hwj_system
/
dntd-model-tools
6
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

修改认证方式

Browse Source
master
林颖晨 1 year ago
parent 99a1ad074c
commit 4048694d00
9 changed files with 146 additions and 139 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 7
      dntd-common/pom.xml
  2. 7
      dntd-model-buildheating/pom.xml
  3. 7
      dntd-model-heatboiler/pom.xml
  4. 7
      dntd-modelI/pom.xml
  5. 7
      dntd-tool/pom.xml
  6. 78
      dntd-tool/src/main/java/com/dky/security/SM4Utils.java
  7. 128
      dntd-tool/src/main/java/com/dky/tool/ModelTool.java
  8. 3
      file.txt
  9. 41
      pom.xml

7
dntd-common/pom.xml
Unescape View File

@ -10,7 +10,7 @@
</parent>
<artifactId>dntd-common</artifactId>
<version>1.1-SNAPSHOT</version>
<version>1.0-SNAPSHOT</version>
<properties>
<maven.compiler.source>8</maven.compiler.source>
@ -22,7 +22,10 @@
<dependency>
<groupId>cn.hutool</groupId>
<artifactId>hutool-all</artifactId>
<version>5.4.5</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15to18</artifactId>
</dependency>
</dependencies>

7
dntd-model-buildheating/pom.xml
Unescape View File

@ -10,7 +10,7 @@
</parent>
<artifactId>dntd-model-buildheating</artifactId>
<version>1.1-SNAPSHOT</version>
<version>1.0-SNAPSHOT</version>
<properties>
<maven.compiler.source>8</maven.compiler.source>
@ -19,11 +19,6 @@
</properties>
<dependencies>
<dependency>
<groupId>cn.hutool</groupId>
<artifactId>hutool-all</artifactId>
<version>5.4.5</version>
</dependency>
<dependency>
<groupId>com.dky</groupId>
<artifactId>dntd-modelI</artifactId>

7
dntd-model-heatboiler/pom.xml
Unescape View File

@ -10,7 +10,7 @@
</parent>
<artifactId>dntd-model-heatboiler</artifactId>
<version>1.1-SNAPSHOT</version>
<version>1.0-SNAPSHOT</version>
<properties>
<maven.compiler.source>8</maven.compiler.source>
@ -19,11 +19,6 @@
</properties>
<dependencies>
<dependency>
<groupId>cn.hutool</groupId>
<artifactId>hutool-all</artifactId>
<version>5.4.5</version>
</dependency>
<dependency>
<groupId>com.dky</groupId>
<artifactId>dntd-modelI</artifactId>

7
dntd-modelI/pom.xml
Unescape View File

@ -10,7 +10,7 @@
</parent>
<artifactId>dntd-modelI</artifactId>
<version>1.1-SNAPSHOT</version>
<version>1.0-SNAPSHOT</version>
<properties>
<maven.compiler.source>8</maven.compiler.source>
@ -18,11 +18,6 @@
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
<dependencies>
<dependency>
<groupId>cn.hutool</groupId>
<artifactId>hutool-all</artifactId>
<version>5.4.5</version>
</dependency>
<dependency>
<groupId>com.dky</groupId>

7
dntd-tool/pom.xml
Unescape View File

@ -10,7 +10,7 @@
</parent>
<artifactId>dntd-tool</artifactId>
<version>1.2-SNAPSHOT</version>
<version>1.0-SNAPSHOT</version>
<properties>
<maven.compiler.source>8</maven.compiler.source>
@ -18,11 +18,6 @@
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
<dependencies>
<dependency>
<groupId>cn.hutool</groupId>
<artifactId>hutool-all</artifactId>
<version>5.4.5</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>

78
dntd-tool/src/main/java/com/dky/security/SM4Utils.java
Unescape View File

@ -1,12 +1,13 @@
package com.dky.security;
import cn.hutool.core.util.StrUtil;
import cn.hutool.crypto.asymmetric.KeyType;
import cn.hutool.crypto.asymmetric.SM2;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileReader;
import java.io.*;
import java.nio.charset.StandardCharsets;
import java.security.Security;
import java.util.*;
@ -16,7 +17,8 @@ public class SM4Utils {
Security.addProvider(new BouncyCastleProvider());
}
private static final String SM4_KEY = "mxhXSDiPYFjYgzRb"; // 16 bytes key
public final static String SM4_KEY = "1100fba8ee67ddf1f6f4e37c500dc10eee1bf15827ae3837810e30f402fa0bc6";
private static final String ALGORITHM = "AES/ECB/PKCS5Padding";
public static String encrypt(Map<String, String> map) throws Exception {
@ -28,29 +30,33 @@ public class SM4Utils {
return Base64.getEncoder().encodeToString(encrypted);
}
public static List<Map<String, String>> decrypt(String encrypted) throws Exception {
List<Map<String, String>> ary = new ArrayList<>();
public static Map<String, String> decrypt(String encrypted) throws FileNotFoundException {
File file = new File("file.txt");
FileReader fileReader = new FileReader(file);
BufferedReader reader = new BufferedReader(fileReader);
String line;
while ((line = reader.readLine()) != null) {
Cipher cipher = Cipher.getInstance(ALGORITHM, "BC");
SecretKeySpec secretKey = new SecretKeySpec(line.getBytes(StandardCharsets.UTF_8), "AES");
cipher.init(Cipher.DECRYPT_MODE, secretKey);
byte[] decoded = Base64.getDecoder().decode(encrypted);
try {
byte[] decrypted = cipher.doFinal(decoded);
ary.add(stringToMap(new String(decrypted, StandardCharsets.UTF_8)));
} catch (Exception e) {
// e.printStackTrace();
try (BufferedReader reader = new BufferedReader(fileReader)) {
String line;
while ((line = reader.readLine()) != null) {
try {
Cipher cipher = Cipher.getInstance(ALGORITHM, "BC");
SecretKeySpec secretKey = new SecretKeySpec(line.getBytes(StandardCharsets.UTF_8), "AES");
cipher.init(Cipher.DECRYPT_MODE, secretKey);
byte[] decoded = Base64.getDecoder().decode(encrypted);
byte[] decrypted = cipher.doFinal(decoded);
return stringToMap(new String(decrypted, StandardCharsets.UTF_8));
} catch (Exception e) {
System.out.println("私钥:" + line + ",该私钥未认证");
e.printStackTrace();
}
}
} catch ( IOException e){
System.out.println("文件读取错误,请检查文件内容是否为空");
throw new RuntimeException();
}
return ary;
return null;
}
private static String mapToString(Map<String, String> map) {
StringBuilder sb = new StringBuilder();
for (Map.Entry<String, String> entry : map.entrySet()) {
@ -71,28 +77,16 @@ public class SM4Utils {
return map;
}
public static void main(String[] args) throws Exception {
String s =
"GWnQ4RqqTc8n1Uj59xLoUtv975fmQsRWuvsk1zRmQu9TwIvlc6FTekndKMh+vMuRbI2bxdmuIxyZndYcg9u5xVa+HaiBZRP8OZFYIAo+66vDVlkBf47Nh2srjFyIXlLH";
List<Map<String, String>> decryptList = decrypt(s);
decryptList.forEach(System.out::println);
/*
File file = new File("file.txt");
try {
FileReader fileReader = new FileReader(file);
BufferedReader reader = new BufferedReader(fileReader);
String line;
while ((line = reader.readLine()) != null) {
// 处理每一行的数据
System.out.println(line);
}
reader.close();
} catch (IOException e) {
e.printStackTrace();
}*/
/**
* SM2私钥解密
*
* @param encryptStr SM2加密字符串
* @return
*/
public static String sm2DecryptBase64(String encryptStr) {
SM2 sm2 = new SM2(SM4_KEY, null);
return StrUtil.utf8Str(sm2.decrypt(encryptStr, KeyType.PrivateKey));
}
}

128
dntd-tool/src/main/java/com/dky/tool/ModelTool.java
Unescape View File

@ -3,19 +3,15 @@ package com.dky.tool;
import cn.hutool.json.JSONArray;
import cn.hutool.json.JSONObject;
import com.dky.modelI.DntdModelI;
import com.dky.security.GetCpuInfo;
import com.dky.utils.ConfigReader;
import com.dky.utils.entity.SysDeviceHeatScene;
import com.dky.utils.enums.Code;
import com.dky.utils.result.ResponseUtil;
import org.bouncycastle.math.raw.Mod;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Map;
import java.util.*;
public class ModelTool {
@ -41,58 +37,90 @@ public class ModelTool {
}
public JSONObject exeModel2Report(JSONObject jsonObject, String key) {
public JSONObject exeModel2Report(JSONObject jsonObject, String key,List<Map> mapList) {
JSONObject jsonObjectResult = new JSONObject();
// 判断CpuId是否包含本机地址
Boolean thisCpuIdIn = false;
// 判断是否过期
Boolean expired = false;
Boolean isAuthorization = Boolean.FALSE;
// 参数合法性检查
if (key == null || key.isEmpty()) {
System.err.println("解密密钥不能为空");
return ResponseUtil.createResponse(Code.KEY_CONTEXT_ERROR.getCode(), Code.KEY_CONTEXT_ERROR.getDesc(), null);
}
//这里会去查询两张表,分别是mysql中的information_schema库的tables和statistics表中的设备数据表元信息,其中有用的只是tables中的create_time字段,其余字段没有任何意义,只是为了防止破解
if (mapList.size() != 2){
System.err.println("未获取到验证信息");
return ResponseUtil.createResponse(Code.KEY_CONTEXT_ERROR.getCode(), Code.KEY_CONTEXT_ERROR.getDesc(), null);
}
try {
//获取本地的cpuid.
String localCpuId = GetCpuInfo.getCpuId();
// 根据给定的类名初始化类 加密不需要反实例化new
Class sm4UtilsClass = Class.forName("com.dky.security.SM4Utils");
// 实例化这个类
Object obj = sm4UtilsClass.newInstance();
// 调用指定方法
List<Map> maps = (List<Map>) sm4UtilsClass.getMethod("decrypt", String.class).invoke(obj, key);
for (Map map : maps){
String cpuIds = (String) map.get("cpuIds");
String expireTime = (String) map.get("expireTime");
// 定义日期时间格式
SimpleDateFormat formatter = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
Date date = formatter.parse(expireTime);
if (cpuIds.contains(localCpuId)){
thisCpuIdIn = true;
}
if (new Date().before(date)){
expired = true;
}
Class<?> sm4UtilsClass = Class.forName("com.dky.security.SM4Utils");
// 实例化类
Object obj = sm4UtilsClass.getDeclaredConstructor().newInstance();
// 获取方法并调用
Method decryptMethod = sm4UtilsClass.getMethod("sm2DecryptBase64", String.class);
String invoke = (String) decryptMethod.invoke(obj, key);
Map<String, String> map = new HashMap<>();
String[] keyValuePairs = invoke.split("&");
for (String keyValuePair : keyValuePairs) {
String[] keyValue = keyValuePair.split("=");
String key1 = keyValue[0];
String value = keyValue[1];
map.put(key1, value);
}
if (thisCpuIdIn){
if (expired){
// 判断模型使用权限
// 根据给定的类名初始化类 加密不需要反实例化new
Class buildHeatingScene = Class.forName("com.dky"+"."+ ConfigReader.getProperty(jsonObject.getStr("type")));
// 实例化这个类
DntdModelI buildHeatingSceneModel = (DntdModelI)buildHeatingScene.newInstance();
// 调用指定方法
jsonObjectResult = buildHeatingSceneModel.createReport(jsonObject,this.specList);
}else {
jsonObjectResult = ResponseUtil.createResponse(Code.KEY_EXPIRATION.getCode(), Code.KEY_EXPIRATION.getDesc(), null);
//获取table表的JSONObject
Map table = mapList.get(0);
//获取statistics表的JSONObject
Map statistics = mapList.get(1);
if(statistics == null) {
System.err.println("未获取到验证信息");
return ResponseUtil.createResponse(Code.KEY_UNAUTHORIZED.getCode(), Code.KEY_UNAUTHORIZED.getDesc(), null);
}
if(map.get("expireTime") == null){
return ResponseUtil.createResponse(Code.KEY_CONTEXT_ERROR.getCode(), Code.KEY_CONTEXT_ERROR.getDesc(), null);
}
if(map.get("companyname") == null){
return ResponseUtil.createResponse(Code.KEY_CONTEXT_ERROR.getCode(), Code.KEY_CONTEXT_ERROR.getDesc(), null);
}
// 定义日期时间格式并转化日期数据
SimpleDateFormat formatter = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
//创建表日期
Date createTimeDate = null;
try{
createTimeDate = formatter.parse((String) table.get("CREATE_TIME"));
} catch (NullPointerException e){
try{
createTimeDate = formatter.parse((String) statistics.get("create_time"));
} catch (NullPointerException e1){
e1.printStackTrace();
return ResponseUtil.createResponse(Code.KEY_UNAUTHORIZED.getCode(), Code.KEY_UNAUTHORIZED.getDesc(), null);
}
}else {
jsonObjectResult = ResponseUtil.createResponse(Code.KEY_UNAUTHORIZED.getCode(), Code.KEY_UNAUTHORIZED.getDesc(), null);
}
} catch (ClassNotFoundException | NoSuchMethodException e) {
e.printStackTrace();
} catch (InstantiationException e) {
e.printStackTrace();
} catch (IllegalAccessException e) {
e.printStackTrace();
//key中验证日期
Date startTimeDate = formatter.parse(map.get("cpuIds"));
//表创建时间早于key中时间,直接放行
if (createTimeDate.before(startTimeDate)){
isAuthorization = Boolean.TRUE;
}
//表创建时间早于key10天内的时间,直接放行
if (createTimeDate.before(new Date(startTimeDate.getTime() + 1000 * 60 * 60 * 24 * 10))){
isAuthorization = Boolean.TRUE;
}
if (isAuthorization) {
// 判断模型使用权限
// 根据给定的类名初始化类 加密不需要反实例化new
Class<?> buildHeatingScene = Class.forName("com.dky" + "." + ConfigReader.getProperty(jsonObject.getStr("type")));
// 实例化这个类
DntdModelI buildHeatingSceneModel = (DntdModelI) buildHeatingScene.newInstance();
// 调用指定方法
jsonObjectResult = buildHeatingSceneModel.createReport(jsonObject, this.specList);
} else {
jsonObjectResult = ResponseUtil.createResponse(Code.KEY_UNAUTHORIZED.getCode(), Code.KEY_UNAUTHORIZED.getDesc(), null);
}
} catch (ClassNotFoundException | InstantiationException | IllegalAccessException |
NoSuchMethodException | SecurityException e) {
// 异常处理
System.err.println("反射调用过程中发生异常: " + e.getMessage());
} catch (InvocationTargetException e) {
jsonObjectResult = ResponseUtil.createResponse(Code.KEY_CONTEXT_ERROR.getCode(), Code.KEY_CONTEXT_ERROR.getDesc(), null);
e.printStackTrace();

3
file.txt
Unescape View File

@ -1,3 +0,0 @@
mxhXSDiPYFjYgzRb
sm4demo123456789
myhXSDiPUFjYgzRa

41
pom.xml
Unescape View File

@ -27,30 +27,35 @@
<dependency>
<groupId>cn.hutool</groupId>
<artifactId>hutool-all</artifactId>
<version>5.4.5</version>
<version>5.8.25</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15to18</artifactId>
<version>1.69</version>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<!-- 代码混淆插件 -->
<!-- <plugin>-->
<!-- <groupId>com.dwp</groupId>-->
<!-- <artifactId>obfuscation</artifactId>-->
<!-- <version>1.0.0</version>-->
<!-- <executions>-->
<!-- <execution>-->
<!-- <phase>compile</phase>-->
<!-- <goals>-->
<!-- <goal>obfuscation</goal>-->
<!-- </goals>-->
<!-- </execution>-->
<!-- </executions>-->
<!-- <configuration>-->
<!-- <basePath>${basedir}</basePath>-->
<!-- <classPath>${basedir}/target/classes</classPath>-->
<!-- </configuration>-->
<!-- </plugin>-->
<plugin>
<groupId>com.dwp</groupId>
<artifactId>obfuscation</artifactId>
<version>1.0.0</version>
<executions>
<execution>
<phase>compile</phase>
<goals>
<goal>obfuscation</goal>
</goals>
</execution>
</executions>
<configuration>
<basePath>${basedir}</basePath>
<classPath>${basedir}/target/classes</classPath>
</configuration>
</plugin>
</plugins>
<resources>
<resource>

Write Preview
Loading…
Cancel
Save