//生成P加密參數(shù):
package com.paic.pad.info.common.utils;import java.io.UnsupportedEncodingException; import java.net.URLDecoder; import java.net.URLEncoder; import java.security.Key; import java.util.Arrays; import java.util.Date; import java.util.Random;import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec;import org.apache.commons.codec.binary.Base64; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory;public class Aes128CbcUtils {protected final static Log logger = LogFactory.getLog(Aes128CbcUtils.class);// 算法名稱final static String KEY_ALGORITHM = "AES";// 加解密算法/模式/填充方式final static String CIPHER_ALGORITHM = "AES/CBC/PKCS5Padding";// 字符集final static String CHARSET_NAME = "UTF-8";// 填充矢量final static byte[] iv = {0x30, 0x31, 0x30, 0x32, 0x30, 0x33, 0x30, 0x34, 0x30, 0x35, 0x30, 0x36, 0x30, 0x37, 0x30, 0x38};//final static byte[] iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};private static Key getKey(byte[] keyBytes) {// 如果密鑰不足16位，那么就補足int base = 16;if ((keyBytes.length % base) != 0) {int groups = (keyBytes.length / base) + ((keyBytes.length % base) != 0 ? 1 : 0);byte[] temp = new byte[groups * base];Arrays.fill(temp, (byte) 0);System.arraycopy(keyBytes, 0, temp, 0, keyBytes.length);keyBytes = temp;}// 轉(zhuǎn)化成JAVA的密鑰格式return new SecretKeySpec(keyBytes, KEY_ALGORITHM);}/*** 加密方法* * @param content 要加密的字符串* @param key 加密密鑰* @return */public static String encrypt(String content, String key) {try {byte[] enc = encrypt(content.getBytes(CHARSET_NAME), key.getBytes(CHARSET_NAME));String base64Str = Base64.encodeBase64String(enc);return new String(base64Str.getBytes(), CHARSET_NAME);}catch (UnsupportedEncodingException e) {logger.error(" 加密密鑰異常 " , e);}return null;}/*** 加密方法* * @param content 要加密的字符串* @param keyBytes 加密密鑰* @return*/public static byte[] encrypt(byte[] content, byte[] keyBytes) {byte[] encryptedText = null;try {Key key = getKey(keyBytes);Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv));encryptedText = cipher.doFinal(content);}catch (Exception e) {logger.error(" 加密密鑰異常 " , e);}return encryptedText;}/*** 解密方法* * @param encryptedData 要解密的字符串* @param keyBytes 解密密鑰* @return*/public static String decrypt(String encryptedData, String key) {try {byte[] enc = encryptedData.getBytes(CHARSET_NAME);enc = Base64.decodeBase64(enc);byte[] dec = decrypt(enc, key.getBytes(CHARSET_NAME));return new String(dec, CHARSET_NAME);}catch (UnsupportedEncodingException e) {logger.error(" 解密密鑰異常 " , e);}return null;}/*** 解密方法* * @param encryptedData 要解密的字符串* @param keyBytes 解密密鑰* @return*/public static byte[] decrypt(byte[] encryptedData, byte[] keyBytes) {byte[] encryptedText = null;try {Key key = getKey(keyBytes);Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv));encryptedText = cipher.doFinal(encryptedData);}catch (Exception e) {logger.error(" 解密密鑰異常 " , e);}return encryptedText;}public static void main(String[] args) throws Exception {/*//加解密 密鑰byte[] keybytes = "paic1234".getBytes();String content = "a=1&b=2&c=3";// 加密字符串System.out.println("加密前的：" + content);System.out.println("加密密鑰：" + new String(keybytes));// 加密方法byte[] enc = Aes128CbcUtils.encrypt(content.getBytes(), keybytes);System.out.println("加密后的內(nèi)容：" + new String(Hex.encode(enc)));// 解密方法byte[] dec = Aes128CbcUtils.decrypt(enc, keybytes);System.out.println("解密后的內(nèi)容：" + new String(dec));*/// 加解密 密鑰String key = "83519aa6d30ecdc3";// "paic1234";long timestamp = new Date().getTime();long nonce = new Random().nextInt(100000);String toSign = timestamp+""+nonce;System.out.println("signature：" + toSign);String signature = HmacSHA1Utils.getSignature(toSign, key);String content = "timestamp="+timestamp+"&nonce="+nonce+"&signature="+signature+"&umId=LIUKAIHUA001";// 加密字符串System.out.println("加密前的：" + content);System.out.println("加密密鑰：" + key);// 加密方法String enc = Aes128CbcUtils.encrypt(content, key);System.out.println("加密后的內(nèi)容：" + enc);//URL encodeenc = URLEncoder.encode(enc, CHARSET_NAME);System.out.println("URL encode：" + enc);//URL decodeString dec = URLDecoder.decode(enc, CHARSET_NAME);System.out.println("URL decode：" + dec);// 解密方法dec = Aes128CbcUtils.decrypt(dec, key);System.out.println("解密后的內(nèi)容：" + dec);} }

　　

驗證P參數(shù)：

String p = request.getParameter("p");String reqUrl = request.getParameter("toUrl");String toUrl = reqUrl.replace(request.getContextPath(), "");HttpSession session = request.getSession();boolean hasSession = (session != null) && (session.getAttribute(SessionKeyConstant.SESSION_LOGIN_USER) != null);String dispatchUrl = "forward:" + toUrl;String key = PropertyUtils.getProperty("req.auth.key");//密鑰String vaildTime = PropertyUtils.getProperty("req.auth.requestVaildTime");//有效時間5000毫秒if(hasSession) {UserDTO user = (UserDTO) session.getAttribute(SessionKeyConstant.SESSION_LOGIN_USER);String currUmId = user.getUmId();//免登錄請求if(StringUtils.isNotEmpty(p)) {try {//1. URL decode//p = URLDecoder.decode(p, "UTF-8");//2. 解密String nameValuePairs = Aes128CbcUtils.decrypt(p, key);//3. 請求驗簽 和 時效驗證String timestamp = CommonUtils.getValueByKey(nameValuePairs, "timestamp");String nonce = CommonUtils.getValueByKey(nameValuePairs, "nonce");String toSign = timestamp+""+nonce; String umId = CommonUtils.getValueByKey(nameValuePairs, "umId");String customerId = CommonUtils.getValueByKey(nameValuePairs, "customerId");String actualSign = HmacSHA1Utils.getSignature(toSign, key);String exceptedSign = CommonUtils.getValueByKey(nameValuePairs, "signature");boolean isSignatureVaild = StringUtils.equals(actualSign, exceptedSign);long requestVaildTime = Long.parseLong(vaildTime);long requestTimestamp = new Long(timestamp);long currTimestamp = new Date().getTime();boolean isRequestVaild = ((currTimestamp-requestTimestamp) < requestVaildTime);//驗證session里用戶的umId是否和傳過來的umId一致。if(!StringUtils.equalsIgnoreCase(currUmId, umId)) {dispatchUrl = "redirect:/404.html";logger.info("有session用戶umId不一致。p=" + p + "currUmId=" + currUmId + "，umId=" + umId);}else { //清除session里的customerIdif(StringUtils.isEmpty(customerId)){//SESSION_CONTACT_ID 對應(yīng)的值是customerIdsession.removeAttribute(SessionKeyConstant.SESSION_CONTACT_ID);}//驗證umId通過else {if(isSignatureVaild && isRequestVaild && StringUtils.isNotEmpty(umId)) {//SESSION_CONTACT_ID 對應(yīng)的值是customerIdsession.setAttribute(SessionKeyConstant.SESSION_CONTACT_ID, customerId);}}}} catch (Exception e) {logger.warn("解密異常：" + p, e);dispatchUrl = "redirect:/404.html";}}session.setAttribute(SessionKeyConstant.SESSION_REQ_AUTH_SUCC, new Boolean(true));}

　　

/*** * 根據(jù)key取出解密后的參數(shù)值* * @param context 解密后的內(nèi)容* @param key 參數(shù)的key* @return*/public static String getValueByKey(String context, String key) {String result = "";if(StringUtils.isNotEmpty(context)){ String[] arr = context.split("&");for (int i = 0; i < arr.length; i++) {if(arr[i].indexOf("=") != -1) {String k = arr[i].substring(0, arr[i].indexOf("="));String value = arr[i].substring(arr[i].indexOf("=")+1, arr[i].length());if(key.equals(k)){result = value;break;}}}}return result;}

　　

轉(zhuǎn)載于:https://www.cnblogs.com/hailei/p/5443444.html

總結(jié)

以上是生活随笔為你收集整理的AES加密，加签验签的全部內(nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯，歡迎將生活随笔推薦給好友。