# 证据保全系统 ## 部署版本要求 - 数据库 5.7.* - minio 6.0.2 - tomcat 8.5.* - jdk 1.8.* ## 部署步骤 1. 编辑application-pro文件,配置数据库地址、数据库账号、数据库密码、minio地址、minio账号、minio密码 2. 创建数据库、字符集位UTF8 3. 修改数据库脚本中、sys_user表中为初始管理员的登录信息 4. 导入脚本 5. 启动服务 ## 后台功能 - 桌面展示 1. 总接口调用数、 2. 总应用数、 3. 总取证数、 4. 总存证数, 5. 七天内的接口调用趋势统计图 - 应用管理: 1. 应用的添加、修改 - 证据管理: 1. 根据条件查询证据信息 2. 展示存证信息详情 - 系统用户管理: 1. 用户的增删改查 2. 用户的详情展示 - 日志: 1. 接口调用日志详情 2. 系统操作日志详情 ## 功能接口 - 上传文件接口 1. 接口地址 `http://ip+port/ymwk/api/file/upload` 2. 请求类型 `post application/x-www-form-urlencoded` 3. 请求参数 file : 要上传的文件 4. 请求头数据 `Content-AppKey: 系统分配的应用key` 5. 返回数据 文件保存地址 - 下载文件接口 1. 接口地址 `http://ip+port/ymwk/api/file/get` 2. 请求类型 get 3. 请求参数 `filePath: 上传文件时返回的文件地址` 4. 请求头数据 `Content-AppKey: 系统分配的应用key` `Content-Signature: 将参数hmac后的摘要值` 5. 返回数据 文件二进制数据 - 证据保全接口 1. 接口地址 `http://ip+port/ymwk/api/evidence/save` 2. 请求类型 post 3. 请求参数(JSON) 示例参数: ```json { "auditEvidence":{ "account":"审核账号", "auditContent":"审核内容", "auditResult":"审核结果", "createTime":"2021-09-03 10:22:33" }, "authType":4, "businessNumber":"540c1988d82044a49b44f7498cc081e3", "businessType":6, "certEvidence":{ "certSn":"证书Sn号", "certbase64":"证书base64", "notAfter":"2021-09-03", "notBefore":"2021-09-03", "orgData":"原文", "signData":"签名值", "subject":"主体项" }, "eventDescription":"测试", "faceEvidence":{ "idCard":"证件号", "realName":"认证人", "verifyTime":"2021-09-03 10:22:33" }, "fileEvidence":{ "account":"归档账号", "createTime":"2021-09-03 10:22:33", "documentType":"归档文件类型", "filePath":"归档文件地址" }, "loginEvidence":{ "account":"登录账号", "createTime":"2021-09-03 10:22:33", "ip":"登录Ip", "system":"登录系统" }, "queryEvidence":{ "account":"查询账号", "params":"查询参数", "queryTime":"2021-09-03 10:22:33", "result":"查询结果", "url":"查询地址" }, "smsEvidence":{ "phone":"17688636307", "smsCode":"123456", "smsMsg":"验证码为:123456", "verifyTime":"2021-09-03 10:22:33" }, "submitEvidence":{ "account":"申请/提交账号", "submitContent":"申请/提交内容", "submitTime":"2021-09-03 10:22:33" }, "tokenEvidence":{ "timeStamp":"2021-09-03 10:22:33", "tokenCode":"token值" }, "uploadEvidence":{ "account":"上传账号", "fileName":"文件名", "filePath":"文件地址", "fileType":"文件类型", "uploadTime":"2021-09-03 10:22:33" } } ``` 请求头数据 Content-AppKey: 系统分配的应用key Content-Signature: 将参数hmac后的摘要值 5. 返回数据 证据保存成功返回系统生成的证据唯一编号 - 证据获取接口 1. 接口地址 `http://ip+port/ymwk/api/evidence/get` 2. 请求类型 `post` 3. 请求参数(JSON) 示例参数: `{"evidenceNumber":"证据保全接口返回的唯一编号"}` 4. 请求头数据 `Content-AppKey: 系统分配的应用key` `Content-Signature: 将参数hmac后的摘要值` 5. 返回数据 获取成功后将返回证据详细信息 ## hmac说明 步骤: 1. 将json进行排序,排序规则如下: 先比较对应字符的大小(ASCII码顺序),如果第一个字符和参数的第一个字符不等,结束比较,如果第一个字符和参数的第一个字符相等,则以第二个字符和参数的第二个字符做比较,以此类推,直至比较的字符或被比较的字符有一方结束。 2. 使用SM3摘要算法生成Hmac:参数如下 - 秘钥为系统分配的应用secret - 原文为转化为字符串的json 3. 将得到的hmac值 用特定字符串拼接, 示例: "HMAC-SM3 "+hmac //注意: sm3后面是有一个空格的 4. 将得到的最终的值填入请求头中: key为 "Content-Signature" 5. java示例代码 ​ ```java JSONObject certEvidence = new JSONObject(new TreeMap()); certEvidence.put("key", "value"); //其他信息..... JSONObject evidence = new JSONObject(new TreeMap()); evidence.put("certEvidence",certEvidence); String rawHmac = SM3Util.hmac(appSecret,evidence.toJSONString()); rawHmac = "HMAC-SM3 " + rawHmac; .addRequestHeader("Content-Signature", "HMAC-SM3 " + rawHmac); //其他参数 ``` ## java完整代码 ```java public static final Log LOGGER = LogFactory.getLog(EvidenceTest.class); static final String appKey = "fgU0t50X3JmA"; static final String appSecret = "RB9T6lBUGJ5YAB5M"; static final String saveUrl = "/save"; static final String getUrl = "/get"; static final String baseUrl = "http://192.168.0.112:10088/ymwk/api/evidence"; public static void main(String[] args) { //save(); get("证据保全接口返回的唯一编号"); } public static void save() { JSONObject evidence = new JSONObject(new TreeMap()); String businessNumber = UUidUtils.uuidString(); evidence.put("businessNumber", businessNumber); evidence.put("eventDescription", "测试"); evidence.put("authType",4); evidence.put("businessType",6); JSONObject smsEvidence = new JSONObject(new TreeMap()); smsEvidence.put("phone", "17688636307"); smsEvidence.put("smsMsg", "验证码为:123456"); smsEvidence.put("smsCode", "123456"); smsEvidence.put("verifyTime", "2021-09-03 10:22:33"); evidence.put("smsEvidence", smsEvidence); JSONObject certEvidence = new JSONObject(new TreeMap()); certEvidence.put("orgData", "原文"); certEvidence.put("signData", "签名值"); certEvidence.put("certbase64", "证书base64"); certEvidence.put("subject", "主体项"); certEvidence.put("notAfter", "2021-09-03"); certEvidence.put("notBefore", "2021-09-03"); certEvidence.put("certSn", "证书Sn号"); evidence.put("certEvidence", certEvidence); JSONObject faceEvidence = new JSONObject(new TreeMap()); faceEvidence.put("realName", "认证人"); faceEvidence.put("idCard", "证件号"); faceEvidence.put("verifyTime", "2021-09-03 10:22:33"); evidence.put("faceEvidence", faceEvidence); JSONObject tokenEvidence = new JSONObject(new TreeMap()); tokenEvidence.put("timeStamp", "2021-09-03 10:22:33"); tokenEvidence.put("tokenCode", "token值"); evidence.put("tokenEvidence", tokenEvidence); JSONObject queryEvidence = new JSONObject(new TreeMap()); queryEvidence.put("params", "查询参数"); queryEvidence.put("result", "查询结果"); queryEvidence.put("url", "查询地址"); queryEvidence.put("account", "查询账号"); queryEvidence.put("queryTime", "2021-09-03 10:22:33"); evidence.put("queryEvidence", queryEvidence); JSONObject submitEvidence = new JSONObject(new TreeMap()); submitEvidence.put("submitContent", "申请/提交内容"); submitEvidence.put("account", "申请/提交账号"); submitEvidence.put("submitTime", "2021-09-03 10:22:33"); evidence.put("submitEvidence", submitEvidence); JSONObject auditEvidence = new JSONObject(new TreeMap()); auditEvidence.put("auditContent", "审核内容"); auditEvidence.put("account", "审核账号"); auditEvidence.put("auditResult", "审核结果"); auditEvidence.put("createTime", "2021-09-03 10:22:33"); evidence.put("auditEvidence", auditEvidence); JSONObject uploadEvidence = new JSONObject(new TreeMap()); uploadEvidence.put("fileType", "文件类型"); uploadEvidence.put("filePath", "文件地址"); uploadEvidence.put("account", "上传账号"); uploadEvidence.put("fileName", "文件名"); uploadEvidence.put("uploadTime", "2021-09-03 10:22:33"); evidence.put("uploadEvidence", uploadEvidence); JSONObject fileEvidence = new JSONObject(new TreeMap()); fileEvidence.put("documentType", "归档文件类型"); fileEvidence.put("filePath", "归档文件地址"); fileEvidence.put("account", "归档账号"); fileEvidence.put("createTime", "2021-09-03 10:22:33"); evidence.put("fileEvidence", fileEvidence); JSONObject loginEvidence = new JSONObject(new TreeMap()); loginEvidence.put("ip", "登录Ip"); loginEvidence.put("system", "登录系统"); loginEvidence.put("account", "登录账号"); loginEvidence.put("createTime", "2021-09-03 10:22:33"); evidence.put("loginEvidence", loginEvidence); System.out.println(evidence.toJSONString()); String result = post(evidence,1); Result resultObject = JSONObject.parseObject(result,Result.class); get((String)resultObject.getObject()); } public static void get(String evidenceNumber) { JSONObject evidence = new JSONObject(new TreeMap()); evidence.put("evidenceNumber", evidenceNumber); System.out.println(evidence.toJSONString()); post(evidence,2); } public static String post(JSONObject evidence,Integer type) { LOGGER.info(evidence); String rawHmac = ""; try { rawHmac = SM3Util.hmac(appSecret,evidence.toJSONString()); // 创建httpClient实例对象 HttpClient httpClient = new HttpClient(); // 设置httpClient连接主机服务器超时时间:15000毫秒 httpClient.getHttpConnectionManager().getParams().setConnectionTimeout(15000); // 创建post请求方法实例对象 String postUrl = baseUrl; if(type == 1) { postUrl += saveUrl; }else { postUrl += getUrl; } PostMethod postMethod = new PostMethod(postUrl); // 设置post请求超时时间 postMethod.getParams().setParameter(HttpMethodParams.SO_TIMEOUT, 60000); postMethod.addRequestHeader("Content-Type", "application/json"); postMethod.addRequestHeader("Content-AppKey", appKey); postMethod.addRequestHeader("Content-Signature", "HMAC-SM3 " + rawHmac); //json格式的参数解析 RequestEntity entity = new StringRequestEntity(evidence.toJSONString(), "application/json", "UTF-8"); postMethod.setRequestEntity(entity); httpClient.executeMethod(postMethod); InputStream inputStream = postMethod.getResponseBodyAsStream(); BufferedReader br = new BufferedReader(new InputStreamReader(inputStream)); StringBuffer stringBuffer = new StringBuffer(); String result= ""; while((result = br.readLine()) != null){ stringBuffer.append(result); } postMethod.releaseConnection(); LOGGER.info(stringBuffer.toString()); return stringBuffer.toString(); } catch (Exception e) { e.printStackTrace(); return null; } } ```