处理安全性问题

soc-common/soc-common-core/src/main/java/com/xunmei/common/core/utils/TimerUtils.java

@@ -15,7 +15,7 @@ public class TimerUtils {
     private  Hashtable<String, Long> delayTimeHt= new Hashtable<>();
     private static TimerUtils instance;
 
-    public static synchronized TimerUtils getInstance() {
+/*    public static synchronized TimerUtils getInstance() {
         if (instance==null){
             synchronized (TimerUtils.class){
                 if (instance == null) {
@@ -26,7 +26,15 @@ public class TimerUtils {
         }else {
             return instance;
         }
-    }
+    }*/
+public static synchronized TimerUtils getInstance() {
+   synchronized (TimerUtils.class){
+       if (instance == null) {
+           instance = new TimerUtils();
+       }
+       return instance;
+   }
+}
 
     private TimerUtils(){
 

soc-common/soc-common-security/src/main/java/com/xunmei/common/security/utils/AsymmetricEncryptionUtil.java

@@ -25,7 +25,8 @@ import java.util.concurrent.ConcurrentHashMap;
 @Slf4j
 public class AsymmetricEncryptionUtil {
 
-    private static final String RSA = "RSA";
+    //private static final String RSA = "RSA";
+    private static final String RSA = "AES/ECB/PKCS7Padding";
     private static final ConcurrentHashMap<String,Key> cache = new ConcurrentHashMap<>();
 
 /*    public static void main(String[] args) {
@@ -142,7 +143,7 @@ public class AsymmetricEncryptionUtil {
     private static String decryptByAsymmetric(String encrypted, Key key) {
         try {
             // 获取Cipher对象
-            Cipher cipher = Cipher.getInstance(RSA);
+            Cipher cipher = Cipher.getInstance(RSA,"CCM");
             // 初始化模式(解密)和密钥
             cipher.init(Cipher.DECRYPT_MODE, key);
             return new String(getMaxResultDecrypt(encrypted, cipher));
@@ -165,7 +166,7 @@ public class AsymmetricEncryptionUtil {
     private static String encryptByAsymmetric(String content, Key key) {
         try {
             // 获取Cipher对象
-            Cipher cipher = Cipher.getInstance(RSA);
+            Cipher cipher = Cipher.getInstance(RSA,"CCM");
             // 初始化模式(加密)和密钥
             cipher.init(Cipher.ENCRYPT_MODE, key);
             byte[] resultBytes = getMaxResultEncrypt(content, cipher);

soc-common/soc-common-security/src/main/java/com/xunmei/common/security/utils/SaltHelper.java

@@ -21,7 +21,7 @@ public class SaltHelper {
     public static String decryptAES(final String content) {
         try {
             final SecretKeySpec skeySpec = new SecretKeySpec(KEY.getBytes("UTF-8"), "AES");
-            final Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding","CCM"); // "算法/模式/补码方式"
+            final Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding","CCM"); // "算法/模式/补码方式"
             cipher.init(Cipher.DECRYPT_MODE, skeySpec);
             return new String(cipher.doFinal(Base64.decode(content)));
         } catch (final Exception e) {
@@ -33,7 +33,7 @@ public class SaltHelper {
     public static String encryptAES(final String content) {
         try {
             final SecretKeySpec skeySpec = new SecretKeySpec(KEY.getBytes("UTF-8"), "AES");
-            final Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding","CCM"); // "算法/模式/补码方式"
+            final Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding","CCM"); // "算法/模式/补码方式"
             cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
             return Base64.encode(cipher.doFinal(content.getBytes(StandardCharsets.UTF_8)));
         } catch (final Exception e) {