From 9eda1983987c2f0379655ea37c40aee44da0d130 Mon Sep 17 00:00:00 2001 From: xyiege Date: Thu, 24 Nov 2022 14:46:30 +0800 Subject: [PATCH] =?UTF-8?q?=E6=94=AF=E4=BB=98=E5=B7=A5=E5=85=B7=E9=9B=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../chjyj/szwh/utils/pay/method/ApiUtil.java | 65 +++++ .../utils/pay/security/AesEncryption.java | 57 ++++ .../szwh/utils/pay/security/Base64Method.java | 39 +++ .../szwh/utils/pay/security/HttpsUtil.java | 256 ++++++++++++++++++ .../szwh/utils/pay/security/MD5Util.java | 36 +++ .../szwh/utils/pay/security/TimeUtil.java | 10 + 6 files changed, 463 insertions(+) create mode 100644 src/main/java/cn/chjyj/szwh/utils/pay/method/ApiUtil.java create mode 100644 src/main/java/cn/chjyj/szwh/utils/pay/security/AesEncryption.java create mode 100644 src/main/java/cn/chjyj/szwh/utils/pay/security/Base64Method.java create mode 100644 src/main/java/cn/chjyj/szwh/utils/pay/security/HttpsUtil.java create mode 100644 src/main/java/cn/chjyj/szwh/utils/pay/security/MD5Util.java create mode 100644 src/main/java/cn/chjyj/szwh/utils/pay/security/TimeUtil.java diff --git a/src/main/java/cn/chjyj/szwh/utils/pay/method/ApiUtil.java b/src/main/java/cn/chjyj/szwh/utils/pay/method/ApiUtil.java new file mode 100644 index 0000000..274a403 --- /dev/null +++ b/src/main/java/cn/chjyj/szwh/utils/pay/method/ApiUtil.java @@ -0,0 +1,65 @@ +package cn.chjyj.szwh.utils.pay.method; + +import com.alibaba.fastjson.JSONObject; +import com.masget.api.security.AesEncryption; +import com.masget.api.security.HttpsUtil; +import com.masget.api.security.MD5Util; +import com.masget.api.security.TimeUtil; + +public class ApiUtil { + private static final String FORMAT = "json"; + private static final String VERSION = "2.0"; + + public static String methodInvoke(String openApiUrl, String appid, + String session, String secretkey, String method, String data) { + String result = ""; + try { + String encryptdata = AesEncryption.Encrypt(data, secretkey, + secretkey); + String timestamp = TimeUtil.getTime(); + String signstr = MD5Util.string2MD5(secretkey + appid + + encryptdata + FORMAT + method + session + timestamp + + VERSION + secretkey); + JSONObject requestObj = new JSONObject(); + requestObj.put("appid", appid); + requestObj.put("method", method); + requestObj.put("session", session); + requestObj.put("format", FORMAT); + requestObj.put("data", encryptdata); + requestObj.put("v", VERSION); + requestObj.put("timestamp", timestamp); + requestObj.put("sign", signstr); + + result = HttpsUtil.doSslPost(openApiUrl, + requestObj.toJSONString(), "utf-8"); + } catch (Exception ex) { + ex.printStackTrace(); + result = ex.getMessage(); + } + return result; + } + + public static String methodInvoke(String openApiUrl, String appid, + String session, String secretkey, String method, String data, + int redirectflag) { + String result = ""; + try { + String encryptdata = AesEncryption.Encrypt(data, secretkey, + secretkey); + String timestamp = TimeUtil.getTime(); + String signstr = MD5Util.string2MD5(secretkey + appid + + encryptdata + FORMAT + method + session + timestamp + + VERSION + secretkey); + String getdata = "appid=" + appid + "&method=" + method + + "&session=" + session + "&format=" + FORMAT + + "&data=" + encryptdata + "&v=" + VERSION + "×tamp=" + + timestamp + "&sign=" + signstr + "&redirectflag=" + + redirectflag; + return openApiUrl + "?" + getdata; + } catch (Exception ex) { + ex.printStackTrace(); + result = ex.getMessage(); + } + return result; + } +} diff --git a/src/main/java/cn/chjyj/szwh/utils/pay/security/AesEncryption.java b/src/main/java/cn/chjyj/szwh/utils/pay/security/AesEncryption.java new file mode 100644 index 0000000..3a00719 --- /dev/null +++ b/src/main/java/cn/chjyj/szwh/utils/pay/security/AesEncryption.java @@ -0,0 +1,57 @@ +package cn.chjyj.szwh.utils.pay.security; + +import javax.crypto.Cipher; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; + +public class AesEncryption { + + public static String Encrypt(String data, String key, String iv) + throws Exception { + try { + + Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding"); + int blockSize = cipher.getBlockSize(); + + byte[] dataBytes = data.getBytes("UTF-8"); + int plaintextLength = dataBytes.length; + if (plaintextLength % blockSize != 0) { + plaintextLength = plaintextLength + + (blockSize - (plaintextLength % blockSize)); + } + + byte[] plaintext = new byte[plaintextLength]; + System.arraycopy(dataBytes, 0, plaintext, 0, dataBytes.length); + + SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES"); + IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes()); + + cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec); + byte[] encrypted = cipher.doFinal(plaintext); + return Base64Method.EncryptBase64(encrypted); + + } catch (Exception e) { + e.printStackTrace(); + return null; + } + } + + public static String Desencrypt(String data, String key, String iv) + throws Exception { + try { + + byte[] encrypted1 =Base64Method.DecryptBase64ForByte(data); + Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding"); + SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES"); + IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes()); + cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec); + byte[] original = cipher.doFinal(encrypted1); + String originalString = new String(original,"UTF-8"); + return originalString; + + } catch (Exception e) { + e.printStackTrace(); + return null; + } + } +} diff --git a/src/main/java/cn/chjyj/szwh/utils/pay/security/Base64Method.java b/src/main/java/cn/chjyj/szwh/utils/pay/security/Base64Method.java new file mode 100644 index 0000000..ae5411c --- /dev/null +++ b/src/main/java/cn/chjyj/szwh/utils/pay/security/Base64Method.java @@ -0,0 +1,39 @@ +package cn.chjyj.szwh.utils.pay.security; + +import org.apache.commons.codec.binary.Base64; + +public class Base64Method { + + public static String EncryptBase64(String a_strString) throws Exception { + Base64 base64 = new Base64(); + String base64str = new String(base64.encode(a_strString + .getBytes("utf-8")), "utf-8"); + base64str = base64str.replace("\n", "").replace("\r", "") + .replace('+', '-').replace('/', '_'); + return base64str; + } + + public static String EncryptBase64(byte[] bytes) throws Exception { + Base64 base64 = new Base64(); + String base64str = new String(base64.encode(bytes), "utf-8"); + base64str = base64str.replace("\n", "").replace("\r", "") + .replace('+', '-').replace('/', '_'); + return base64str; + } + + public static String DecryptBase64(String a_strString) throws Exception { + Base64 base64 = new Base64(); + byte[] bytes = base64.decode(a_strString.replace('-', '+') + .replace('_', '/').getBytes("utf-8")); + String str = new String(bytes, "utf-8"); + return str; + } + + public static byte[] DecryptBase64ForByte(String a_strString) + throws Exception { + Base64 base64 = new Base64(); + byte[] bytes = base64.decode(a_strString.replace('-', '+') + .replace('_', '/').getBytes("utf-8")); + return bytes; + } +} diff --git a/src/main/java/cn/chjyj/szwh/utils/pay/security/HttpsUtil.java b/src/main/java/cn/chjyj/szwh/utils/pay/security/HttpsUtil.java new file mode 100644 index 0000000..580a357 --- /dev/null +++ b/src/main/java/cn/chjyj/szwh/utils/pay/security/HttpsUtil.java @@ -0,0 +1,256 @@ +package cn.chjyj.szwh.utils.pay.security; + +import java.io.BufferedReader; +import java.io.ByteArrayOutputStream; +import java.io.DataOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.net.URL; +import java.net.URLConnection; +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; + +public class HttpsUtil { + + private static class TrustAnyTrustManager implements X509TrustManager { + + public void checkClientTrusted(X509Certificate[] chain, String authType) + throws CertificateException { + } + + public void checkServerTrusted(X509Certificate[] chain, String authType) + throws CertificateException { + } + + public X509Certificate[] getAcceptedIssuers() { + return new X509Certificate[] {}; + } + } + + private static class TrustAnyHostnameVerifier implements HostnameVerifier { + public boolean verify(String hostname, SSLSession session) { + return true; + } + } + + /** + * post方式请求服务器(https协议) + * + * @param url + * 请求地址 + * @param content + * 参数 + * @param charset + * 编码 + * @return + * @throws NoSuchAlgorithmException + * @throws KeyManagementException + * @throws IOException + */ + public static String doSslPost(String url, String content, String charset) + throws NoSuchAlgorithmException, KeyManagementException, + IOException { + + SSLContext sc = SSLContext.getInstance("SSL"); + sc.init(null, new TrustManager[] { new TrustAnyTrustManager() }, + new java.security.SecureRandom()); + + URL console = new URL(url); + HttpsURLConnection conn = (HttpsURLConnection) console.openConnection(); + conn.setSSLSocketFactory(sc.getSocketFactory()); + conn.setHostnameVerifier(new TrustAnyHostnameVerifier()); + conn.setDoOutput(true); + conn.setDoInput(true); + conn.setRequestMethod("POST"); + conn.setConnectTimeout(30000); + conn.setReadTimeout(30000); + conn.connect(); + DataOutputStream out = new DataOutputStream(conn.getOutputStream()); + out.write(content.getBytes(charset)); + // 刷新、关闭 + out.flush(); + out.close(); + InputStream is = conn.getInputStream(); + if (is != null) { + ByteArrayOutputStream outStream = new ByteArrayOutputStream(); + byte[] buffer = new byte[1024]; + int len = 0; + while ((len = is.read(buffer)) != -1) { + outStream.write(buffer, 0, len); + } + is.close(); + return new String(outStream.toByteArray(),"utf-8"); + } + return null; + } + + /** + * get方式请求服务器(https协议) + * + * @param url + * 请求地址 + * @param content + * 参数 + * @param charset + * 编码 + * @return + * @throws NoSuchAlgorithmException + * @throws KeyManagementException + * @throws IOException + */ + public static String doSslGet(String url, String charset) + throws NoSuchAlgorithmException, KeyManagementException, + IOException { + + SSLContext sc = SSLContext.getInstance("SSL"); + sc.init(null, new TrustManager[] { new TrustAnyTrustManager() }, + new java.security.SecureRandom()); + + URL console = new URL(url); + HttpsURLConnection conn = (HttpsURLConnection) console.openConnection(); + conn.setSSLSocketFactory(sc.getSocketFactory()); + conn.setHostnameVerifier(new TrustAnyHostnameVerifier()); + conn.setRequestMethod("GET"); + conn.setConnectTimeout(30000); + conn.setReadTimeout(30000); + conn.connect(); + + InputStream is = conn.getInputStream(); + if (is != null) { + ByteArrayOutputStream outStream = new ByteArrayOutputStream(); + byte[] buffer = new byte[1024]; + int len = 0; + while ((len = is.read(buffer)) != -1) { + outStream.write(buffer, 0, len); + } + is.close(); + return new String(outStream.toByteArray(),"utf-8"); + } + return null; + } + + /** + * 向指定URL发送GET方法的请求 + * + * @param url + * 发送请求的URL + * @param param + * 请求参数,请求参数应该是 name1=value1&name2=value2 的形式。 + * @return URL 所代表远程资源的响应结果 + */ + public static String doGet(String url, String param) { + String result = ""; + BufferedReader in = null; + try { + String urlNameString = url + "?" + param; + URL realUrl = new URL(urlNameString); + // 打开和URL之间的连接 + URLConnection connection = realUrl.openConnection(); + // 设置通用的请求属性 + connection.setRequestProperty("accept", "*/*"); + connection.setRequestProperty("connection", "Keep-Alive"); + connection.setRequestProperty("user-agent", + "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)"); + connection.setConnectTimeout(30000); + connection.setReadTimeout(30000); + // 建立实际的连接 + connection.connect(); + // 获取所有响应头字段 +// Map> map = connection.getHeaderFields(); +// // 遍历所有的响应头字段 +// for (String key : map.keySet()) { +// System.out.println(key + "--->" + map.get(key)); +// } + // 定义 BufferedReader输入流来读取URL的响应 + in = new BufferedReader(new InputStreamReader( + connection.getInputStream())); + String line; + while ((line = in.readLine()) != null) { + result += line; + } + } catch (Exception e) { + System.out.println("发送GET请求出现异常!" + e); + e.printStackTrace(); + } + // 使用finally块来关闭输入流 + finally { + try { + if (in != null) { + in.close(); + } + } catch (Exception e2) { + e2.printStackTrace(); + } + } + return result; + } + + /** + * 向指定 URL 发送POST方法的请求 + * + * @param url + * 发送请求的 URL + * @param param + * 请求参数,请求参数应该是 name1=value1&name2=value2 的形式。 + * @return 所代表远程资源的响应结果 + */ + public static String doPost(String url, String param) { + DataOutputStream out = null; + BufferedReader in = null; + String result = ""; + try { + URL realUrl = new URL(url); + // 打开和URL之间的连接 + URLConnection conn = realUrl.openConnection(); + // 设置通用的请求属性 + conn.setRequestProperty("accept", "*/*"); + conn.setRequestProperty("connection", "Keep-Alive"); + conn.setRequestProperty("user-agent", + "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)"); + // 发送POST请求必须设置如下两行 + conn.setDoOutput(true); + conn.setDoInput(true); + conn.setConnectTimeout(30000); + conn.setReadTimeout(30000); + conn.connect(); + out = new DataOutputStream(conn.getOutputStream()); + out.write(param.getBytes("utf-8")); + // 刷新、关闭 + out.flush(); + + in = new BufferedReader( + new InputStreamReader(conn.getInputStream())); + String line; + while ((line = in.readLine()) != null) { + result += line; + } + } catch (Exception e) { + System.out.println("发送 POST 请求出现异常!"+e); + e.printStackTrace(); + } + //使用finally块来关闭输出流、输入流 + finally{ + try{ + if(out!=null){ + out.close(); + } + if(in!=null){ + in.close(); + } + } + catch(IOException ex){ + ex.printStackTrace(); + } + } + return result; + } +} diff --git a/src/main/java/cn/chjyj/szwh/utils/pay/security/MD5Util.java b/src/main/java/cn/chjyj/szwh/utils/pay/security/MD5Util.java new file mode 100644 index 0000000..96bcbdf --- /dev/null +++ b/src/main/java/cn/chjyj/szwh/utils/pay/security/MD5Util.java @@ -0,0 +1,36 @@ +package cn.chjyj.szwh.utils.pay.security; + +import java.security.MessageDigest; + +public class MD5Util { + + /*** + * MD5加码 生成32位md5�? + */ + public static String string2MD5(String inStr){ + MessageDigest md5 = null; + try{ + md5 = MessageDigest.getInstance("MD5"); + }catch (Exception e){ + System.out.println(e.toString()); + e.printStackTrace(); + return ""; + } + char[] charArray = inStr.toCharArray(); + byte[] byteArray = new byte[charArray.length]; + + for (int i = 0; i < charArray.length; i++) + byteArray[i] = (byte) charArray[i]; + byte[] md5Bytes = md5.digest(byteArray); + StringBuffer hexValue = new StringBuffer(); + for (int i = 0; i < md5Bytes.length; i++){ + int val = ((int) md5Bytes[i]) & 0xff; + if (val < 16) + hexValue.append("0"); + hexValue.append(Integer.toHexString(val)); + } + return hexValue.toString(); + + } + +} diff --git a/src/main/java/cn/chjyj/szwh/utils/pay/security/TimeUtil.java b/src/main/java/cn/chjyj/szwh/utils/pay/security/TimeUtil.java new file mode 100644 index 0000000..2f59466 --- /dev/null +++ b/src/main/java/cn/chjyj/szwh/utils/pay/security/TimeUtil.java @@ -0,0 +1,10 @@ +package cn.chjyj.szwh.utils.pay.security; + +import java.text.ParseException; + +public class TimeUtil { + + public static String getTime() throws ParseException{ + return String.valueOf(System.currentTimeMillis()); + } +}