密钥验证的流程如下:
假如我们需要做一个服务,让用户通过密钥验证的方式来访问服务内容。客户端通过调用服务端程序生成密钥并返回客户端,并再次传入验证密钥到服务段进行密钥验证。客户端这边通过用户名密码和密钥申请时间等字段共同生成密钥,密钥相关代码如下:
import org.apache.commons.codec.binary.Hex; import org.apache.commons.io.IOUtils; import java.io.*; import java.security.*; import java.security.spec.InvalidKeySpecException; import java.security.spec.KeySpec; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import java.util.Base64; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; import java.util.regex.Pattern;
public class RSAUtils { private static final String SIGN_ALGORITHMS = "SHA256withRSA"; private static final String OLD_SIGN_ALGORITHMS = "SHA1withRSA"; private static final Map<String, PrivateKey> PRIVATEKEY_CACHE = new ConcurrentHashMap<>(); private static final Map<String, PublicKey> PUBLICKEY_CACHE = new ConcurrentHashMap<>(); private static InputStream getResourceAsStream(String resource) throws IOException { InputStream in = null; ClassLoader loader = RSAUtils.class.getClassLoader(); if (loader != null) { in = loader.getResourceAsStream(resource); } if (in == null) { in = ClassLoader.getSystemResourceAsStream(resource); } if (in == null) { throw new IOException("请将密钥文件" + resource + "放到工程classpath目录!"); } return in; } public static PrivateKey getPrivateKey(String key) { if (PRIVATEKEY_CACHE.containsKey(key)) { return PRIVATEKEY_CACHE.get(key); } PrivateKey privateKey = null; try { InputStream in = getResourceAsStream(key); if (in == null) { return null; } byte[] keyBytes = IOUtils.toByteArray(in);