资料下载:目前资料已经删除了,之前有网友吐槽说:资料不全,那就不共享了。也有很多网友加了我qq拿资,咨询怎么做,目前已经解答了有50多位网友的问题了,本人的精力有限,没办法顾及所有网友的问题,所以源码将不再开源。如果有需要加我qq:924155240。发个15~20块吃饭钱,可以把源码发给你+稍稍解答问题
一、API介绍
1、 调用获取RSA公钥API获取RSA公钥,落地成本地文件,假设为public.pem
2、 确定public.pem文件的存放路径,同时修改代码中文件的输入路径,加载RSA公钥
3、 用标准的RSA加密库对敏感信息进行加密,选择RSA_PKCS1_OAEP_PADDING填充模式
(eg:Java的填充方式要选 " RSA/ECB/OAEPWITHSHA-1ANDMGF1PADDING")
4、 得到进行rsa加密并转base64之后的密文
5、 将密文传给微信侧相应字段,如付款接口(enc_bank_no/enc_true_name)
接口默认输出PKCS#1格式的公钥,商户需根据自己开发的语言选择公钥格式 ~~ PKCS#1是以前老版本使用的公钥、现在的话一般是使用PKCS#8。所以需要进行转化。下面会教你如何状态
二、开发步骤
1、拼凑所需要传递的参数 map集合
2、根据要传递的参数生成自己的签名
3、把签名放到map集合中【因为签名也要传递过去】
4、将当前的map结合转化成xml格式
5、发送请求到微信请求公钥Api。发送请求是一个方法来的
6、解析返回的xml数据===》map集合
三、代码如下~~涉及到的工具类都会贴出来,耐心查看哦
public void getPublicKey() throws Exception {
//1.0 拼凑所需要传递的参数 map集合
SortedMap<Object, Object> parameters = new TreeMap<Object, Object>();
String nonce_str = StringUtils.getStrRandom(28);
parameters.put("mch_id", wxconfig.mch_id);
parameters.put("nonce_str", nonce_str);
parameters.put("sign_type", "MD5");
//2.0 根据要传递的参数生成自己的签名~~注意creatSign是自己封装的一个类。大家可以在下面自主下载
String sign = SignUtils.creatSign(wxconfig.CHARSET, parameters);
System.out.println(sign);
//3.0 把签名放到map集合中【因为签名也要传递过去】
parameters.put("sign", sign);
//4.0将当前的map结合转化成xml格式
String reuqestXml = WXPayUtil.getRequestXml(parameters);
//5.0 发送请求到微信请求公钥Api。发送请求是一个方法来的~~注意需要带着证书哦
String xml1 = HttpClientCustomSSL.httpClientResultGetPublicKey(reuqestXml);
//6.0 解析返回的xml数据===》map集合
String publicKey = XMLUtils.Progress_resultParseXml(xml1);
System.out.println(publicKey);
}
//XMLUtils类
package com.fh.util.weixin;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.SortedMap;
import com.fh.controller.app.nrb.bargain.wxconfig;
/**
* 签名工具类
* @author 小郑
* @date 2018年02月22日
* @description:需要注意的一点是:wxconfig.apikey。这句代码是获取商务号设置的api秘钥。这里不方便贴出来,复制签名代码的人,需要把该常量改成自己商务号的key值。原因是Api规定了签名必须加上自己的key值哦
* */
public class SignUtils {
/**
* @param characterEncoding 编码格式 utf-8
* */
public static String creatSign(String characterEncoding,
SortedMap<Object, Object> parameters) {
StringBuffer sb = new StringBuffer();
Set es = parameters.entrySet();
Iterator it = es.iterator();
while(it.hasNext()) {
Map.Entry entry = (Map.Entry)it.next();
String k = (String)entry.getKey();
Object v = entry.getValue();
if(null != v && !"".equals(v)
&& !"sign".equals(k) && !"key".equals(k)) {
sb.append(k + "=" + v + "&");
}
}
//wxconfig.apikey。这句代码是获取商务号设置的api秘钥。这里不方便贴出来,复制签名代码的人,需要把该常量改成自己商务号的key值。原因是Api规定了签名必须加上自己的key值哦
sb.append("key=" + wxconfig.apikey);
String sign = MD5Utils.MD5Encode(sb.toString(), characterEncoding).toUpperCase();
System.out.println(sign);
return sign;
}
}
wxconfig.apikey。这句代码是获取商务号设置的api秘钥。这里不方便贴出来,复制签名代码的人,需要把该常量改成自己商务号的key值。原因是Api规定了签名必须加上自己的key值哦
/**
WXPayUtil类
调用getRequestXml()把map集合转化成xml~~亲测可以的
*/
package com.fh.util;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.io.StringWriter;
import java.util.*;
import java.security.MessageDigest;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.OutputKeys;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class WXPayUtil {
/**
* XML格式字符串转换为Map
*
* @param strXML XML字符串
* @return XML数据转换后的Map
* @throws Exception
*/
public static Map<String, String> xmlToMap(String strXML) throws Exception {
try {
Map<String, String> data = new HashMap<String, String>();
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
InputStream stream = new ByteArrayInputStream(strXML.getBytes("UTF-8"));
org.w3c.dom.Document doc = documentBuilder.parse(stream);
doc.getDocumentElement().normalize();
NodeList nodeList = doc.getDocumentElement().getChildNodes();
for (int idx = 0; idx < nodeList.getLength(); ++idx) {
Node node = nodeList.item(idx);
if (node.getNodeType() == Node.ELEMENT_NODE) {
org.w3c.dom.Element element = (org.w3c.dom.Element) node;
data.put(element.getNodeName(), element.getTextContent());
}
}
try {
stream.close();
} catch (Exception ex) {
// do nothing
}
return data;
} catch (Exception ex) {
WXPayUtil.getLogger().warn("Invalid XML, can not convert to map. Error message: {}. XML content: {}", ex.getMessage(), strXML);
throw ex;
}
}
/**
* 将Map转换为XML格式的字符串
*
* @param data Map类型数据
* @return XML格式的字符串
* @throws Exception
*/
public static String mapToXml(Map<String, String> data) throws Exception {
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
DocumentBuilder documentBuilder= documentBuilderFactory.newDocumentBuilder();
org.w3c.dom.Document document = documentBuilder.newDocument();
org.w3c.dom.Element root = document.createElement("xml");
document.appendChild(root);
for (String key: data.keySet()) {
String value = data.get(key);
if (value == null) {
value = "";
}
value = value.trim();
org.w3c.dom.Element filed = document.createElement(key);
filed.appendChild(document.createTextNode(value));
root.appendChild(filed);
}
TransformerFactory tf = TransformerFactory.newInstance();
Transformer transformer = tf.newTransformer();
DOMSource source = new DOMSource(document);
transformer.setOutputProperty(OutputKeys.ENCODING, "UTF-8");
transformer.setOutputProperty(OutputKeys.INDENT, "yes");
StringWriter writer = new StringWriter();
StreamResult result = new StreamResult(writer);
transformer.transform(source, result);
String output = writer.getBuffer().toString(); //.replaceAll("\n|\r", "");
try {
writer.close();
}
catch (Exception ex) {
}
return output;
}
/**
* 日志
* @return
*/
public static Logger getLogger() {
Logger logger = LoggerFactory.getLogger("wxpay java sdk");
return logger;
}
/*
* 将SortedMap<Object,Object> 集合转化成 xml格式
*/
public static String getRequestXml(SortedMap<Object,Object> parameters){
StringBuffer sb = new StringBuffer();
sb.append("<xml>");
Set es = parameters.entrySet();
Iterator it = es.iterator();
while(it.hasNext()) {
Map.Entry entry = (Map.Entry)it.next();
String k = (String)entry.getKey();
String v = (String)entry.getValue();
if ("attach".equalsIgnoreCase(k)||"body".equalsIgnoreCase(k)||"sign".equalsIgnoreCase(k)) {
sb.append("<"+k+">"+"<![CDATA["+v+"]]></"+k+">");
}else {
sb.append("<"+k+">"+v+"</"+k+">");
}
}
sb.append("</xml>");
return sb.toString();
}
}
/*
HttpClientCustomSSL
注意这里需要更改几个常量:
*/
package com.fh.util.weixin;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.TreeMap;
import org.apache.http.HttpEntity;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import com.fh.controller.app.nrb.bargain.wxconfig;
/**
* http请求
* @author 小郑
* @date 2018年01月22日
* */
public class HttpClientCustomSSL {
/**
* httpClient 请求获取公钥
* @param parms
* @return
* @throws Exception
*/
public static String httpClientResultGetPublicKey(String xml) throws Exception{
StringBuffer reultBuffer = new StringBuffer();
/*
注意这里的readCustomerSSL是另一个方法,在下面贴出来\
读取证书的类
*/
SSLConnectionSocketFactory sslsf = ReadSSl.getInstance().readCustomSSL();
HttpPost httpPost = new HttpPost("https://fraud.mch.weixin.qq.com/risk/getpublickey");
CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(sslsf).build();
StringEntity myEntity = new org.apache.http.entity.StringEntity(xml,wxconfig.CHARSET);
myEntity.setContentType("text/xml;charset=UTF-8");
myEntity.setContentEncoding(wxconfig.CHARSET);
httpPost.setHeader("Content-Type", "text/xml; charset=UTF-8");
httpPost.setEntity(myEntity);
CloseableHttpResponse response = null;
InputStream inputStream = null;
InputStreamReader inputStreamReader = null;
BufferedReader bufferedReader = null;
try {
response = httpclient.execute(httpPost);
HttpEntity entity = response.getEntity();
if (entity!=null){
inputStream = entity.getContent();
inputStreamReader = new InputStreamReader(inputStream,wxconfig.CHARSET);
bufferedReader = new BufferedReader(inputStreamReader);
String str = null;
while ((str = bufferedReader.readLine()) != null) {
reultBuffer.append(str);
}
}
} catch (ClientProtocolException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}finally{
httpclient.close();
response.close();
bufferedReader.close();
inputStreamReader.close();
inputStream.close();
inputStream = null;
}
return reultBuffer.toString();
}
}
package com.fh.util.weixin;
import java.io.File;
import java.io.FileInputStream;
import java.security.KeyStore;
import javax.net.ssl.SSLContext;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContexts;
import com.fh.controller.app.nrb.bargain.wxconfig;
/**
* 读取证书
* @author 小郑
*
*/
@SuppressWarnings("deprecation")
public class ReadSSl {
private static ReadSSl readSSL = null;
private ReadSSl(){
}
public static ReadSSl getInstance(){
if(readSSL == null){
readSSL = new ReadSSl();
}
return readSSL;
}
/**
* 读取 apiclient_cert.p12 证书
* @return
* @throws Exception
*/
public SSLConnectionSocketFactory readCustomSSL() throws Exception{
/**
* 注意PKCS12证书 是从微信商户平台-》账户设置-》 API安全 中下载的
*/
KeyStore keyStore = KeyStore.getInstance("PKCS12");
/*
此处要改
wxconfig.SSLCERT_PATH :常量,指向证书的位置。例如:
“E:/apache-tomcat-6.0.14/webapps-066/ayzk/WEB-INF/classes/apiclient_cert.p12”
*/
FileInputStream instream = new FileInputStream(new File(wxconfig.SSLCERT_PATH));
try {
/*
此处要改
wxconfig.SSLCERT_PASSWORD:常量,指向证书的密码。例如:
“123456..”
*/
keyStore.load(instream, wxconfig.mch_id.toCharArray());
} finally {
instream.close();
}
/*
此处要改
wxconfig.mch_id:常量,指向商户号。例如:
“123456789..”
*/
SSLContext sslcontext = SSLContexts.custom().loadKeyMaterial(keyStore, wxconfig.mch_id.toCharArray()).build();
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory( sslcontext, new String[] { "TLSv1" }, null,
SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
return sslsf;
}
}
/**
6.0 XMLUtils :解析返回的xml数据===》map集合
调用 Progress_resultParseXml(xml1);方法
*/
package com.fh.util.weixin;
import java.io.IOException;
import java.io.StringReader;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.SortedMap;
import java.util.TreeMap;
import org.jdom.input.SAXBuilder;
import org.xml.sax.InputSource;
/**
*
* */
public class XMLUtils {
/**
*
*/
@SuppressWarnings("rawtypes")
public static String getRequestXml(TreeMap<String, String> parameters)
throws Exception {
StringBuffer sb = new StringBuffer();
sb.append("<xml>");
Set es = parameters.entrySet();
Iterator it = es.iterator();
while (it.hasNext()) {
Map.Entry entry = (Map.Entry) it.next();
String k = (String) entry.getKey();
String v = (String) entry.getValue();
if ("mch_id".equalsIgnoreCase(k) || "nonce_str".equalsIgnoreCase(k)
|| "sign".equalsIgnoreCase(k)) {
sb.append("<" + k + ">" + "<![CDATA[" + v + "]]></" + k + ">");
} else {
sb.append("<" + k + ">" + v + "</" + k + ">");
}
}
sb.append("</xml>");
return sb.toString();
}
@SuppressWarnings("unchecked")
public static String Progress_resultParseXml(String xml) {
String publicKey = null;
try {
StringReader read = new StringReader(xml);
InputSource source = new InputSource(read);
SAXBuilder sb = new SAXBuilder();
org.jdom.Document doc;
doc = (org.jdom.Document) sb.build(source);
org.jdom.Element root = doc.getRootElement();
List<org.jdom.Element> list = root.getChildren();
if (list != null && list.size() > 0) {
for (org.jdom.Element element : list) {
if("pub_key".equals(element.getName())){
publicKey=element.getText();
}
}
}
} catch (IOException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
return publicKey;
}
}
至此我们就获取到了获取RSA公钥 ~~ 上述设计到了xml–>map转化、map—>xml转发、发送POST请求到API的方法。有点乱,稍后我会单独把每个方法抽取出来讲。后续还是会分享微信支付、微信退款、企业付款到零钱、订单查询都会用到。同样的套路。后续补上一个链接,方便大家点击过去查看了~~
四、补充说明。此篇文章,是为"企业付款到银行卡"服务的,虽然获取到了公钥~ 只是完成了API的第一个部分。接下来接续开发
【注意:】上述截图的红色文字,在老版本的时候使用的是PKCS#1,但是在现在java开发所需要的证书是PSCK#8。因此需要进行转化。转换步骤如下
//1.0 新建一个文件 public.pem。将我们获取得到的公钥保存进来。这里有个特别注意的点是: 获取到的公钥是没有良好的格式的、只是一行很长的字符串。
//不需要担心能不能转化的问题,软件会自动帮我们解决的,只需要把首行跟尾行分开就行 --这里我用官网的提供的公钥进行演示
//官网提供的公钥
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEArT82k67xybiJS9AD8nNAeuDYdrtCRaxkS6cgs8L9h83eqlDTlrdw
zBVSv5V4imTq/URbXn4K0V/KJ1TwDrqOI8hamGB0fvU13WW1NcJuv41RnJVua0QA
lS3tS1JzOZpMS9BEGeFvyFF/epbi/m9+2kUWG94FccArNnBtBqqvFncXgQsm98JB
3a62NbS1ePP/hMI7Kkz+JNMyYsWkrOUFDCXAbSZkWBJekY4nGZtK1erqGRve8Jbx
TWirAm/s08rUrjOuZFA21/EI2nea3DidJMTVnXVPY2qcAjF+595shwUKyTjKB8v1
REPB3hPF1Z75O6LwuLfyPiCrCTmVoyfqjwIDAQAB
-----END RSA PUBLIC KEY-----
//需要特别说明的一点是:这是官网提供的,有良好的格式,但是java获取的公钥它只是一个字符串。没有良好的格式。
//答案是“不用良好的格式也能转化,不需要担心哦”
PKCS#1 转 PKCS#8: 文件路径写好后,执行就可以了
执行命令:openssl rsa -RSAPublicKey_in -in <filename> -pubout
//特别点一下:filename是文件的全路径哦,例如:H:/book/csdn/public.pem
//wimdow+r-->cmd-->调出dos命令行
/*一般来说,你配置了java jdk的系统路径就可以跑上述的代码。不需要特地去安装openssl。
而且网上说:RSA PSCK#1公钥 转 RSA PSCK#8公钥 只能在Linux上运行,是错误的,不要被误导快乐*/
openssl rsa -RSAPublicKey_in -in H:/book/csdn/public.pem -pubout
//官网提供转化后的PSCK#8文件
PKCS#8 格式密钥:
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT82k67xybiJS9AD8nNA
euDYdrtCRaxkS6cgs8L9h83eqlDTlrdwzBVSv5V4imTq/URbXn4K0V/KJ1TwDrqO
I8hamGB0fvU13WW1NcJuv41RnJVua0QAlS3tS1JzOZpMS9BEGeFvyFF/epbi/m9+
lkUWG94FccArNnBtBqqvFncXgQsm98JB3a42NbS1ePP/hMI7Kkz+JNMyYsWkrOUF
DCXAbSZkWBJekY4nGZtK1erqGRve8JbxTWirAm/s08rUrjOuZFA21/EI2nea3Did
JMTVnXVPY2qcAjF+595shwUKyTjKB8v1REPB3hPF1Z75O6LwuLfyPiCrCTmVoyfq
jwIDAQAB
-----END PUBLIC KEY-----
对比官网提供的,说明我上述的方法是正确的。转化没有任何问题。右键 – 》标记 ----》保存成为一个新的文件,这就是我们需要的PSCK#8文件
4.3 ~ 4.5 的简单解释是:把当前的”银行卡号“、
“姓名”进行RSA加密 、然后进行 base加密。最后把加密后的字符串作为参数传递给“企业付款到银行卡”的AP~~这里的话,我提供RSA、Base加密方法。大家copy就可以
package com.fh.controller.app.xiaozhengxu.juintTest;
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.lang.reflect.Method;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import com.fh.util.weixin.Base64;
import com.fh.util.weixin.RSASignature;
public class RSAUtil
{
public static byte[] decrypt(byte[] encryptedBytes, PrivateKey privateKey, int keyLength, int reserveSize, String cipherAlgorithm) throws Exception {
int keyByteSize = keyLength / 8;
int decryptBlockSize = keyByteSize - reserveSize;
int nBlock = encryptedBytes.length / keyByteSize;
ByteArrayOutputStream outbuf = null;
try {
Cipher cipher = Cipher.getInstance(cipherAlgorithm);
cipher.init(Cipher.DECRYPT_MODE, privateKey);
outbuf = new ByteArrayOutputStream(nBlock * decryptBlockSize);
for (int offset = 0; offset < encryptedBytes.length; offset += keyByteSize) {
int inputLen = encryptedBytes.length - offset;
if (inputLen > keyByteSize) {
inputLen = keyByteSize;
}
byte[] decryptedBlock = cipher.doFinal(encryptedBytes, offset, inputLen);
outbuf.write(decryptedBlock);
}
outbuf.flush();
return outbuf.toByteArray();
} catch (Exception e) {
throw new Exception("DEENCRYPT ERROR:", e);
} finally {
try{
if(outbuf != null){
outbuf.close();
}
}catch (Exception e){
outbuf = null;
throw new Exception("CLOSE ByteArrayOutputStream ERROR:", e);
}
}
}
public static byte[] encrypt(byte[] plainBytes, PublicKey publicKey, int keyLength, int reserveSize, String cipherAlgorithm) throws Exception {
int keyByteSize = keyLength / 8;
int encryptBlockSize = keyByteSize - reserveSize;
int nBlock = plainBytes.length / encryptBlockSize;
if ((plainBytes.length % encryptBlockSize) != 0) {
nBlock += 1;
}
ByteArrayOutputStream outbuf = null;
try {
Cipher cipher = Cipher.getInstance(cipherAlgorithm);
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
outbuf = new ByteArrayOutputStream(nBlock * keyByteSize);
for (int offset = 0; offset < plainBytes.length; offset += encryptBlockSize) {
int inputLen = plainBytes.length - offset;
if (inputLen > encryptBlockSize) {
inputLen = encryptBlockSize;
}
byte[] encryptedBlock = cipher.doFinal(plainBytes, offset, inputLen);
outbuf.write(encryptedBlock);
}
outbuf.flush();
return outbuf.toByteArray();
} catch (Exception e) {
throw new Exception("ENCRYPT ERROR:", e);
} finally {
try{
if(outbuf != null){
outbuf.close();
}
}catch (Exception e){
outbuf = null;
throw new Exception("CLOSE ByteArrayOutputStream ERROR:", e);
}
}
}
public static PrivateKey getPriKey(String privateKeyPath,String keyAlgorithm){
PrivateKey privateKey = null;
InputStream inputStream = null;
try {
if(inputStream==null){
System.out.println("hahhah1!");
}
inputStream = new FileInputStream(privateKeyPath);
System.out.println("hahhah2!");
privateKey = getPrivateKey(inputStream,keyAlgorithm);
System.out.println("hahhah3!");
} catch (Exception e) {
System.out.println("加载私钥出错!");
} finally {
if (inputStream != null){
try {
inputStream.close();
}catch (Exception e){
System.out.println("加载私钥,关闭流时出错!");
}
}
}
return privateKey;
}
public static PublicKey getPubKey(String publicKeyPath,String keyAlgorithm){
PublicKey publicKey = null;
InputStream inputStream = null;
try
{
System.out.println("getPubkey 1......");
inputStream = new FileInputStream(publicKeyPath);
System.out.println("getPubkey 2......");
publicKey = getPublicKey(inputStream,keyAlgorithm);
System.out.println("getPubkey 3......");
} catch (Exception e) {
e.printStackTrace();//EAD PUBLIC KEY ERROR
System.out.println("加载公钥出错!");
} finally {
if (inputStream != null){
try {
inputStream.close();
}catch (Exception e){
System.out.println("加载公钥,关闭流时出错!");
}
}
}
return publicKey;
}
public static PublicKey getPublicKey(InputStream inputStream, String keyAlgorithm) throws Exception {
try
{
System.out.println("b1.........");
BufferedReader br = new BufferedReader(new InputStreamReader(inputStream));
System.out.println("b2.........");
StringBuilder sb = new StringBuilder();
String readLine = null;
System.out.println("b3.........");
while ((readLine = br.readLine()) != null) {
if (readLine.charAt(0) == '-') {
continue;
} else {
sb.append(readLine);
sb.append('\r');
}
}
System.out.println("b4.........");
X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(decodeBase64(sb.toString()));
System.out.println("b5.........");
KeyFactory keyFactory = KeyFactory.getInstance(keyAlgorithm);
System.out.println("b6.........");
//下行出错 java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException: DerInputStream.getLength(): lengthTag=127, too big.
PublicKey publicKey = keyFactory.generatePublic(pubX509);
System.out.println("b7.........");
return publicKey;
} catch (Exception e) {
e.printStackTrace();
System.out.println("b8.........");
throw new Exception("READ PUBLIC KEY ERROR:", e);
} finally {
try {
if (inputStream != null) {
inputStream.close();
}
} catch (IOException e) {
inputStream = null;
throw new Exception("INPUT STREAM CLOSE ERROR:", e);
}
}
}
public static PrivateKey getPrivateKey(InputStream inputStream, String keyAlgorithm) throws Exception {
try {
BufferedReader br = new BufferedReader(new InputStreamReader(inputStream));
StringBuilder sb = new StringBuilder();
String readLine = null;
while ((readLine = br.readLine()) != null) {
if (readLine.charAt(0) == '-') {
continue;
} else {
sb.append(readLine);
sb.append('\r');
}
}
System.out.println("hahhah4!"+decodeBase64(sb.toString()));
PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec(decodeBase64(sb.toString()));
System.out.println("hahhah5!");
KeyFactory keyFactory = KeyFactory.getInstance(keyAlgorithm);
System.out.println("hahhah6!");
PrivateKey privateKey = keyFactory.generatePrivate(priPKCS8);
System.out.println("hahhah7!");
return privateKey;
} catch (Exception e) {
throw new Exception("READ PRIVATE KEY ERROR:" ,e);
} finally {
try {
if (inputStream != null) {
inputStream.close();
}
} catch (IOException e) {
inputStream = null;
throw new Exception("INPUT STREAM CLOSE ERROR:", e);
}
}
}
//一下面是base64的编码和解码
public static String encodeBase64(byte[]input) throws Exception{
Class clazz=Class.forName("com.sun.org.apache.xerces.internal.impl.dv.util.Base64");
Method mainMethod= clazz.getMethod("encode", byte[].class);
mainMethod.setAccessible(true);
Object retObj=mainMethod.invoke(null, new Object[]{input});
return (String)retObj;
}
/***
* decode by Base64
*/
public static byte[] decodeBase64(String input) throws Exception{
Class clazz=Class.forName("com.sun.org.apache.xerces.internal.impl.dv.util.Base64");
Method mainMethod= clazz.getMethod("decode", String.class);
mainMethod.setAccessible(true);
Object retObj=mainMethod.invoke(null, input);
return (byte[])retObj;
}
}
package com.fh.util.weixin;
public final class Base64 {
static private final int BASELENGTH = 128;
static private final int LOOKUPLENGTH = 64;
static private final int TWENTYFOURBITGROUP = 24;
static private final int EIGHTBIT = 8;
static private final int SIXTEENBIT = 16;
static private final int FOURBYTE = 4;
static private final int SIGN = -128;
static private final char PAD = '=';
static private final boolean fDebug = false;
static final private byte[] base64Alphabet = new byte[BASELENGTH];
static final private char[] lookUpBase64Alphabet = new char[LOOKUPLENGTH];
static {
for (int i = 0; i < BASELENGTH; ++i) {
base64Alphabet[i] = -1;
}
for (int i = 'Z'; i >= 'A'; i--) {
base64Alphabet[i] = (byte) (i - 'A');
}
for (int i = 'z'; i >= 'a'; i--) {
base64Alphabet[i] = (byte) (i - 'a' + 26);
}
for (int i = '9'; i >= '0'; i--) {
base64Alphabet[i] = (byte) (i - '0' + 52);
}
base64Alphabet['+'] = 62;
base64Alphabet['/'] = 63;
for (int i = 0; i <= 25; i++) {
lookUpBase64Alphabet[i] = (char) ('A' + i);
}
for (int i = 26, j = 0; i <= 51; i++, j++) {
lookUpBase64Alphabet[i] = (char) ('a' + j);
}
for (int i = 52, j = 0; i <= 61; i++, j++) {
lookUpBase64Alphabet[i] = (char) ('0' + j);
}
lookUpBase64Alphabet[62] = (char) '+';
lookUpBase64Alphabet[63] = (char) '/';
}
private static boolean isWhiteSpace(char octect) {
return (octect == 0x20 || octect == 0xd || octect == 0xa || octect == 0x9);
}
private static boolean isPad(char octect) {
return (octect == PAD);
}
private static boolean isData(char octect) {
return (octect < BASELENGTH && base64Alphabet[octect] != -1);
}
/**
* Encodes hex octects into Base64
*
* @param binaryData Array containing binaryData
* @return Encoded Base64 array
*/
public static String encode(byte[] binaryData) {
if (binaryData == null) {
return null;
}
int lengthDataBits = binaryData.length * EIGHTBIT;
if (lengthDataBits == 0) {
return "";
}
int fewerThan24bits = lengthDataBits % TWENTYFOURBITGROUP;
int numberTriplets = lengthDataBits / TWENTYFOURBITGROUP;
int numberQuartet = fewerThan24bits != 0 ? numberTriplets + 1 : numberTriplets;
char encodedData[] = null;
encodedData = new char[numberQuartet * 4];
byte k = 0, l = 0, b1 = 0, b2 = 0, b3 = 0;
int encodedIndex = 0;
int dataIndex = 0;
if (fDebug) {
System.out.println("number of triplets = " + numberTriplets);
}
for (int i = 0; i < numberTriplets; i++) {
b1 = binaryData[dataIndex++];
b2 = binaryData[dataIndex++];
b3 = binaryData[dataIndex++];
if (fDebug) {
System.out.println("b1= " + b1 + ", b2= " + b2 + ", b3= " + b3);
}
l = (byte) (b2 & 0x0f);
k = (byte) (b1 & 0x03);
byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4) : (byte) ((b2) >> 4 ^ 0xf0);
byte val3 = ((b3 & SIGN) == 0) ? (byte) (b3 >> 6) : (byte) ((b3) >> 6 ^ 0xfc);
if (fDebug) {
System.out.println("val2 = " + val2);
System.out.println("k4 = " + (k << 4));
System.out.println("vak = " + (val2 | (k << 4)));
}
encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
encodedData[encodedIndex++] = lookUpBase64Alphabet[val2 | (k << 4)];
encodedData[encodedIndex++] = lookUpBase64Alphabet[(l << 2) | val3];
encodedData[encodedIndex++] = lookUpBase64Alphabet[b3 & 0x3f];
}
// form integral number of 6-bit groups
if (fewerThan24bits == EIGHTBIT) {
b1 = binaryData[dataIndex];
k = (byte) (b1 & 0x03);
if (fDebug) {
System.out.println("b1=" + b1);
System.out.println("b1<<2 = " + (b1 >> 2));
}
byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
encodedData[encodedIndex++] = lookUpBase64Alphabet[k << 4];
encodedData[encodedIndex++] = PAD;
encodedData[encodedIndex++] = PAD;
} else if (fewerThan24bits == SIXTEENBIT) {
b1 = binaryData[dataIndex];
b2 = binaryData[dataIndex + 1];
l = (byte) (b2 & 0x0f);
k = (byte) (b1 & 0x03);
byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4) : (byte) ((b2) >> 4 ^ 0xf0);
encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
encodedData[encodedIndex++] = lookUpBase64Alphabet[val2 | (k << 4)];
encodedData[encodedIndex++] = lookUpBase64Alphabet[l << 2];
encodedData[encodedIndex++] = PAD;
}
return new String(encodedData);
}
/**
* Decodes Base64 data into octects
*
* @param encoded string containing Base64 data
* @return Array containind decoded data.
*/
public static byte[] decode(String encoded) {
if (encoded == null) {
return null;
}
char[] base64Data = encoded.toCharArray();
// remove white spaces
int len = removeWhiteSpace(base64Data);
if (len % FOURBYTE != 0) {
return null;//should be divisible by four
}
int numberQuadruple = (len / FOURBYTE);
if (numberQuadruple == 0) {
return new byte[0];
}
byte decodedData[] = null;
byte b1 = 0, b2 = 0, b3 = 0, b4 = 0;
char d1 = 0, d2 = 0, d3 = 0, d4 = 0;
int i = 0;
int encodedIndex = 0;
int dataIndex = 0;
decodedData = new byte[(numberQuadruple) * 3];
for (; i < numberQuadruple - 1; i++) {
if (!isData((d1 = base64Data[dataIndex++])) || !isData((d2 = base64Data[dataIndex++]))
|| !isData((d3 = base64Data[dataIndex++]))
|| !isData((d4 = base64Data[dataIndex++]))) {
return null;
}//if found "no data" just return null
b1 = base64Alphabet[d1];
b2 = base64Alphabet[d2];
b3 = base64Alphabet[d3];
b4 = base64Alphabet[d4];
decodedData[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
decodedData[encodedIndex++] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
decodedData[encodedIndex++] = (byte) (b3 << 6 | b4);
}
if (!isData((d1 = base64Data[dataIndex++])) || !isData((d2 = base64Data[dataIndex++]))) {
return null;//if found "no data" just return null
}
b1 = base64Alphabet[d1];
b2 = base64Alphabet[d2];
d3 = base64Data[dataIndex++];
d4 = base64Data[dataIndex++];
if (!isData((d3)) || !isData((d4))) {//Check if they are PAD characters
if (isPad(d3) && isPad(d4)) {
if ((b2 & 0xf) != 0)//last 4 bits should be zero
{
return null;
}
byte[] tmp = new byte[i * 3 + 1];
System.arraycopy(decodedData, 0, tmp, 0, i * 3);
tmp[encodedIndex] = (byte) (b1 << 2 | b2 >> 4);
return tmp;
} else if (!isPad(d3) && isPad(d4)) {
b3 = base64Alphabet[d3];
if ((b3 & 0x3) != 0)//last 2 bits should be zero
{
return null;
}
byte[] tmp = new byte[i * 3 + 2];
System.arraycopy(decodedData, 0, tmp, 0, i * 3);
tmp[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
tmp[encodedIndex] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
return tmp;
} else {
return null;
}
} else { //No PAD e.g 3cQl
b3 = base64Alphabet[d3];
b4 = base64Alphabet[d4];
decodedData[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
decodedData[encodedIndex++] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
decodedData[encodedIndex++] = (byte) (b3 << 6 | b4);
}
return decodedData;
}
/**
* remove WhiteSpace from MIME containing encoded Base64 data.
*
* @param data the byte array of base64 data (with WS)
* @return the new length
*/
private static int removeWhiteSpace(char[] data) {
if (data == null) {
return 0;
}
// count characters that's not whitespace
int newSize = 0;
int len = data.length;
for (int i = 0; i < len; i++) {
if (!isWhiteSpace(data[i])) {
data[newSize++] = data[i];
}
}
return newSize;
}
}
此致,我们就完成了上述API的五个步骤。测试截图如下:
@Test
public void test33() throws Exception{
String encBankAcctNo = "62122620100xxxxxxxxx"; //加密的银行账号
String encBankAcctName = "小郑"; //加密的银行账户名
//注意 这里的 pksc8_public.pem 是上一步获取微信支付公钥后经openssl 转化成PKCS8格式的公钥
String keyfile = "H:/book/company/pksc8_public.pem"; //读取PKCS8密钥文件
PublicKey pub=RSAUtil.getPubKey(keyfile,"RSA");
String rsa ="RSA/ECB/OAEPWITHSHA-1ANDMGF1PADDING";
byte[] estr=RSAUtil.encrypt(encBankAcctNo.getBytes(),pub,2048, 11,rsa); //对银行账号进行加密
encBankAcctNo =Base64.encode(estr);//并转为base64格式
System.out.println(encBankAcctNo);
}
至此、我们就已经完成了“RSA公钥API”五个步骤的开发,生成的字符串是为了“企业付款到银行卡”而铺垫的,作为参数。有兴趣的可以看我的另一篇文章“企业付款到银行卡”,手把手教你企业付款到银行卡。至于源码文件的话,如果方便整理出来的话,我会分享给各位,不方便的话,就算了。希望对大家有帮助!!!后续有空的话,会写篇介绍RSA加密,DEC加密、不懂加密的小白暂时copy上述的工具类呗