在使用minio的情况下,官方提供两种方案来做对象加密,分别是SSE-C、SSE-S3。但是在某些情况下我们受限于条件没法快速的通过以上方案实现加密,那么这个工具类可以帮助你,此加密过程经测试效率很不错,5MB的文件加密解密整个过程在800ms以内。
import cn.hutool.crypto.symmetric.SymmetricAlgorithm;
import cn.hutool.crypto.symmetric.SymmetricCrypto;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import io.minio.MinioClient;
public class EncryptionUtil {
static final String originKeyStr = "0123456789Abc@@@"; // 必须16个字符
private static SymmetricCrypto aes;
// 加密并编码字符串
public static String encryptURLEncodeStr(String str) {
try {
if (aes == null) {
SecretKey aesKey = new SecretKeySpec(originKeyStr.getBytes(StandardCharsets.UTF_8), "AES");
byte[] key = aesKey.getEncoded();
//构建
aes = new SymmetricCrypto(SymmetricAlgorithm.AES, key);
}
//加密
byte[] encrypt = aes.encrypt(str.getBytes(StandardCharsets.UTF_8));
String s = Base64.getUrlEncoder().encodeToString(encrypt);
return s;
}catch (Exception e){
e.printStackTrace();
}
return "";
}
// 解码并解密字符串
public static String decryptURLDecodeStr(String encStr) {
try {
if (aes == null) {
SecretKey aesKey = new SecretKeySpec(originKeyStr.getBytes(StandardCharsets.UTF_8), "AES");
byte[] key = aesKey.getEncoded();
//构建
aes = new SymmetricCrypto(SymmetricAlgorithm.AES, key);
}
//加密
byte[] bytes = Base64.getUrlDecoder().decode(encStr);
String s = aes.decryptStr(bytes);
return s;
}catch (Exception e){
e.printStackTrace();
}
return "";
}
// 加密并上传文件
@SneakyThrows
public static void encryptUpload(MinioClient minioClient, String bucketName, String objectName, InputStream inputStream) {
if (aes == null) {
SecretKey aesKey = new SecretKeySpec(originKeyStr.getBytes(StandardCharsets.UTF_8), "AES");
byte[] key = aesKey.getEncoded();
//构建
aes = new SymmetricCrypto(SymmetricAlgorithm.AES, key);
}
byte[] bytes = new byte[inputStream.available()];
inputStream.read(bytes, 0, bytes.length);
//加密
byte[] encrypt = aes.encrypt(bytes);
ByteArrayInputStream bais = new ByteArrayInputStream(encrypt);
PutObjectOptions putObjectOptions = new PutObjectOptions(bais.available(), bais.available()< 5*1024*1024 ? 5*1024*1024 : bais.available()*8);
minioClient.putObject(bucketName, objectName, bais, putObjectOptions);
}
// 下载文件并解密
@SneakyThrows
public static byte[] decryptDownload(MinioClient minioClient, String bucketName, String objectName) {
if (aes == null) {
SecretKey aesKey = new SecretKeySpec(originKeyStr.getBytes(StandardCharsets.UTF_8), "AES");
byte[] key = aesKey.getEncoded();
aes = new SymmetricCrypto(SymmetricAlgorithm.AES, key);
}
InputStream inputStream = minioClient.getObject(bucketName, objectName);
byte[] decrypt = aes.decrypt(inputStream);
return decrypt;
}
}