我們在做技術接口時,尤其對外提供時,為了提高服務接口的安全(防爆破,防重放,防篡改等)一般會采用接口驗證的方式,但是在驗證的時候為了提升參數請求前后的安全,我們會采用加密。普通加密基本都是對稱的,不能逆向。
下面,我介紹一種RSA的算法,通過這個加密算法實現接口請求前后的數字簽名驗證。具體實現流程為:
接口數字簽名驗證的而基本流程
下面我將RSA的簽名算法代碼分享下,下載即用:
public class RSAEncrypt {
private static Map<Integer, String> keyMap = new HashMap<Integer, String>(); //用于封裝隨機產生的公鑰與私鑰
private static String pirvateKey="MIIBUwIBADANBgkqhkiG9w0BAQEFAASCAT0wggE5AgEAAkEAgS8Vf8eKVf9YoqoyhFy4hHgYpNkSkrrmkJrfrKeZHfZWFx2cCoon74QZ3qw15VV9jMD5DWaPdMVAVx5HckNURwIDAQABAkBpS6Fwd4pwMiNi4usuLA1SHDmqFC0pYCISd8odBratTjRv6w9OH+A/CIKDir4DZ0PsS9qh0mxb0bthRQ9vS0wBAiEAx+y2VcrbnOZNQSWUONZcVKIHazkrAWXOBR8mQfJnOUcCIQClavCvg0SesKWv65vs2ZR0quQnaFdcCMh7B4GM2DCNAQIgAsXgvY3jv+hd1/J6fNNUUoQw0Cbp1sofsmh9Mlr3XY8CIFEyGex9Cay/VsTwaLws3PMbgxxY2jDB2u6Q86VX5RUBAiBhoiUOYrxrS77ifDFm1KYFHRPyZNStYJhcVu4U5kwwIA==";
private static String publicKey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAIEvFX/HilX/WKKqMoRcuIR4GKTZEpK65pCa36ynmR32VhcdnAqKJ++EGd6sNeVVfYzA+Q1mj3TFQFceR3JDVEcCAwEAAQ==";
private static String ssb="fSAUUCYm3FI3EYJWZRPXnI1dbwcLT3bFUqL5Wsdv24QtLmYmrN2i5WRKQgGxMTewRJ78Obf1Zke9rTpE+23zzw==";
public static void main(String[] args) throws Exception {
//生成公鑰和私鑰
//genKeyPair();
//String randomStr= RandomStrUtil.getRandom(24, RandomStrUtil.TYPE.LETTER_CAPITAL_NUMBER);
String uuid=UUIDUtil.getUUID();
String hashCode=String.valueOf(uuid.hashCode());
System.out.println("hashcode="+hashCode);
long time=System.currentTimeMillis();
//System.out.println("隨機hash"+hashCode);
//加密字符串
String message = time+"@=@"+uuid;
//System.out.println("隨機生成的公鑰為:" + publicKey);
//System.out.println("隨機生成的私鑰為:" + pirvateKey);
String messageEn = encrypt(message,publicKey);
System.out.println("加密后的字符串為:" + messageEn);
String messageDe = decrypt(messageEn,pirvateKey);
System.out.println("源文數據="+message);
System.out.println("解密數據=" + messageDe);
String bs=messageDe.split("@=@")[1];
System.out.println(bs);
}
/**
* 隨機生成密鑰對
* @throws NoSuchAlgorithmException
*/
public static void genKeyPair() throws NoSuchAlgorithmException {
// KeyPairGenerator類用于生成公鑰和私鑰對,基于RSA算法生成對象
KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA");
// 初始化密鑰對生成器,密鑰大小為96-1024位
keyPairGen.initialize(1024,new SecureRandom());
// 生成一個密鑰對,保存在keyPair中
KeyPair keyPair = keyPairGen.generateKeyPair();
// 得到私鑰
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
// 得到公鑰
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
String publicKeyString = new String(Base64.encodeBase64(publicKey.getEncoded()));
System.out.println("公鑰="+publicKeyString);
// 得到私鑰字符串
String privateKeyString = new String(Base64.encodeBase64((privateKey.getEncoded())));
System.out.println("私鑰="+privateKeyString);
// 將公鑰和私鑰保存到Map
//0表示公鑰
keyMap.put(0,publicKeyString);
//1表示私鑰
keyMap.put(1,privateKeyString);
}
/**
* RSA公鑰加密
*
* @param str
* 加密字符串
* @param publicKey
* 公鑰
* @return 密文
* @throws Exception
* 加密過程中的異常信息
*/
public static String encrypt( String str, String publicKey ) throws Exception{
//base64編碼的公鑰
byte[] decoded = Base64.decodeBase64(publicKey);
RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(decoded));
//RSA加密
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, pubKey);
String outStr = Base64.encodeBase64String(cipher.doFinal(str.getBytes("UTF-8")));
return outStr;
}
/**
* RSA私鑰解密
*
* @param str
* 加密字符串
* @param privateKey
* 私鑰
* @return 銘文
* @throws Exception
* 解密過程中的異常信息
*/
public static String decrypt(String str, String privateKey) throws Exception{
//64位解碼加密后的字符串
byte[] inputByte = Base64.decodeBase64(str.getBytes("UTF-8"));
//base64編碼的私鑰
byte[] decoded = Base64.decodeBase64(privateKey);
RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decoded));
//RSA解密
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE, priKey);
String outStr = new String(cipher.doFinal(inputByte));
return outStr;
}
}
