我们在做技术接口时,尤其对外提供时,为了提高服务接口的安全(防爆破,防重放,防篡改等)一般会采用接口验证的方式,但是在验证的时候为了提升参数请求前后的安全,我们会采用加密。普通加密基本都是对称的,不能逆向。

下面,我介绍一种RSA的算法,通过这个加密算法实现接口请求前后的数字签名验证。具体实现流程为:java非对称加密算法(java代码大全及详解)(1)

接口数字签名验证的而基本流程

下面我将RSA的签名算法代码分享下,下载即用:

public class RSAEncrypt {    private static Map<Integer, String> keyMap = new HashMap<Integer, String>();  //用于封装随机产生的公钥与私钥    private static String pirvateKey="MIIBUwIBADANBgkqhkiG9w0BAQEFAASCAT0wggE5AgEAAkEAgS8Vf8eKVf9YoqoyhFy4hHgYpNkSkrrmkJrfrKeZHfZWFx2cCoon74QZ3qw15VV9jMD5DWaPdMVAVx5HckNURwIDAQABAkBpS6Fwd4pwMiNi4usuLA1SHDmqFC0pYCISd8odBratTjRv6w9OH+A/CIKDir4DZ0PsS9qh0mxb0bthRQ9vS0wBAiEAx+y2VcrbnOZNQSWUONZcVKIHazkrAWXOBR8mQfJnOUcCIQClavCvg0SesKWv65vs2ZR0quQnaFdcCMh7B4GM2DCNAQIgAsXgvY3jv+hd1/J6fNNUUoQw0Cbp1sofsmh9Mlr3XY8CIFEyGex9Cay/VsTwaLws3PMbgxxY2jDB2u6Q86VX5RUBAiBhoiUOYrxrS77ifDFm1KYFHRPyZNStYJhcVu4U5kwwIA==";    private static String publicKey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAIEvFX/HilX/WKKqMoRcuIR4GKTZEpK65pCa36ynmR32VhcdnAqKJ++EGd6sNeVVfYzA+Q1mj3TFQFceR3JDVEcCAwEAAQ==";    private static String ssb="fSAUUCYm3FI3EYJWZRPXnI1dbwcLT3bFUqL5Wsdv24QtLmYmrN2i5WRKQgGxMTewRJ78Obf1Zke9rTpE+23zzw==";    public static void main(String[] args) throws Exception {        //生成公钥和私钥        //genKeyPair();        //String randomStr= RandomStrUtil.getRandom(24, RandomStrUtil.TYPE.LETTER_CAPITAL_NUMBER);        String uuid=UUIDUtil.getUUID();        String hashCode=String.valueOf(uuid.hashCode());        System.out.println("hashcode="+hashCode);        long time=System.currentTimeMillis();        //System.out.println("随机hash"+hashCode);        //加密字符串        String message = time+"@=@"+uuid;        //System.out.println("随机生成的公钥为:" + publicKey);        //System.out.println("随机生成的私钥为:" + pirvateKey);        String messageEn = encrypt(message,publicKey);        System.out.println("加密后的字符串为:" + messageEn);        String messageDe = decrypt(messageEn,pirvateKey);        System.out.println("源文数据="+message);        System.out.println("解密数据=" + messageDe);        String bs=messageDe.split("@=@")[1];        System.out.println(bs);    }    /**     * 随机生成密钥对     * @throws NoSuchAlgorithmException     */    public static void genKeyPair() throws NoSuchAlgorithmException {        // KeyPairGenerator类用于生成公钥和私钥对,基于RSA算法生成对象        KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA");        // 初始化密钥对生成器,密钥大小为96-1024位        keyPairGen.initialize(1024,new SecureRandom());        // 生成一个密钥对,保存在keyPair中        KeyPair keyPair = keyPairGen.generateKeyPair();        // 得到私钥        RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();        // 得到公钥        RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();        String publicKeyString = new String(Base64.encodeBase64(publicKey.getEncoded()));        System.out.println("公钥="+publicKeyString);        // 得到私钥字符串        String privateKeyString = new String(Base64.encodeBase64((privateKey.getEncoded())));        System.out.println("私钥="+privateKeyString);        // 将公钥和私钥保存到Map        //0表示公钥        keyMap.put(0,publicKeyString);        //1表示私钥        keyMap.put(1,privateKeyString);    }    /**     * RSA公钥加密     *     * @param str     *            加密字符串     * @param publicKey     *            公钥     * @return 密文     * @throws Exception     *             加密过程中的异常信息     */    public static String encrypt( String str, String publicKey ) throws Exception{        //base64编码的公钥        byte[] decoded = Base64.decodeBase64(publicKey);        RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(decoded));        //RSA加密        Cipher cipher = Cipher.getInstance("RSA");        cipher.init(Cipher.ENCRYPT_MODE, pubKey);        String outStr = Base64.encodeBase64String(cipher.doFinal(str.getBytes("UTF-8")));        return outStr;    }    /**     * RSA私钥解密     *     * @param str     *            加密字符串     * @param privateKey     *            私钥     * @return 铭文     * @throws Exception     *             解密过程中的异常信息     */    public static String decrypt(String str, String privateKey) throws Exception{        //64位解码加密后的字符串        byte[] inputByte = Base64.decodeBase64(str.getBytes("UTF-8"));        //base64编码的私钥        byte[] decoded = Base64.decodeBase64(privateKey);        RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decoded));        //RSA解密        Cipher cipher = Cipher.getInstance("RSA");        cipher.init(Cipher.DECRYPT_MODE, priKey);        String outStr = new String(cipher.doFinal(inputByte));        return outStr;    }}