更新时间:2024-12-27 GMT+08:00
session token签名
签名流程
Java签名代码实例
import org.bouncycastle.jce.provider.BouncyCastleProvider; import org.apache.commons.codec.binary.Base64; import javax.crypto.Cipher; import java.nio.charset.Charset; import java.security.*; import java.security.spec.InvalidKeySpecException; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import java.util.Date; public class RSAUtils { public static final Provider provider = new BouncyCastleProvider(); public static final String KEY_ALGORITHM = "RSA"; public static final String BEGIN_PRI_KEY = "-----BEGIN RSA PRIVATE KEY-----"; public static final String END_PRI_KEY = "-----END RSA PRIVATE KEY-----"; public static final String BEGIN_PUB_KEY = "-----BEGIN PUBLIC KEY-----"; public static final String END_PUB_KEY = "-----END PUBLIC KEY-----"; //加密 public static String encrypt(String input, String publicKey) { // 去除公钥开头、结束标识和换行符 publicKey = publicKey.replaceAll(BEGIN_PUB_KEY, "").replaceAll(END_PUB_KEY, "").replace("\\n", ""); try { byte[] enStrByte = encrypt(input, getPublicRSAKey(publicKey)); return Base64Utils.encodeToString(enStrByte); }catch (Exception e){ throw new RuntimeException("Could not encrypt data ",e); } } private static PublicKey getPublicRSAKey(String key) throws NoSuchAlgorithmException, InvalidKeySpecException { X509EncodedKeySpec x509 = new X509EncodedKeySpec(Base64Utils.decodeFromString(key)); KeyFactory kf = KeyFactory.getInstance(KEY_ALGORITHM, provider); return kf.generatePublic(x509); } private static byte[] encrypt(String input, PublicKey publicKey) throws Exception { Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding", provider); cipher.init(Cipher.ENCRYPT_MODE, publicKey); byte[] re = cipher.doFinal(input.getBytes("UTF-8")); return re; } //解密 public String decrypt(String input, String privateKey) { privateKey = privateKey.replaceAll(BEGIN_PRI_KEY, "").replaceAll(END_PRI_KEY, "").replace("\\n", ""); try { byte[] bt = Base64.decodeBase64(input); byte[] decryptedData = RSAUtils.decrypt(bt, RSAUtils.getPrivateRSAKey(privateKey)); return validateData(decryptedData); }catch (Exception e){ return e.getMessage(); } } private static byte[] decrypt(byte[] encrypted, PrivateKey privateKey) throws Exception { Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding", provider); cipher.init(Cipher.DECRYPT_MODE, privateKey); return cipher.doFinal(encrypted); } public static PrivateKey getPrivateRSAKey(String key) throws InvalidKeySpecException, NoSuchAlgorithmException { PKCS8EncodedKeySpec pkcs8 = new PKCS8EncodedKeySpec(Base64Utils.decodeFromString(key)); KeyFactory kf = KeyFactory.getInstance(KEY_ALGORITHM, provider); return kf.generatePrivate(pkcs8); } private static String validateData(byte[] decryptedData) { String dataStr = new String(decryptedData, Charset.defaultCharset()); if (dataStr!=null && dataStr.length() > 0){ String[] split = dataStr.split("#"); if (split.length > 1 && split[split.length-1].length() == String.valueOf(new Date().getTime()).length()) { try { if (new Date().getTime() - Long.parseLong(split[split.length-1]) < 5*60*1000L){ return dataStr.substring(0,dataStr.length()-1-split[split.length-1].length()); }else { throw new RuntimeException("operate time out"); } } catch (Exception e) { throw new RuntimeException("wrong timestamp ", e); } }else { return dataStr; } } return null; } }
父主题: 附录