原始需求:
启动HTTP的POST请求的条目格式是由接口参数和参数值组成的JSON字符串,
此JSON字符串需要RSA加密。
接口使用http servlet request获取参数值,然后对数据进行RSA解密。
密钥最多可有1024位,加密时字符串不会超过117个字节,因此必须将预加密的JSON字符串按字节划分并放入数组中,对数组中的每个项进行单独加密,然后将最后加密的数组转换为JSON字符串作为请求体传递。
这种情况下,http servlet在得到加密后的JSON数组后,对加密后的JSON数组的各项单独进行解密,将最后解码后的JSON数组的各项与由接口参数和参数值构成的JSON字符串相连,从而本来可以
接下来是相关代码
RSA加密工具
package com.ieslab.msgpush.util; importorg.spring framework.stereotype.service; import javax.crypto.Cipher; 输入Java.security.*; import Java.security.interfaces.RSA private key; import Java.security.interfaces.RSA public key; import Java.security.spec.pkcs8 encodedkeyspec; import Java.security.spec.x509 encodedkeyspec; import java.util.Base64; /** * @description: RSA加密工具* @ author : Yiwen Li * @ create :2021-04-2909336052 * */publicclassrsautil {/*。 //KeyPairGenerator类用于生成公钥和私钥对,并基于RSA算法生成对象keypairgeneratorkeypairgen=key pair generator.getinstance () //初始化密钥对生成器,并生成密钥大小为96-1024位的keypairgen.initialize(1024,new SecureRandom ); //生成密钥对并将其保存到keyPair的key pair key pair=key pair gen.generate key pair (; //私钥RSA private key private key=(RSA private key ) keyPair.getPrivate ); //公钥RSA public key public key=(RSA public key ) keyPair.getPublic; private keystr=new string (encoder.encode ) ) (privatekey.getencoded ) ) public keystr=new string (encoder.encode ) } catch (nosuchalgorithmexceptione ) { e.printStackTrace ); } } /** * RSA公钥加密* * @param str加密字符串* @param publicKey公钥*/publicstaticstringencrypt { stringstr,string public key } { Bram //base64编码公钥byte [ ] decoded=decoder.decode (public key ); RSA public key pubkey=(RSA public key ) keyfactory.getinstance(RSA ) ).generatepublic ) newx509encodedkeyspec ) decoded/cipher.init(cipher.encrypt_
MODE, pubKey); String outStr = encoder.encodeToString(cipher.doFinal(str.getBytes("UTF-8"))); return outStr; } catch (Exception e) { e.printStackTrace(); return null; } } /** * RSA私钥解密 * * @param str 加密字符串 * @param privateKey 私钥 */ public static String decrypt(String str, String privateKey) { try { Base64.Decoder decoder = Base64.getDecoder(); //64位解码加密后的字符串 byte[] inputByte = decoder.decode(str.getBytes("UTF-8")); //base64编码的私钥 byte[] decoded = decoder.decode(privateKey); RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decoded)); //RSA解密 Cipher cipher = Cipher.getInstance("RSA"); cipher.init(Cipher.DECRYPT_MODE, priKey); String outStr = new String(cipher.doFinal(inputByte)); return outStr; } catch (Exception e) { e.printStackTrace(); return null; } }}将加密前的JSON串进行字节分割
/** * 字符串分解放入Arrays 因为AES加密时的字符串不能超过117个字节 * * @param paramsJson 完整的参数json字符串 */ private List<String> getParamJsonArray(String paramsJson) { List<String> result = new ArrayList<>(); try { byte[] paramJsonByteArray = URLEncoder.encode(paramsJson, "UTF-8").getBytes("UTF-8"); while(paramJsonByteArray.length > 0) { if(paramJsonByteArray.length > 117) { byte[] paramByteArrayAdd = Arrays.copyOfRange(paramJsonByteArray, 0, 117); result.add(new String(paramByteArrayAdd)); paramJsonByteArray = Arrays.copyOfRange(paramJsonByteArray, 117, paramJsonByteArray.length); continue; } result.add(new String(paramJsonByteArray)); break; } } catch (UnsupportedEncodingException e) { e.printStackTrace(); } return result; }发送HTTP POST请求
/** * 发送HTTP POST请求 * * @param url 请求地址 * @param data 请求参数 */ public static String httpPost(String url, String data) { HttpPost httpPost = new HttpPost(url); httpPost.setHeader("Content-Type", "application/x-www-form-urlencoded;charset=utf-8"); httpPost.setEntity(new StringEntity(data, "UTF-8")); String result = null; try(CloseableHttpClient httpclient = HttpClients.createDefault(); CloseableHttpResponse response = httpclient.execute(httpPost)) { HttpEntity entity = response.getEntity(); result = EntityUtils.toString(entity, "UTF-8"); EntityUtils.consume(entity); } catch (IOException e) { e.printStackTrace(); } return result; }获取接口参数并解析后转换格式
/** * 获取接口参数并转换类型 * * @param request */ private JSONObject getParamObject(HttpServletRequest request) { StringBuilder requestValue = new StringBuilder(); try(InputStream inputStream = request.getInputStream(); BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream)); ) { String line;//循环读取 while ((line = reader.readLine()) != null) { requestValue.append(line); } } catch (Exception e){ e.printStackTrace(); } // 加密后的json数组 List<String> paramJsonInCode = JSON.parseArray(requestValue.toString(), String.class); StringBuilder paramJson = new StringBuilder(); // 对加密后的json数组的每一项分别解密 for(String paramJsonOneInCode: paramJsonInCode) { paramJson.append(RSAUtil.decrypt(paramJsonOneInCode, RSAUtil.getPrivateKeyStr())); } try { String paramJsonDecode = URLDecoder.decode(paramJson.toString(), "UTF-8"); return JSON.parseObject(paramJsonDecode); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } return null; }