From 206985a65edde751b4a2a93f30e621eb1fb8ce58 Mon Sep 17 00:00:00 2001 From: nanChen Date: Wed, 6 May 2026 17:28:16 +0800 Subject: [PATCH] =?UTF-8?q?1=E3=80=81=E5=AE=8C=E5=96=84=E6=8E=A8=E9=80=81k?= =?UTF-8?q?afka=20=E7=9A=84=E6=B6=88=E6=81=AF=E8=BF=9B=E8=A1=8CSM4?= =?UTF-8?q?=E5=8A=A0=E5=AF=86=202=E3=80=81=E6=96=B0=E5=A2=9E=E6=8E=A2?= =?UTF-8?q?=E9=92=88=E4=BE=A7=E8=BF=9B=E8=A1=8CIP=E8=81=94=E5=8A=A8?= =?UTF-8?q?=E5=B0=81=E7=A6=81=E7=9A=84=E5=8A=9F=E8=83=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../src/main/java/com/Modules/DMTDMTest.java | 55 +++++++ .../main/java/com/common/util/Sm4Util.java | 137 ++++++++++++++++++ .../src/main/java/com/SyslogServeMainApp.java | 3 + .../controller/BlacklistController.java | 22 +++ .../common/entity/BlacklistApiProperties.java | 18 +++ .../com/common/entity/BlacklistRequest.java | 22 +++ .../java/com/common/entity/BlockRequest.java | 19 +++ .../java/com/common/entity/BlockResponse.java | 21 +++ .../common/service/BlacklistApiService.java | 46 ++++++ .../java/com/config/RestTemplateConfig.java | 50 +++++++ .../java/com/haobang/config/AppConfig.java | 3 + .../main/java/com/haobang/util/Sm4Util.java | 137 ++++++++++++++++++ .../main/java/com/kafka/kafkaProducer.java | 10 +- .../java/com/netty/SyslogMessageHandler.java | 2 + .../main/resources/application-dev.properties | 36 ++++- .../resources/application-prod.properties | 39 ++++- .../src/main/resources/application.properties | 36 ++++- 17 files changed, 650 insertions(+), 6 deletions(-) create mode 100644 haobang-security-xdr/syslog-consumer/src/main/java/com/Modules/DMTDMTest.java create mode 100644 haobang-security-xdr/syslog-consumer/src/main/java/com/common/util/Sm4Util.java create mode 100644 haobang-security-xdr/syslog-serve/src/main/java/com/common/controller/BlacklistController.java create mode 100644 haobang-security-xdr/syslog-serve/src/main/java/com/common/entity/BlacklistApiProperties.java create mode 100644 haobang-security-xdr/syslog-serve/src/main/java/com/common/entity/BlacklistRequest.java create mode 100644 haobang-security-xdr/syslog-serve/src/main/java/com/common/entity/BlockRequest.java create mode 100644 haobang-security-xdr/syslog-serve/src/main/java/com/common/entity/BlockResponse.java create mode 100644 haobang-security-xdr/syslog-serve/src/main/java/com/common/service/BlacklistApiService.java create mode 100644 haobang-security-xdr/syslog-serve/src/main/java/com/config/RestTemplateConfig.java create mode 100644 haobang-security-xdr/syslog-serve/src/main/java/com/haobang/util/Sm4Util.java diff --git a/haobang-security-xdr/syslog-consumer/src/main/java/com/Modules/DMTDMTest.java b/haobang-security-xdr/syslog-consumer/src/main/java/com/Modules/DMTDMTest.java new file mode 100644 index 0000000..e46b209 --- /dev/null +++ b/haobang-security-xdr/syslog-consumer/src/main/java/com/Modules/DMTDMTest.java @@ -0,0 +1,55 @@ +package com.Modules; + +import java.sql.*; + +public class DMTDMTest { + public static void main(String[] args) { + // 连接信息 + String url = "jdbc:postgresql://139.9.39.176:16502/dameng"; + String user = "SYSDBA"; + String password = "Sysdba12345"; // 如果已修改密码,请替换为实际密码 + + Connection conn = null; + Statement stmt = null; + ResultSet rs = null; + + try { + // 1. 加载驱动(JDBC 4.0 后自动加载,但显式加载更稳妥) + Class.forName("dm.jdbc.driver.DmDriver"); + System.out.println("达梦 JDBC 驱动加载成功"); + + // 2. 建立连接 + conn = DriverManager.getConnection(url, user, password); + System.out.println("数据库连接成功!"); + + // 3. 执行查询(达梦支持 DUAL 表) + stmt = conn.createStatement(); + rs = stmt.executeQuery("SELECT 1 FROM DUAL"); + + if (rs.next()) { + int result = rs.getInt(1); + System.out.println("查询结果: " + result); + } + + // 4. 可选:查询当前时间 + rs.close(); + rs = stmt.executeQuery("SELECT SYSDATE FROM DUAL"); + if (rs.next()) { + Timestamp now = rs.getTimestamp(1); + System.out.println("服务器当前时间: " + now); + } + + } catch (ClassNotFoundException e) { + System.err.println("未找到达梦 JDBC 驱动,请检查 DmJdbcDriver18.jar 是否在 classpath 中"); + e.printStackTrace(); + } catch (SQLException e) { + System.err.println("数据库连接或操作失败"); + e.printStackTrace(); + } finally { + // 5. 关闭资源 + try { if (rs != null) rs.close(); } catch (SQLException e) { e.printStackTrace(); } + try { if (stmt != null) stmt.close(); } catch (SQLException e) { e.printStackTrace(); } + try { if (conn != null) conn.close(); } catch (SQLException e) { e.printStackTrace(); } + } + } +} \ No newline at end of file diff --git a/haobang-security-xdr/syslog-consumer/src/main/java/com/common/util/Sm4Util.java b/haobang-security-xdr/syslog-consumer/src/main/java/com/common/util/Sm4Util.java new file mode 100644 index 0000000..d38d3c4 --- /dev/null +++ b/haobang-security-xdr/syslog-consumer/src/main/java/com/common/util/Sm4Util.java @@ -0,0 +1,137 @@ +package com.common.util; + + import cn.hutool.core.util.HexUtil; +import cn.hutool.crypto.Mode; +import cn.hutool.crypto.Padding; +import cn.hutool.crypto.SmUtil; +import cn.hutool.crypto.symmetric.SM4; +import cn.hutool.crypto.symmetric.SymmetricCrypto; +import javax.crypto.spec.IvParameterSpec; +import java.nio.charset.StandardCharsets; +import java.security.Security; +import java.util.Base64; +import org.bouncycastle.jce.provider.BouncyCastleProvider; + +import cn.hutool.core.util.HexUtil; +import cn.hutool.core.util.RandomUtil; +import javax.crypto.SecretKey; +import javax.crypto.spec.SecretKeySpec; + +/** + * 国密SM4加解密工具类 + * 基于 Hutool + Bouncy Castle 实现,支持 ECB 和 CBC 模式 + */ +public class Sm4Util { + + /** + * 生成 SM4 密钥(16字节,128位) + * @return 十六进制字符串格式的密钥 + */ + public static String generateKey() { + byte[] key = SmUtil.sm4().getSecretKey().getEncoded(); + return HexUtil.encodeHexStr(key); + } + + // ==================== ECB 模式(电子密码本模式) ==================== + // 注意:ECB 模式不需要 IV,但安全性较低,不适合加密大量数据 + + /** + * 使用 ECB 模式加密 + * @param plainText 明文 + * @param hexKey 十六进制字符串格式的密钥 + * @return Base64 编码的密文 + */ + public static String encryptEcb(String plainText, String hexKey) { + SM4 sm4 = new SM4(HexUtil.decodeHex(hexKey)); + return sm4.encryptBase64(plainText); + } + + /** + * 使用 ECB 模式解密 + * @param cipherText Base64 编码的密文 + * @param hexKey 十六进制字符串格式的密钥 + * @return 明文 + */ + public static String decryptEcb(String cipherText, String hexKey) { + SM4 sm4 = new SM4(HexUtil.decodeHex(hexKey)); + return sm4.decryptStr(cipherText); + } + + // ==================== CBC 模式(密码分组链接模式) ==================== + // 推荐使用:需要 IV(初始化向量),安全性更高 + + + static { + // 静态代码块中统一注册 Provider,确保全局生效 + if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) { + Security.addProvider(new BouncyCastleProvider()); + } + } + + /** + * CBC 模式加密(推荐) + * @param plainText 明文 + * @param hexKey 十六进制字符串格式的密钥 + * @return 格式为 "Base64(IV):Base64(密文)" 的字符串 + */ + public static String encryptCbc(String plainText, String hexKey) { + // 1. 随机生成16字节 IV + byte[] iv = RandomUtil.randomBytes(16); + // 2. 将 IV 包装为 AlgorithmParameterSpec + IvParameterSpec ivSpec = new IvParameterSpec(iv); + // 3. 将十六进制密钥转为字节数组并包装为 SecretKey + byte[] keyBytes = HexUtil.decodeHex(hexKey); + SecretKey secretKey = new SecretKeySpec(keyBytes, "SM4"); + // 4. 创建加解密器 + SymmetricCrypto sm4 = new SymmetricCrypto("SM4/CBC/PKCS5Padding", secretKey, ivSpec); + // 5. 执行加密 + String encryptedBase64 = sm4.encryptBase64(plainText); + String ivBase64 = Base64.getEncoder().encodeToString(iv); + return ivBase64 + ":" + encryptedBase64; + } + + /** + * CBC 模式解密 + * @param cipherTextWithIv 由 encryptCbc 生成的字符串 + * @param hexKey 十六进制密钥 + * @return 明文 + */ + public static String decryptCbc(String cipherTextWithIv, String hexKey) { + String[] parts = cipherTextWithIv.split(":"); + if (parts.length != 2) { + throw new IllegalArgumentException("无效的密文格式,应为 'IV:密文'"); + } + // 1. 解析 IV + byte[] iv = Base64.getDecoder().decode(parts[0]); + IvParameterSpec ivSpec = new IvParameterSpec(iv); + // 2. 解析密钥 + byte[] keyBytes = HexUtil.decodeHex(hexKey); + SecretKey secretKey = new SecretKeySpec(keyBytes, "SM4"); + // 3. 创建解密器(算法参数必须与加密时完全一致) + SymmetricCrypto sm4 = new SymmetricCrypto("SM4/CBC/PKCS5Padding", secretKey, ivSpec); + // 4. 解密 + return sm4.decryptStr(parts[1]); + } + public static void main(String[] args) { + // 1. 生成 SM4 密钥(128位,十六进制字符串) + String hexKey = Sm4Util.generateKey(); + System.out.println("生成的密钥(十六进制): " + hexKey); + System.out.println("密钥长度: " + HexUtil.decodeHex(hexKey).length + " 字节"); + + // 2. 原始明文(包含中文和英文,测试字符集兼容性) + String plainText = "Hello 国密算法!SM4 加解密测试。123456"; + System.out.println("原始明文: " + plainText); + + // 3. 使用 CBC 模式加密 + String encryptedWithIv = Sm4Util.encryptCbc(plainText, hexKey); + System.out.println("加密结果(IV:密文): " + encryptedWithIv); + + // 4. 使用 CBC 模式解密 + String decryptedText = Sm4Util.decryptCbc(encryptedWithIv, hexKey); + System.out.println("解密后的明文: " + decryptedText); + + // 5. 验证加解密是否一致 + boolean success = plainText.equals(decryptedText); + System.out.println("加解密验证结果: " + (success ? "成功" : " 失败")); + } +} \ No newline at end of file diff --git a/haobang-security-xdr/syslog-serve/src/main/java/com/SyslogServeMainApp.java b/haobang-security-xdr/syslog-serve/src/main/java/com/SyslogServeMainApp.java index 503886e..1acddfe 100644 --- a/haobang-security-xdr/syslog-serve/src/main/java/com/SyslogServeMainApp.java +++ b/haobang-security-xdr/syslog-serve/src/main/java/com/SyslogServeMainApp.java @@ -11,10 +11,13 @@ import com.netty.SyslogServer; import com.haobang.config.AppConfig; import org.springframework.cache.annotation.EnableCaching; import org.springframework.context.annotation.Configuration; +import org.springframework.scheduling.annotation.EnableScheduling; import com.netty.SyslogServerBoth; + @MapperScan("com.common.mapper") @SpringBootApplication +@EnableScheduling public class SyslogServeMainApp { private static final Logger logger = LoggerFactory.getLogger(SyslogServeMainApp.class); diff --git a/haobang-security-xdr/syslog-serve/src/main/java/com/common/controller/BlacklistController.java b/haobang-security-xdr/syslog-serve/src/main/java/com/common/controller/BlacklistController.java new file mode 100644 index 0000000..2167601 --- /dev/null +++ b/haobang-security-xdr/syslog-serve/src/main/java/com/common/controller/BlacklistController.java @@ -0,0 +1,22 @@ +package com.common.controller; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.bind.annotation.*; +import com.common.entity.BlockResponse; +import com.common.service.BlacklistApiService; + + +@RestController +@RequestMapping("/api/blacklist") +public class BlacklistController { + + @Autowired + private BlacklistApiService blacklistApiService; + + @PostMapping("/add") + public BlockResponse addIp(@RequestParam String ip, + @RequestParam(defaultValue = "300") String age, + @RequestParam(defaultValue = "1") String enable) { + return blacklistApiService.addToBlacklist(ip, age, enable); + } +} \ No newline at end of file diff --git a/haobang-security-xdr/syslog-serve/src/main/java/com/common/entity/BlacklistApiProperties.java b/haobang-security-xdr/syslog-serve/src/main/java/com/common/entity/BlacklistApiProperties.java new file mode 100644 index 0000000..fee97af --- /dev/null +++ b/haobang-security-xdr/syslog-serve/src/main/java/com/common/entity/BlacklistApiProperties.java @@ -0,0 +1,18 @@ +package com.common.entity; + +public class BlacklistApiProperties { + private final String url; + private final String username; + private final String password; + + public BlacklistApiProperties(String url, String username, String password) { + this.url = url; + this.username = username; + this.password = password; + } + + // getters + public String getUrl() { return url; } + public String getUsername() { return username; } + public String getPassword() { return password; } +} \ No newline at end of file diff --git a/haobang-security-xdr/syslog-serve/src/main/java/com/common/entity/BlacklistRequest.java b/haobang-security-xdr/syslog-serve/src/main/java/com/common/entity/BlacklistRequest.java new file mode 100644 index 0000000..9656b57 --- /dev/null +++ b/haobang-security-xdr/syslog-serve/src/main/java/com/common/entity/BlacklistRequest.java @@ -0,0 +1,22 @@ +package com.common.entity; + +public class BlacklistRequest { + private String blist; + private String age; + private String enable; + + // 构造器、getter/setter + public BlacklistRequest() {} + public BlacklistRequest(String blist, String age, String enable) { + this.blist = blist; + this.age = age; + this.enable = enable; + } + + public String getBlist() { return blist; } + public void setBlist(String blist) { this.blist = blist; } + public String getAge() { return age; } + public void setAge(String age) { this.age = age; } + public String getEnable() { return enable; } + public void setEnable(String enable) { this.enable = enable; } +} diff --git a/haobang-security-xdr/syslog-serve/src/main/java/com/common/entity/BlockRequest.java b/haobang-security-xdr/syslog-serve/src/main/java/com/common/entity/BlockRequest.java new file mode 100644 index 0000000..3eb7344 --- /dev/null +++ b/haobang-security-xdr/syslog-serve/src/main/java/com/common/entity/BlockRequest.java @@ -0,0 +1,19 @@ +package com.common.entity; +import lombok.Data; +import javax.validation.constraints.NotBlank; +import javax.validation.constraints.Pattern; +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import com.fasterxml.jackson.annotation.JsonTypeInfo; +@Data +@JsonIgnoreProperties(ignoreUnknown = true) +@JsonTypeInfo(use = JsonTypeInfo.Id.NONE) // 强制禁用类型标识 +public class BlockRequest { + @NotBlank(message = "IP不能为空") + @Pattern(regexp = "^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$", + message = "无效的IPv4地址") + private String ip; + + private String reason; // 可选:封堵原因 + + // getters & setters +} \ No newline at end of file diff --git a/haobang-security-xdr/syslog-serve/src/main/java/com/common/entity/BlockResponse.java b/haobang-security-xdr/syslog-serve/src/main/java/com/common/entity/BlockResponse.java new file mode 100644 index 0000000..f5a2fc8 --- /dev/null +++ b/haobang-security-xdr/syslog-serve/src/main/java/com/common/entity/BlockResponse.java @@ -0,0 +1,21 @@ +package com.common.entity; + +import lombok.Data; +@Data +public class BlockResponse { + + + private int code; + private String message; + private Object data; + + + // 全参构造器 + public BlockResponse(int code, String message, Object data) { + this.code = code; + this.message = message; + this.data = data; + } + + // 构造器、getters & setters +} \ No newline at end of file diff --git a/haobang-security-xdr/syslog-serve/src/main/java/com/common/service/BlacklistApiService.java b/haobang-security-xdr/syslog-serve/src/main/java/com/common/service/BlacklistApiService.java new file mode 100644 index 0000000..d87c346 --- /dev/null +++ b/haobang-security-xdr/syslog-serve/src/main/java/com/common/service/BlacklistApiService.java @@ -0,0 +1,46 @@ +package com.common.service; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.*; +import org.springframework.stereotype.Service; +import org.springframework.web.client.RestTemplate; + +import java.nio.charset.StandardCharsets; +import java.util.Base64; +import com.common.entity.BlacklistApiProperties; +import com.common.entity.BlacklistRequest; +import com.common.entity.BlockResponse; +@Service +public class BlacklistApiService { + + @Autowired + private RestTemplate restTemplate; + + @Autowired + private BlacklistApiProperties apiProperties; + + public BlockResponse addToBlacklist(String ip, String age, String enable) { + String url = apiProperties.getUrl(); + + // 构建请求体 + BlacklistRequest requestBody = new BlacklistRequest(ip, age, enable); + + // 设置请求头 + HttpHeaders headers = new HttpHeaders(); + headers.setContentType(MediaType.APPLICATION_JSON); + + // Basic Auth 编码(密码含特殊字符 % 无需额外处理,Base64 直接编码字节) + String auth = apiProperties.getUsername() + ":" + apiProperties.getPassword(); + byte[] encodedAuth = Base64.getEncoder().encode(auth.getBytes(StandardCharsets.ISO_8859_1)); + String authHeader = "Basic " + new String(encodedAuth, StandardCharsets.ISO_8859_1); + headers.set("Authorization", authHeader); + + HttpEntity entity = new HttpEntity<>(requestBody, headers); + + // 发送 POST 请求 + ResponseEntity response = restTemplate.exchange( + url, HttpMethod.POST, entity, BlockResponse.class); + + return response.getBody(); + } +} \ No newline at end of file diff --git a/haobang-security-xdr/syslog-serve/src/main/java/com/config/RestTemplateConfig.java b/haobang-security-xdr/syslog-serve/src/main/java/com/config/RestTemplateConfig.java new file mode 100644 index 0000000..3dced1a --- /dev/null +++ b/haobang-security-xdr/syslog-serve/src/main/java/com/config/RestTemplateConfig.java @@ -0,0 +1,50 @@ +package com.config; + +import org.apache.http.conn.ssl.NoopHostnameVerifier; +import org.apache.http.conn.ssl.SSLConnectionSocketFactory; +import org.apache.http.impl.client.CloseableHttpClient; +import org.apache.http.impl.client.HttpClients; +import org.apache.http.ssl.SSLContextBuilder; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.http.client.HttpComponentsClientHttpRequestFactory; +import org.springframework.web.client.RestTemplate; +import com.common.entity.BlacklistApiProperties; +import javax.net.ssl.SSLContext; + +@Configuration +public class RestTemplateConfig { + + @Value("${blacklist.api.url}") + private String apiUrl; + + @Value("${blacklist.api.username}") + private String username; + + @Value("${blacklist.api.password}") + private String password; + + @Bean + public RestTemplate restTemplate() throws Exception { + // 忽略 SSL 证书验证(仅用于内网/测试环境,生产环境建议使用真实证书) + SSLContext sslContext = SSLContextBuilder.create() + .loadTrustMaterial((chain, authType) -> true) + .build(); + + SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory( + sslContext, NoopHostnameVerifier.INSTANCE); + + CloseableHttpClient httpClient = HttpClients.custom() + .setSSLSocketFactory(socketFactory) + .build(); + + HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(httpClient); + return new RestTemplate(factory); + } + + @Bean + public BlacklistApiProperties blacklistApiProperties() { + return new BlacklistApiProperties(apiUrl, username, password); + } +} \ No newline at end of file diff --git a/haobang-security-xdr/syslog-serve/src/main/java/com/haobang/config/AppConfig.java b/haobang-security-xdr/syslog-serve/src/main/java/com/haobang/config/AppConfig.java index 86b28e9..730d0c5 100644 --- a/haobang-security-xdr/syslog-serve/src/main/java/com/haobang/config/AppConfig.java +++ b/haobang-security-xdr/syslog-serve/src/main/java/com/haobang/config/AppConfig.java @@ -128,5 +128,8 @@ public class AppConfig { return config.getInt("app.service.device_collect_id"); } + public static String getSM4Key() { + return config.getString("syslog.sm4.generateKey"); + } } diff --git a/haobang-security-xdr/syslog-serve/src/main/java/com/haobang/util/Sm4Util.java b/haobang-security-xdr/syslog-serve/src/main/java/com/haobang/util/Sm4Util.java new file mode 100644 index 0000000..36a3672 --- /dev/null +++ b/haobang-security-xdr/syslog-serve/src/main/java/com/haobang/util/Sm4Util.java @@ -0,0 +1,137 @@ +package com.haobang.util; + +import cn.hutool.core.util.HexUtil; +import cn.hutool.crypto.Mode; +import cn.hutool.crypto.Padding; +import cn.hutool.crypto.SmUtil; +import cn.hutool.crypto.symmetric.SM4; +import cn.hutool.crypto.symmetric.SymmetricCrypto; +import javax.crypto.spec.IvParameterSpec; +import java.nio.charset.StandardCharsets; +import java.security.Security; +import java.util.Base64; +import org.bouncycastle.jce.provider.BouncyCastleProvider; + +import cn.hutool.core.util.HexUtil; +import cn.hutool.core.util.RandomUtil; +import javax.crypto.SecretKey; +import javax.crypto.spec.SecretKeySpec; + +/** + * 国密SM4加解密工具类 + * 基于 Hutool + Bouncy Castle 实现,支持 ECB 和 CBC 模式 + */ +public class Sm4Util { + + /** + * 生成 SM4 密钥(16字节,128位) + * @return 十六进制字符串格式的密钥 + */ + public static String generateKey() { + byte[] key = SmUtil.sm4().getSecretKey().getEncoded(); + return HexUtil.encodeHexStr(key); + } + + // ==================== ECB 模式(电子密码本模式) ==================== + // 注意:ECB 模式不需要 IV,但安全性较低,不适合加密大量数据 + + /** + * 使用 ECB 模式加密 + * @param plainText 明文 + * @param hexKey 十六进制字符串格式的密钥 + * @return Base64 编码的密文 + */ + public static String encryptEcb(String plainText, String hexKey) { + SM4 sm4 = new SM4(HexUtil.decodeHex(hexKey)); + return sm4.encryptBase64(plainText); + } + + /** + * 使用 ECB 模式解密 + * @param cipherText Base64 编码的密文 + * @param hexKey 十六进制字符串格式的密钥 + * @return 明文 + */ + public static String decryptEcb(String cipherText, String hexKey) { + SM4 sm4 = new SM4(HexUtil.decodeHex(hexKey)); + return sm4.decryptStr(cipherText); + } + + // ==================== CBC 模式(密码分组链接模式) ==================== + // 推荐使用:需要 IV(初始化向量),安全性更高 + + + static { + // 静态代码块中统一注册 Provider,确保全局生效 + if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) { + Security.addProvider(new BouncyCastleProvider()); + } + } + + /** + * CBC 模式加密(推荐) + * @param plainText 明文 + * @param hexKey 十六进制字符串格式的密钥 + * @return 格式为 "Base64(IV):Base64(密文)" 的字符串 + */ + public static String encryptCbc(String plainText, String hexKey) { + // 1. 随机生成16字节 IV + byte[] iv = RandomUtil.randomBytes(16); + // 2. 将 IV 包装为 AlgorithmParameterSpec + IvParameterSpec ivSpec = new IvParameterSpec(iv); + // 3. 将十六进制密钥转为字节数组并包装为 SecretKey + byte[] keyBytes = HexUtil.decodeHex(hexKey); + SecretKey secretKey = new SecretKeySpec(keyBytes, "SM4"); + // 4. 创建加解密器 + SymmetricCrypto sm4 = new SymmetricCrypto("SM4/CBC/PKCS5Padding", secretKey, ivSpec); + // 5. 执行加密 + String encryptedBase64 = sm4.encryptBase64(plainText); + String ivBase64 = Base64.getEncoder().encodeToString(iv); + return ivBase64 + ":" + encryptedBase64; + } + + /** + * CBC 模式解密 + * @param cipherTextWithIv 由 encryptCbc 生成的字符串 + * @param hexKey 十六进制密钥 + * @return 明文 + */ + public static String decryptCbc(String cipherTextWithIv, String hexKey) { + String[] parts = cipherTextWithIv.split(":"); + if (parts.length != 2) { + throw new IllegalArgumentException("无效的密文格式,应为 'IV:密文'"); + } + // 1. 解析 IV + byte[] iv = Base64.getDecoder().decode(parts[0]); + IvParameterSpec ivSpec = new IvParameterSpec(iv); + // 2. 解析密钥 + byte[] keyBytes = HexUtil.decodeHex(hexKey); + SecretKey secretKey = new SecretKeySpec(keyBytes, "SM4"); + // 3. 创建解密器(算法参数必须与加密时完全一致) + SymmetricCrypto sm4 = new SymmetricCrypto("SM4/CBC/PKCS5Padding", secretKey, ivSpec); + // 4. 解密 + return sm4.decryptStr(parts[1]); + } + public static void main(String[] args) { + // 1. 生成 SM4 密钥(128位,十六进制字符串) + String hexKey = Sm4Util.generateKey(); + System.out.println("生成的密钥(十六进制): " + hexKey); + System.out.println("密钥长度: " + HexUtil.decodeHex(hexKey).length + " 字节"); + + // 2. 原始明文(包含中文和英文,测试字符集兼容性) + String plainText = "Hello 国密算法!SM4 加解密测试。123456"; + System.out.println("原始明文: " + plainText); + + // 3. 使用 CBC 模式加密 + String encryptedWithIv = Sm4Util.encryptCbc(plainText, hexKey); + System.out.println("加密结果(IV:密文): " + encryptedWithIv); + + // 4. 使用 CBC 模式解密 + String decryptedText = Sm4Util.decryptCbc(encryptedWithIv, hexKey); + System.out.println("解密后的明文: " + decryptedText); + + // 5. 验证加解密是否一致 + boolean success = plainText.equals(decryptedText); + System.out.println("加解密验证结果: " + (success ? "成功" : " 失败")); + } +} \ No newline at end of file diff --git a/haobang-security-xdr/syslog-serve/src/main/java/com/kafka/kafkaProducer.java b/haobang-security-xdr/syslog-serve/src/main/java/com/kafka/kafkaProducer.java index 74ddcce..069f1cd 100644 --- a/haobang-security-xdr/syslog-serve/src/main/java/com/kafka/kafkaProducer.java +++ b/haobang-security-xdr/syslog-serve/src/main/java/com/kafka/kafkaProducer.java @@ -1,5 +1,6 @@ package com.kafka; import com.common.entity.DeviceDevice; +import com.haobang.util.Sm4Util; import org.apache.kafka.clients.producer.*; import org.apache.kafka.common.serialization.StringSerializer; @@ -17,7 +18,7 @@ import com.haobang.util.DeviceInfoUtil; public class kafkaProducer { private static final Logger logger = LoggerFactory.getLogger(kafkaProducer.class); - + private static String strhexKey=AppConfig.getSM4Key(); public static void main(String[] args) { // System.out.println(getFullLogString("syslogmessage")); @@ -100,9 +101,14 @@ public class kafkaProducer { //String value = DeviceInfoUtil.getFullLogString(strSyslog); //采用动态获取Syslog 请求的设备信息 String value = DeviceInfoUtil.getFullLogString(deviceDevice,strSyslog,strReceiveTime); + + //Message进行SM4加密写入kafka + String Sm4message= Sm4Util.encryptCbc(value, strhexKey); + System.out.println("Sm4message:"+Sm4message); + // 创建生产者记录 ProducerRecord record = - new ProducerRecord<>(AppConfig.getKafkaProducerTopic(), key, value); + new ProducerRecord<>(AppConfig.getKafkaProducerTopic(), key, Sm4message); // 发送消息(异步方式) producer.send(record, new Callback() { diff --git a/haobang-security-xdr/syslog-serve/src/main/java/com/netty/SyslogMessageHandler.java b/haobang-security-xdr/syslog-serve/src/main/java/com/netty/SyslogMessageHandler.java index d4bf729..e5a0416 100644 --- a/haobang-security-xdr/syslog-serve/src/main/java/com/netty/SyslogMessageHandler.java +++ b/haobang-security-xdr/syslog-serve/src/main/java/com/netty/SyslogMessageHandler.java @@ -9,6 +9,8 @@ import org.slf4j.LoggerFactory; import java.net.InetSocketAddress; import com.kafka.kafkaProducer; import com.Modules.Device.DeviceProcess; +import com.haobang.util.Sm4Util; +import com.haobang.config.AppConfig; /** * Syslog 消息处理器 */ diff --git a/haobang-security-xdr/syslog-serve/src/main/resources/application-dev.properties b/haobang-security-xdr/syslog-serve/src/main/resources/application-dev.properties index 3180144..7c55135 100644 --- a/haobang-security-xdr/syslog-serve/src/main/resources/application-dev.properties +++ b/haobang-security-xdr/syslog-serve/src/main/resources/application-dev.properties @@ -11,7 +11,7 @@ syslog.tcp.port=514 syslog.udp.port=514 syslog.max.frame.length=262144 syslog.buffer.size=1000 - +syslog.sm4.generateKey=f79548ab6fa8a304fc0115e17230358a # APP Service Configuration app.service.device_id=1 @@ -55,3 +55,37 @@ spring.redis.lettuce.pool.min-idle=0 spring.cache.redis.time-to-live=600000 +#ǽ +# Ƿʵ£falseʱӡ־ڲԣ +firewall.enabled=true +# iptables·ͨΪ /usr/sbin/iptables +firewall.iptables-path=/usr/sbin/iptables +# INPUT FORWARD +firewall.chain=INPUT +# ²ԣDROP REJECT +firewall.target=DROP +# ѡAPIԿΪУ飩 +firewall.api-key=your-secure-api-key + + +# API +blacklist.api.url= https://103.43.84.11/api/v3/Objects/Blacklist +blacklist.api.username=apt-admin103 +blacklist.api.password=C9W2xYgfc%SN1 + +# API +whitelist.api.url=https://103.43.84.11/api/v3/Policies/GlobalWhitelist +whitelist.api.username=apt-admin103 +whitelist.api.password=C9W2xYgfc%SN1 + +# ============================================ +# ̽ +# ============================================ +# Ƿ +interlocking.enabled=true +# syslog-consumer APIURLȫƽ̨ӳַ +interlocking.api.base-url=http://localhost:8089/xdrservice/interlocking +# API-KEY֤32λsyslog-consumerһ£ +interlocking.api-key=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6 +# ʱִм룩Ĭ30 +interlocking.schedule.interval=30000 diff --git a/haobang-security-xdr/syslog-serve/src/main/resources/application-prod.properties b/haobang-security-xdr/syslog-serve/src/main/resources/application-prod.properties index 15a8d16..f59f354 100644 --- a/haobang-security-xdr/syslog-serve/src/main/resources/application-prod.properties +++ b/haobang-security-xdr/syslog-serve/src/main/resources/application-prod.properties @@ -11,7 +11,7 @@ syslog.tcp.port=514 syslog.udp.port=514 syslog.max.frame.length=262144 syslog.buffer.size=1000 - +syslog.sm4.generateKey=f79548ab6fa8a304fc0115e17230358a # APP Service Configuration app.service.device_id=1 app.service.device_name=honeypot @@ -52,4 +52,39 @@ spring.redis.lettuce.pool.max-idle=10 spring.redis.lettuce.pool.min-idle=5 # ʱϳ -spring.cache.redis.time-to-live=3600000 \ No newline at end of file +spring.cache.redis.time-to-live=3600000 + +#ǽ +# Ƿʵ£falseʱӡ־ڲԣ +firewall.enabled=true +# iptables·ͨΪ /usr/sbin/iptables +firewall.iptables-path=/usr/sbin/iptables +# INPUT FORWARD +firewall.chain=INPUT +# ²ԣDROP REJECT +firewall.target=DROP +# ѡAPIԿΪУ飩 +firewall.api-key=your-secure-api-key + + +# API +blacklist.api.url= https://103.43.84.11/api/v3/Objects/Blacklist +blacklist.api.username=apt-admin103 +blacklist.api.password=C9W2xYgfc%SN1 + +# API +whitelist.api.url=https://103.43.84.11/api/v3/Policies/GlobalWhitelist +whitelist.api.username=apt-admin103 +whitelist.api.password=C9W2xYgfc%SN1 + +# ============================================ +# ̽ +# ============================================ +# Ƿ +interlocking.enabled=true +# syslog-consumer APIURLȫƽ̨ӳַ +interlocking.api.base-url=http://localhost:8089/xdrservice/interlocking +# API-KEY֤32λsyslog-consumerһ£ +interlocking.api-key=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6 +# ʱִм룩Ĭ30 +interlocking.schedule.interval=30000 diff --git a/haobang-security-xdr/syslog-serve/src/main/resources/application.properties b/haobang-security-xdr/syslog-serve/src/main/resources/application.properties index 3180144..7c55135 100644 --- a/haobang-security-xdr/syslog-serve/src/main/resources/application.properties +++ b/haobang-security-xdr/syslog-serve/src/main/resources/application.properties @@ -11,7 +11,7 @@ syslog.tcp.port=514 syslog.udp.port=514 syslog.max.frame.length=262144 syslog.buffer.size=1000 - +syslog.sm4.generateKey=f79548ab6fa8a304fc0115e17230358a # APP Service Configuration app.service.device_id=1 @@ -55,3 +55,37 @@ spring.redis.lettuce.pool.min-idle=0 spring.cache.redis.time-to-live=600000 +#ǽ +# Ƿʵ£falseʱӡ־ڲԣ +firewall.enabled=true +# iptables·ͨΪ /usr/sbin/iptables +firewall.iptables-path=/usr/sbin/iptables +# INPUT FORWARD +firewall.chain=INPUT +# ²ԣDROP REJECT +firewall.target=DROP +# ѡAPIԿΪУ飩 +firewall.api-key=your-secure-api-key + + +# API +blacklist.api.url= https://103.43.84.11/api/v3/Objects/Blacklist +blacklist.api.username=apt-admin103 +blacklist.api.password=C9W2xYgfc%SN1 + +# API +whitelist.api.url=https://103.43.84.11/api/v3/Policies/GlobalWhitelist +whitelist.api.username=apt-admin103 +whitelist.api.password=C9W2xYgfc%SN1 + +# ============================================ +# ̽ +# ============================================ +# Ƿ +interlocking.enabled=true +# syslog-consumer APIURLȫƽ̨ӳַ +interlocking.api.base-url=http://localhost:8089/xdrservice/interlocking +# API-KEY֤32λsyslog-consumerһ£ +interlocking.api-key=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6 +# ʱִм룩Ĭ30 +interlocking.schedule.interval=30000