标题:
基于HTTP在互联网传输敏感数据的消息摘要、签名与加密方案(3)
[打印本页]
作者:
yuyang911220
时间:
2016-8-18 16:27
标题:
基于HTTP在互联网传输敏感数据的消息摘要、签名与加密方案(3)
/**
* Post an xml string to a specific host.
*
* @param targetHost
* @param targetPort
* @param protocol
* @param proxyHost
* @param proxyPort
* @param proxyUser
* @param proxyPassword
* @param uri
* @param paraMap
* @param xml
* @param charset
* @return
* @throws ClientProtocolException
* @throws IOException
*/
public String postXmlString(String targetHost, int targetPort,
String protocol, String proxyHost, int proxyPort, String proxyUser,
String proxyPassword, String uri, Map<String, String> paraMap,
String xml, String charset) throws ClientProtocolException,
IOException {
String result = null;
DefaultHttpClient httpclient = new DefaultHttpClient();
if (StringUtils.isNotBlank(proxyHost) && proxyPort > 0) {
// 设置上网代理
AuthScope authScope = new AuthScope(proxyHost, proxyPort);
if (StringUtils.isNotBlank(proxyUser)
&& StringUtils.isNotBlank(proxyPassword)) {
// 设置上网代理的用户名和密码
UsernamePasswordCredentials upc = new UsernamePasswordCredentials(
proxyUser, proxyPassword);
httpclient.getCredentialsProvider().setCredentials(authScope,
upc);
}
HttpHost proxy = new HttpHost(proxyHost, proxyPort);
httpclient.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY,
proxy);
}
HttpHost host = new HttpHost(targetHost, targetPort, protocol);
uri = buildUri(uri, paraMap);
log.info("post uri: " + uri);
log.info("post content: " + xml);
HttpPost post = new HttpPost(uri);
StringEntity se = new StringEntity(xml,
StringUtils.isNotBlank(charset) ? charset : "utf-8");
se.setContentEncoding(new BasicHeader(HTTP.CONTENT_TYPE,
"application/xml"));
post.setEntity(se);
HttpResponse response = httpclient.execute(host, post);
if (HttpStatus.SC_OK == response.getStatusLine().getStatusCode()) {
HttpEntity entity = response.getEntity();
if (entity != null) {
result = EntityUtils.toString(entity);
log.info("post result: " + result);
}
} else {
log.error("post failed, status code: "
+ response.getStatusLine().getStatusCode());
}
return result;
}
public
static
void main(String[] args) throws Exception {
AESTool aes = new AESTool();
SignatureUtil signatureUtil = new SignatureUtil();
String appid = "canairport001";
String token = signatureUtil.findTokenById(appid);
String key = aes.findKeyById(appid);
long millis = System.currentTimeMillis();
String xml = "<dependency><groupId>commons-lang</groupId><artifactId>commons-lang</artifactId><version>2.5</version></dependency>";
xml = aes.encrypt(xml, key);
String lol = signatureUtil.digest(xml, "MD5");
String signature = signatureUtil.generateSignature(appid, token, lol,
millis);
log.info("lol: \n" + lol);
log.info("signature: \n" + signature);
String uri = "http://127.0.0.1:8080/demo/psginfo.do";
Map<String, String> paraMap = new HashMap<String, String>();
paraMap.put("s", signature);
paraMap.put("a", appid);
paraMap.put("t", String.valueOf(millis));
paraMap.put("l", lol);
paraMap.put("o", "test");
HttpclientUtil util = new HttpclientUtil();
try {
String result = util.postXmlString("127.0.0.1", 8080, "http", null,
0, null, null, uri, paraMap, xml, "utf-8");
result = aes.decrypt(result, key);
System.out.println(result);
} catch (ClientProtocolException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
}
4.服务端代码:
Java代码 [url=]
[/url]
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.io.UnsupportedEncodingException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import co.speedar.wechat.util.AESTool;
import co.speedar.wechat.util.SignatureUtil;
/**
* Servlet implementation class PsginfoServlet
*/
@WebServlet(urlPatterns = { "/psginfo.do" }, loadOnStartup = 1)
public
class PsginfoServlet extends HttpServlet {
protected
static
final Logger log = Logger.getLogger(PsginfoServlet.class);
private
static
final
long serialVersionUID = 6536688299231165548L;
private SignatureUtil signatureUtil = new SignatureUtil();
private AESTool aes = new AESTool();
/**
* @see HttpServlet#HttpServlet()
*/
public PsginfoServlet() {
super();
}
/**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
* response)
*/
protected
void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
String echostr = request.getParameter("e");
log.info("echostr before echo: " + echostr);
String signature = request.getParameter("s");
String appid = request.getParameter("a");
String timestamp = request.getParameter("t");
String lol = request.getParameter("l");
long millis = Long.valueOf(timestamp);
// Need to check signature in product mode.
if (signatureUtil.isValid(signature, appid, lol, millis)) {
PrintWriter writer = response.getWriter();
log.info("echostr after echo: " + echostr);
writer.print(echostr);
writer.flush();
writer.close();
}
}
/**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
* response)
*/
protected
void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
// Get request parameters.
String signature = request.getParameter("s");
String appid = request.getParameter("a");
String timestamp = request.getParameter("t");
String lol = request.getParameter("l");
String operation = request.getParameter("o");
long millis = Long.valueOf(timestamp);
// Get xml data.
String encoding = StringUtils
.isNotBlank(request.getCharacterEncoding()) ? request
.getCharacterEncoding() : "utf-8";
String requestXmlString = getXmlStringFromHttpRequest(request);
String digest = signatureUtil.digest(requestXmlString, "MD5");
// Check signature and digest.
if (StringUtils.equals(digest, lol)) {
if (signatureUtil.isValid(signature, appid, lol, millis)) {
try {
String key = aes.findKeyById(appid);
requestXmlString = aes.decrypt(requestXmlString, key);
log.info("received xml data:\n" + requestXmlString);
// 校验xml合法性并执行相应动作
String responseXmlString = doSomeThing(requestXmlString,
operation);
responseXmlString = aes.encrypt(responseXmlString, key);
log.info("responsed xml data:\n" + responseXmlString);
response.setCharacterEncoding(encoding);
PrintWriter writer = response.getWriter();
writer.print(responseXmlString);
writer.flush();
writer.close();
} catch (Exception e) {
log.error(e, e);
}
} else {
log.error("invalid signature");
}
} else {
log.error("invalid digest.");
}
}
欢迎光临 电子技术论坛_中国专业的电子工程师学习交流社区-中电网技术论坛 (http://bbs.eccn.com/)
Powered by Discuz! 7.0.0
[/url]