一、端到端加密架构
// 混合加密:RSA-2048 + AES-256-GCM
class PrisonLetterEncryptor {
constructor() {
this.keyManager = new JudicialKeyManager()
this.validator = new PrisonComplianceValidator()
}
async encryptLetter(letterData) {
// 1. 生成一次性会话密钥
const sessionKey = await crypto.subtle.generateKey(
{ name: "AES-GCM", length: 256 },
true,
["encrypt", "decrypt"]
)
// 2. 内容加密
const encryptedContent = await crypto.subtle.encrypt(
{
name: "AES-GCM",
iv: crypto.getRandomValues(new Uint8Array(12)),
additionalData: this.generateJudicialMetadata()
},
sessionKey,
new TextEncoder().encode(JSON.stringify(letterData))
)
// 3. 会话密钥双重加密
const doubleEncryptedKey = await this.doubleEncryptSessionKey(
sessionKey,
['recipient_public_key', 'prison_audit_public_key']
)
// 4. 数字签名
const signature = await this.signWithJudicialKey(encryptedContent)
return {
encryptedContent,
doubleEncryptedKey,
signature,
metadata: this.generateComplianceHeaders()
}
}
}二、司法密钥管理
// 司法密钥分级管理
class JudicialKeyManager {
constructor() {
this.keyHierarchy = {
level1: '用户临时密钥(每次通信重新生成)',
level2: '监狱审计密钥(监管审查用)',
level3: '司法根密钥(紧急情况法院授权)',
level4: '时间胶囊密钥(长期档案解密)'
}
}
async generateUserKeyPair(userId) {
// 使用WebCrypto API生成司法合规密钥对
return crypto.subtle.generateKey(
{
name: "RSA-OAEP",
modulusLength: 2048,
publicExponent: new Uint8Array([1, 0, 1]),
hash: "SHA-256"
},
true,
["encrypt", "decrypt"]
)
}
async rotatePrisonAuditKeys() {
// 监狱审计密钥按月轮换
const newKey = await this.generateAuditKey()
// 旧密钥归档到司法密钥库
await this.archiveToJudicialVault(
oldKey,
'PRISON_AUDIT_ARCHIVE',
new Date().getFullYear() + 10 // 保留10年
)
}
}三、内容安全处理
# 信件内容安全处理管道
class LetterContentProcessor:
def secure_pipeline(self, raw_content):
"""安全处理流水线"""
# 1. 敏感信息脱敏
sanitized = self.sanitize_sensitive_info(raw_content)
# 2. 合规性预检
if not self.compliance_check(sanitized):
raise SecurityException("内容违反监狱通信规定")
# 3. 内容分段加密
encrypted_segments = []
for segment in self.split_by_sensitivity(sanitized):
# 不同敏感级别使用不同密钥
key_level = self.determine_encryption_level(segment)
encrypted = self.encrypt_segment(segment, key_level)
encrypted_segments.append(encrypted)
# 4. 添加水印和追踪码
watermarked = self.add_judicial_watermark(encrypted_segments)
# 5. 生成完整性证明
integrity_proof = self.generate_integrity_proof(watermarked)
return {
'content': watermarked,
'integrity_proof': integrity_proof,
'encryption_schema': self.get_encryption_schema()
}
def sanitize_sensitive_info(self, content):
"""脱敏处理:地址、联系方式、司法细节"""
patterns = {
'phone': r'1[3-9]\d{9}',
'address': r'[省市县区].{5,20}[路街巷号]',
'case_info': r'案号[\u4e00-\u9fa5\d]{10,20}'
}
for pattern_name, pattern in patterns.items():
content = re.sub(pattern, f'[{pattern_name}_REDACTED]', content)
return content三、内容安全处理
# 信件内容安全处理管道
class LetterContentProcessor:
def secure_pipeline(self, raw_content):
"""安全处理流水线"""
# 1. 敏感信息脱敏
sanitized = self.sanitize_sensitive_info(raw_content)
# 2. 合规性预检
if not self.compliance_check(sanitized):
raise SecurityException("内容违反监狱通信规定")
# 3. 内容分段加密
encrypted_segments = []
for segment in self.split_by_sensitivity(sanitized):
# 不同敏感级别使用不同密钥
key_level = self.determine_encryption_level(segment)
encrypted = self.encrypt_segment(segment, key_level)
encrypted_segments.append(encrypted)
# 4. 添加水印和追踪码
watermarked = self.add_judicial_watermark(encrypted_segments)
# 5. 生成完整性证明
integrity_proof = self.generate_integrity_proof(watermarked)
return {
'content': watermarked,
'integrity_proof': integrity_proof,
'encryption_schema': self.get_encryption_schema()
}
def sanitize_sensitive_info(self, content):
"""脱敏处理:地址、联系方式、司法细节"""
patterns = {
'phone': r'1[3-9]\d{9}',
'address': r'[省市县区].{5,20}[路街巷号]',
'case_info': r'案号[\u4e00-\u9fa5\d]{10,20}'
}
for pattern_name, pattern in patterns.items():
content = re.sub(pattern, f'[{pattern_name}_REDACTED]', content)
return content四、传输层保护
# Nginx加密传输配置
server {
listen 443 ssl http2;
# 国密算法支持
ssl_ciphers ECDHE-SM2-SM4-GCM-SM3:ECDHE-RSA-AES256-GCM-SHA384;
ssl_certificate /etc/ssl/judicial_cert.pem;
ssl_certificate_key /etc/ssl/judicial_key.key;
# 司法专用TLS配置
ssl_protocols TLSv1.3 TLSv1.2;
ssl_ecdh_curve sm2p256v1:prime256v1;
ssl_prefer_server_ciphers on;
# 安全头部
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "DENY" always;
add_header Content-Security-Policy "default-src 'self'" always;
# 信件上传端点
location /api/prison/upload {
# 双重验证
auth_request /api/validate-judicial-token;
auth_request /api/verify-prison-permission;
# 限流保护
limit_req zone=letter_upload burst=5 nodelay;
# 文件大小限制
client_max_body_size 10M;
proxy_pass http://letter_processor;
}
}五、存储加密方案
-- MySQL透明数据加密配置
CREATE TABLE prison_letters (
id BINARY(16) PRIMARY KEY,
-- 加密字段
content_encrypted VARBINARY(4096)
ENCRYPTION_KEY_ID = 'judicial_master_key_2025',
metadata_encrypted VARBINARY(1024)
ENCRYPTION_KEY_ID = 'metadata_key',
-- 审计字段(明文,用于监管)
inmate_id VARCHAR(32),
facility_code CHAR(8),
letter_date DATE,
security_level ENUM('LOW', 'MEDIUM', 'HIGH', 'SECRET'),
-- 完整性验证
content_hash CHAR(64),
encryption_schema_version SMALLINT,
-- 司法合规字段
judicial_case_id VARCHAR(64),
retention_period YEAR,
access_log_id BINARY(16),
INDEX idx_judicial_access (judicial_case_id, letter_date),
INDEX idx_prison_delivery (facility_code, inmate_id, letter_date)
) ENGINE=InnoDB
ENCRYPTION='Y'
ROW_FORMAT=COMPRESSED
KEY_BLOCK_SIZE=8
COMMENT='监狱信件加密存储表';
-- 密钥轮换存储过程
DELIMITER //
CREATE PROCEDURE rotate_encryption_keys()
BEGIN
DECLARE new_key_id VARCHAR(64);
-- 生成新密钥
SET new_key_id = CONCAT('judicial_master_key_', YEAR(NOW()));
-- 创建新密钥
CREATE ENCRYPTION KEY new_key_id
AUTHORIZATION root
WITH ALGORITHM = AES_256
IDENTIFIED BY 'secure_random_password';
-- 逐步重新加密旧数据
UPDATE prison_letters
SET content_encrypted = content_encrypted -- 实际重新加密
WHERE encryption_schema_version < 2;
-- 标记旧密钥为归档
ALTER ENCRYPTION KEY old_key_id
SET AUTHORIZATION archival;
END //
DELIMITER ;六、数字签名与验证
// 司法数字签名系统
class JudicialSigner {
async signLetter(encryptedLetter) {
// 1. 生成内容哈希
const contentHash = await this.calculateJudicialHash(encryptedLetter)
// 2. 添加时间戳和司法序列号
const timestamp = new Date().toISOString()
const judicialSequence = this.generateJudicialSequence()
// 3. 使用司法CA私钥签名
const signature = await crypto.subtle.sign(
{
name: "RSA-PSS",
saltLength: 32
},
this.judicialPrivateKey,
this.concatForSigning(contentHash, timestamp, judicialSequence)
)
// 4. 生成完整的司法签名包
return {
signature,
timestamp,
judicialSequence,
signerId: 'WEIAI_JUDICIAL_CA_001',
verificationUrl: 'https://verify.judicial.weiai.tech'
}
}
async verifySignature(signedLetter, publicKey) {
// 五重验证机制
const verifications = [
this.verifyDigitalSignature(signedLetter, publicKey),
this.verifyTimestamp(signedLetter.timestamp),
this.verifyJudicialSequence(signedLetter.judicialSequence),
this.verifySignerCertificate(signedLetter.signerId),
this.verifyRevocationStatus(signedLetter.signerId)
]
const results = await Promise.all(verifications)
// 所有验证必须通过
return results.every(result => result === true)
}
calculateJudicialHash(data) {
// 司法专用哈希链:SHA-256 -> SHA-3-512
const sha256 = crypto.createHash('sha256').update(data).digest()
return crypto.createHash('sha3-512').update(sha256).digest('hex')
}
}八、技术规格总结
1. 加密算法栈
-
非对称加密: RSA-2048 (过渡到SM2国密算法)
-
对称加密: AES-256-GCM (支持SM4国密算法)
-
哈希算法: SHA-256 + SHA-3-512 双重哈希链
-
数字签名: RSA-PSS with SHA-256
2. 密钥管理
-
生命周期: 用户临时密钥 + 监狱月度密钥 + 司法年度密钥
-
存储: HSM硬件安全模块 + 软件密钥库
-
轮换: 自动密钥轮换 + 手动紧急轮换
3. 合规特性
-
监管访问: 监狱审计密钥 + 法院授权机制
-
数据留存: 10年加密存储 + 永久司法档案
-
审计追踪: 全链路不可抵赖日志
4. 性能指标
-
加密延迟: < 50ms (单封信件)
-
吞吐量: 1000+ 信件/秒
-
可用性: 99.99%
微爱帮加密技术核心 :
用国密算法筑安全基石,用双重加密护通信隐私,用司法审计保合规底线。每一封信都是加密的艺术,每一次传递都是安全的承诺。
技术负责人 :王安全
司法认证 :国家密码管理局商用密码应用认证
版本:v2.0 (2025年12月)