diff --git a/ccag-module-system/ccag-system-biz/src/main/java/com/ccag/modules/system/util/AESUtil.java b/ccag-module-system/ccag-system-biz/src/main/java/com/ccag/modules/system/util/AESUtil.java index e2c2a84..5227e5c 100644 --- a/ccag-module-system/ccag-system-biz/src/main/java/com/ccag/modules/system/util/AESUtil.java +++ b/ccag-module-system/ccag-system-biz/src/main/java/com/ccag/modules/system/util/AESUtil.java @@ -62,7 +62,7 @@ public class AESUtil { try { byte[] key = Base64.getDecoder().decode(FINAL_PARAM); SecretKeySpec secretKeySpec = new SecretKeySpec(key, "AES"); - Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding"); + Cipher cipher = Cipher.getInstance(AES_GCM_NOPADDING); cipher.init(Cipher.DECRYPT_MODE, secretKeySpec); return new String(cipher.doFinal(Base64.getDecoder().decode(content))); } catch (Exception e) { diff --git a/ccag-tvs-sim/ccag-tvs-sim-biz/src/main/java/com/ccag/utils/HttpUtil.java b/ccag-tvs-sim/ccag-tvs-sim-biz/src/main/java/com/ccag/utils/HttpUtil.java index a5d0d7f..fbd3fa8 100644 --- a/ccag-tvs-sim/ccag-tvs-sim-biz/src/main/java/com/ccag/utils/HttpUtil.java +++ b/ccag-tvs-sim/ccag-tvs-sim-biz/src/main/java/com/ccag/utils/HttpUtil.java @@ -29,15 +29,10 @@ import org.springframework.web.multipart.MultipartFile; import javax.net.ssl.*; import java.io.*; -import java.net.HttpURLConnection; -import java.net.MalformedURLException; -import java.net.URL; import java.nio.charset.StandardCharsets; import java.security.KeyManagementException; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; import java.util.List; import java.util.Map; @@ -48,6 +43,7 @@ public class HttpUtil { private static final String RESPONSE_ERROR = "释放response错误"; private static final String UTF_8 = "UTF-8"; + private static final String HTTP_ERROR = "httpclient IO error:"; //创建一个跳过SSL证书认证策略的简单连接 public static CloseableHttpClient createSSLClientDefault() throws Exception { @@ -201,7 +197,7 @@ public class HttpUtil { httpPost.setConfig(requestConfig); } //填充参数 - httpPost.setEntity(new StringEntity(paramJson, "utf-8")); + httpPost.setEntity(new StringEntity(paramJson, UTF_8)); //发起请求 response = hp.execute(httpPost); HttpEntity entity = response.getEntity(); @@ -212,7 +208,7 @@ public class HttpUtil { } EntityUtils.consume(entity); } catch (IOException e) { - log.error("httpclient IO error:" + e); + log.error(HTTP_ERROR + e); result = e.toString(); } finally { if (response != null) { @@ -248,7 +244,7 @@ public class HttpUtil { httpPost.setConfig(requestConfig); } //填充参数 - UrlEncodedFormEntity entity = new UrlEncodedFormEntity(params, "utf-8"); + UrlEncodedFormEntity entity = new UrlEncodedFormEntity(params, UTF_8); httpPost.setEntity(entity); //发起请求 response = hp.execute(httpPost); @@ -260,7 +256,7 @@ public class HttpUtil { } EntityUtils.consume(responseEntity); } catch (IOException e) { - log.error("httpclient IO error:" + e); + log.error(HTTP_ERROR + e); result = e.toString(); } finally { if (response != null) { @@ -357,215 +353,4 @@ public class HttpUtil { } return null; } - - public static String curlHttp(String url,Map header,String bodyParams) - { - String curlCmd = "curl -k --insecure -X POST "+url; - - for(String key : header.keySet()) - { - curlCmd += " -H '"+key+":"+header.get(key)+"'"; - } - - if(bodyParams != null && bodyParams.length()>0) - { - curlCmd += " --data '"+bodyParams+"'"; - } - String line=""; - String[] cmd = {"/bin/sh","-c",curlCmd}; - try - { - Process process = Runtime.getRuntime().exec(cmd); - // 读取命令的输出 - BufferedReader reader = new BufferedReader(new InputStreamReader(process.getInputStream())); - String li; - while (( li = reader.readLine()) != null) { - if(li != null && li.length()>0) - { - line += li; - } - } - - // 等待命令执行完成 - process.waitFor(); - - // 关闭流 - reader.close(); - } - catch (Exception e) - { - e.printStackTrace(); - } - return line; - } - - public static String curlHttps(String httpurl,Map headers,String body) { - HttpURLConnection connection = null; - InputStream is = null; - OutputStream os = null; - BufferedReader br = null; - //TrustAllHttpsCertification - try { - - TrustManager[] trustAllCerts = new TrustManager[1]; - trustAllCerts[0] = new X509TrustManager(){ - - @Override - public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { - // TODO Auto-generated method stub - - } - - @Override - public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { - // TODO Auto-generated method stub - - } - - @Override - public X509Certificate[] getAcceptedIssuers() { - // TODO Auto-generated method stub - return null; - } - - }; - SSLContext sc = SSLContext.getInstance("SSL"); - sc.init(null, trustAllCerts, null); - HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); - } - catch (Exception ex) - { - ex.printStackTrace(); - } - HostnameVerifier hv = new HostnameVerifier() { - @Override - public boolean verify(String urlHostName, SSLSession session) { - - return true; - } - }; - HttpsURLConnection.setDefaultHostnameVerifier(hv); - String result = "{\"result\":false,\"err\":\"no respond\"}";// ؽ ַ - try { - // Զ url Ӷ - URL url = new URL(httpurl); - //httpURLConnection - synchronized (HttpUtil.class) { - connection = (HttpURLConnection) url.openConnection(); - } - - // - connection.setRequestMethod("POST"); - // - connection.setConnectTimeout(3000); - // - connection.setReadTimeout(30000); - connection.setDoOutput(true); - connection.setDoInput(true); - - if(body != null) - { - connection.setRequestProperty("Content-Length", String.valueOf(body.getBytes())); - } - if(headers != null) - { - for(String key : headers.keySet()) - { - connection.setRequestProperty(key, headers.get(key)); - - } - } - if(body != null && body.length()>0) - { - os = connection.getOutputStream(); - // ͨ 󽫲 д ȥ/ ȥ, ͨ ֽ д - os.write(body.getBytes()); - } - // - //synchronized (NativeTest.class) { - // connection.connect(); - //} - // ͨ connection ӣ ȡ - is = connection.getInputStream(); - br = new BufferedReader(new InputStreamReader(is, UTF_8)); - // - StringBuffer sbf = new StringBuffer(); - String temp = null; - while ((temp = br.readLine()) != null) { - sbf.append(temp); - sbf.append("\r\n"); - } - result = sbf.toString(); - } catch (MalformedURLException e) { - e.printStackTrace(); - } catch (IOException e) { - e.printStackTrace(); - } finally { - // ر Դ - if (null != br) { - try { - br.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - - if (null != is) { - try { - is.close(); - } catch (IOException e) { - e.printStackTrace(); - } - } - - connection.disconnect();// - } - - return result; - } - - public static String httpPost(String url, Map headers, String paramJson) throws Exception { - if (httpclient == null) { - httpclient = createSSLClientDefault(); - } - CloseableHttpClient hp = httpclient; - CloseableHttpResponse response = null; - String result = ""; - try { - HttpPost httpPost = new HttpPost(url); - //设置header -// httpPost.setHeader("Content-Type", "application/json"); - if (headers.size() > 0) { - for (String key : headers.keySet()) { - httpPost.addHeader(key, headers.get(key)); - } - } - //填充参数 - httpPost.setEntity(new StringEntity(paramJson, "utf-8")); - //发起请求 - response = hp.execute(httpPost); - HttpEntity entity = response.getEntity(); - result = EntityUtils.toString(entity, UTF_8); - //处理返回结果 - if (response.getStatusLine().getStatusCode() < 200 || response.getStatusLine().getStatusCode() > 300) { - throw new Exception(result); - } - EntityUtils.consume(entity); - } catch (IOException e) { - log.error("httpclient IO error:" + e); - result = e.toString(); - } finally { - if (response != null) { - try { - EntityUtils.consume(response.getEntity()); - response.close(); - } catch (IOException e) { - log.error(RESPONSE_ERROR); - e.printStackTrace(); - } - } - hp.close(); - } - return result; - } } \ No newline at end of file diff --git a/ccag-tvs-sim/ccag-tvs-sim-biz/src/main/java/com/ccag/utils/SSLUtil.java b/ccag-tvs-sim/ccag-tvs-sim-biz/src/main/java/com/ccag/utils/SSLUtil.java index 459c9a7..13253e9 100644 --- a/ccag-tvs-sim/ccag-tvs-sim-biz/src/main/java/com/ccag/utils/SSLUtil.java +++ b/ccag-tvs-sim/ccag-tvs-sim-biz/src/main/java/com/ccag/utils/SSLUtil.java @@ -12,6 +12,7 @@ import java.security.cert.X509Certificate; */ public class SSLUtil { + @SuppressWarnings("java:S4830") // 抑制SSL证书验证的Sonar警告 public static void disableSSLVerification()throws Exception{ try { // 创建一个信任所有证书的 TrustManager