Skip to content

Commit

Permalink
init
Browse files Browse the repository at this point in the history
  • Loading branch information
@renchangjiu
renchangjiu committed Nov 21, 2022
1 parent f50576e commit 80acca1
Show file tree
Hide file tree
Showing 40 changed files with 3,676 additions and 1 deletion.
52 changes: 52 additions & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
### IntelliJ IDEA ###
.idea
.rider
*.iws
*.iml
*.ipr

### Visual Studio ###
.vs
*.user

### C# ###
[Dd]ebug
[Rr]elease
obj/
[Bb]in
!packages/build/
Bak/
packages/
[Rr]elease/

### Python ###
__pycache__


### Maven ###
target

.DS_Store
node_modules/
dist/
npm-debug.log*
yarn-debug.log*
yarn-error.log*
**/*.log

tests/**/coverage/
tests/e2e/reports
selenium-debug.log

# Editor directories and files
.idea
.vscode
*.suo
*.ntvs*
*.njsproj
*.sln
*.local

package-lock.json
yarn.lock

71 changes: 70 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,71 @@
# gm-https
支持国密 https 的 servlet 容器。
支持国密 https 的<b>低</b>性能 servlet 容器。

<b>有限</b>支持 servlet 规范。

性能较差,<b>不建议</b>用在正式环境。

项目依赖的 gmssl_provider 来自 [https://gmssl.cn/gmssl](https://gmssl.cn/gmssl)*官网说明:免费版本每年年底失效,程序会自动退出,需更新库,重新链接。请勿用于正式/生产环境,后果自负。*

#### 一、用法
##### 1. client 端
```java
@Test
public void testClient() throws Exception {
String url = "";
// url = "https://ebssec.boc.cn/";
url = "https://localhost:4430/get1";

Map<String, String> params = new HashMap<>();
Map<String, String> headers = new HashMap<>();

params.put("ip", "192.168.1.1");
params.put("pwd", "12345678");
headers.put("token", UUID.randomUUID().toString());

Response0 r2 = SSLRequests.get(url, params, headers);
System.out.println("r2.getHeader(\"app-id\") = " + r2.getHeader("app-id"));
System.out.println("r2.getContent() = " + r2.getContent());

params.put("post1", "begin--abc--end");
params.put("post2", UUID.randomUUID().toString());
url = "https://localhost:4430/post1";
SSLRequests.post(url, params, headers);

String json = "{" +
"\"a\": \"abc\"," +
"\"b\": 123" +
"}";
Response0 r3 = SSLRequests.post4json(url, json, headers);
System.out.println();
}
```

##### 2. server 端
```java
@Test
public void testServer() throws Exception {
String cert = "keystore/sm2.server1.both.pfx";
cert = "sm2.auth1/sm2.auth1.both.pfx";
InputStream in = getClass().getClassLoader().getResourceAsStream(cert);
String pwd = "12345678";
SSLServer server = new SSLServer(4430, in, pwd);

server.addServlet("/get1", new TestServlet1());
server.addServlet(new TestServlet2());

// 异步
server.listen();

Thread.currentThread().join();
}
```


#### 二、maven 坐标

```xml
<groupId>cc.kkon</groupId>
<artifactId>gm-https</artifactId>
<version>0.1.1</version>
```
97 changes: 97 additions & 0 deletions pom.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,97 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>

<groupId>cc.kkon</groupId>
<artifactId>gm-https</artifactId>
<version>0.1.1</version>
<packaging>jar</packaging>

<name>gm-https</name>
<url>http://maven.apache.org</url>

<properties>
<java.version>1.8</java.version>
<maven.compiler.target>1.8</maven.compiler.target>
<maven.compiler.source>1.8</maven.compiler.source>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>

<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.13.2</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.5.13</version>
</dependency>
<dependency>
<groupId>jakarta.servlet</groupId>
<artifactId>jakarta.servlet-api</artifactId>
<version>4.0.4</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-collections4</artifactId>
<version>4.4</version>
</dependency>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.11.0</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.12.0</version>
</dependency>
<!-- 本人上传到中央仓库, 每年年底失效 -->
<!-- 来源: https://gmssl.cn/gmssl/index.jsp -->
<dependency>
<groupId>cc.kkon</groupId>
<artifactId>gmssl_provider</artifactId>
<version>2022</version>
</dependency>
</dependencies>

<build>
<finalName>${project.artifactId}</finalName>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.22.1</version>
<configuration>
<skip>true</skip>
<useSystemClassLoader>false</useSystemClassLoader>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.7.0</version>
<configuration>
<source>8</source>
<target>8</target>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>3.2.1</version>
<executions>
<execution>
<id>attach-sources</id>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
94 changes: 94 additions & 0 deletions src/main/java/cc/kkon/gmhttps/client/ClientBuilder.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,94 @@
package cc.kkon.gmhttps.client;

import org.apache.http.client.HttpClient;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.conn.BasicHttpClientConnectionManager;

import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import java.security.*;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

/**
* 使用HttpClient访问国密https
*
* @author gmssl.cn
*/
public class ClientBuilder {



// 创建SSL上下文---忽略服务端证书信任
static SSLContext createIgnoreVerifySSL() throws NoSuchAlgorithmException, KeyManagementException, NoSuchProviderException {
SSLContext sc = SSLContext.getInstance(cn.gmssl.jsse.provider.GMJSSE.GMSSLv11, cn.gmssl.jsse.provider.GMJSSE.NAME);

// 实现一个X509TrustManager接口,用于绕过验证,不用修改里面的方法
X509TrustManager trustManager = new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString) throws CertificateException {
for (int i = 0; i < paramArrayOfX509Certificate.length; i++) {
System.out.println(paramArrayOfX509Certificate[i].getSubjectDN().getName());
}
System.out.println();
}

@Override
public void checkServerTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString) throws CertificateException {
for (int i = 0; i < paramArrayOfX509Certificate.length; i++) {
System.out.println(paramArrayOfX509Certificate[i].getSubjectDN().getName());
}
System.out.println();
}

@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
};
sc.init(null, new TrustManager[]{trustManager}, null);
return sc;
}

static HttpClient initGMSSL() {
try {
Security.insertProviderAt(new cn.gmssl.jce.provider.GMJCE(), 1);
Security.insertProviderAt((Provider) Class.forName("cn.gmssl.jsse.provider.GMJSSE").newInstance(), 2);

SSLContext sslContext = createIgnoreVerifySSL();

SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext,
new String[]{"GMSSLv1.1"}, new String[]{"ECC_SM4_CBC_SM3"},
SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

Registry<ConnectionSocketFactory> socketFactoryRegistry =
RegistryBuilder.<ConnectionSocketFactory>create()
.register("https", sslsf).build();

int timeout = 30;
RequestConfig config = RequestConfig.custom()
.setConnectTimeout(timeout * 1000)
.setConnectionRequestTimeout(timeout * 1000)
.setSocketTimeout(timeout * 1000).build();

HttpClientBuilder b = HttpClientBuilder.create()
.setConnectionManager(new BasicHttpClientConnectionManager(socketFactoryRegistry))
.setMaxConnPerRoute(20)
.setMaxConnTotal(400)
.setDefaultRequestConfig(config);
return b.build();
} catch (Exception e) {
e.printStackTrace();
throw new RuntimeException(e);
}
}


}

49 changes: 49 additions & 0 deletions src/main/java/cc/kkon/gmhttps/client/Response0.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
package cc.kkon.gmhttps.client;

import org.apache.commons.io.IOUtils;
import org.apache.http.HeaderElement;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;

import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;

/**
* @author yui
*/
public class Response0 {


private HttpResponse httpResponse;

private String content;


Response0(HttpResponse httpResponse) throws IOException {
this.httpResponse = httpResponse;
HttpEntity entity = httpResponse.getEntity();
if (entity != null) {
InputStream in = entity.getContent();

this.content = IOUtils.toString(in, StandardCharsets.UTF_8);
in.close();
}
}

public String getHeader(String key) {
HeaderElement[] elements = httpResponse.getFirstHeader(key).getElements();
if (elements != null && elements.length != 0) {
return elements[0].getName();
}
return null;
}

public String getContent() {
return this.content;
}

public HttpResponse getHttpResponse() {
return httpResponse;
}
}
Loading

0 comments on commit 80acca1

Please sign in to comment.