity_id\": \"1100000086\",\n" +
                "        \"owner_id\": \"80000007\",\n" +
                "        \"promotion_id\": \"FE8D9673C7AD41CBAD2F79DE219F80E0\",\n" +
                "        \"channel_mchid\": \"1610278380\",\n" +
                "        \"channel_appid\": \"wx4654656c083983e6\",\n" +
                "        \"channel_openid\": \"oKL-mwRzR-SBfI4QDAI1QXOpkyc8\",\n" +
                "        \"mer_order_id\": \"202112030923011\"\n" +
                "    }\n" +
                "}";
 
        String cipherText = encrypt(key, data);
 
        System.out.println("cipherText " + cipherText);
 
        String deData = decrypt(key, cipherText);
 
        System.out.println("deData " + deData);
 
    } catch (Exception e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    }
}复制

加密引用jar的pom

   <dependency>
        <groupId>org.bouncycastle</groupId>
        <artifactId>bcprov-jdk15on</artifactId>
        <version>1.68</version>
    </dependency>    <dependency>
        <groupId>org.bouncycastle</groupId>
        <artifactId>bcpkix-jdk15on</artifactId>
        <version>1.68</version>
    </dependency>复制

加密工具类

import static org.bouncycastle.util.encoders.Base64.toBase64String;import java.security.InvalidKeyException;import java.security.Key;import java.security.NoSuchAlgorithmException;import java.security.NoSuchProviderException;import java.security.SecureRandom;import java.security.Security;import javax.crypto.Cipher;import javax.crypto.KeyGenerator;import javax.crypto.NoSuchPaddingException;import javax.crypto.spec.SecretKeySpec;import org.bouncycastle.jce.provider.BouncyCastleProvider;import org.bouncycastle.util.encoders.Base64;import com.lakala.zf.idry.yzt.exception.CryptoException;public class SM4Util{public static final String ALGORITHM_NAME = "SM4";public static final String ALGORITHM_NAME_ECB_PADDING = "SM4/ECB/PKCS5Padding";// SM4算法目前只支持128位（即密钥16字节）public static final int DEFAULT_KEY_SIZE = 128;public static final String  ENCODING ="UTF-8";static {
    Security.addProvider(new BouncyCastleProvider());
}/**
   @throws CryptoException
 *
   @return Base64编码的密钥
 /public static String generateKeyToBase64(int keySize) throws CryptoException {    return toBase64String(generateKey(keySize));
}public static byte[] generateKey(int keySize) throws CryptoException {
    KeyGenerator kg = null;    try {
        kg = KeyGenerator.getInstance(ALGORITHM_NAME, BouncyCastleProvider.PROVIDER_NAME);
    } catch (Exception e) {        throw new CryptoException("SM4Util generateKey error:", e);
    }
    kg.init(keySize, new SecureRandom());    return kg.generateKey().getEncoded();
}public static byte[] encrypt_ECB_Padding(byte[] key, byte[] data) throws CryptoException {    try {
        Cipher cipher = generateECBCipher(ALGORITHM_NAME_ECB_PADDING, Cipher.ENCRYPT_MODE, key);        return cipher.doFinal(data);
    } catch (Exception e) {        throw new CryptoException("SM4Util encrypt_ECB_Padding error:", e);
    }
}/**
  @param key  base64
  @return
 /public static String encrypt(String key, String data) throws CryptoException {    try {
        Cipher cipher = generateECBCipher(ALGORITHM_NAME_ECB_PADDING, Cipher.ENCRYPT_MODE, Base64.decode(key));        byte[] enData =cipher.doFinal(data.getBytes(ENCODING));        return Base64.toBase64String(enData);
    } catch (Exception e) {        throw new CryptoException("SM4Util encrypt_ECB_Padding error:", e);
    }
}/**
  @param key  base64
  @return
 /public static String decrypt(String key, String cipherText) throws CryptoException {    try {
        Cipher cipher = generateECBCipher(ALGORITHM_NAME_ECB_PADDING, Cipher.DECRYPT_MODE, Base64.decode(key));        byte[] data =cipher.doFinal(Base64.decode(cipherText));        return new String(data,ENCODING);
    } catch (Exception e) {        throw new CryptoException("SM4Util decrypt_ECB_Padding error:", e);
    }
}public static byte[] decrypt_ECB_Padding(byte[] key, byte[] cipherText) throws CryptoException {    try {
        Cipher cipher = generateECBCipher(ALGORITHM_NAME_ECB_PADDING, Cipher.DECRYPT_MODE, key);        return cipher.doFinal(cipherText);
    } catch (Exception e) {        throw new CryptoException("SM4Util decrypt_ECB_Padding error:", e);
    }
}private static Cipher generateECBCipher(String algorithmName, int mode, byte[] key)
        throws NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException,
        InvalidKeyException {
    Cipher cipher = Cipher.getInstance(algorithmName, BouncyCastleProvider.PROVIDER_NAME);
    Key sm4Key = new SecretKeySpec(key, ALGORITHM_NAME);
    cipher.init(mode, sm4Key);    return cipher;
}public static void main(String[] args) {    try {
        String key = "dRzPaYd7z6vYn9sL/JTZ3A==";

}