建设银行对接(四)
上接“建设银行对接(三)”,javaeye的文章字数限制也太少了点吧,一篇文章连一个类代码都贴不完,这类代码也不长啊。
/**
* 用私钥加密
* @param data
* @param key
* @return
* @throws Exception
*/
public static byte[] encryptByPrivateKey(byte[] data, byte[] key)
throws Exception {
// 对密钥解密
//byte[] keyBytes = decryptBASE64(key);
// 取得私钥
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(key);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
Key privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
// 对数据加密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
return cipher.doFinal(data);
}
/**
* 取得私钥
*
* @param keyMap
* @return
* @throws Exception
*/
public static byte[] getPrivateKey(Map<String, Object> keyMap)
throws Exception {
Key key = (Key) keyMap.get(PRIVATE_KEY);
return key.getEncoded();
}
/**
* 取得公钥
*
* @param keyMap
* @return
* @throws Exception
*/
public static byte[] getPublicKey(Map<String, Object> keyMap)
throws Exception {
Key key = (Key) keyMap.get(PUBLIC_KEY);
return key.getEncoded();
}
/**
* 初始化密钥
*
* @return
* @throws Exception
*/
public static Map<String, Object> initKey() throws Exception {
KeyPairGenerator keyPairGen = KeyPairGenerator
.getInstance(KEY_ALGORITHM);
keyPairGen.initialize(1024);
KeyPair keyPair = keyPairGen.generateKeyPair();
// 公钥
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
// 私钥
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
Map<String, Object> keyMap = new HashMap<String, Object>(2);
keyMap.put(PUBLIC_KEY, publicKey);
keyMap.put(PRIVATE_KEY, privateKey);
return keyMap;
}
}
下面是建设银行服务类
package cn.ipanel.payment.business.bank.ccb;
import cn.ipanel.payment.business.bank.BankException;
import cn.ipanel.payment.business.bank.ccb.encryption.ByteUtil;
import cn.ipanel.payment.business.bank.ccb.encryption.Encoder;
import cn.ipanel.payment.business.bank.ccb.encryption.RSAEncoder;
/**
* 建设银行服务
* @author wangxiaoxue
*
*/
public class CCBBankService{
/**
* 对建行返回的数据进行数字签名校验,校验算法如下:<br>
* 1:将签名字符串和公钥转换成二进制格式<br>
* 2:使用公钥进行签名的逆运算<br>
* 3:使用标准MD5算法运算原文<br>
* 4:比较1、2结果
* @param signature 数字签名字符串
* @param content 原文字符串
* @param publicKey 公钥字符串
*/
public static boolean verifySignature(String signature,String content,String publicKey) throws BankException {
boolean status=false;
try {
//对原文进行MD5加密
byte[] md5bytes = Encoder.encryptMD5(content.getBytes());
//对签名字符串进行逆运算,将16进制字符串按照约定算法转换为二进制数据
byte[] signbytes = ByteUtil.charToByte(signature);
//对公钥字符串进行逆运算,将16进制字符串按照约定算法转换为二进制数据
byte[] keybytes = ByteUtil.charToByte(publicKey);
//校验
status = RSAEncoder.verify(md5bytes, keybytes, signbytes);
} catch (Exception e) {
e.printStackTrace();
throw new BankException("校验数字签名过程出现错误");
}
return status;
}
/**
* 加密发送的内容
* @param senddata 发送的内容原文
* @return 加密后的内容
* @throws BankException
*/
public static String encryptSenddata(String senddata)throws BankException{
String result=null;
try {
result= ByteUtil.byteToChar(Encoder.encryptMD5(senddata.getBytes()));
} catch (Exception e) {
e.printStackTrace();
throw new BankException("加密过程出现错误");
}
return result;
}