package com.ctrip.microfinance.giftcard.financedatajob.agent;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.message.BasicHeader;
import org.apache.http.protocol.HTTP;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import com.alibaba.fastjson.JSONObject;
import com.ctrip.microfinance.giftcard.financedatajob.manager.ConfigManager;
/**
-
信用卡加解密服务
-
http://conf.ctripcorp.com/pages/viewpage.action?pageId=113939104
*/
@Component
public class KeyWSAgent {private static final Logger logger = LoggerFactory.getLogger(KeyWSAgent.class);
private static final String API_NAME_ENCRYPT = “encrypt”;
private static final String API_NAME_DECRYPT = “decrypt”;@Autowired
private ConfigManager configManager;/**
- 加密
*/
public String encrypt(String paramStr) {
return request(API_NAME_ENCRYPT, paramStr);
}
/**
- 解密
*/
public String decrypt(String paramStr) {
return request(API_NAME_DECRYPT, paramStr);
}
/**
-
调用加解密的接口,并对结果进行处理
*/
private String request(String type, String paramStr) {// 1.构建请求
JSONObject requestJson = new JSONObject();
requestJson.put(“param”, paramStr);// 2.发送信息
// try{
// // 设置协议http和https对应的处理socket链接工厂的对象
// Registry socketFactoryRegistry = RegistryBuilder.create()
// .register(“http”, PlainConnectionSocketFactory.INSTANCE)
// .register(“https”, new SSLConnectionSocketFactory(createIgnoreVerifySSL()))
// .build();
// PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
// HttpClients.custom().setConnectionManager(connManager);
//
// //创建自定义的httpclient对象
// CloseableHttpClient client = HttpClients.custom().setConnectionManager(connManager).build();try (CloseableHttpClient client = HttpClients.createDefault()) {
HttpPost httpPost = new HttpPost(configManager.getCustomConfig().getProperty(“keyws.url”) + type);
httpPost.addHeader(HTTP.CONTENT_TYPE, “application/json”);String requestJsonString = requestJson.toJSONString(); StringEntity se = new StringEntity(requestJsonString); se.setContentType("text/json"); se.setContentEncoding(new BasicHeader(HTTP.CONTENT_TYPE, "application/json")); httpPost.setEntity(se); HttpResponse response = client.execute(httpPost); // 3.非200状态,都视为失败 String responseContent = EntityUtils.toString(response.getEntity()); if (response.getStatusLine().getStatusCode() != 200) { logger.info("返回httpcode非200:{}", responseContent); return ""; } // 4.code非0,都视为失败 JSONObject object = JSONObject.parseObject(responseContent); int code = object.getInteger("code"); if(code != 0) { logger.info("返回code非0:{}", responseContent); return ""; } return object.getString("result");
} catch (Exception ex) {
logger.warn(“调用KeyWS服务异常”, ex);
return “”;
}
}
/
-
绕过验证
-
@return
-
@throws NoSuchAlgorithmException
-
@throws KeyManagementException
*/
public SSLContext createIgnoreVerifySSL() throws NoSuchAlgorithmException, KeyManagementException {
SSLContext sc = SSLContext.getInstance(“SSLv3”);// 实现一个X509TrustManager接口,用于绕过验证
X509TrustManager trustManager = new X509TrustManager() {
@Override
public void checkClientTrusted(
java.security.cert.X509Certificate[] paramArrayOfX509Certificate,
String paramString) throws CertificateException {
}@Override public void checkServerTrusted( java.security.cert.X509Certificate[] paramArrayOfX509Certificate, String paramString) throws CertificateException { } @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; }
};
sc.init(null, new TrustManager[] { trustManager }, null);
return sc;
}**
- 加密
}