修改机密性和完整性校验

ruoyi-bussiness/src/main/java/com/ruoyi/cms/service/impl/CompanyServiceImpl.java

@@ -64,6 +64,8 @@ public class CompanyServiceImpl extends ServiceImpl<CompanyMapper, Company> impl
     public Company selectCompanyByCompanyId(Long companyId)
     {
         Company company = companyMapper.selectById(companyId);
+        //验证手机号和身份证
+        QuickValidUtils.legalPhoneOrIdCardValid(company);
         Long userId=null;
         try {
             LoginUser loginUser = SecurityUtils.getLoginUser();

ruoyi-bussiness/src/main/java/com/ruoyi/cms/util/encrypt/QuickValidUtils.java

@@ -123,7 +123,7 @@ public class QuickValidUtils {
         try {
             if (!StringUtils.isBlank(company.getLegalPhone())) {
                 phone = sm4Decrypt(company.getLegalPhoneEncrypt());
-                phoneTrue = sm3Verify(phone, company.getLegalPhoneCipher());
+                phoneTrue = sm3Verify(company.getLegalPhone(), company.getLegalPhoneCipher());
                 //company.setLegalPhone(phone);
             }
             if (!StringUtils.isBlank(company.getLegalIdCard())) {
@@ -136,10 +136,10 @@ public class QuickValidUtils {
             }
         } catch (CryptoClient.CryptoException e) {
             log.error("企业法人手机号/身份证解密失败", e);
-            throw new RuntimeException("解密失败：" + e.getMessage(), e);
+            throw new RuntimeException("解密失败：" + "解密失败，完整性校验失败", e);
         } catch (Exception e1) {
             log.error("企业法人手机号/身份证验签失败", e1);
-            throw new RuntimeException("验签失败：" + e1.getMessage(), e1);
+            throw new RuntimeException("验签失败：" + "解密失败，完整性校验失败", e1);
         }
     }
 
@@ -168,10 +168,10 @@ public class QuickValidUtils {
             }
         } catch (CryptoClient.CryptoException e) {
             log.error("企业和个人手机号/身份证解密失败", e);
-            throw new RuntimeException("解密失败：" + e.getMessage(), e);
+            throw new RuntimeException("解密失败：" + "解密失败，完整性校验失败", e);
         } catch (Exception e1) {
             log.error("企业和个人手机号/身份证验签失败", e1);
-            throw new RuntimeException("验签失败：" + e1.getMessage(), e1);
+            throw new RuntimeException("验签失败：" + "解密失败，完整性校验失败", e1);
         }
     }
 
@@ -193,10 +193,10 @@ public class QuickValidUtils {
             }
         } catch (CryptoClient.CryptoException e) {
             log.error("企业联系人手机号解密失败", e);
-            throw new RuntimeException("用户信息解密失败：" + e.getMessage(), e);
+            throw new RuntimeException("企业联系人：" + "解密失败，完整性校验失败", e);
         } catch (Exception e1) {
             log.error("企业联系人手机号验签失败", e1);
-            throw new RuntimeException("用户信息验证失败：" + e1.getMessage(), e1);
+            throw new RuntimeException("企业联系人：" + "解密失败，完整性校验失败", e1);
         }
     }
 
@@ -210,7 +210,7 @@ public class QuickValidUtils {
         try {
             if(StringUtils.isNotBlank(appUser.getPhoneEncrypt())) {
                 phone = sm4Decrypt(appUser.getPhoneEncrypt());
-                phoneTrue = sm3Verify(phone, appUser.getPhoneCipher());
+                phoneTrue = sm3Verify(appUser.getPhone(), appUser.getPhoneCipher());
                 //appUser.setPhone(phone);
                 if (!phoneTrue) {
                     throw new RuntimeException(TAMPER_PHONE_MSG);
@@ -218,10 +218,10 @@ public class QuickValidUtils {
             }
         } catch (CryptoClient.CryptoException e) {
             log.error("App用户手机号解密失败", e);
-            throw new RuntimeException("用户信息解密失败：" + e.getMessage(), e);
+            throw new RuntimeException("用户信息解密失败：" + "解密失败，完整性校验失败", e);
         } catch (Exception e1) {
             log.error("App用户手机号验签失败", e1);
-            throw new RuntimeException("用户信息验证失败：" + e1.getMessage(), e1);
+            throw new RuntimeException("用户信息验证失败：" + "解密失败，完整性校验失败", e1);
         }
     }
 
@@ -235,7 +235,7 @@ public class QuickValidUtils {
         try {
             if(StringUtils.isNotBlank(jobContact.getContactPersonPhoneEncrypt())){
                 phone=sm4Decrypt(jobContact.getContactPersonPhoneEncrypt());
-                phoneTrue=sm3Verify(phone,jobContact.getContactPersonPhoneCipher());
+                phoneTrue=sm3Verify(jobContact.getContactPersonPhone(),jobContact.getContactPersonPhoneCipher());
                 //jobContact.setContactPersonPhone(phone);
                 if (!phoneTrue) {
                     throw new RuntimeException(TAMPER_PHONE_MSG);
@@ -243,10 +243,10 @@ public class QuickValidUtils {
             }
         } catch (CryptoClient.CryptoException e) {
             log.error("岗位联系人手机号解密失败", e);
-            throw new RuntimeException("用户信息解密失败：" + e.getMessage(), e);
+            throw new RuntimeException("用户信息解密失败：" + "解密失败，完整性校验失败", e);
         } catch (Exception e1) {
             log.error("岗位联系人手机号验签失败", e1);
-            throw new RuntimeException("用户信息验证失败：" + e1.getMessage(), e1);
+            throw new RuntimeException("用户信息验证失败：" + "解密失败，完整性校验失败", e1);
         }
     }
 
@@ -268,10 +268,10 @@ public class QuickValidUtils {
             }
         } catch (CryptoClient.CryptoException e) {
             log.error("手机号解密失败", e);
-            throw new RuntimeException("手机号解密失败：" + e.getMessage(), e);
+            throw new RuntimeException("手机号解密失败：" + "解密失败，完整性校验失败", e);
         } catch (Exception e1) {
             log.error("手机号验签失败", e1);
-            throw new RuntimeException("手机号验证失败：" + e1.getMessage(), e1);
+            throw new RuntimeException("手机号验证失败：" + "解密失败，完整性校验失败", e1);
         }
     }
 
@@ -293,10 +293,10 @@ public class QuickValidUtils {
             }
         } catch (CryptoClient.CryptoException e) {
             log.error("手机号解密失败", e);
-            throw new RuntimeException("手机号解密失败：" + e.getMessage(), e);
+            throw new RuntimeException("手机号解密失败：" + "解密失败，完整性校验失败", e);
         } catch (Exception e1) {
             log.error("手机号验签失败", e1);
-            throw new RuntimeException("手机号验证失败：" + e1.getMessage(), e1);
+            throw new RuntimeException("手机号验证失败：" + "解密失败，完整性校验失败", e1);
         }
     }
 
@@ -318,10 +318,10 @@ public class QuickValidUtils {
             }
         } catch (CryptoClient.CryptoException e) {
             log.error("App用户身份证解密失败", e);
-            throw new RuntimeException("用户信息解密失败：" + e.getMessage(), e);
+            throw new RuntimeException("用户信息解密失败：" + "解密失败，完整性校验失败", e);
         } catch (Exception e1) {
             log.error("App用户身份证验签失败", e1);
-            throw new RuntimeException("用户信息验证失败：" + e1.getMessage(), e1);
+            throw new RuntimeException("用户信息验证失败：" + "解密失败，完整性校验失败", e1);
         }
     }
 

ruoyi-bussiness/src/main/resources/mapper/app/AppUserMapper.xml

@@ -32,10 +32,15 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
         <result property="workExperience"    column="work_experience"    />
         <result property="isCompanyUser"    column="is_company_user"    />
         <result property="dwUserid"    column="dw_userid"    />
+        <result property="regionCode"    column="region_code"    />
+        <result property="phoneCipher"    column="phone_cipher"    />
+        <result property="idCardCipher"    column="id_card_cipher"    />
+        <result property="phoneEncrypt"    column="phone_encrypt"    />
+        <result property="idCardEncrypt"    column="id_card_encrypt"    />
     </resultMap>
 
     <sql id="selectAppUserVo">
-        select user_id, name, age, sex, birth_date, education, political_affiliation, phone, avatar, salary_min, salary_max, area, status, del_flag, login_ip, login_date, create_by, create_time, update_by, update_time, remark,job_title_id,is_recommend,id_card,work_experience,is_company_user,dw_userid from app_user
+        select user_id, name, age, sex, birth_date, education, political_affiliation, phone, avatar, salary_min, salary_max, area, status, del_flag, login_ip, login_date, create_by, create_time, update_by, update_time, remark,job_title_id,is_recommend,id_card,work_experience,is_company_user,dw_userid,region_code,phone_cipher,id_card_cipher,phone_encrypt,id_card_encrypt from app_user
     </sql>
 
     <sql id="selectSysUserVo">