-
Notifications
You must be signed in to change notification settings - Fork 230
Expand file tree
/
Copy pathEncryUtil.java
More file actions
105 lines (90 loc) · 2.83 KB
/
EncryUtil.java
File metadata and controls
105 lines (90 loc) · 2.83 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
package com.wustrive.aesrsa.util;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.TypeReference;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import java.util.Iterator;
import java.util.Map.Entry;
import java.util.TreeMap;
public class EncryUtil {
private static final Logger log = Logger.getLogger(EncryUtil.class);
/**
* 生成RSA签名
*/
public static String handleRSA(TreeMap<String, Object> map,
String privateKey) {
StringBuffer sbuffer = new StringBuffer();
for (Entry<String, Object> entry : map.entrySet()) {
sbuffer.append(entry.getValue());
}
String signTemp = sbuffer.toString();
String sign = "";
if (StringUtils.isNotEmpty(privateKey)) {
sign = RSA.sign(signTemp, privateKey);
}
return sign;
}
/**
* 返回的结果进行验签
*
* @param data
* 业务数据密文
* @param encrypt_key
* 对ybAesKey加密后的密文
* @param clientPublicKey
* 客户端公钥
* @param serverPrivateKey
* 服务器私钥
* @return 验签是否通过
* @throws Exception
*/
public static boolean checkDecryptAndSign(String data, String encrypt_key,
String clientPublicKey, String serverPrivateKey) throws Exception {
/** 1.使用serverPrivateKey解开aesEncrypt。 */
String AESKey = "";
try {
AESKey = RSA.decrypt(encrypt_key, serverPrivateKey);
} catch (Exception e) {
e.printStackTrace();
/** AES密钥解密失败 */
log.error(e.getMessage(), e);
return false;
}
/** 2.用aeskey解开data。取得data明文 */
String realData = ConvertUtils.hexStringToString(AES.decryptFromBase64(data, AESKey));
TreeMap<String, String> map = JSON.parseObject(realData,
new TypeReference<TreeMap<String, String>>() {});
/** 3.取得data明文sign。 */
String sign = StringUtils.trimToEmpty(map.get("sign"));
/** 4.对map中的值进行验证 */
StringBuffer signData = new StringBuffer();
Iterator<Entry<String, String>> iter = map.entrySet().iterator();
while (iter.hasNext()) {
Entry<String, String> entry = iter.next();
/** 把sign参数隔过去 */
if (StringUtils.equals((String) entry.getKey(), "sign")) {
continue;
}
signData.append(entry.getValue() == null ? "" : entry.getValue());
}
/** 5. result为true时表明验签通过 */
boolean result = RSA.checkSign(signData.toString(), sign,
clientPublicKey);
return result;
}
/**
* 生成hmac
*/
public static String handleHmac(TreeMap<String, String> map, String hmacKey) {
StringBuffer sbuffer = new StringBuffer();
for (Entry<String, String> entry : map.entrySet()) {
sbuffer.append(entry.getValue());
}
String hmacTemp = sbuffer.toString();
String hmac = "";
if (StringUtils.isNotEmpty(hmacKey)) {
hmac = Digest.hmacSHASign(hmacTemp, hmacKey, Digest.ENCODE);
}
return hmac;
}
}