package org.sxkj.common.utils; import cn.hutool.core.codec.Base64; import cn.hutool.crypto.asymmetric.SM2; import com.alibaba.fastjson.JSONObject; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; import org.sxkj.common.utils.sm3.SM2SignUtil; import java.io.BufferedReader; import java.io.InputStreamReader; import java.net.HttpURLConnection; import java.net.URL; import java.nio.charset.StandardCharsets; import java.util.HashMap; import java.util.Map; public class AuthUtil { private static final ObjectMapper objectMapper = new ObjectMapper(); /** * 国土调查云获取token * 1、获取当前时间的时间的毫秒时间戳A * 2、用调用方的数字证书B和A进行字符串顺序拼接得到字符串C * 3、获取字符串C的UTF-8字节数组D * 4、采用调用方的私钥,使用SM2签名算法对字节数组D进行签名得到字节数组E * 5、对字节数组E进行base64编码得到字符串F * 6、组装得到token:{B}.{A}.{F} * @return */ public static String getToken() { String privateKey = "00D631FD5615416EAB63D33A9E66E801F95DE840567504210080006081DE877AE3"; String publicKey = "04225AACF606D800EA3C2C31FCF8FB161B15F7A8D0460DEB91013D4F228C455E76A2ED8D71BC6525B5DC5CC015C155479D8839950344AEE438A3A6305C90F8269F"; SM2 sm2 = new SM2(privateKey, publicKey); sm2.usePlainEncoding(); //SM2 token生成 String certCode = "UAV32_WHR4E3UAJZTE3KE5IZFDGL7CBU"; long timestamp = System.currentTimeMillis(); //拼接待签名数据 String needSignData = certCode + timestamp; byte[] needSignDataByte = needSignData.getBytes(StandardCharsets.UTF_8); //签名 byte[] signData = sm2.sign(needSignDataByte); // String signDataHex = HexUtil.encodeHexStr(signData); // System.out.println("sign Hex:" + signDataHex); String signDataBase64 = Base64.encode(signData); // System.out.println("sign Base64:" + signDataBase64); //生成token // String token = certCode + "." + timestamp + "." + signDataBase64; // System.out.println("token:" + token); //SM2 token验证 // boolean rst1 = sm2.verify(needSignDataByte, signData); // System.out.println("verify result:" + rst1); // boolean rst2 = sm2.verify(needSignDataByte, HexUtil.decodeHex(signDataHex)); // System.out.println("verify result:" + rst2); // boolean rst3 = sm2.verify(needSignDataByte, Base64.decode(signDataBase64)); // System.out.println("verify result:" + rst3); return certCode + "." + timestamp + "." + signDataBase64; } public static boolean tokenVerify(String token) { String [] tokenStrs = token.split("\\."); if (tokenStrs.length < 3) { return false; } String privateKey = "00D631FD5615416EAB63D33A9E66E801F95DE840567504210080006081DE877AE3"; String publicKey = "04225AACF606D800EA3C2C31FCF8FB161B15F7A8D0460DEB91013D4F228C455E76A2ED8D71BC6525B5DC5CC015C155479D8839950344AEE438A3A6305C90F8269F"; SM2 sm2 = new SM2(privateKey, publicKey); sm2.usePlainEncoding(); //拼接待签名数据 String needSignData = tokenStrs[0] + tokenStrs[1]; byte[] needSignDataByte = needSignData.getBytes(StandardCharsets.UTF_8); return sm2.verify(needSignDataByte, Base64.decode(tokenStrs[2])); } public static boolean tokenVerify2(String token,String publicKey) { String [] tokenStrs = token.split("\\."); if (tokenStrs.length < 3) { return false; } String privateKey = "00D631FD5615416EAB63D33A9E66E801F95DE840567504210080006081DE877AE3"; // String publicKey ="047719B34C1149EE1068A18E207E2BA4D0F61C42D2336FD0E0AE76D75AD556AB50DF8B8A395624F589DD3FBE12FB1E0DEA059114BD15D0629AE3408FDBC48212FA" ; SM2 sm2 = new SM2(privateKey, publicKey); sm2.usePlainEncoding(); //拼接待签名数据 String needSignData = tokenStrs[0] + tokenStrs[1]; byte[] needSignDataByte = needSignData.getBytes(StandardCharsets.UTF_8); return sm2.verify(needSignDataByte, Base64.decode(tokenStrs[2])); } public static String getPublicKey() { String urlString = "https://xcx.geoway.com.cn:8033/v1/cert/getPublicKey"; try { URL url = new URL(urlString); HttpURLConnection connection = (HttpURLConnection) url.openConnection(); connection.setRequestMethod("GET"); connection.setRequestProperty("Accept", "application/json"); connection.setRequestProperty("x-lc-token", "UAV32_WHR4E3UAJZTE3KE5IZFDGL7CBU.1724764016746.mDm0ylBxqPyhX2wEishoTh3EulqMRxji4yLGscnew4ZGVfiV9qqJHTzTIbvbLtXOrog6YOHqFTYNy+j06yQ3IA=="); // 设置token int responseCode = connection.getResponseCode(); if (responseCode == HttpURLConnection.HTTP_OK) { String secret = connection.getHeaderField("x-lc-secret"); BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream())); String inputLine; StringBuilder response = new StringBuilder(); while ((inputLine = in.readLine()) != null) { response.append(inputLine); } in.close(); // 解析响应中的 JSON 并提取 data 信息 JSONObject jsonResponse = JSONObject.parseObject(response.toString()); String data = jsonResponse.getString("data"); byte[] bytes= SM2SignUtil.deSM2(secret, "00D631FD5615416EAB63D33A9E66E801F95DE840567504210080006081DE877AE3"); return SM4Util.decrypt(bytes,data); } else { System.out.println("GET 请求失败。响应码:" + responseCode); } } catch (Exception e) { e.printStackTrace(); } return null; } public static Map getPubulicKeys(String token) { String urlString = "https://xcx.geoway.com.cn:8033/v1/cert/getcertbycertcode?certcode="+splitBeforeFirstDot(token); try { URL url = new URL(urlString); HttpURLConnection connection = (HttpURLConnection) url.openConnection(); connection.setRequestMethod("GET"); connection.setRequestProperty("Accept", "application/json"); connection.setRequestProperty("x-lc-token", getToken()); // 设置token int responseCode = connection.getResponseCode(); if (responseCode == HttpURLConnection.HTTP_OK) { String secret = connection.getHeaderField("x-lc-secret"); BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream())); String inputLine; StringBuilder response = new StringBuilder(); while ((inputLine = in.readLine()) != null) { response.append(inputLine); } in.close(); // 解析响应中的 JSON 并提取 data 信息 JSONObject jsonResponse = JSONObject.parseObject(response.toString()); String data = jsonResponse.getString("data"); byte[] bytes= SM2SignUtil.deSM2(secret, "00D631FD5615416EAB63D33A9E66E801F95DE840567504210080006081DE877AE3"); // 解析JSON字符串 JSONObject jsonObject = JSONObject.parseObject(SM4Util.decrypt(bytes,data)); // 获取publickey字段的值 Map map =new HashMap<>(); map.put("publickey",jsonObject.getString("publickey")); map.put("orgname",jsonObject.getString("orgname")); return map; } else { System.out.println("GET 请求失败。响应码:" + responseCode); } } catch (Exception e) { e.printStackTrace(); } return null; } public static String splitBeforeFirstDot(String input) { if (input == null || input.isEmpty()) { return input; } return input.split("\\.")[0]; } public static String getPubulicKey(String token) { String urlString = "https://xcx.geoway.com.cn:8033/v1/cert/getcertbycertcode?certcode="+splitBeforeFirstDot(token); try { URL url = new URL(urlString); HttpURLConnection connection = (HttpURLConnection) url.openConnection(); connection.setRequestMethod("GET"); connection.setRequestProperty("Accept", "application/json"); connection.setRequestProperty("x-lc-token", getToken()); // 设置token int responseCode = connection.getResponseCode(); if (responseCode == HttpURLConnection.HTTP_OK) { String secret = connection.getHeaderField("x-lc-secret"); BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream())); String inputLine; StringBuilder response = new StringBuilder(); while ((inputLine = in.readLine()) != null) { response.append(inputLine); } in.close(); // 解析响应中的 JSON 并提取 data 信息 JSONObject jsonResponse = JSONObject.parseObject(response.toString()); String data = jsonResponse.getString("data"); byte[] bytes= SM2SignUtil.deSM2(secret, "00D631FD5615416EAB63D33A9E66E801F95DE840567504210080006081DE877AE3"); // 解析JSON字符串 JSONObject jsonObject = JSONObject.parseObject(SM4Util.decrypt(bytes,data)); // 获取publickey字段的值 return jsonObject.getString("publickey"); } else { System.out.println("GET 请求失败。响应码:" + responseCode); return null; } } catch (Exception e) { e.printStackTrace(); } return null; } public static String buildRequestBody(T obj) { try { return objectMapper.writeValueAsString(obj); } catch (JsonProcessingException e) { throw new RuntimeException("对象转换为JSON字符串时发生错误", e); } } }