客户接口是使用的java实现,验证使用的md5withrsa,拆开看都理解,放到一块就懵逼了,求讲解!!!!
附java的实现方式:
<code>package main;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.security.SecureRandom;
public class main {
/**
* 生成秘钥
*/
public static void makeKey()
{
String KEY_ALGORITHM = "rsa";
java.security.KeyPairGenerator keygen;
try {
keygen = java.security.KeyPairGenerator
.getInstance(KEY_ALGORITHM );
SecureRandom secrand = new SecureRandom();
secrand.setSeed("tmriPayment".getBytes()); // 初始化随机产生器
keygen.initialize(1024);
KeyPair keys = keygen.genKeyPair();
RSAPublicKey pubkey = (RSAPublicKey) keys.getPublic();
RSAPrivateKey prikey = (RSAPrivateKey) keys.getPrivate();
String pubKeyStr= Base64Util.encodeBase64(pubkey.getEncoded());//得到公钥 并做base64编码
String priKeyStr= Base64Util.encodeBase64(prikey.getEncoded());//得到私钥 并做base64编码
System.out.println("公钥:"+ pubKeyStr);
System.out.println("私钥:"+ priKeyStr);
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
/**
* 加密
* @return
*/
public static String encodeData()
{
try {
byte[] data = "fdfdfsdfdfd".getBytes();
String privateKey = "MIICXAIBAAKBgQDOF3dzQpPVIvHrx2qwszcv9Cw5XhCEyuRTy+HDPD684NSGGGnL"+
"34cLc1BCEjlT3v9H81SigvSUDB++YbMcZOrRFT+MAt22yi98BcRP60vgVixfTCCI"+
"lc39b6G6I6ac5BUfOKwdUKNUnCLvcojshmtGezcEYGocMziOIwXIdBXErQIDAQAB"+
"AoGANlycRovuQM9J7v6YFun/Cagnri4wv0ZhefUSpRQUHHBVvtVbuspIbe3J4tO5"+
"yXTN86Ws0n0mlJKqIObWfwvjoDADNeEWFXUI5YKyEnpnvvZwTo1JjrDy8QJpGe94"+
"yNebfGLKyZtIc/zLq9sFboyqNCtn2hu7IsG2g4SGe9BFcsUCQQDnrc6yXG6jmFC/"+
"7HFqXj5NtQc72vYbIjf32yG8W1D1j3ghZZwtUkIa8g3WMxFrYW9DFMzTDi3/mPSd"+
"1A9OG89DAkEA47oFZj6xf7gzDbHDdKX/S9ehjQjP2q6V7SYXnhdEwioxjJpj9qrP"+
"SKQg8A9m4nUl2FXJ2spxApotHoKHqTGFTwJBAIkcohGJBqmnQVL0mgK7l9/hXVCd"+
"O72/OKRlecfBu1449H2/ZvijkB/mVS4Jtyt31KM8siPOZoa4fTzS/ePaLYUCQDHj"+
"LY2hjFbzblPArpXeS5g8y8pOtOIuPu/t2Vyrskdq4OHxbJa8Ap7iPcj5RsuzaDAF"+
"UywYDzvHtLyrUbbR/2cCQGbbIWDLPtzHzI7QumtabHq9M5zUgvtXDksnOltcEDSX"+
"aBoGSbpRcPcGFfFMY+fd/kdmEambYn+270DNHPvqljU=";
byte[] keyBytes;
keyBytes = Base64Util.decodeBase64(privateKey);
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PrivateKey priKey = keyFactory.generatePrivate(pkcs8KeySpec);
Signature signature = Signature.getInstance("MD5withRSA");
signature.initSign(priKey);
signature.update(data);//data为要生成签名的源数据字节数组
return Base64Util.encodeBase64(Base64Util.encodeBase64(signature.sign()).getBytes());
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}//对私钥做base64解码
return "";
}
/**
* 解密
* @return
*/
public static Boolean decodeData(String msg)
{
String publicKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMrfAeCg5zyHJKs269vMywoMYwKWGfBbk31K44g0ZLg8YN4c9jOH4hyAYkhN5mWY69Q8Sb82OAlxBXMY1zQshKk6kzZGOrYDQOt/bvVg6kPdf9IgtWky4YaCVSR2C0zYCviz+pHXJrbTeyVVLmbaxsr2lEjamBoDcfM1uE9hj83QIDAQAB";
try {
byte[] data = "fdfdfsdfdfd".getBytes();
byte[] publicKey1 = Base64Util.decodeBase64(publicKey);//对提供的公钥做base64解码
byte[] sign = Base64Util.decodeBase64( new String(Base64Util.decodeBase64(msg)));//签名需要做二次base64解码
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicKey1);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PublicKey pubKey = keyFactory.generatePublic(keySpec);
Signature signature = Signature.getInstance("MD5withRSA");
signature.initVerify(pubKey);
signature.update(data);
return signature.verify(sign);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}//对私钥做base64解码
return false;
}
public static void main(String[] args) throws Exception {
// TODO Auto-generated method stub
//makeKey();
String msg = encodeData();
//System.out.println(msg);
//String msg = "ZlBGVnVXQm1YVjhhWDhGbVVYV24raEJzRVB1WFAycUhKdVIwbGl3azY5T2VKWHBkMDlpL1U5aGYwcEVvK1h0M0RNMFNsRTNQM1pYazFyT25xblZwTStRZmJhVGVPUXBsZ0ozZVFKemFnaWt5dzNvUXRNZC81RGQ4RGlSR3pqUmRhOFd2OCt1ekRiakZBdWtqeGg3Y1plTEdTT2ppQ08rcFVqOUQxZXh6ZG1VPQ==";
//Boolean data = decodeData(msg);
//System.out.println(data);
}
}
</code>
回复内容:
客户接口是使用的java实现,验证使用的md5withrsa,拆开看都理解,放到一块就懵逼了,求讲解!!!!
附java的实现方式:
<code>package main;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.security.SecureRandom;
public class main {
/**
* 生成秘钥
*/
public static void makeKey()
{
String KEY_ALGORITHM = "rsa";
java.security.KeyPairGenerator keygen;
try {
keygen = java.security.KeyPairGenerator
.getInstance(KEY_ALGORITHM );
SecureRandom secrand = new SecureRandom();
secrand.setSeed("tmriPayment".getBytes()); // 初始化随机产生器
keygen.initialize(1024);
KeyPair keys = keygen.genKeyPair();
RSAPublicKey pubkey = (RSAPublicKey) keys.getPublic();
RSAPrivateKey prikey = (RSAPrivateKey) keys.getPrivate();
String pubKeyStr= Base64Util.encodeBase64(pubkey.getEncoded());//得到公钥 并做base64编码
String priKeyStr= Base64Util.encodeBase64(prikey.getEncoded());//得到私钥 并做base64编码
System.out.println("公钥:"+ pubKeyStr);
System.out.println("私钥:"+ priKeyStr);
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
/**
* 加密
* @return
*/
public static String encodeData()
{
try {
byte[] data = "fdfdfsdfdfd".getBytes();
String privateKey = "MIICXAIBAAKBgQDOF3dzQpPVIvHrx2qwszcv9Cw5XhCEyuRTy+HDPD684NSGGGnL"+
"34cLc1BCEjlT3v9H81SigvSUDB++YbMcZOrRFT+MAt22yi98BcRP60vgVixfTCCI"+
"lc39b6G6I6ac5BUfOKwdUKNUnCLvcojshmtGezcEYGocMziOIwXIdBXErQIDAQAB"+
"AoGANlycRovuQM9J7v6YFun/Cagnri4wv0ZhefUSpRQUHHBVvtVbuspIbe3J4tO5"+
"yXTN86Ws0n0mlJKqIObWfwvjoDADNeEWFXUI5YKyEnpnvvZwTo1JjrDy8QJpGe94"+
"yNebfGLKyZtIc/zLq9sFboyqNCtn2hu7IsG2g4SGe9BFcsUCQQDnrc6yXG6jmFC/"+
"7HFqXj5NtQc72vYbIjf32yG8W1D1j3ghZZwtUkIa8g3WMxFrYW9DFMzTDi3/mPSd"+
"1A9OG89DAkEA47oFZj6xf7gzDbHDdKX/S9ehjQjP2q6V7SYXnhdEwioxjJpj9qrP"+
"SKQg8A9m4nUl2FXJ2spxApotHoKHqTGFTwJBAIkcohGJBqmnQVL0mgK7l9/hXVCd"+
"O72/OKRlecfBu1449H2/ZvijkB/mVS4Jtyt31KM8siPOZoa4fTzS/ePaLYUCQDHj"+
"LY2hjFbzblPArpXeS5g8y8pOtOIuPu/t2Vyrskdq4OHxbJa8Ap7iPcj5RsuzaDAF"+
"UywYDzvHtLyrUbbR/2cCQGbbIWDLPtzHzI7QumtabHq9M5zUgvtXDksnOltcEDSX"+
"aBoGSbpRcPcGFfFMY+fd/kdmEambYn+270DNHPvqljU=";
byte[] keyBytes;
keyBytes = Base64Util.decodeBase64(privateKey);
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PrivateKey priKey = keyFactory.generatePrivate(pkcs8KeySpec);
Signature signature = Signature.getInstance("MD5withRSA");
signature.initSign(priKey);
signature.update(data);//data为要生成签名的源数据字节数组
return Base64Util.encodeBase64(Base64Util.encodeBase64(signature.sign()).getBytes());
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}//对私钥做base64解码
return "";
}
/**
* 解密
* @return
*/
public static Boolean decodeData(String msg)
{
String publicKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMrfAeCg5zyHJKs269vMywoMYwKWGfBbk31K44g0ZLg8YN4c9jOH4hyAYkhN5mWY69Q8Sb82OAlxBXMY1zQshKk6kzZGOrYDQOt/bvVg6kPdf9IgtWky4YaCVSR2C0zYCviz+pHXJrbTeyVVLmbaxsr2lEjamBoDcfM1uE9hj83QIDAQAB";
try {
byte[] data = "fdfdfsdfdfd".getBytes();
byte[] publicKey1 = Base64Util.decodeBase64(publicKey);//对提供的公钥做base64解码
byte[] sign = Base64Util.decodeBase64( new String(Base64Util.decodeBase64(msg)));//签名需要做二次base64解码
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicKey1);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PublicKey pubKey = keyFactory.generatePublic(keySpec);
Signature signature = Signature.getInstance("MD5withRSA");
signature.initVerify(pubKey);
signature.update(data);
return signature.verify(sign);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}//对私钥做base64解码
return false;
}
public static void main(String[] args) throws Exception {
// TODO Auto-generated method stub
//makeKey();
String msg = encodeData();
//System.out.println(msg);
//String msg = "ZlBGVnVXQm1YVjhhWDhGbVVYV24raEJzRVB1WFAycUhKdVIwbGl3azY5T2VKWHBkMDlpL1U5aGYwcEVvK1h0M0RNMFNsRTNQM1pYazFyT25xblZwTStRZmJhVGVPUXBsZ0ozZVFKemFnaWt5dzNvUXRNZC81RGQ4RGlSR3pqUmRhOFd2OCt1ekRiakZBdWtqeGg3Y1plTEdTT2ppQ08rcFVqOUQxZXh6ZG1VPQ==";
//Boolean data = decodeData(msg);
//System.out.println(data);
}
}
</code>
Optimize PHP Code: Reducing Memory Usage & Execution TimeMay 10, 2025 am 12:04 AMTooptimizePHPcodeforreducedmemoryusageandexecutiontime,followthesesteps:1)Usereferencesinsteadofcopyinglargedatastructurestoreducememoryconsumption.2)LeveragePHP'sbuilt-infunctionslikearray_mapforfasterexecution.3)Implementcachingmechanisms,suchasAPC
PHP Email: Step-by-Step Sending GuideMay 09, 2025 am 12:14 AMPHPisusedforsendingemailsduetoitsintegrationwithservermailservicesandexternalSMTPproviders,automatingnotificationsandmarketingcampaigns.1)SetupyourPHPenvironmentwithawebserverandPHP,ensuringthemailfunctionisenabled.2)UseabasicscriptwithPHP'smailfunct
How to Send Email via PHP: Examples & CodeMay 09, 2025 am 12:13 AMThe best way to send emails is to use the PHPMailer library. 1) Using the mail() function is simple but unreliable, which may cause emails to enter spam or cannot be delivered. 2) PHPMailer provides better control and reliability, and supports HTML mail, attachments and SMTP authentication. 3) Make sure SMTP settings are configured correctly and encryption (such as STARTTLS or SSL/TLS) is used to enhance security. 4) For large amounts of emails, consider using a mail queue system to optimize performance.
Advanced PHP Email: Custom Headers & FeaturesMay 09, 2025 am 12:13 AMCustomheadersandadvancedfeaturesinPHPemailenhancefunctionalityandreliability.1)Customheadersaddmetadatafortrackingandcategorization.2)HTMLemailsallowformattingandinteractivity.3)AttachmentscanbesentusinglibrarieslikePHPMailer.4)SMTPauthenticationimpr
Guide to Sending Emails with PHP & SMTPMay 09, 2025 am 12:06 AMSending mail using PHP and SMTP can be achieved through the PHPMailer library. 1) Install and configure PHPMailer, 2) Set SMTP server details, 3) Define the email content, 4) Send emails and handle errors. Use this method to ensure the reliability and security of emails.
What is the best way to send an email using PHP?May 08, 2025 am 12:21 AMThebestapproachforsendingemailsinPHPisusingthePHPMailerlibraryduetoitsreliability,featurerichness,andeaseofuse.PHPMailersupportsSMTP,providesdetailederrorhandling,allowssendingHTMLandplaintextemails,supportsattachments,andenhancessecurity.Foroptimalu
Best Practices for Dependency Injection in PHPMay 08, 2025 am 12:21 AMThe reason for using Dependency Injection (DI) is that it promotes loose coupling, testability, and maintainability of the code. 1) Use constructor to inject dependencies, 2) Avoid using service locators, 3) Use dependency injection containers to manage dependencies, 4) Improve testability through injecting dependencies, 5) Avoid over-injection dependencies, 6) Consider the impact of DI on performance.
PHP performance tuning tips and tricksMay 08, 2025 am 12:20 AMPHPperformancetuningiscrucialbecauseitenhancesspeedandefficiency,whicharevitalforwebapplications.1)CachingwithAPCureducesdatabaseloadandimprovesresponsetimes.2)Optimizingdatabasequeriesbyselectingnecessarycolumnsandusingindexingspeedsupdataretrieval.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
mPDF
mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),
Zend Studio 13.0.1
Powerful PHP integrated development environment
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
