Skip to content

A
amos-boot-biz
Commit 62007335 authored by 李秀明's avatar 李秀明
Browse files
Options

fix: 使用安全的传输协议

SSLv2、SSLv23、SSLv3、TLSv1.0 和 TLSv1.1 协议包含使它们变得不安全的缺陷,不应该使用它们来传输敏感数据。 Links https://docs.qq.com/sheet/DTkRSaWhSZXBlaldN?tab=000008&_t=1711087563249 (No.7)
parent a1d29607
Hide whitespace changes
Inline Side-by-side
Showing with 20 additions and 84 deletions
amos-boot-module/amos-boot-module-api/amos-boot-module-equip-api/src/main/java/com/yeejoin/equipmanage/common/utils/HttpUtil.java
View file @ 62007335
......@@ -21,6 +21,7 @@ import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;
......@@ -29,8 +30,6 @@ import org.springframework.util.Assert;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
......@@ -333,7 +332,7 @@ public class HttpUtil {
* @param encoding
* @return
*/
public static String postSSLUrl(String url, Map<String, Object> reqMap, String encoding) throws IOException, KeyManagementException, NoSuchAlgorithmException {
public static String postSSLUrl(String url, Map<String, Object> reqMap, String encoding) throws IOException, KeyManagementException, NoSuchAlgorithmException, KeyStoreException {
String result;
CloseableHttpClient httpClient = null;
CloseableHttpResponse response = null;
......@@ -385,23 +384,9 @@ public class HttpUtil {
* @throws NoSuchAlgorithmException
* @throws KeyManagementException
*/
public static SSLContext createIgnoreVerifySSL() throws NoSuchAlgorithmException, KeyManagementException {
SSLContext sc = SSLContext.getInstance("SSLv3");
// 实现一个X509TrustManager接口,用于绕过验证,不用修改里面的方法
X509TrustManager trustManager = new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] paramArrayOfX509Certificate, String paramString) {}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] paramArrayOfX509Certificate, String paramString) {}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[]{};
}
};
sc.init(null, new TrustManager[]{trustManager}, new java.security.SecureRandom());
return sc;
public static SSLContext createIgnoreVerifySSL() throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException {
// 信任所有证书
return new SSLContextBuilder().loadTrustMaterial(null, (TrustStrategy) (arg0, arg1) -> true).build();
}
}
amos-boot-module/amos-boot-module-api/amos-boot-module-equip-api/src/main/java/com/yeejoin/equipmanage/common/utils/HttpUtils.java
View file @ 62007335
......@@ -20,6 +20,7 @@ import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.ssl.SSLContexts;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
......@@ -349,8 +350,7 @@ public class HttpUtils {
* @param encoding
* @return
*/
public static ResponeVo postSSLUrl(String url, Map<String, Object> reqMap, String encoding) throws IOException, KeyManagementException, NoSuchAlgorithmException {
String result;
public static ResponeVo postSSLUrl(String url, Map<String, Object> reqMap, String encoding) throws IOException, KeyManagementException, NoSuchAlgorithmException, KeyStoreException {
CloseableHttpClient httpClient = null;
CloseableHttpResponse response = null;
ResponeVo responeVo = null;
......@@ -414,25 +414,9 @@ public class HttpUtils {
* @throws NoSuchAlgorithmException
* @throws KeyManagementException
*/
public static SSLContext createIgnoreVerifySSL() throws NoSuchAlgorithmException, KeyManagementException {
SSLContext sc = SSLContext.getInstance("SSLv3");
// 实现一个X509TrustManager接口,用于绕过验证,不用修改里面的方法
X509TrustManager trustManager = new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] paramArrayOfX509Certificate, String paramString) {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] paramArrayOfX509Certificate, String paramString) {
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[]{};
}
};
sc.init(null, new TrustManager[]{trustManager}, new java.security.SecureRandom());
return sc;
public static SSLContext createIgnoreVerifySSL() throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException {
// 信任所有证书
return new SSLContextBuilder().loadTrustMaterial(null, (TrustStrategy) (arg0, arg1) -> true).build();
}
......
amos-boot-module/amos-boot-module-api/amos-boot-module-precontrol-api/src/main/java/com/yeejoin/precontrol/common/utils/HttpUtil.java
View file @ 62007335
......@@ -21,6 +21,7 @@ import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;
......@@ -29,8 +30,6 @@ import org.springframework.util.Assert;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
......@@ -337,7 +336,7 @@ public class HttpUtil {
* @return
*/
public static String postSslUrl(String url, Map<String, Object> reqMap, String encoding) throws IOException,
KeyManagementException, NoSuchAlgorithmException {
NoSuchAlgorithmException, KeyStoreException, KeyManagementException {
String result;
CloseableHttpClient httpClient = null;
CloseableHttpResponse response = null;
......@@ -389,24 +388,8 @@ public class HttpUtil {
* @throws NoSuchAlgorithmException
* @throws KeyManagementException
*/
public static SSLContext createIgnoreVerifySsl() throws NoSuchAlgorithmException, KeyManagementException {
SSLContext sc = SSLContext.getInstance("SSLv3");
// 实现一个X509TrustManager接口,用于绕过验证,不用修改里面的方法
X509TrustManager trustManager = new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] paramArrayOfX509Certificate, String paramString) {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] paramArrayOfX509Certificate, String paramString) {
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[]{};
}
};
sc.init(null, new TrustManager[]{trustManager}, new java.security.SecureRandom());
return sc;
public static SSLContext createIgnoreVerifySsl() throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException {
// 信任所有证书
return new SSLContextBuilder().loadTrustMaterial(null, (TrustStrategy) (arg0, arg1) -> true).build();
}
}
amos-boot-module/amos-boot-module-api/amos-boot-module-precontrol-api/src/main/java/com/yeejoin/precontrol/common/utils/HttpUtils.java
View file @ 62007335
......@@ -20,6 +20,7 @@ import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.ssl.SSLContexts;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
......@@ -286,8 +287,7 @@ public class HttpUtils {
* @return
*/
public static ResponeVo postSslUrl(String url, Map<String, Object> reqMap, String encoding) throws IOException,
KeyManagementException, NoSuchAlgorithmException {
String result;
KeyManagementException, NoSuchAlgorithmException, KeyStoreException {
CloseableHttpClient httpClient = null;
CloseableHttpResponse response = null;
ResponeVo responeVo = null;
......@@ -351,25 +351,9 @@ public class HttpUtils {
* @throws NoSuchAlgorithmException
* @throws KeyManagementException
*/
public static SSLContext createIgnoreVerifySsl() throws NoSuchAlgorithmException, KeyManagementException {
SSLContext sc = SSLContext.getInstance("SSLv3");
// 实现一个X509TrustManager接口,用于绕过验证,不用修改里面的方法
X509TrustManager trustManager = new X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] paramArrayOfX509Certificate, String paramString) {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] paramArrayOfX509Certificate, String paramString) {
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[]{};
}
};
sc.init(null, new TrustManager[]{trustManager}, new java.security.SecureRandom());
return sc;
public static SSLContext createIgnoreVerifySsl() throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException {
// 信任所有证书
return new SSLContextBuilder().loadTrustMaterial(null, (TrustStrategy) (arg0, arg1) -> true).build();
}
private static String inputStreamToString(InputStream is) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment