1有问题的加我QQ(1051521493)
首先是 签名验证:
在网上搜索一个 sha 算法,放到自己的项目中,我的是放到一个AESUtil.java这个解密方法类中了,后面会有说到。
//sha1 签名认证
public static String getSha1(String str){
if(str==null||str.length()==0){
return null;
}
char hexDigits[] = {‘0’,’1’,’2’,’3’,’4’,’5’,’6’,’7’,’8’,’9’,
‘a’,’b’,’c’,’d’,’e’,’f’};
try {
MessageDigest mdTemp = MessageDigest.getInstance(“SHA1”);
mdTemp.update(str.getBytes(“UTF-8”));
byte[] md = mdTemp.digest();
int j = md.length;
char buf[] = new char[j*2];
int k = 0;
for (int i = 0; i < j; i++) {
byte byte0 = md[i];
buf[k++] = hexDigits[byte0 >>> 4 & 0xf];
buf[k++] = hexDigits[byte0 & 0xf];
}
return new String(buf);
} catch (Exception e) {
// TODO: handle exception
return null;
}
}
验证签名:首先接收到 signature rawData session_key,调用这个上面的方法就行了signature1 和signature比较,签名认证完成。
String signature = request.getParameter(“signature”);
String rawData = request.getParameter(“rawData”);
String session_key = request.getParameter(“session_key”);
String sha1=rawData+session_key;
String signature1 = AESUtil.getSha1(sha1);
//进行签名认证
if(signature.equals(signature1)){
System.out.println("签名认证成功");
}
下面是解密:
调用一个类直接复制 类名为 AESUtil
需要注意的是:
import org.bouncycastle.jce.provider.BouncyCastleProvider;
放到项目中会报红:需要下载 jar 在lib 加入了一个org.bouncycastle 的jar ,网上自己下放进去就行了。
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.security.*;
/**
*
Title:AES解密类
*
Description: 在lib 加入了一个org.bouncycastle 的jar
*@author shaoyangzhang
*@data 2017年3月15日
*/
public class AESUtil {
public static final AESUtil instance = new AESUtil();
public static boolean initialized = false;
/**
* AES解密
* @param content 密文
* @return
* @throws InvalidAlgorithmParameterException
* @throws NoSuchProviderException
*/
public byte[] decrypt(byte[] content, byte[] keyByte, byte[] ivByte) throws InvalidAlgorithmParameterException {
initialize();
try {
Cipher cipher = Cipher.getInstance(“AES/CBC/PKCS7Padding”);
Key sKeySpec = new SecretKeySpec(keyByte, “AES”);
cipher.init(Cipher.DECRYPT_MODE, sKeySpec, generateIV(ivByte));// 初始化
byte[] result = cipher.doFinal(content);
return result;
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
} catch (NoSuchProviderException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return null;
}
public static void initialize(){
if (initialized) return;
Security.addProvider(new BouncyCastleProvider());
initialized = true;
}
//生成iv
public static AlgorithmParameters generateIV(byte[] iv) throws Exception{
AlgorithmParameters params = AlgorithmParameters.getInstance(“AES”);
params.init(new IvParameterSpec(iv));
return params;
}
//sha1 签名认证
public static String getSha1(String str){
if(str==null||str.length()==0){
return null;
}
char hexDigits[] = {‘0’,’1’,’2’,’3’,’4’,’5’,’6’,’7’,’8’,’9’,
‘a’,’b’,’c’,’d’,’e’,’f’};
try {
MessageDigest mdTemp = MessageDigest.getInstance(“SHA1”);
mdTemp.update(str.getBytes(“UTF-8”));
byte[] md = mdTemp.digest();
int j = md.length;
char buf[] = new char[j*2];
int k = 0;
for (int i = 0; i < j; i++) {
byte byte0 = md[i];
buf[k++] = hexDigits[byte0 >>> 4 & 0xf];
buf[k++] = hexDigits[byte0 & 0xf];
}
return new String(buf);
} catch (Exception e) {
// TODO: handle exception
return null;
}
}
}
下面是对上面的类的调用:
需要说明的是 session_key 我们目前没有做缓存,我直接传到前台了,存到前台缓存了,等有了缓存redis 再放到里面,直接拿出来,现在是通过前台得到的。
public void decodeUserInfo(HttpServletRequest request) {
String encryptedData = request.getParameter("encryptedData");
String iv = request.getParameter("iv");
String sessionId = request.getParameter("rd_session");
String signature = request.getParameter("signature");
String rawData = request.getParameter("rawData");
String session_key = request.getParameter("session_key");
String sha1=rawData+session_key;
String signature1 = AESUtil.getSha1(sha1);
//进行签名认证
if(signature.equals(signature1)){
System.out.println("签名认证成功");
}else{
return;
}
try {
byte[] resultByte = AESUtil.instance.decrypt(Base64.decodeBase64(encryptedData), Base64.decodeBase64(session_key), Base64.decodeBase64(iv));
if(null != resultByte && resultByte.length > 0){
String userInfo = new String(resultByte, "UTF-8");
JSONObject json = JSONObject.fromObject(userInfo); //将字符串{“id”:1}
System.out.println(json);
}
} catch (InvalidAlgorithmParameterException e) {
e.printStackTrace();
} catch(UnsupportedEncodingException e){
e.printStackTrace();
}
}