区块链 加密解密公共方法提供
This commit is contained in:
zhangqinbin
@ -40,8 +40,6 @@ public class FeignConfig implements RequestInterceptor {
|
||||
@Override
|
||||
public void apply(RequestTemplate template) {
|
||||
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
|
||||
|
||||
log.info("--------白名单-"+tokenWhiteList);
|
||||
log.info("--------请求url-"+template.url());
|
||||
if (Objects.nonNull(attributes)) {
|
||||
if (isNonExistsWhiteList(template.url())) {
|
||||
|
||||
@ -0,0 +1,235 @@
|
||||
package com.chinaunicom.mall.ebtp.common.crypto.service;
|
||||
|
||||
import com.alibaba.fastjson.JSON;
|
||||
import com.alibaba.fastjson.serializer.SerializerFeature;
|
||||
import com.chinaunicom.mall.ebtp.common.crypto.exception.InvalidArgumentException;
|
||||
import com.chinaunicom.mall.ebtp.common.crypto.security.CryptoPrimitives;
|
||||
import com.chinaunicom.mall.ebtp.common.crypto.tenderfee.BidTenderFeeBaseParam;
|
||||
import com.chinaunicom.mall.ebtp.common.crypto.tenderfee.test;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.bouncycastle.crypto.CryptoException;
|
||||
import org.bouncycastle.util.encoders.Base64;
|
||||
|
||||
import java.io.*;
|
||||
import java.net.URL;
|
||||
import java.security.PrivateKey;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
@Slf4j
|
||||
public class CrypServiceImpl {
|
||||
|
||||
private static final String SIGNING_ALGORITHM = "SHA256withECDSA";
|
||||
private static final String DATA_PATH = "C:\\Users\\user\\Downloads\\debian-edu-10.8.0-amd64-netinst.iso.torrent";
|
||||
|
||||
// 私钥文件路径 - 加密
|
||||
private static String PEM_PATH = "admin_certPrivate.pem";
|
||||
|
||||
// 证书文件路径 - 解密
|
||||
private static String CRT_PATH = "admin.crt";
|
||||
public static void main(String[] args) throws ClassNotFoundException, IllegalAccessException, InstantiationException, CryptoException, InvalidArgumentException, UnsupportedEncodingException {
|
||||
|
||||
URL pem = test.class.getClassLoader().getResource(PEM_PATH);
|
||||
URL crt = test.class.getClassLoader().getResource(CRT_PATH);
|
||||
|
||||
PEM_PATH = pem.getPath();
|
||||
CRT_PATH = crt.getPath();
|
||||
|
||||
// example of HashMap entity, treeMap can also work out,
|
||||
// but LinkedHashMap is NOT supported
|
||||
// Map<String,String> map = new HashMap<>(1);
|
||||
// map.put("SECTION_ID","L3307");
|
||||
// map.put("DOCUMENT_ID","8533");
|
||||
// map.put("CONTENT_FILE_HASH","12321123");
|
||||
// map.put("TP_ID","L3307A");
|
||||
//
|
||||
// String signature = signObject(map,PEM_PATH);
|
||||
// System.out.println("signature of Map: "+signature);
|
||||
// boolean isOk = verifyObject(signature,map,CRT_PATH);
|
||||
// System.out.println("verify result of Map: "+ isOk);
|
||||
|
||||
// example of bean entity
|
||||
|
||||
String pemVal = "-----BEGIN PRIVATE KEY-----\n" +
|
||||
"MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgjF+tq8oc1tNjot69\n" +
|
||||
"9OQgzr7Dqg1OkVo4PY4tKBL8+82hRANCAARKLIuOloTZe1B0J0k+CITZdsx8Gham\n" +
|
||||
"JTuxCRGLdCLpq6wHHGEqWn9VDkwk5eX6OYQxYuBRiPZp7gP/njpx5CkF\n" +
|
||||
"-----END PRIVATE KEY-----";
|
||||
|
||||
String crtVal = "-----BEGIN CERTIFICATE-----\n" +
|
||||
"MIICgzCCAimgAwIBAgIULDLuWrkCL3UaWO5u7yiu8UghEjEwCgYIKoZIzj0EAwIw\n" +
|
||||
"ZzELMAkGA1UEBhMCQ04xETAPBgNVBAgTCFNoYW5Eb25nMQ4wDAYDVQQHEwVKaU5h\n" +
|
||||
"bjEYMBYGA1UEChMPYWRtaW50MDgxMmFvcmczMRswGQYDVQQDExJjYS5hZG1pbnQw\n" +
|
||||
"ODEyYW9yZzMwHhcNMjEwODE3MDExODAwWhcNMjIwODE3MDEyMzAwWjAzMRwwDQYD\n" +
|
||||
"VQQLEwZjbGllbnQwCwYDVQQLEwRvcmczMRMwEQYDVQQDDAphZG1pbkBvcmczMFkw\n" +
|
||||
"EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAESiyLjpaE2XtQdCdJPgiE2XbMfBoWpiU7\n" +
|
||||
"sQkRi3Qi6ausBxxhKlp/VQ5MJOXl+jmEMWLgUYj2ae4D/546ceQpBaOB5jCB4zAO\n" +
|
||||
"BgNVHQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUcyAwVSk9V615\n" +
|
||||
"ryVrpykYwJbUs7UwKwYDVR0jBCQwIoAgOIS8Yvvj2hRg0V3+x659Mn60B09bt8Fl\n" +
|
||||
"eRcf79zjGRkwFAYDVR0RBA0wC4IJSlpaSEpTLTcyMGEGCCoDBAUGBwgBBFV7ImF0\n" +
|
||||
"dHJzIjp7ImhmLkFmZmlsaWF0aW9uIjoib3JnMyIsImhmLkVucm9sbG1lbnRJRCI6\n" +
|
||||
"ImFkbWluQG9yZzMiLCJoZi5UeXBlIjoiY2xpZW50In19MAoGCCqGSM49BAMCA0gA\n" +
|
||||
"MEUCIQCi/6V6gmt4k5MUSfym9RFGqPwmD1hyWmtWKj448PXALAIgQfHHiX+P2M6k\n" +
|
||||
"GqneZYuHHxazU37s5ZaFBPylOJJEO2Y=\n" +
|
||||
"-----END CERTIFICATE-----";
|
||||
|
||||
// 需正确设置bean的@JSONField,以确保解析到的字段名称与文档一致
|
||||
List<BidTenderFeeBaseParam> paramList = new ArrayList<>();
|
||||
BidTenderFeeBaseParam bean = new BidTenderFeeBaseParam();
|
||||
bean.setTenderId("8533");
|
||||
bean.setShoppingCartId("L3307");
|
||||
bean.setAmount("1000");
|
||||
bean.setTpId("L3307A");
|
||||
bean.setSectionId("1111");
|
||||
|
||||
paramList.add(bean);
|
||||
// 用于签名的Bean将被signObject转换为json(String,然后转换为byte[]),请确保该json只包含文档规定的业务字段,且“SGIN"不应包含其中
|
||||
String signatureOfBean = signObject2(paramList,pemVal);
|
||||
// 生成的签名现在可以追加到签名字段
|
||||
System.out.println("signature of Bean: "+signatureOfBean);
|
||||
boolean isOkBean = verifyValue(signatureOfBean,paramList,crtVal);
|
||||
System.out.println("verify result of Bean: "+ isOkBean);
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* 验证数据实体
|
||||
* @param signatureString Base64加密的密钥
|
||||
* @param entity 数据实体
|
||||
* @param crtKey 证书路径
|
||||
* @return
|
||||
*/
|
||||
public static boolean verifyValue(String signatureString, Object entity, String crtKey){
|
||||
return verifyValue(signatureString,JSON.toJSONBytes(entity,SerializerFeature.MapSortField,SerializerFeature.SortField),crtKey);
|
||||
}
|
||||
|
||||
/**
|
||||
* 验证二进制数据串
|
||||
* @param signatureString Base64加密的密钥
|
||||
* @param plainData 源数据
|
||||
* @param crtKey 证书路径
|
||||
* @return
|
||||
*/
|
||||
public static boolean verifyValue(String signatureString, byte[] plainData, String crtKey){
|
||||
byte[] signature = Base64.decode(signatureString);
|
||||
CryptoPrimitives cp = null;
|
||||
boolean result = false;
|
||||
try {
|
||||
cp = new CryptoPrimitives();
|
||||
cp.init();
|
||||
byte[] crtBytes = crtKey.getBytes();
|
||||
result = cp.verify(crtBytes, SIGNING_ALGORITHM, signature, plainData);
|
||||
} catch (ClassNotFoundException | IllegalAccessException | InstantiationException | InvalidArgumentException | com.chinaunicom.mall.ebtp.common.crypto.exception.CryptoException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
return result;
|
||||
}
|
||||
/**
|
||||
* 验证二进制数据串
|
||||
* @param signatureString Base64加密的密钥
|
||||
* @param plainData 源数据
|
||||
* @param crtPath 证书路径
|
||||
* @return
|
||||
*/
|
||||
public static boolean verifyBytes(String signatureString, byte[] plainData, String crtPath){
|
||||
byte[] signature = Base64.decode(signatureString);
|
||||
CryptoPrimitives cp = null;
|
||||
boolean result = false;
|
||||
try {
|
||||
cp = new CryptoPrimitives();
|
||||
cp.init();
|
||||
byte[] crtBytes = readAsBytes(crtPath);
|
||||
result = cp.verify(crtBytes, SIGNING_ALGORITHM, signature, plainData);
|
||||
} catch (ClassNotFoundException | IllegalAccessException | InstantiationException | InvalidArgumentException | com.chinaunicom.mall.ebtp.common.crypto.exception.CryptoException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* 验证数据实体
|
||||
* @param signatureString Base64加密的密钥
|
||||
* @param entity 数据实体
|
||||
* @return
|
||||
*/
|
||||
public static boolean verifyObject(String signatureString, Object entity){
|
||||
URL crt = test.class.getClassLoader().getResource(CRT_PATH);
|
||||
return verifyObject(signatureString,entity,crt.getPath());
|
||||
}
|
||||
/**
|
||||
* 验证数据实体
|
||||
* @param signatureString Base64加密的密钥
|
||||
* @param entity 数据实体
|
||||
* @param crtPath 证书路径
|
||||
* @return
|
||||
*/
|
||||
public static boolean verifyObject(String signatureString, Object entity, String crtPath){
|
||||
return verifyBytes(signatureString,JSON.toJSONBytes(entity,SerializerFeature.MapSortField,SerializerFeature.SortField),crtPath);
|
||||
}
|
||||
|
||||
/**
|
||||
* 生成签名
|
||||
* @param object 数据实体
|
||||
* @return Base64加密的密钥
|
||||
*/
|
||||
public static String signObject(Object object){
|
||||
URL pem = test.class.getClassLoader().getResource(PEM_PATH);
|
||||
return signObject(object,pem.getPath());
|
||||
}
|
||||
/**
|
||||
* 生成签名
|
||||
* @param object 数据实体
|
||||
* @param privateVal 密钥路径
|
||||
* @return Base64加密的密钥
|
||||
*/
|
||||
public static String signObject2(Object object, String privateVal){
|
||||
CryptoPrimitives cp = null;
|
||||
byte[] signature = null;
|
||||
try {
|
||||
cp = new CryptoPrimitives();
|
||||
cp.init();
|
||||
byte[] pemBytes = privateVal.getBytes();
|
||||
PrivateKey key = cp.bytesToPrivateKey(pemBytes);
|
||||
signature = cp.sign(key, JSON.toJSONBytes(object, SerializerFeature.MapSortField,SerializerFeature.SortField));
|
||||
} catch (ClassNotFoundException | IllegalAccessException | InstantiationException | InvalidArgumentException | com.chinaunicom.mall.ebtp.common.crypto.exception.CryptoException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
return signature==null?"":Base64.toBase64String(signature);
|
||||
}
|
||||
/**
|
||||
* 生成签名
|
||||
* @param object 数据实体
|
||||
* @param privatePath 密钥路径
|
||||
* @return Base64加密的密钥
|
||||
*/
|
||||
public static String signObject(Object object, String privatePath){
|
||||
CryptoPrimitives cp = null;
|
||||
byte[] signature = null;
|
||||
try {
|
||||
cp = new CryptoPrimitives();
|
||||
cp.init();
|
||||
byte[] pemBytes = readAsBytes(privatePath);
|
||||
PrivateKey key = cp.bytesToPrivateKey(pemBytes);
|
||||
signature = cp.sign(key, JSON.toJSONBytes(object, SerializerFeature.MapSortField,SerializerFeature.SortField));
|
||||
} catch (ClassNotFoundException | IllegalAccessException | InstantiationException | InvalidArgumentException | com.chinaunicom.mall.ebtp.common.crypto.exception.CryptoException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
return signature==null?"":Base64.toBase64String(signature);
|
||||
}
|
||||
|
||||
private static byte[] readAsBytes(String path) {
|
||||
File file = new File(path);
|
||||
byte[] result={};
|
||||
try(FileInputStream is = new FileInputStream(file);
|
||||
BufferedInputStream bis =new BufferedInputStream(is);)
|
||||
{
|
||||
result = IOUtils.toByteArray(bis);
|
||||
}catch (FileNotFoundException e){
|
||||
log.error(path+" not found");
|
||||
}catch (IOException e){
|
||||
log.error(e.toString());
|
||||
}
|
||||
return result;
|
||||
}
|
||||
}
|
||||
16
uboot-common/src/main/resources/admin.crt
Normal file
16
uboot-common/src/main/resources/admin.crt
Normal file
@ -0,0 +1,16 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIICgzCCAimgAwIBAgIULDLuWrkCL3UaWO5u7yiu8UghEjEwCgYIKoZIzj0EAwIw
|
||||
ZzELMAkGA1UEBhMCQ04xETAPBgNVBAgTCFNoYW5Eb25nMQ4wDAYDVQQHEwVKaU5h
|
||||
bjEYMBYGA1UEChMPYWRtaW50MDgxMmFvcmczMRswGQYDVQQDExJjYS5hZG1pbnQw
|
||||
ODEyYW9yZzMwHhcNMjEwODE3MDExODAwWhcNMjIwODE3MDEyMzAwWjAzMRwwDQYD
|
||||
VQQLEwZjbGllbnQwCwYDVQQLEwRvcmczMRMwEQYDVQQDDAphZG1pbkBvcmczMFkw
|
||||
EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAESiyLjpaE2XtQdCdJPgiE2XbMfBoWpiU7
|
||||
sQkRi3Qi6ausBxxhKlp/VQ5MJOXl+jmEMWLgUYj2ae4D/546ceQpBaOB5jCB4zAO
|
||||
BgNVHQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUcyAwVSk9V615
|
||||
ryVrpykYwJbUs7UwKwYDVR0jBCQwIoAgOIS8Yvvj2hRg0V3+x659Mn60B09bt8Fl
|
||||
eRcf79zjGRkwFAYDVR0RBA0wC4IJSlpaSEpTLTcyMGEGCCoDBAUGBwgBBFV7ImF0
|
||||
dHJzIjp7ImhmLkFmZmlsaWF0aW9uIjoib3JnMyIsImhmLkVucm9sbG1lbnRJRCI6
|
||||
ImFkbWluQG9yZzMiLCJoZi5UeXBlIjoiY2xpZW50In19MAoGCCqGSM49BAMCA0gA
|
||||
MEUCIQCi/6V6gmt4k5MUSfym9RFGqPwmD1hyWmtWKj448PXALAIgQfHHiX+P2M6k
|
||||
GqneZYuHHxazU37s5ZaFBPylOJJEO2Y=
|
||||
-----END CERTIFICATE-----
|
||||
5
uboot-common/src/main/resources/admin_certPrivate.pem
Normal file
5
uboot-common/src/main/resources/admin_certPrivate.pem
Normal file
@ -0,0 +1,5 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgjF+tq8oc1tNjot69
|
||||
9OQgzr7Dqg1OkVo4PY4tKBL8+82hRANCAARKLIuOloTZe1B0J0k+CITZdsx8Gham
|
||||
JTuxCRGLdCLpq6wHHGEqWn9VDkwk5eX6OYQxYuBRiPZp7gP/njpx5CkF
|
||||
-----END PRIVATE KEY-----
|
||||
Reference in New Issue
Block a user