Rsa加密验证数据有效性

复制代码
import com.alibaba.fastjson.*;
import java.text.*;
import java.util.*;
import org.apache.commons.codec.binary.Base64;
import java.security.spec.*;
import java.security.*;

public class RSA_Test
{
    static String ak;
    static String sk;
    static String pk;

//    @Override
    public static JSONObject transform(final JSONObject json) {
//
        try {
            final JSONArray dataArray = new JSONArray();
            dataArray.add(json);
            final Double random = Math.random() * 10000.0;
            final String date = new SimpleDateFormat("yyyy-MM-dd hh:mm:ss").format(new Date());
            final String sign = sign(XML2JSON_MD5.sk, XML2JSON_MD5.ak, XML2JSON_MD5.pk, random.intValue(), date, dataArray.toString());
            final JSONObject requestData = new JSONObject();
            requestData.put("ak", XML2JSON_MD5.ak);
            requestData.put("pk", XML2JSON_MD5.pk);
            requestData.put("number", random.intValue());
            requestData.put("date", date);
            requestData.put("sign", sign);
            requestData.put("dataContent", dataArray.toString());
            requestData.put("token", "admin");
            return requestData;
        }
        catch (Exception e) {
        }
        finally {
        }
        return null;
    }

    public static String sign(final String privateKey, final String publicKey, final String pk, final int number, final String date, final String... otherParam) {
        final String signSrc = orgSignSrc(publicKey, pk, number, date, otherParam);
        final byte[] privateByte = Base64.decodeBase64(privateKey);
        final PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(privateByte);
        try {
            final KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            final PrivateKey privateK = keyFactory.generatePrivate(pkcs8KeySpec);
            final Signature signature = Signature.getInstance("MD5withRSA");
            signature.initSign(privateK);
            signature.update(signSrc.getBytes());
            return Base64.encodeBase64String(signature.sign());
        }
        catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    private static String orgSignSrc(final String publicKey, final String pk, final int number, final String date, final String[] otherParam) {
        final StringBuffer src = new StringBuffer();
        src.append("AK=" + publicKey + "&");
        src.append("PK=" + pk + "&");
        src.append("Number=" + number + "&");
        src.append("Date=" + date + "&");
        src.append("Data=");
        for (final String param : otherParam) {
            src.append(param);
        }
        return src.toString();
    }

    static {
        XML2JSON_MD5.ak = "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJPaQpqEIbIF9QSscMJooquZeXAfcCzikzvBLNK6XTStAIlbcN3+FtVlRn+n/5Wxnfxw6vEyLYPT8Cyzi9DiF+ECAwEAAQ==";
        XML2JSON_MD5.sk = "MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEAk9pCmoQhsgX1BKxwwmiiq5l5cB9wLOKTO8Es0rpdNK0AiVtw3f4W1WVGf6f/lbGd/HDq8TItg9PwLLOL0OIX4QIDAQABAkBLvAdV4sznxclmJXZ0/ugkgi8EUfZB56WHfEIbhz7rFdF5COc/nOHEP6ZzZEfRuKcHddZ8kumIHXd2lrq9wUABAiEA4wgq50sqFClc55v9YP93f24p2kULo0O+vdjydAraPwECIQCmt8HiUb+EUXUMjXk1vxz/hIZvt860YgpuneQxMci44QIhAIQ4hYQe6mrDjC/3USHkppu4dPeBrr1u/u9iIhIjH+gBAiEAkht63HgeKr0konKd5n9tz3T6SJBCpA1D7TuMj5x8t6ECIDEYoLFUgtFE8ukr4CWgg3+iy8u9FfD8D3qZV9djS5LQ";
        XML2JSON_MD5.pk = "e197098e84cb49b19e9e5fa6f6afa35f";
    }


    public static boolean verify(String sign, String publicKey, String pk,
                                 int number, String date, String... otherParam) {
        // 签名原文
        String signSrc = orgSignSrc(publicKey, pk, number, date, otherParam);
        byte[] keyBytes = Base64.decodeBase64(publicKey);
        X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
        try {
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            PublicKey publicK = keyFactory.generatePublic(keySpec);
            Signature signature = Signature.getInstance("MD5withRSA");
            signature.initVerify(publicK);
            signature.update(signSrc.getBytes());
            return signature.verify(Base64.decodeBase64(sign));
        } catch (Exception e) {
            e.printStackTrace();
        }
        return false;
    }

    public static boolean verify(JSONObject postJson) {
        String ak = getValue(postJson,"ak","");
        String pk = getValue(postJson, "pk", "");
        String sign = getValue(postJson, "sign",
                "");
        String date = getValue(postJson, "date",
                "");
        int number = Integer.valueOf(getValue(postJson,
                "number", null).toString());
        String data = getValue(postJson,
                "dataContent", "");

        return verify(sign, ak, pk, number, date, data);
    }

    public static <T> T getValue(JSONObject jobj, String propertyName, T defaultValue) {
        if (jobj == null || !jobj.containsKey(propertyName)) {
            return defaultValue;
        }

        Object o = jobj.get(propertyName);
        if (o == null) {
            return defaultValue;
        }
        return (T) o;

    }

    public static void main(String[] args) {
        String content="";
        content="{\"currencyType\":\"RMB\",\"exchangerate\":\"1.00 \",\"channel\":\"9999009A012\",\"remark\":\"0\",\"billDate\":\"20190619\",\"tax\":\"0.00 \",\"baseCurrency\":\"RMB\",\"wareHouse\":\"SHACWH\",\"taxStandardMoney\":\"0.00 \",\"amountStandardMoney\":\"0.00 \",\"vbeln\":\"8002400031\",\"totalTaxPrice\":\"0.00 \",\"whareaType\":\"SL001\",\"details\":[{\"owner\":\"999902A012\",\"taxRate\":\"0.00 \",\"singleProduct\":\"95737703-22XLCN\",\"amount\":\"0.000 \",\"quantity\":\"12\",\"taxStandardMoney\":\"0.00 \",\"amountStandardMoney\":\"0.00 \",\"price\":\"0.00 \",\"totalTaxPrice\":\"0.00 \",\"tax\":\"0.00 \",\"totalTaxPriceStandardMoney\":\"0.00 \"},{\"owner\":\"999902A012\",\"taxRate\":\"0.00 \",\"singleProduct\":\"95737703-2LCN\",\"amount\":\"0.000 \",\"quantity\":\"2\",\"taxStandardMoney\":\"0.00 \",\"amountStandardMoney\":\"0.00 \",\"price\":\"0.00 \",\"totalTaxPrice\":\"0.00 \",\"tax\":\"0.00 \",\"totalTaxPriceStandardMoney\":\"0.00 \"},{\"owner\":\"999902A012\",\"taxRate\":\"0.00 \",\"singleProduct\":\"95737703-2MCN\",\"amount\":\"0.000 \",\"quantity\":\"11\",\"taxStandardMoney\":\"0.00 \",\"amountStandardMoney\":\"0.00 \",\"price\":\"0.00 \",\"totalTaxPrice\":\"0.00 \",\"tax\":\"0.00 \",\"totalTaxPriceStandardMoney\":\"0.00 \"},{\"owner\":\"999902A012\",\"taxRate\":\"0.00 \",\"singleProduct\":\"95737703-2XLCN\",\"amount\":\"0.000 \",\"quantity\":\"21\",\"taxStandardMoney\":\"0.00 \",\"amountStandardMoney\":\"0.00 \",\"price\":\"0.00 \",\"totalTaxPrice\":\"0.00 \",\"tax\":\"0.00 \",\"totalTaxPriceStandardMoney\":\"0.00 \"}],\"totalTaxPriceStandardMoney\":\"0.00 \",\"businessType\":\"QTRK\",\"bsType\":\"101\"}";
        JSONObject json=JSON.parseObject(content);
        String str=transform(json).toString();
        System.out.println(str);
        boolean result=verify(JSON.parseObject(str));
        System.out.println(result);
    }
}
复制代码

通过rsa加密,可以检验数据的完整性,中途没被别人篡改。后台可以只接受合法的请求数据。

posted @   Gyoung  阅读(793)  评论(0编辑  收藏  举报
努力加载评论中...
点击右上角即可分享
微信分享提示
AI IDE Trae