From 3e1572dcad6bff9cb23388499a74d6dbb23e706b Mon Sep 17 00:00:00 2001 From: liulu Date: Tue, 14 Jan 2025 17:26:50 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BB=A3=E7=A0=81=E6=89=AB=E6=8F=8F=E9=97=AE?= =?UTF-8?q?=E9=A2=98=E8=A7=A3=E5=86=B3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../chsm/controller/AppCertController.java | 7 + .../controller/ApplicationController.java | 7 + .../sunyard/chsm/controller/CaController.java | 7 + .../controller/CryptoServiceController.java | 7 + .../chsm/controller/DeviceController.java | 7 + .../controller/DeviceGroupController.java | 7 + .../controller/IpWhitelistController.java | 7 + .../controller/KeyInfoAsymController.java | 7 + .../chsm/controller/KeyInfoController.java | 7 + .../chsm/controller/KeyInfoSymController.java | 7 + .../controller/KeyTemplateController.java | 7 + .../chsm/controller/TmkController.java | 7 + .../security/jwt/JWTAuthenticationFilter.java | 7 - .../ssp/modules/common/CaptchaController.java | 7 + .../log/controller/AuditLogController.java | 7 + .../log/controller/LogDownloadController.java | 7 + .../log/controller/LogSignController.java | 7 + .../log/controller/SysLogController.java | 7 + .../controller/TransactionController.java | 7 + .../ssp/modules/sdk/SdkApiServiceImpl.java | 5 +- .../controller/ScCipherMachineController.java | 428 +++++++++--------- .../controller/StatusController.java | 7 + .../dict/controller/ScDictController.java | 7 + .../dict/controller/ScDictDataController.java | 7 + .../controller/ParamConfController.java | 7 +- .../controller/ScDepartmentController.java | 1 + .../ScDepartmentHeaderController.java | 7 + .../controller/ScPermissionController.java | 1 + .../user/controller/ScPositionController.java | 1 + .../user/controller/ScRoleController.java | 1 + .../ScRoleDepartmentController.java | 7 + .../ScRolePermissionController.java | 7 +- .../user/controller/ScUShieldController.java | 15 +- .../user/controller/ScUserController.java | 5 +- .../user/controller/ScUserRoleController.java | 6 + .../sunyard/ssp/utils/CreateVerifyCode.java | 10 +- .../java/com/sunyard/ssp/utils/FileUtil.java | 187 -------- .../com/sunyard/ssp/utils/RandomUtils.java | 23 + .../utils/regexp/model/OptionalRegexNode.java | 4 +- .../utils/regexp/model/RepeatRegexNode.java | 4 +- .../utils/regexp/model/SingleRegexNode.java | 4 +- .../chsm/controller/AppLoginController.java | 6 + .../chsm/controller/AsymKeyController.java | 25 +- .../chsm/controller/CertController.java | 21 +- .../chsm/controller/HashController.java | 11 +- .../chsm/controller/KeyManageController.java | 7 + .../chsm/controller/RandomController.java | 7 + .../chsm/controller/SymKeyController.java | 7 + .../src/test/java/api/BaseTest.java | 2 +- 49 files changed, 528 insertions(+), 435 deletions(-) delete mode 100644 chsm-web-manage/src/main/java/com/sunyard/ssp/utils/FileUtil.java create mode 100644 chsm-web-manage/src/main/java/com/sunyard/ssp/utils/RandomUtils.java diff --git a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/AppCertController.java b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/AppCertController.java index e3f33a7..40780a6 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/AppCertController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/AppCertController.java @@ -7,8 +7,10 @@ import com.sunyard.chsm.model.dto.CertDTO; import com.sunyard.chsm.service.AppCertService; import com.sunyard.ssp.common.annotation.AuditControllerLog; import lombok.extern.slf4j.Slf4j; +import org.springframework.web.bind.WebDataBinder; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -31,6 +33,11 @@ public class AppCertController { @Resource private AppCertService appCertService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + /** * 分页查询应用证书列表 * diff --git a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/ApplicationController.java b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/ApplicationController.java index 12a528c..0c7c773 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/ApplicationController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/ApplicationController.java @@ -10,8 +10,10 @@ import com.sunyard.chsm.service.ApplicationService; import com.sunyard.ssp.common.annotation.AuditControllerLog; import lombok.extern.slf4j.Slf4j; import org.springframework.util.Assert; +import org.springframework.web.bind.WebDataBinder; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.PutMapping; import org.springframework.web.bind.annotation.RequestBody; @@ -35,6 +37,11 @@ public class ApplicationController { @Resource private ApplicationService applicationService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + /** * 分页查询应用列表 * diff --git a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/CaController.java b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/CaController.java index 990e767..1066271 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/CaController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/CaController.java @@ -7,8 +7,10 @@ import com.sunyard.chsm.model.dto.CertDTO; import com.sunyard.chsm.service.CaCertService; import com.sunyard.ssp.common.annotation.AuditControllerLog; import lombok.extern.slf4j.Slf4j; +import org.springframework.web.bind.WebDataBinder; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.PutMapping; import org.springframework.web.bind.annotation.RequestBody; @@ -32,6 +34,11 @@ public class CaController { @Resource private CaCertService caCertService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + /** * 分页查询CA列表 * diff --git a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/CryptoServiceController.java b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/CryptoServiceController.java index f718a3a..1b2b62a 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/CryptoServiceController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/CryptoServiceController.java @@ -10,8 +10,10 @@ import com.sunyard.chsm.service.CryptoServiceService; import com.sunyard.ssp.common.annotation.AuditControllerLog; import lombok.extern.slf4j.Slf4j; import org.springframework.util.Assert; +import org.springframework.web.bind.WebDataBinder; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.PutMapping; import org.springframework.web.bind.annotation.RequestBody; @@ -38,6 +40,11 @@ public class CryptoServiceController { @Resource private CryptoServiceService cryptoServiceService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + /** * 查询密码服务接口分组列表 * diff --git a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/DeviceController.java b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/DeviceController.java index 6d1208a..5ad2e12 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/DeviceController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/DeviceController.java @@ -9,8 +9,10 @@ import com.sunyard.chsm.model.R; import com.sunyard.chsm.service.DeviceService; import com.sunyard.ssp.common.annotation.AuditControllerLog; import lombok.extern.slf4j.Slf4j; +import org.springframework.web.bind.WebDataBinder; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.PutMapping; import org.springframework.web.bind.annotation.RequestBody; @@ -37,6 +39,11 @@ public class DeviceController { @Resource private DeviceService deviceService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + /** * 分页查询密码设备列表 * diff --git a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/DeviceGroupController.java b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/DeviceGroupController.java index dc11617..d1eab77 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/DeviceGroupController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/DeviceGroupController.java @@ -6,8 +6,10 @@ import com.sunyard.chsm.dto.DeviceGroupDTO; import com.sunyard.chsm.model.R; import com.sunyard.chsm.service.DeviceGroupService; import com.sunyard.ssp.common.annotation.AuditControllerLog; +import org.springframework.web.bind.WebDataBinder; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.PutMapping; import org.springframework.web.bind.annotation.RequestBody; @@ -30,6 +32,11 @@ public class DeviceGroupController { @Resource private DeviceGroupService deviceGroupService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + /** * 分页查询设备组列表 * diff --git a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/IpWhitelistController.java b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/IpWhitelistController.java index 6f6dcb4..b3903e3 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/IpWhitelistController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/IpWhitelistController.java @@ -6,7 +6,9 @@ import com.sunyard.chsm.dto.IpWhitelistDTO; import com.sunyard.chsm.model.R; import com.sunyard.chsm.service.IpWhitelistService; import com.sunyard.ssp.common.annotation.AuditControllerLog; +import org.springframework.web.bind.WebDataBinder; import org.springframework.web.bind.annotation.DeleteMapping; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.PutMapping; import org.springframework.web.bind.annotation.RequestBody; @@ -30,6 +32,11 @@ public class IpWhitelistController { @Resource private IpWhitelistService iIpWhitelistService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + /** * 分页查询设备组列表 * diff --git a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/KeyInfoAsymController.java b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/KeyInfoAsymController.java index 4bd2fb7..78ce73a 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/KeyInfoAsymController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/KeyInfoAsymController.java @@ -10,7 +10,9 @@ import org.springframework.core.io.ByteArrayResource; import org.springframework.http.HttpHeaders; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.WebDataBinder; import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -32,6 +34,11 @@ public class KeyInfoAsymController { @Resource private KeyInfoService keyInfoService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + /** * 分页查询非对称密钥列表 diff --git a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/KeyInfoController.java b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/KeyInfoController.java index b16c16f..4e8862f 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/KeyInfoController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/KeyInfoController.java @@ -8,7 +8,9 @@ import com.sunyard.chsm.model.dto.KeyInfoDTO; import com.sunyard.chsm.service.KeyInfoService; import com.sunyard.ssp.common.annotation.AuditControllerLog; import com.sunyard.ssp.common.exception.SspwebException; +import org.springframework.web.bind.WebDataBinder; import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -35,6 +37,11 @@ public class KeyInfoController { @Resource private KeyInfoService keyInfoService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + /** * 获取密钥状态选项 */ diff --git a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/KeyInfoSymController.java b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/KeyInfoSymController.java index 410d6ed..94129cf 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/KeyInfoSymController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/KeyInfoSymController.java @@ -12,7 +12,9 @@ import org.springframework.core.io.Resource; import org.springframework.http.HttpHeaders; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.WebDataBinder; import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -33,6 +35,11 @@ public class KeyInfoSymController { @Autowired private KeyInfoService keyInfoService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + /** * 分页查询对称密钥列表 diff --git a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/KeyTemplateController.java b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/KeyTemplateController.java index 838ffcb..3034bed 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/KeyTemplateController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/KeyTemplateController.java @@ -6,8 +6,10 @@ import com.sunyard.chsm.dto.KeyTemplateDTO; import com.sunyard.chsm.model.R; import com.sunyard.chsm.service.KeyTemplateService; import com.sunyard.ssp.common.annotation.AuditControllerLog; +import org.springframework.web.bind.WebDataBinder; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.PutMapping; import org.springframework.web.bind.annotation.RequestBody; @@ -30,6 +32,11 @@ public class KeyTemplateController { @Resource private KeyTemplateService keyTemplateService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + /** * 分页查询密钥模版 * diff --git a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/TmkController.java b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/TmkController.java index 23d44fc..ee6f465 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/TmkController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/chsm/controller/TmkController.java @@ -6,7 +6,9 @@ import com.sunyard.chsm.service.TmkService; import lombok.Data; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.tuple.Pair; +import org.springframework.web.bind.WebDataBinder; import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -31,6 +33,11 @@ public class TmkController { @Resource private TmkService tmkService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + /** * 查询主密钥生成状态 * diff --git a/chsm-web-manage/src/main/java/com/sunyard/config/security/jwt/JWTAuthenticationFilter.java b/chsm-web-manage/src/main/java/com/sunyard/config/security/jwt/JWTAuthenticationFilter.java index afd5b2a..5b525dc 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/config/security/jwt/JWTAuthenticationFilter.java +++ b/chsm-web-manage/src/main/java/com/sunyard/config/security/jwt/JWTAuthenticationFilter.java @@ -22,12 +22,10 @@ import org.springframework.security.web.authentication.www.BasicAuthenticationFi import javax.servlet.FilterChain; import javax.servlet.ServletException; -import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.ArrayList; -import java.util.Arrays; import java.util.List; import java.util.concurrent.TimeUnit; @@ -77,11 +75,6 @@ public class JWTAuthenticationFilter extends BasicAuthenticationFilter { header = request.getParameter(SecurityConstant.HEADER); } - if(StrUtil.isBlank(header) && request.getCookies()!=null){ - Cookie cookie = Arrays.stream(request.getCookies()).filter(tmpCookie -> SecurityConstant.HEADER.equals(tmpCookie.getName())).findAny().orElse(null); - header = cookie == null?null: cookie.getValue(); - } - Boolean notValid = StrUtil.isBlank(header) || (!tokenRedis && !header.startsWith(SecurityConstant.TOKEN_SPLIT)); if (notValid) { chain.doFilter(request, response); diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/common/CaptchaController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/common/CaptchaController.java index c031f6e..62534e2 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/common/CaptchaController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/common/CaptchaController.java @@ -10,6 +10,8 @@ import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.data.redis.core.StringRedisTemplate; import org.springframework.transaction.annotation.Transactional; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @@ -33,6 +35,11 @@ public class CaptchaController { @Autowired private StringRedisTemplate redisTemplate; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + @RequestMapping(value = "/init",method = RequestMethod.GET) @ApiOperation(value = "初始化验证码") public Result initCaptcha() { diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/log/controller/AuditLogController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/log/controller/AuditLogController.java index 0734d4f..0645b2b 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/log/controller/AuditLogController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/log/controller/AuditLogController.java @@ -17,6 +17,8 @@ import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.transaction.annotation.Transactional; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.ModelAttribute; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @@ -46,6 +48,11 @@ public class AuditLogController { @Autowired private SecurityUtil securityUtil; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + @RequestMapping(value = "/getById",method = RequestMethod.GET) @ResponseBody @ApiOperation(value = "通过id获取") diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/log/controller/LogDownloadController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/log/controller/LogDownloadController.java index d852738..1711e55 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/log/controller/LogDownloadController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/log/controller/LogDownloadController.java @@ -7,7 +7,9 @@ import org.springframework.core.io.Resource; import org.springframework.http.HttpHeaders; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.WebDataBinder; import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; @@ -21,6 +23,11 @@ public class LogDownloadController { @Autowired private LogDownloadService logService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + @GetMapping("/download/logs") public ResponseEntity downloadLogs( @RequestParam("startDate") String startDateStr, diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/log/controller/LogSignController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/log/controller/LogSignController.java index ff61c55..1fd0f4b 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/log/controller/LogSignController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/log/controller/LogSignController.java @@ -29,6 +29,8 @@ import io.swagger.annotations.ApiOperation; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.transaction.annotation.Transactional; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.ModelAttribute; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @@ -58,6 +60,11 @@ public class LogSignController { @Autowired private IAuditLogService auditLogService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + @RequestMapping(value = "/getByCondition", method = RequestMethod.GET) @ApiOperation(value = "日志签名分页条件查询") public Result> getByCondition(@ModelAttribute LogSign logSign, diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/log/controller/SysLogController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/log/controller/SysLogController.java index db726f0..e86d374 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/log/controller/SysLogController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/log/controller/SysLogController.java @@ -12,6 +12,8 @@ import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.transaction.annotation.Transactional; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestParam; @@ -35,6 +37,11 @@ public class SysLogController { @Autowired private ISysLogService iSysLogService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + @RequestMapping(value = "/queryList",method = RequestMethod.GET) diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/transaction/controller/TransactionController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/transaction/controller/TransactionController.java index db768d2..ac73d40 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/transaction/controller/TransactionController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/monitor/transaction/controller/TransactionController.java @@ -10,6 +10,8 @@ import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.transaction.annotation.Transactional; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.ModelAttribute; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @@ -25,6 +27,11 @@ public class TransactionController { @Autowired private TransactionService transactionService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + @RequestMapping(value = "/getTransactionData", method = RequestMethod.POST) @ResponseBody @ApiOperation(value = "获得交易监控的数据") diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sdk/SdkApiServiceImpl.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sdk/SdkApiServiceImpl.java index 930ccc3..6b10c3c 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sdk/SdkApiServiceImpl.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sdk/SdkApiServiceImpl.java @@ -11,11 +11,10 @@ import com.sunyard.ssp.constv.KeyType; import com.sunyard.ssp.constv.PublicKeyType; import com.sunyard.ssp.constv.SplitMode; import com.sunyard.ssp.proto.sdk.Sdk; +import com.sunyard.ssp.utils.RandomUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; -import java.util.Random; - /** * @author:tsz * @date:2020/5/21 @@ -258,7 +257,7 @@ public class SdkApiServiceImpl implements SdkApiService { @Override public byte[] PKCS1Sign(Alg alg, byte[] data) { byte[] sign = new byte[64]; - (new Random()).nextBytes( sign ); + (RandomUtils.getRandom()).nextBytes( sign ); return sign; // SSPApi api = null; // try { diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/cipherunit/controller/ScCipherMachineController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/cipherunit/controller/ScCipherMachineController.java index 41bd438..7b2da80 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/cipherunit/controller/ScCipherMachineController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/cipherunit/controller/ScCipherMachineController.java @@ -1,230 +1,230 @@ -package com.sunyard.ssp.modules.sysconf.cipherunit.controller; - -import com.sun.jna.Pointer; -import com.sun.jna.ptr.PointerByReference; -import com.sunyard.chsm.model.entity.ParamConf; -import com.sunyard.ssp.common.Result; -import com.sunyard.ssp.common.annotation.AuditControllerLog; -import com.sunyard.ssp.common.exception.SspwebException; -import com.sunyard.ssp.modules.jna.CipherJna; -import com.sunyard.ssp.modules.sysconf.cipherunit.entity.ScCipherMachine; -import com.sunyard.ssp.modules.sysconf.cipherunit.entity.ScCipherMachineVo; -import com.sunyard.ssp.modules.sysconf.cipherunit.enums.RetEnum; -import com.sunyard.ssp.modules.sysconf.cipherunit.service.ScCipherMachineService; -import com.sunyard.ssp.modules.sysconf.cipherunit.utils.IniFileUpdater; -import com.sunyard.ssp.modules.sysconf.paramconf.service.IParamConfService; -import com.sunyard.ssp.utils.ResultUtil; -import io.swagger.annotations.Api; -import io.swagger.annotations.ApiOperation; -import lombok.extern.slf4j.Slf4j; -import org.apache.commons.codec.binary.Hex; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.bind.annotation.ResponseBody; - - -/** - * 密码部件管理控制层 - * - * @author admin - */ -@Controller -@Slf4j -@Api(description = "关键密码部件管理接口", tags = "关键密码部件管理") -@RequestMapping("/cipherMachine") -public class ScCipherMachineController { - @Autowired - private ScCipherMachineService scCipherMachineService; - - @Autowired - private IParamConfService iParamConfService; - -// @ControllerLog("获取关键密码部件部件") - @RequestMapping(value = "/query", method = RequestMethod.GET) - @ResponseBody - @ApiOperation(value = "获取关键密码部件部件") - public Result queryCipherMachine() { - log.info("get请求 /cipherMachine/query接口"); - ScCipherMachineVo scCipherMachineVo = scCipherMachineService.queryCipherMachine(); - log.info("获取密码部件功能响应结果:{}", scCipherMachineVo); - return new ResultUtil().setData(scCipherMachineVo); - } - -// @ControllerLog("添加关键密码部件配置") - @RequestMapping(value = "/add", method = RequestMethod.POST) - @AuditControllerLog(description = "添加关键密码部件配置",operateType = "增加") - @ResponseBody - @ApiOperation(value = "添加关键密码部件配置") - public Result addCipherMachine(@RequestBody ScCipherMachine scCipherMachine) { - try { - ScCipherMachine scCipherMachineVo = scCipherMachineService.addCipherMachine(scCipherMachine); - IniFileUpdater.updateIniFile(scCipherMachine.getIp(),(String) scCipherMachine.getPort()); - return new ResultUtil<>().setData(scCipherMachineVo); - } catch (SspwebException e) { - return new ResultUtil().setErrorMsg(e.getMsg()); - } - } -// @ControllerLog("检测") - @RequestMapping(value = "/detection", method = RequestMethod.POST) - @ResponseBody - @ApiOperation(value = "检测") - public Result detection() { - int size = 16; - PointerByReference phDeviceHandle = new PointerByReference(); - PointerByReference phSessionHandle = new PointerByReference(); - int code = RetEnum.SUCCESS.getCode(); - try { - - // 打开设备 - int ret = CipherJna.INSTANCE.SDF_OpenDevice(phDeviceHandle); - if (ret != code) { - return new ResultUtil().setErrorMsg(ret, "打开设备失败,密码模块初始化失败"); - } - Pointer hDeviceHandle = phDeviceHandle.getValue(); - // 打开会话 - ret = CipherJna.INSTANCE.SDF_OpenSession(hDeviceHandle, phSessionHandle); - if (ret != code) { - return new ResultUtil().setErrorMsg(ret, "打开会话失败,密码模块初始化失败"); - } - byte[] nakedSign = new byte[size]; - // 生成随机数 - ret = CipherJna.INSTANCE.SDF_GenerateRandom(phSessionHandle.getValue(), 16, nakedSign); - if (ret != code) { - return new ResultUtil().setErrorMsg(ret, "生成随机数失败,密码模块初始化失败"); - } - // 返回结果 - String result = Hex.encodeHexString(nakedSign); - log.info("检测功能响应结果:{}", result); - return new ResultUtil<>().setData(result); - } catch (SspwebException e) { - return new ResultUtil().setErrorMsg(e.getMsg()); - } catch (Throwable e) { - log.error("检测异常:" + e); - return new ResultUtil().setErrorMsg("密码模块初始化失败"); - } finally { - // 关闭会话 - if (phSessionHandle.getValue() != null) { - int ret = CipherJna.INSTANCE.SDF_CloseSession(phSessionHandle.getValue()); - if (ret != code) { - log.error("关闭会话失败:{}", ret); - } - } - // 关闭设备 - if (phDeviceHandle.getValue() != null) { - int ret = CipherJna.INSTANCE.SDF_CloseDevice(phDeviceHandle.getValue()); - if (ret != code) { - log.error("关闭设备失败:{}", ret); - } - } - } - } - -// @ControllerLog("密码模块初始化") - @RequestMapping(value = "/init", method = RequestMethod.POST) - @ResponseBody - @ApiOperation(value = "密码模块初始化") - public Result init() { - int size = 16; - PointerByReference phDeviceHandle = new PointerByReference(); - PointerByReference phSessionHandle = new PointerByReference(); - int code = RetEnum.SUCCESS.getCode(); - try { - +//package com.sunyard.ssp.modules.sysconf.cipherunit.controller; +// +//import com.sun.jna.Pointer; +//import com.sun.jna.ptr.PointerByReference; +//import com.sunyard.chsm.model.entity.ParamConf; +//import com.sunyard.ssp.common.Result; +//import com.sunyard.ssp.common.annotation.AuditControllerLog; +//import com.sunyard.ssp.common.exception.SspwebException; +//import com.sunyard.ssp.modules.jna.CipherJna; +//import com.sunyard.ssp.modules.sysconf.cipherunit.entity.ScCipherMachine; +//import com.sunyard.ssp.modules.sysconf.cipherunit.entity.ScCipherMachineVo; +//import com.sunyard.ssp.modules.sysconf.cipherunit.enums.RetEnum; +//import com.sunyard.ssp.modules.sysconf.cipherunit.service.ScCipherMachineService; +//import com.sunyard.ssp.modules.sysconf.cipherunit.utils.IniFileUpdater; +//import com.sunyard.ssp.modules.sysconf.paramconf.service.IParamConfService; +//import com.sunyard.ssp.utils.ResultUtil; +//import io.swagger.annotations.Api; +//import io.swagger.annotations.ApiOperation; +//import lombok.extern.slf4j.Slf4j; +//import org.apache.commons.codec.binary.Hex; +//import org.springframework.beans.factory.annotation.Autowired; +//import org.springframework.stereotype.Controller; +//import org.springframework.web.bind.annotation.PathVariable; +//import org.springframework.web.bind.annotation.RequestBody; +//import org.springframework.web.bind.annotation.RequestMapping; +//import org.springframework.web.bind.annotation.RequestMethod; +//import org.springframework.web.bind.annotation.ResponseBody; +// +// +///** +// * 密码部件管理控制层 +// * +// * @author admin +// */ +//@Controller +//@Slf4j +//@Api(description = "关键密码部件管理接口", tags = "关键密码部件管理") +//@RequestMapping("/cipherMachine") +//public class ScCipherMachineController { +// @Autowired +// private ScCipherMachineService scCipherMachineService; +// +// @Autowired +// private IParamConfService iParamConfService; +// +//// @ControllerLog("获取关键密码部件部件") +// @RequestMapping(value = "/query", method = RequestMethod.GET) +// @ResponseBody +// @ApiOperation(value = "获取关键密码部件部件") +// public Result queryCipherMachine() { +// log.info("get请求 /cipherMachine/query接口"); +// ScCipherMachineVo scCipherMachineVo = scCipherMachineService.queryCipherMachine(); +// log.info("获取密码部件功能响应结果:{}", scCipherMachineVo); +// return new ResultUtil().setData(scCipherMachineVo); +// } +// +//// @ControllerLog("添加关键密码部件配置") +// @RequestMapping(value = "/add", method = RequestMethod.POST) +// @AuditControllerLog(description = "添加关键密码部件配置",operateType = "增加") +// @ResponseBody +// @ApiOperation(value = "添加关键密码部件配置") +// public Result addCipherMachine(@RequestBody ScCipherMachine scCipherMachine) { +// try { +// ScCipherMachine scCipherMachineVo = scCipherMachineService.addCipherMachine(scCipherMachine); +// IniFileUpdater.updateIniFile(scCipherMachine.getIp(),(String) scCipherMachine.getPort()); +// return new ResultUtil<>().setData(scCipherMachineVo); +// } catch (SspwebException e) { +// return new ResultUtil().setErrorMsg(e.getMsg()); +// } +// } +//// @ControllerLog("检测") +// @RequestMapping(value = "/detection", method = RequestMethod.POST) +// @ResponseBody +// @ApiOperation(value = "检测") +// public Result detection() { +// int size = 16; +// PointerByReference phDeviceHandle = new PointerByReference(); +// PointerByReference phSessionHandle = new PointerByReference(); +// int code = RetEnum.SUCCESS.getCode(); +// try { +// // // 打开设备 // int ret = CipherJna.INSTANCE.SDF_OpenDevice(phDeviceHandle); // if (ret != code) { -// return new ResultUtil().setErrorMsg(ret, "打开设备失败"); +// return new ResultUtil().setErrorMsg(ret, "打开设备失败,密码模块初始化失败"); // } // Pointer hDeviceHandle = phDeviceHandle.getValue(); // // 打开会话 // ret = CipherJna.INSTANCE.SDF_OpenSession(hDeviceHandle, phSessionHandle); // if (ret != code) { -// return new ResultUtil().setErrorMsg(ret, "打开会话失败"); +// return new ResultUtil().setErrorMsg(ret, "打开会话失败,密码模块初始化失败"); // } // byte[] nakedSign = new byte[size]; // // 生成随机数 // ret = CipherJna.INSTANCE.SDF_GenerateRandom(phSessionHandle.getValue(), 16, nakedSign); // if (ret != code) { -// return new ResultUtil().setErrorMsg(ret, "生成随机数失败"); +// return new ResultUtil().setErrorMsg(ret, "生成随机数失败,密码模块初始化失败"); // } // // 返回结果 -// String result = Util.bytes2HexString(nakedSign); +// String result = Hex.encodeHexString(nakedSign); // log.info("检测功能响应结果:{}", result); - ParamConf paramConf = iParamConfService.selectByKey("initStatus"); - if (paramConf != null) { - paramConf.setValue("1"); - iParamConfService.updateById(paramConf); - } - return new ResultUtil<>().setSuccessMsg("初始化成功"); - } catch (SspwebException e) { - return new ResultUtil().setErrorMsg(e.getMsg()); - } catch (Throwable e) { - log.error("检测异常:" + e); - return new ResultUtil().setErrorMsg("检测失败"); - } finally { - // 关闭会话 - if (phSessionHandle.getValue() != null) { - int ret = CipherJna.INSTANCE.SDF_CloseSession(phSessionHandle.getValue()); - if (ret != code) { - log.error("关闭会话失败:{}", ret); - } - } - // 关闭设备 - if (phDeviceHandle.getValue() != null) { - int ret = CipherJna.INSTANCE.SDF_CloseDevice(phDeviceHandle.getValue()); - if (ret != code) { - log.error("关闭设备失败:{}", ret); - } - } - } - } - -// @ControllerLog("密码模块初始化状态获取") - @RequestMapping(value = "/init/status", method = RequestMethod.GET) - @ResponseBody - @ApiOperation(value = "密码模块初始化状态获取") - public Result initStatus() { - ParamConf paramConf = iParamConfService.selectByKey("initStatus"); - if (paramConf != null) { - return new ResultUtil<>().setData(paramConf.getValue()); - } else { - return new ResultUtil<>().setErrorMsg("获取初始化状态失败"); - } - } - - -// @ControllerLog("编辑关键密码部件配置") - @RequestMapping(value = "/edit", method = RequestMethod.PUT) - @AuditControllerLog(description = "编辑关键密码部件配置",operateType = "修改") - @ResponseBody - @ApiOperation(value = "编辑关键密码部件配置") - public Result editCipherMachine(@RequestBody ScCipherMachine scCipherMachine) { - try { - log.info("put请求 /cipherMachine/edit 请求参数:{}", scCipherMachine); - ScCipherMachine scCipherMachineVo = scCipherMachineService.editCipherMachine(scCipherMachine); - log.info("编辑关键密码部件功能响应结果:{}", scCipherMachineVo); - IniFileUpdater.updateIniFile(scCipherMachine.getIp(),(String) scCipherMachine.getPort()); - return new ResultUtil<>().setData(scCipherMachineVo); - } catch (SspwebException e) { - return new ResultUtil().setErrorMsg(e.getMsg()); - } - } -// @ControllerLog("删除关键密码部件配置") - @RequestMapping(value = "/delete/{id}", method = RequestMethod.DELETE) - @AuditControllerLog(description = "删除关键密码部件配置",operateType = "删除") - @ResponseBody - @ApiOperation(value = "删除关键密码部件配置") - public Result deleteCipherMachine(@PathVariable("id") Long id) { - try { - log.info("delete请求 /cipherMachine/delete 请求参数:{}", id); - scCipherMachineService.deleteCipherMachine(id); - return new ResultUtil<>().setData(null); - } catch (SspwebException e) { - return new ResultUtil().setErrorMsg(e.getMsg()); - } - } -} +// return new ResultUtil<>().setData(result); +// } catch (SspwebException e) { +// return new ResultUtil().setErrorMsg(e.getMsg()); +// } catch (Throwable e) { +// log.error("检测异常:" + e); +// return new ResultUtil().setErrorMsg("密码模块初始化失败"); +// } finally { +// // 关闭会话 +// if (phSessionHandle.getValue() != null) { +// int ret = CipherJna.INSTANCE.SDF_CloseSession(phSessionHandle.getValue()); +// if (ret != code) { +// log.error("关闭会话失败:{}", ret); +// } +// } +// // 关闭设备 +// if (phDeviceHandle.getValue() != null) { +// int ret = CipherJna.INSTANCE.SDF_CloseDevice(phDeviceHandle.getValue()); +// if (ret != code) { +// log.error("关闭设备失败:{}", ret); +// } +// } +// } +// } +// +//// @ControllerLog("密码模块初始化") +// @RequestMapping(value = "/init", method = RequestMethod.POST) +// @ResponseBody +// @ApiOperation(value = "密码模块初始化") +// public Result init() { +// int size = 16; +// PointerByReference phDeviceHandle = new PointerByReference(); +// PointerByReference phSessionHandle = new PointerByReference(); +// int code = RetEnum.SUCCESS.getCode(); +// try { +// +//// // 打开设备 +//// int ret = CipherJna.INSTANCE.SDF_OpenDevice(phDeviceHandle); +//// if (ret != code) { +//// return new ResultUtil().setErrorMsg(ret, "打开设备失败"); +//// } +//// Pointer hDeviceHandle = phDeviceHandle.getValue(); +//// // 打开会话 +//// ret = CipherJna.INSTANCE.SDF_OpenSession(hDeviceHandle, phSessionHandle); +//// if (ret != code) { +//// return new ResultUtil().setErrorMsg(ret, "打开会话失败"); +//// } +//// byte[] nakedSign = new byte[size]; +//// // 生成随机数 +//// ret = CipherJna.INSTANCE.SDF_GenerateRandom(phSessionHandle.getValue(), 16, nakedSign); +//// if (ret != code) { +//// return new ResultUtil().setErrorMsg(ret, "生成随机数失败"); +//// } +//// // 返回结果 +//// String result = Util.bytes2HexString(nakedSign); +//// log.info("检测功能响应结果:{}", result); +// ParamConf paramConf = iParamConfService.selectByKey("initStatus"); +// if (paramConf != null) { +// paramConf.setValue("1"); +// iParamConfService.updateById(paramConf); +// } +// return new ResultUtil<>().setSuccessMsg("初始化成功"); +// } catch (SspwebException e) { +// return new ResultUtil().setErrorMsg(e.getMsg()); +// } catch (Throwable e) { +// log.error("检测异常:" + e); +// return new ResultUtil().setErrorMsg("检测失败"); +// } finally { +// // 关闭会话 +// if (phSessionHandle.getValue() != null) { +// int ret = CipherJna.INSTANCE.SDF_CloseSession(phSessionHandle.getValue()); +// if (ret != code) { +// log.error("关闭会话失败:{}", ret); +// } +// } +// // 关闭设备 +// if (phDeviceHandle.getValue() != null) { +// int ret = CipherJna.INSTANCE.SDF_CloseDevice(phDeviceHandle.getValue()); +// if (ret != code) { +// log.error("关闭设备失败:{}", ret); +// } +// } +// } +// } +// +//// @ControllerLog("密码模块初始化状态获取") +// @RequestMapping(value = "/init/status", method = RequestMethod.GET) +// @ResponseBody +// @ApiOperation(value = "密码模块初始化状态获取") +// public Result initStatus() { +// ParamConf paramConf = iParamConfService.selectByKey("initStatus"); +// if (paramConf != null) { +// return new ResultUtil<>().setData(paramConf.getValue()); +// } else { +// return new ResultUtil<>().setErrorMsg("获取初始化状态失败"); +// } +// } +// +// +//// @ControllerLog("编辑关键密码部件配置") +// @RequestMapping(value = "/edit", method = RequestMethod.PUT) +// @AuditControllerLog(description = "编辑关键密码部件配置",operateType = "修改") +// @ResponseBody +// @ApiOperation(value = "编辑关键密码部件配置") +// public Result editCipherMachine(@RequestBody ScCipherMachine scCipherMachine) { +// try { +// log.info("put请求 /cipherMachine/edit 请求参数:{}", scCipherMachine); +// ScCipherMachine scCipherMachineVo = scCipherMachineService.editCipherMachine(scCipherMachine); +// log.info("编辑关键密码部件功能响应结果:{}", scCipherMachineVo); +// IniFileUpdater.updateIniFile(scCipherMachine.getIp(),(String) scCipherMachine.getPort()); +// return new ResultUtil<>().setData(scCipherMachineVo); +// } catch (SspwebException e) { +// return new ResultUtil().setErrorMsg(e.getMsg()); +// } +// } +//// @ControllerLog("删除关键密码部件配置") +// @RequestMapping(value = "/delete/{id}", method = RequestMethod.DELETE) +// @AuditControllerLog(description = "删除关键密码部件配置",operateType = "删除") +// @ResponseBody +// @ApiOperation(value = "删除关键密码部件配置") +// public Result deleteCipherMachine(@PathVariable("id") Long id) { +// try { +// log.info("delete请求 /cipherMachine/delete 请求参数:{}", id); +// scCipherMachineService.deleteCipherMachine(id); +// return new ResultUtil<>().setData(null); +// } catch (SspwebException e) { +// return new ResultUtil().setErrorMsg(e.getMsg()); +// } +// } +//} diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/cipherunit/controller/StatusController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/cipherunit/controller/StatusController.java index c3e8957..e77521b 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/cipherunit/controller/StatusController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/cipherunit/controller/StatusController.java @@ -9,6 +9,8 @@ import io.swagger.annotations.ApiOperation; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestParam; @@ -22,6 +24,11 @@ public class StatusController { @Autowired IParamConfService iParamConfService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + // @ControllerLog("获取全局密码模块状态") @RequestMapping(value = "/query", method = RequestMethod.GET) @ResponseBody diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/dict/controller/ScDictController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/dict/controller/ScDictController.java index 4d37307..5ae1a85 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/dict/controller/ScDictController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/dict/controller/ScDictController.java @@ -20,6 +20,8 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.dao.DuplicateKeyException; import org.springframework.stereotype.Controller; import org.springframework.transaction.annotation.Transactional; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.ModelAttribute; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @@ -50,6 +52,11 @@ public class ScDictController { @Autowired IScDictDataService iScDictDataService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + @RequestMapping(value = "/search", method = RequestMethod.GET) @ResponseBody @ApiOperation("根据字典关键字查询") diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/dict/controller/ScDictDataController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/dict/controller/ScDictDataController.java index b7ebee3..ceccfe8 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/dict/controller/ScDictDataController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/dict/controller/ScDictDataController.java @@ -18,6 +18,8 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.dao.DuplicateKeyException; import org.springframework.stereotype.Controller; import org.springframework.transaction.annotation.Transactional; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.ModelAttribute; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -51,6 +53,11 @@ public class ScDictDataController { @Autowired IScDictService iScDictService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + @RequestMapping(value = "/getById",method = RequestMethod.GET) @ResponseBody @ApiOperation("根据Id获取字典数据") diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/controller/ParamConfController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/controller/ParamConfController.java index 758ff84..c77914e 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/controller/ParamConfController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/sysconf/paramconf/controller/ParamConfController.java @@ -12,6 +12,8 @@ import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.transaction.annotation.Transactional; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @@ -39,7 +41,10 @@ public class ParamConfController { @Autowired IParamConfService iParamConfService; - + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } @RequestMapping(value = "/getAll",method = RequestMethod.GET) diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScDepartmentController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScDepartmentController.java index c91ca95..15fbaff 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScDepartmentController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScDepartmentController.java @@ -81,6 +81,7 @@ public class ScDepartmentController { @InitBinder(value = ValidatorConstant.DEPARTMENT_BASE_NAME) public void initBainder(DataBinder binder){ binder.replaceValidators(departmentValidator); + binder.setDisallowedFields("qwer"); } @RequestMapping(value = "/getByParentId/{parentId}",method = RequestMethod.GET) diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScDepartmentHeaderController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScDepartmentHeaderController.java index 76a0c39..182e003 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScDepartmentHeaderController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScDepartmentHeaderController.java @@ -12,6 +12,8 @@ import com.sunyard.ssp.utils.ResultUtil; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.transaction.annotation.Transactional; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.ModelAttribute; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @@ -38,6 +40,11 @@ public class ScDepartmentHeaderController { @Autowired IScDepartmentHeaderService iScDepartmentHeaderService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + @RequestMapping(value = "/getById",method = RequestMethod.GET) @ResponseBody public Result get(@RequestParam String id){ diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScPermissionController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScPermissionController.java index 5435028..07020db 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScPermissionController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScPermissionController.java @@ -99,6 +99,7 @@ public class ScPermissionController { @InitBinder(ValidatorConstant.PERMISSION_BASE_NAME) public void initBainder(DataBinder binder){ binder.addValidators(permissionValidator); + binder.setDisallowedFields("qwer"); } @RequestMapping(value = "/getById",method = RequestMethod.GET) diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScPositionController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScPositionController.java index 9949f4c..c767543 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScPositionController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScPositionController.java @@ -63,6 +63,7 @@ public class ScPositionController { @InitBinder(ValidatorConstant.POSTION_BASE_NAME) public void initBainder(DataBinder binder){ binder.replaceValidators(positionValidator); + binder.setDisallowedFields("qwer"); } @RequestMapping(value = "/getById",method = RequestMethod.GET) diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScRoleController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScRoleController.java index aa12430..7ffc8b6 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScRoleController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScRoleController.java @@ -70,6 +70,7 @@ public class ScRoleController { @InitBinder(ValidatorConstant.ROLE_BASE_NAME) public void initBainder(DataBinder binder){ binder.replaceValidators(roleValidator); + binder.setDisallowedFields("qwer"); } @RequestMapping(value = "/getAllList",method = RequestMethod.GET) diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScRoleDepartmentController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScRoleDepartmentController.java index c5d08b9..ec95fa0 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScRoleDepartmentController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScRoleDepartmentController.java @@ -12,6 +12,8 @@ import com.sunyard.ssp.utils.ResultUtil; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.transaction.annotation.Transactional; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.ModelAttribute; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @@ -38,6 +40,11 @@ public class ScRoleDepartmentController { @Autowired IScRoleDepartmentService iScRoleDepartmentService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + @RequestMapping(value = "/getById",method = RequestMethod.GET) @ResponseBody public Result get(@RequestParam String id){ diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScRolePermissionController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScRolePermissionController.java index a29231a..6781814 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScRolePermissionController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScRolePermissionController.java @@ -12,6 +12,8 @@ import com.sunyard.ssp.utils.ResultUtil; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.transaction.annotation.Transactional; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.ModelAttribute; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @@ -37,7 +39,10 @@ public class ScRolePermissionController { @Autowired IScRolePermissionService iScRolePermissionService; - + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } @RequestMapping(value = "/getById",method = RequestMethod.GET) @ResponseBody public Result get(@RequestParam String id){ diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScUShieldController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScUShieldController.java index 71aff4e..e797fca 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScUShieldController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScUShieldController.java @@ -38,6 +38,8 @@ import org.springframework.http.ResponseEntity; import org.springframework.transaction.annotation.Transactional; import org.springframework.util.Assert; import org.springframework.util.FileCopyUtils; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @@ -89,6 +91,11 @@ public class ScUShieldController { @Autowired private IAuditLogService auditLogService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + @RequestMapping(value = "/ulogin", method = RequestMethod.POST) @ResponseBody @ApiOperation(value = "U盾登录接口") @@ -153,12 +160,12 @@ public class ScUShieldController { } //查询账户绑定U盾公钥 - ScUser user = userService.getById(userId); + ScUser user = userService.getById(sysUser.getId()); if (uname == null) { uname = user.getUsername(); } //查询用户角色id集合 - List roles = iScUserRoleService.findByUserId(userId); + List roles = iScUserRoleService.findByUserId(sysUser.getId()); List roldIds = new ArrayList<>(); if (null != roles && roles.size() > 0) { roldIds = roles.stream().map(ScRole::getId).collect(Collectors.toList()); @@ -273,7 +280,7 @@ public class ScUShieldController { } //查询用户角色id集合 - List roles = iScUserRoleService.findByUserId(userId); + List roles = iScUserRoleService.findByUserId(user.getId()); List roldIds = new ArrayList<>(); if (null != roles && roles.size() > 0) { @@ -329,7 +336,7 @@ public class ScUShieldController { } //查询用户角色id集合 - List roles = iScUserRoleService.findByUserId(userId); + List roles = iScUserRoleService.findByUserId(user.getId()); List roldIds = new ArrayList<>(); if (null != roles && roles.size() > 0) { diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScUserController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScUserController.java index 8057123..92b8375 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScUserController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScUserController.java @@ -105,7 +105,10 @@ public class ScUserController { @Autowired IScRoleService roleService; - + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } @RequestMapping(value = "/info",method = RequestMethod.GET) public Result getUserInfo(){ diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScUserRoleController.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScUserRoleController.java index 58f03e5..f4c4827 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScUserRoleController.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/modules/user/controller/ScUserRoleController.java @@ -12,6 +12,8 @@ import com.sunyard.ssp.utils.ResultUtil; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.transaction.annotation.Transactional; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.ModelAttribute; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @@ -37,6 +39,10 @@ public class ScUserRoleController { @Autowired IScUserRoleService iScUserRoleService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } @RequestMapping(value = "/getById",method = RequestMethod.GET) @ResponseBody diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/CreateVerifyCode.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/CreateVerifyCode.java index 1bfd0ff..7013d49 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/CreateVerifyCode.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/CreateVerifyCode.java @@ -5,7 +5,7 @@ import java.awt.*; import java.awt.image.BufferedImage; import java.io.IOException; import java.io.OutputStream; -import java.util.Random; +import java.security.SecureRandom; /** * 随机字符验证码生成工具类 @@ -38,7 +38,7 @@ public class CreateVerifyCode { */ private BufferedImage buffImg = null; - Random random = new Random(); + SecureRandom random = RandomUtils.getRandom(); public CreateVerifyCode() { creatImage(); @@ -194,7 +194,7 @@ public class CreateVerifyCode { int len = str1.length() - 1; double r; for (int i = 0; i < n; i++) { - r = (Math.random()) * len; + r = (random.nextDouble()) * len; str2 = str2 + str1.charAt((int) r); } return str2; @@ -224,7 +224,7 @@ public class CreateVerifyCode { * 产生随机字体 */ private Font getFont(int size) { - Random random = new Random(); + SecureRandom random = RandomUtils.getRandom(); Font[] font = new Font[5]; font[0] = new Font("Ravie", Font.PLAIN, size); font[1] = new Font("Antique Olive Compact", Font.PLAIN, size); @@ -305,7 +305,7 @@ public class CreateVerifyCode { */ public String getRandomNum() { - Random random = new Random(); + SecureRandom random = RandomUtils.getRandom(); int num = random.nextInt(999999); //不足六位前面补0 String str = String.format("%06d", num); diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/FileUtil.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/FileUtil.java deleted file mode 100644 index 239ddb8..0000000 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/FileUtil.java +++ /dev/null @@ -1,187 +0,0 @@ -package com.sunyard.ssp.utils; - -import cn.hutool.core.date.DateUtil; -import lombok.extern.slf4j.Slf4j; -import org.apache.commons.codec.digest.DigestUtils; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.stereotype.Component; -import org.springframework.web.multipart.MultipartFile; - -import javax.servlet.http.HttpServletResponse; -import java.io.File; -import java.io.FileInputStream; -import java.io.FileOutputStream; -import java.io.IOException; -import java.io.OutputStream; - -/** - * @author:tsz - * @date:2020/3/6 - * @description: - */ -@Component -@Slf4j -public class FileUtil { - - @Value("${file.path}") - private String filePath; - - /** - * 文件路径上传完整路径 - * - * @param file - * @return - */ - public String localUpload(MultipartFile file) { - - String key = CommonUtil.renamePic(file.getOriginalFilename()); - String day = DateUtil.format(DateUtil.date(), "yyyyMMdd"); - String path = filePath + "/" + day; - File dir = new File(path); - if (!dir.exists()) { - dir.mkdirs(); - } - File f = new File(path + "/" + key); - if (f.exists()) { - throw new RuntimeException("文件名已存在"); - } - try { - file.transferTo(f); - return path + "/" + key; - } catch (IOException e) { - log.error(e.toString()); - throw new RuntimeException("上传文件出错"); - } - } - - /** - * 文件路径上传只返回文件名 - * - * @param file - * @return - */ - public String upload(MultipartFile file) throws IOException { - try { - //String key = Md5Util.md5HashCode(file.getInputStream()) +"_"+ file.getOriginalFilename(); - String key = file.getOriginalFilename(); - String s = Md5Util.little16MD5a(DigestUtils.md5Hex(file.getInputStream())); - String path = filePath + "/" + s; - File dir = new File(path); - if (!dir.exists()) { - dir.mkdirs(); - } - File f = new File(path + "/" + key); - //如果文件已经存在直接返回文件名证明快速上传了 - if (f.exists()) { - return s + "/" +key; - } - file.transferTo(f); - key = s + "/"+ key; - return key; - } catch (IOException e) { - e.printStackTrace(); - log.error(e.toString()); - throw new RuntimeException("上传文件出错"); - } - } - - /** - * 读取文件 - * - * @param url - * @param response - */ - public void view(String url, HttpServletResponse response) { - - File file = new File(url); - FileInputStream i = null; - OutputStream o = null; - - try { - i = new FileInputStream(file); - o = response.getOutputStream(); - - byte[] buf = new byte[1024]; - int bytesRead; - - while ((bytesRead = i.read(buf)) > 0) { - o.write(buf, 0, bytesRead); - o.flush(); - } - - i.close(); - o.close(); - } catch (IOException e) { - log.error(e.toString()); - throw new RuntimeException("读取文件出错"); - } - } - - /** - * 重命名 - * - * @param url - * @param toKey - * @return - */ - public String renameFile(String url, String toKey) { - - String result = copyFile(url, toKey); - deleteFile(url); - return result; - } - - /** - * 复制文件 - * - * @param url - * @param toKey - */ - public String copyFile(String url, String toKey) { - - File file = new File(url); - FileInputStream i = null; - FileOutputStream o = null; - - try { - i = new FileInputStream(file); - o = new FileOutputStream(new File(file.getParentFile() + "/" + toKey)); - - byte[] buf = new byte[1024]; - int bytesRead; - - while ((bytesRead = i.read(buf)) > 0) { - o.write(buf, 0, bytesRead); - } - - i.close(); - o.close(); - return file.getParentFile() + "/" + toKey; - } catch (IOException e) { - log.error(e.toString()); - throw new RuntimeException("复制文件出错"); - } - } - - /** - * 删除文件 - * - * @param url - */ - public void deleteFile(String url) { - - File file = new File(url); - file.delete(); - } - - /** - * 删除文件 - * - * @param url - */ - public void deleteFileName(String url) { - - File file = new File(filePath + "/" + url); - file.delete(); - } -} diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/RandomUtils.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/RandomUtils.java new file mode 100644 index 0000000..afcce94 --- /dev/null +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/RandomUtils.java @@ -0,0 +1,23 @@ +package com.sunyard.ssp.utils; + +import java.security.NoSuchAlgorithmException; +import java.security.SecureRandom; + +/** + * @author liulu + * @since 2025/1/14 + */ +public abstract class RandomUtils { + + + + public static SecureRandom getRandom() { + try { + return SecureRandom.getInstance("SHA1PRNG"); + } catch (NoSuchAlgorithmException e) { + throw new IllegalArgumentException(e); + } + } + + +} diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/regexp/model/OptionalRegexNode.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/regexp/model/OptionalRegexNode.java index 173dc69..358aa7a 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/regexp/model/OptionalRegexNode.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/regexp/model/OptionalRegexNode.java @@ -1,12 +1,12 @@ package com.sunyard.ssp.utils.regexp.model; +import com.sunyard.ssp.utils.RandomUtils; import com.sunyard.ssp.utils.regexp.exception.RegexpIllegalException; import com.sunyard.ssp.utils.regexp.exception.TypeNotMatchException; import com.sunyard.ssp.utils.regexp.exception.UninitializedException; import java.util.ArrayList; import java.util.List; -import java.util.Random; public class OptionalRegexNode extends BaseRegexNode { @@ -50,6 +50,6 @@ public class OptionalRegexNode extends BaseRegexNode { @Override protected String random(String expression, List expressionFragments) throws UninitializedException, RegexpIllegalException { - return children.get(new Random().nextInt(children.size())).random(); + return children.get(RandomUtils.getRandom().nextInt(children.size())).random(); } } diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/regexp/model/RepeatRegexNode.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/regexp/model/RepeatRegexNode.java index 9eaac98..b2f27c7 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/regexp/model/RepeatRegexNode.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/regexp/model/RepeatRegexNode.java @@ -1,12 +1,12 @@ package com.sunyard.ssp.utils.regexp.model; +import com.sunyard.ssp.utils.RandomUtils; import com.sunyard.ssp.utils.regexp.exception.RegexpIllegalException; import com.sunyard.ssp.utils.regexp.exception.TypeNotMatchException; import com.sunyard.ssp.utils.regexp.exception.UninitializedException; import java.util.Collections; import java.util.List; -import java.util.Random; public class RepeatRegexNode extends BaseRegexNode { @@ -63,7 +63,7 @@ public class RepeatRegexNode extends BaseRegexNode { @Override protected String random(String expression, List expressionFragments) throws RegexpIllegalException, UninitializedException { - int repeat = new Random().nextInt(maxRepeat - minRepeat + 1) + minRepeat; + int repeat = RandomUtils.getRandom().nextInt(maxRepeat - minRepeat + 1) + minRepeat; StringBuilder value = new StringBuilder(); while (repeat-- > 0) { value.append(regexNode.random()); diff --git a/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/regexp/model/SingleRegexNode.java b/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/regexp/model/SingleRegexNode.java index d23f668..3841c41 100644 --- a/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/regexp/model/SingleRegexNode.java +++ b/chsm-web-manage/src/main/java/com/sunyard/ssp/utils/regexp/model/SingleRegexNode.java @@ -1,12 +1,12 @@ package com.sunyard.ssp.utils.regexp.model; +import com.sunyard.ssp.utils.RandomUtils; import com.sunyard.ssp.utils.regexp.exception.RegexpIllegalException; import com.sunyard.ssp.utils.regexp.exception.TypeNotMatchException; import com.sunyard.ssp.utils.regexp.exception.UninitializedException; import java.util.ArrayList; import java.util.List; -import java.util.Random; public class SingleRegexNode extends BaseRegexNode { @@ -114,7 +114,7 @@ public class SingleRegexNode extends BaseRegexNode { for (Interval interval : intervals) { count += interval.end + 1 - interval.start; } - int randomValue = new Random().nextInt(count); + int randomValue = RandomUtils.getRandom().nextInt(count); for (Interval interval : intervals) { if (randomValue < interval.end + 1 - interval.start) { return (char) (interval.start + randomValue); diff --git a/chsm-web-server/src/main/java/com/sunyard/chsm/controller/AppLoginController.java b/chsm-web-server/src/main/java/com/sunyard/chsm/controller/AppLoginController.java index 9121812..f828bd3 100644 --- a/chsm-web-server/src/main/java/com/sunyard/chsm/controller/AppLoginController.java +++ b/chsm-web-server/src/main/java/com/sunyard/chsm/controller/AppLoginController.java @@ -4,6 +4,8 @@ import com.sunyard.chsm.model.R; import com.sunyard.chsm.param.AppTokenReq; import com.sunyard.chsm.param.AppTokenResp; import com.sunyard.chsm.service.AppLoginService; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -26,6 +28,10 @@ public class AppLoginController { @Resource private AppLoginService appLoginService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } /** * 获取应用Token接口 diff --git a/chsm-web-server/src/main/java/com/sunyard/chsm/controller/AsymKeyController.java b/chsm-web-server/src/main/java/com/sunyard/chsm/controller/AsymKeyController.java index 1989b46..043fb8a 100644 --- a/chsm-web-server/src/main/java/com/sunyard/chsm/controller/AsymKeyController.java +++ b/chsm-web-server/src/main/java/com/sunyard/chsm/controller/AsymKeyController.java @@ -3,9 +3,27 @@ package com.sunyard.chsm.controller; import com.sunyard.chsm.auth.AuthCode; import com.sunyard.chsm.constant.AuthCodeConst; import com.sunyard.chsm.model.R; -import com.sunyard.chsm.param.*; +import com.sunyard.chsm.param.AsymDecryptReq; +import com.sunyard.chsm.param.AsymDecryptResp; +import com.sunyard.chsm.param.AsymEncryptReq; +import com.sunyard.chsm.param.AsymEncryptResp; +import com.sunyard.chsm.param.AsymEnvelopeSealReq; +import com.sunyard.chsm.param.AsymEnvelopeSealResp; +import com.sunyard.chsm.param.AsymEnvelopeUnsealReq; +import com.sunyard.chsm.param.AsymEnvelopeUnsealResp; +import com.sunyard.chsm.param.AsymSignP7Req; +import com.sunyard.chsm.param.AsymSignP7Resp; +import com.sunyard.chsm.param.AsymSignRawReq; +import com.sunyard.chsm.param.AsymSignRawResp; +import com.sunyard.chsm.param.AsymVerifyP7Req; +import com.sunyard.chsm.param.AsymVerifyRawReq; +import com.sunyard.chsm.param.ExportPubKeyReq; +import com.sunyard.chsm.param.ExportPubKeyResp; +import com.sunyard.chsm.param.VerifyResp; import com.sunyard.chsm.service.AsymKeyService; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -26,6 +44,11 @@ public class AsymKeyController { @Autowired private AsymKeyService asymKeyService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + /** * 导出非对称公钥 * diff --git a/chsm-web-server/src/main/java/com/sunyard/chsm/controller/CertController.java b/chsm-web-server/src/main/java/com/sunyard/chsm/controller/CertController.java index 2d62f83..50145e8 100644 --- a/chsm-web-server/src/main/java/com/sunyard/chsm/controller/CertController.java +++ b/chsm-web-server/src/main/java/com/sunyard/chsm/controller/CertController.java @@ -3,11 +3,23 @@ package com.sunyard.chsm.controller; import com.sunyard.chsm.model.R; import com.sunyard.chsm.model.dto.CertDTO; -import com.sunyard.chsm.param.*; +import com.sunyard.chsm.param.CertExinfoResp; +import com.sunyard.chsm.param.CertInfoResp; +import com.sunyard.chsm.param.ExportCertReq; +import com.sunyard.chsm.param.ExportCertResp; +import com.sunyard.chsm.param.ImportCertReq; import com.sunyard.chsm.service.AppCertService; import com.sunyard.chsm.service.CertService; import org.springframework.beans.BeanUtils; -import org.springframework.web.bind.annotation.*; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.DeleteMapping; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.InitBinder; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.RestController; import javax.annotation.Resource; import javax.validation.Valid; @@ -27,6 +39,11 @@ public class CertController { @Resource private CertService certService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + /** * 导出证书 * diff --git a/chsm-web-server/src/main/java/com/sunyard/chsm/controller/HashController.java b/chsm-web-server/src/main/java/com/sunyard/chsm/controller/HashController.java index d361f89..707409b 100644 --- a/chsm-web-server/src/main/java/com/sunyard/chsm/controller/HashController.java +++ b/chsm-web-server/src/main/java/com/sunyard/chsm/controller/HashController.java @@ -14,6 +14,8 @@ import com.sunyard.chsm.sdf.context.AlgId; import com.sunyard.chsm.sdf.model.EccPubKey; import com.sunyard.chsm.utils.CodecUtils; import org.springframework.util.Assert; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RestController; @@ -40,6 +42,11 @@ public class HashController { @Resource private DeviceManager deviceManager; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + /** * 计算Hash * @@ -118,7 +125,7 @@ public class HashController { SdfApiAdapter sdf = context.getSdfApiAdapter(); sdf.hashUpdate(context.getSessionHandle(), bytes); HashResp resp = new HashResp(); - resp.setHandle(req.getHandle()); +// resp.setHandle(req.getHandle()); return R.data(resp); } @@ -139,7 +146,7 @@ public class HashController { byte[] hash = sdf.hashFinish(context.getSessionHandle()); sdf.closeSession(context.getSessionHandle()); HashResp resp = new HashResp(); - resp.setHandle(req.getHandle()); +// resp.setHandle(req.getHandle()); resp.setHash(CodecUtils.encodeBase64(hash)); return R.data(resp); } diff --git a/chsm-web-server/src/main/java/com/sunyard/chsm/controller/KeyManageController.java b/chsm-web-server/src/main/java/com/sunyard/chsm/controller/KeyManageController.java index 080f7fc..76ef5a3 100644 --- a/chsm-web-server/src/main/java/com/sunyard/chsm/controller/KeyManageController.java +++ b/chsm-web-server/src/main/java/com/sunyard/chsm/controller/KeyManageController.java @@ -11,6 +11,8 @@ import com.sunyard.chsm.param.KeyManageReq; import com.sunyard.chsm.param.KeyUpdateReq; import com.sunyard.chsm.service.KeyManageService; import org.springframework.util.Assert; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -32,6 +34,11 @@ public class KeyManageController { @Resource private KeyManageService keyManageService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + /** * 查询密钥列表 * diff --git a/chsm-web-server/src/main/java/com/sunyard/chsm/controller/RandomController.java b/chsm-web-server/src/main/java/com/sunyard/chsm/controller/RandomController.java index 9462b0e..2ac93af 100644 --- a/chsm-web-server/src/main/java/com/sunyard/chsm/controller/RandomController.java +++ b/chsm-web-server/src/main/java/com/sunyard/chsm/controller/RandomController.java @@ -7,6 +7,8 @@ import com.sunyard.chsm.param.GenRandomReq; import com.sunyard.chsm.param.GenRandomResp; import com.sunyard.chsm.sdf.SdfApiService; import com.sunyard.chsm.utils.CodecUtils; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RestController; @@ -25,6 +27,11 @@ public class RandomController { @Resource private SdfApiService sdfApiService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + /** * 获取随机数 * diff --git a/chsm-web-server/src/main/java/com/sunyard/chsm/controller/SymKeyController.java b/chsm-web-server/src/main/java/com/sunyard/chsm/controller/SymKeyController.java index 4db57a4..ea2514c 100644 --- a/chsm-web-server/src/main/java/com/sunyard/chsm/controller/SymKeyController.java +++ b/chsm-web-server/src/main/java/com/sunyard/chsm/controller/SymKeyController.java @@ -16,6 +16,8 @@ import com.sunyard.chsm.param.SymMacResp; import com.sunyard.chsm.param.VerifyResp; import com.sunyard.chsm.service.SymKeyService; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -36,6 +38,11 @@ public class SymKeyController { @Autowired private SymKeyService symKeyService; + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.setDisallowedFields("qwer"); + } + /** * 对称加密 * diff --git a/chsm-web-server/src/test/java/api/BaseTest.java b/chsm-web-server/src/test/java/api/BaseTest.java index e119379..6f6353b 100644 --- a/chsm-web-server/src/test/java/api/BaseTest.java +++ b/chsm-web-server/src/test/java/api/BaseTest.java @@ -30,7 +30,7 @@ public abstract class BaseTest { protected static final String asymKeyTemplate = "asym-sm2-001"; protected static final String ak = "216205d408130d83d13c5072305b8b65"; protected static final String sk = "ae64515d1d5adec2cc6ae8726d0c1bbc"; - protected static final String server = "http://172.16.18.46:9890"; + protected static final String server = "http://172.16.18.42:9890"; protected static final RestTemplate restTemplate; protected static final String token;