加密算法
算法技术知识
RSA创建私钥和公钥
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
generator.initialize(512, new SecureRandom());
KeyPair keyPair = generator.generateKeyPair();
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
byte[] encoded = publicKey.getEncoded();
String publicKeyString = new String(Base64.encodeBase64(publicKey.getEncoded()));
String privateKeyString = new String(Base64.encodeBase64((privateKey.getEncoded())));
xml的加签
<?xml version="1.0" encoding="UTF-8"?>
<ceb:CEB621Message guid="4CDE1CFD-EDED-46B1-946C-B8022E42FC94" version="1.0" xmlns:ceb="http://www.chinaport.gov.cn/ceb" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<ceb:Inventory>
<ceb:InventoryHead>
<ceb:guid>4CDE1CFD-EDED-46B1-946C-B8022E42FC94</ceb:guid>
<ceb:appType>1</ceb:appType>
<ceb:appTime>20160315153555</ceb:appTime>
<ceb:unit1>007</ceb:unit1>
<ceb:qty2>300</ceb:qty2>
<ceb:unit2>035</ceb:unit2>
<ceb:price>20</ceb:price>
<ceb:totalPrice>20</ceb:totalPrice>
<ceb:note></ceb:note>
</ceb:InventoryList>
</ceb:Inventory>>
<ceb:BaseTransfer>
<ceb:copCode>1101180326</ceb:copCode>
<ceb:copName>物流企业</ceb:copName>
<ceb:dxpMode>DXP</ceb:dxpMode>
<ceb:dxpId>DXPLGS0000000001</ceb:dxpId>
<ceb:note></ceb:note>
</ceb:BaseTransfer>
</ceb:CEB621Message>
public String sign(String xml) throws Exception {
// xml加签工厂创建实例
XMLSignatureFactory fac = XMLSignatureFactory.getInstance();
// 对原文内容使用什么样的摘要算法 这里使用的是 SHA1
Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA1, null),
Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)),
null, null);
// 对SignedInfo 使用什么样的摘要和加签算法
SignedInfo si = fac.newSignedInfo(
fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null),
fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null),
Collections.singletonList(ref));
// 生成一个RSA秘钥对
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
kpg.initialize(1024);
KeyPair kp = kpg.generateKeyPair();
KeyInfoFactory keyInfoFac = fac.getKeyInfoFactory();
KeyName keyName = keyInfoFac.newKeyName("123456789");
List<XMLStructure> contet = new ArrayList<XMLStructure>();
contet.add(keyName);
X509Data x509Data = keyInfoFac.newX509Data(Collections.singletonList(kp.getPublic().getEncoded()));
contet.add(x509Data);
KeyInfo keyInfo = keyInfoFac.newKeyInfo(contet);
// 将原始内容的xml转化为document
Document doc = XmlConverter.toDocument(xml);
// 通过 RSA的私钥和 xml的document 生成加密好的Signture
DOMSignContext dsc = new DOMSignContext(kp.getPrivate(), doc.getDocumentElement());
// 为Signture添加名称空间前缀
dsc.putNamespacePrefix("http://www.w3.org/2000/09/xmldsig#", "ds");
// 传入原文要使用的摘要规则 和 秘钥信息(公钥 和 证书编号)
XMLSignature xmlSignature = fac.newXMLSignature(si, keyInfo);
// 传入 Signture的配置信息,加签
xmlSignature.sign(dsc);
// 将加签好的数据 转换为String 返回
String signXml = XmlConverter.toXml(doc);
return signXml;
}
返回结果
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<ceb:CEB621Message xmlns:ceb="http://www.chinaport.gov.cn/ceb" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
guid="4CDE1CFD-EDED-46B1-946C-B8022E42FC94" version="1.0">
<ceb:Inventory>
<ceb:InventoryHead>
<ceb:guid>4CDE1CFD-EDED-46B1-946C-B8022E42FC94</ceb:guid>
<ceb:appType>1</ceb:appType>
<ceb:appTime>20160315153555</ceb:appTime>
<ceb:appStatus>2</ceb:appStatus>
<ceb:orderNo>order2016030811340001</ceb:orderNo>
<ceb:ebpCode>1101110325</ceb:ebpCode>
<ceb:ebpName>测试企业</ceb:ebpName>
<ceb:ebcCode>1101110325</ceb:ebcCode>
<ceb:ebcName>测试企业</ceb:ebcName>
<ceb:logisticsNo>L201603081138007</ceb:logisticsNo>
<ceb:logisticsCode>1101180326</ceb:logisticsCode>
<ceb:logisticsName>测试物流企业</ceb:logisticsName>
<ceb:copNo>NBBH20160308005</ceb:copNo>
<ceb:preNo/>
<ceb:assureCode>ass201603081155</ceb:assureCode>
<ceb:emsNo>S1501I000164</ceb:emsNo>
<ceb:invtNo/>
<ceb:ieFlag>I</ceb:ieFlag>
<ceb:declTime>20160308</ceb:declTime>
<ceb:customsCode>3700</ceb:customsCode>
<ceb:portCode>3700</ceb:portCode>
<ceb:ieDate>20160308</ceb:ieDate>
<ceb:buyerIdType>1</ceb:buyerIdType>
<ceb:buyerIdNumber>130681136250023332</ceb:buyerIdNumber>
<ceb:buyerName>李小宝</ceb:buyerName>
<ceb:buyerTelephone>13256253633</ceb:buyerTelephone>
<ceb:consigneeAddress>北京市海淀区中关村软件园</ceb:consigneeAddress>
<ceb:agentCode>1105910159</ceb:agentCode>
<ceb:agentName>测试企业</ceb:agentName>
<ceb:areaCode>110108130000000007</ceb:areaCode>
<ceb:areaName>北京市海淀区中关村软件园</ceb:areaName>
<ceb:tradeMode>9610</ceb:tradeMode>
<ceb:trafMode>0</ceb:trafMode>
<ceb:trafNo>MH730</ceb:trafNo>
<ceb:voyageNo>BJ20160308</ceb:voyageNo>
<ceb:billNo>B00024204007</ceb:billNo>
<ceb:loctNo/>
<ceb:licenseNo>L20160315001</ceb:licenseNo>
<ceb:country>116</ceb:country>
<ceb:freight>500</ceb:freight>
<ceb:insuredFee>200</ceb:insuredFee>
<ceb:currency>142</ceb:currency>
<ceb:wrapType>1</ceb:wrapType>
<ceb:packNo>6000</ceb:packNo>
<ceb:grossWeight>4000</ceb:grossWeight>
<ceb:netWeight>3500</ceb:netWeight>
<ceb:note/>
</ceb:InventoryHead>
<ceb:InventoryList>
<ceb:gnum>1</ceb:gnum>
<ceb:itemRecordNo>1210</ceb:itemRecordNo>
<ceb:itemNo>AF001-001</ceb:itemNo>
<ceb:itemName>小米盒子</ceb:itemName>
<ceb:gcode>8541401000</ceb:gcode>
<ceb:gname>小米盒子</ceb:gname>
<ceb:gmodel>44mm</ceb:gmodel>
<ceb:barCode>2345123</ceb:barCode>
<ceb:country>116</ceb:country>
<ceb:tradeCountry>116</ceb:tradeCountry>
<ceb:currency>142</ceb:currency>
<ceb:qty>100</ceb:qty>
<ceb:unit>007</ceb:unit>
<ceb:qty1>200</ceb:qty1>
<ceb:unit1>007</ceb:unit1>
<ceb:qty2>300</ceb:qty2>
<ceb:unit2>035</ceb:unit2>
<ceb:price>20</ceb:price>
<ceb:totalPrice>20</ceb:totalPrice>
<ceb:note/>
</ceb:InventoryList>
</ceb:Inventory>>
<ceb:BaseTransfer>
<ceb:copCode>1101180326</ceb:copCode>
<ceb:copName>物流企业</ceb:copName>
<ceb:dxpMode>DXP</ceb:dxpMode>
<ceb:dxpId>DXPLGS0000000001</ceb:dxpId>
<ceb:note/>
</ceb:BaseTransfer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>JM9NbwMoTTWZ8/QC56BryNn5X+0=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
NupzaAERa81RC0Nz2hJcbUfQdRa28fNeG2/Ok8uP7PvMwcwMjVUbhiQf5hLqF8HSxrZ9Yxa9PR3q
L9lgzVajevIsotw7GX56GSoHxM0JfYBBFxArC4m5szlQp1TMG7AZ2EtH8E9gYILlFrXo/kBpZCNt
pJJ1pNIYqXMAIIhQ3og=
</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyName>123456789</ds:KeyName>
<ds:X509Data>
<ds:X509SKI>MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCHf/ngKTLBvNlCev+AfJyeh3Smn7Qwe2TMtgku
t/3VLtb0WKfJLuhTyin/A92/P0lV2+qI7rkUKabuPX7hnvaWKtjnPNWdj+VRhcKl3sQlRPTFhe5b
5aWY8vAYc5yd8piYeVAGDBevm5dCfa/5+rnWIbferfpg5f8st/SycjNCsQIDAQAB
</ds:X509SKI>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
</ceb:CEB621Message>