如何屏蔽 xml 文件中的敏感数据?

【问题标题】:How to mask sensitive data in a xml file?如何屏蔽 xml 文件中的敏感数据?
【发布时间】:2023-03-29 12:14:01
【问题描述】:

有一个我试图在 xml 文件中屏蔽的敏感数据列表。它能够屏蔽这些列表数据,但是在创建新的 xml(Masked XML)时,来自实际 xml 的“Pack”xml 标记内容没有按预期在(Masked XML)中写回,只有值被写回并且所有标记都在里面“ Pack" xml 标记被省略。

请帮助解决这里出了什么问题,即使是某个地方的 ipAddres 也没有被屏蔽。

我在下面附上了我的代码,它部分工作并提供了两个 xml 内容。

import groovy.xml.XmlUtil
import java.util.regex.Pattern;

public class SensitiveDatamasking { 
    private static String masked = "####"   
    def attributeList = ["username", "password","ipAddress"]    
    private static final String IPADDRESS_PATTERN = "(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)";
    String removeSensetiveData(File file){
        removeSensetiveData(file.text)
    }       
    String removeSensetiveData(String xmlText){     
        def root = new XmlParser().parseText(xmlText);      
        nameValuePair(root)
        attributeValue(root)        
        nodeValue(root)     
        XmlUtil.serialize(root)
    }   
    private void nodeValue(def root) {      
        def elements = root."**".findAll{
            it.text().size() > 0 && it.children().size() == 1
        }       
        Pattern  pattern = Pattern.compile(IPADDRESS_PATTERN);      
        elements.each {             
            it.value =  it.text().replaceAll(pattern, masked)
        }
    }   
    private void nameValuePair(def root) {      
        def nodes = root."**".findAll{
             it?.@name?.toString()?.toLowerCase()?.contains("username" ) ||
             it?.@name?.toString()?.toLowerCase()?.contains( "password") ||
             it?.@name?.toString()?.toLowerCase()?.contains( "ipAddress") }     
        maskValue(nodes)
    }   
    private void attributeValue(def root) {     
        attributeList.each {
            maskAttribute( root, it)
        }
    }   
    private def maskAttribute(def root, String attribute) {
        def nodes =  root."**".findAll{ it."""@$attribute"""}
        maskAttributes( nodes, attribute)
    }

    private void maskValue(def nodes) {     
        nodes.each {  if (it.@value?.size() > 0) {
            it.@value = masked }
        }       
    }   
    private void maskAttributes(def nodes, String keyName) {
        nodes.each { it."""@$keyName""" = masked }
    }   
    static main(args) { 
        File file = new File("C:\\shared\\test\\zenderJan2019.xml")     
        SensitiveDatamasking xml = new SensitiveDatamasking()
        String maskedXml = xml.removeSensetiveData(file)        
        File output = new File("C:\\shared\\test\\zenderJan2019_masked.xml")
        output.write(maskedXml)
    }
}

实际 xml(预期输出应与此 xml 内容匹配,只有用户名、密码和 ipAddress 值的掩码更改)

<?xml version="1.0" encoding="UTF-8"?>
<org_dump date="1/25/19 8:17 AM" version="1.1">
  <DETAIL>
    <osname>Linux</osname>
    <hostname>zion.zender.com</hostname>
    <release>3.10.0-693.el7.x86_64</release>
  </DETAIL>
  <INFO>
    <version>1.10.5 beta</version>
    <Pack>
      <INFO>
        <NUM>1.1</NUM>
        <PREVIOUS_PACK_APPLIED/>
        <RELEASEDATETIME>Jan 17, 2019</RELEASEDATETIME>
        <APPLIEDDATETIME>Thu Jan 24 14:28:52 IST 2019</APPLIEDDATETIME>
        <PRODUCT>zender</PRODUCT>
        <VERSION>1.10.5 beta</VERSION>
        <SYMPTOMS>1.10.5 beta jag</SYMPTOMS>
      </INFO>
    </Pack>
    <MetaData>
      <Gateways>
        <Node port="14528" httpPort="14527" host="zion.zender.com" name="node01" ipAddress="127.0.1.1"/>
      </Gateways>
      <TeamGroup name="DomainTeams">
        <Team name="username" value="andysimmons"/>
        <Team name="password" value="123456"/>
        <Team name="ipAddress" value="127.0.1.1"/>
      </TeamGroup>
      <Service name="Jag_Service" version="">
        <ServiceProcess>
          <Node name="node01"/>
          <PreStartCommand/>
          <PostStartCommand/>
          <JvmTeams/>
          <TeamGroup name="CUSTOM_PROPERTIES"/>
          <TeamGroup name="REPOSITORY">
            <Team name="LoggingDirectory" value=""/>
            <Team name="LogLevel" value="INFO"/>
            <Team name="ActivateDumpPersistenceConfigurationToFile" value="false"/>
            <Team name="ActivateLogPersistenceSQLToFile" value="false"/>
          </TeamGroup>
        </ServiceProcess>
        <TeamGroup name="CACHE">
          <Team name="EnableCache" value="false"/>
          <Team name="CacheJVMTeams" value="-Xmx128m"/>
        </TeamGroup>
      </Service>
    </MetaData>
  </INFO>
</org_dump>

屏蔽的 XML

<?xml version="1.0" encoding="UTF-8"?>
<org_dump date="1/25/19 8:17 AM" version="1.1">
  <DETAIL>
    <osname>Linux</osname>
    <hostname>zion.zender.com</hostname>
    <release>3.10.0-693.el7.x86_64</release>
  </DETAIL>
  <INFO>
    <version>1.10.5 beta</version>
    <Pack>1.1Jan 17, 2019Thu Jan 24 14:28:52 IST 2019zender1.10.5 beta1.10.5 beta jag</Pack>
    <MetaData>
      <Gateways>
        <Node port="14528" httpPort="14527" host="zion.zender.com" name="node01" ipAddress="####"/>
      </Gateways>
      <TeamGroup name="DomainTeams">
        <Team name="username" value="####"/>
        <Team name="password" value="####"/>
        <Team name="ipAddress" value="127.1.1.1"/>
      </TeamGroup>
      <Service name="Jag_Service" version="">
        <ServiceProcess>
          <Node name="node01"/>
          <PreStartCommand/>
          <PostStartCommand/>
          <JvmTeams/>
          <TeamGroup name="CUSTOM_PROPERTIES"/>
          <TeamGroup name="REPOSITORY">
            <Team name="LoggingDirectory" value=""/>
            <Team name="LogLevel" value="INFO"/>
            <Team name="ActivateDumpPersistenceConfigurationToFile" value="false"/>
            <Team name="ActivateLogPersistenceSQLToFile" value="false"/>
          </TeamGroup>
        </ServiceProcess>
        <TeamGroup name="CACHE">
          <Team name="EnableCache" value="false"/>
          <Team name="CacheJVMTeams" value="-Xmx128m"/>
        </TeamGroup>
      </Service>
    </MetaData>
  </INFO>
</org_dump>

【问题讨论】:

    标签: xml groovy


    【解决方案1】:

    你应该能够做到:

    File file = new File("C:\\shared\\test\\zenderJan2019.xml")     
def xml = new XmlParser().parse(file)
xml.'**'.findAll { it.@name in ['username', 'password', 'ipAddress'] }*.@value = '####'
println XmlUtil.serialize(xml)

    希望这会有所帮助?

    更新以掩盖我错过的更多内容:

    def masked = ['username', 'password', 'ipAddress']
File file = new File("C:\\shared\\test\\zenderJan2019.xml")     
def xml = new XmlParser().parse(file)
xml.'**'.each { node ->
    if (node.@name in masked) {
        node.@value = '####'
    }
    masked.each { m -> if (node.@"$m") node.@"$m" = '####' }
}
println XmlUtil.serialize(xml)

    如果您将:println XmlUtil.serialize(xml) 更改为:

    StringWriter writer = new StringWriter()
new XmlNodePrinter(new IndentPrinter(new PrintWriter(writer), '', false)).print(xml)
println writer.toString()

    它将以“不漂亮”(缩小)的方式输出 XML

    【讨论】:

    • 因此上述解决方案仅适用于与['username', 'password', 'ipAddress'] 中的任何一个匹配的名为“name”的属性,因为Node 元素值中的属性ipAddress 未被屏蔽。
    • 我是否需要为所有其他 xml 元素属性添加 xml.'**'.findAll { it.@ipAddress in ['username', 'password', 'ipAddress'] }*.@value = '####' 并类似地添加?
    • 谢谢,它有效,还有一件事我想在这里提到的是,在这段代码中,如果源 xml 被缩小(没有空格或换行符)上面的代码会很好地打印它,从而增加大小。就我而言,xml 有时高达 11mb。
    • @Ricky 更新了一种“缩小”的写法
    猜你喜欢
    • 1970-01-01
    • 1970-01-01
    • 2022-12-01
    • 1970-01-01
    • 2020-08-13
    • 1970-01-01
    • 2018-08-15
    • 2020-05-01
    • 2019-07-20
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode