最近有個工作任務是要對産品的使用權限進行驗證:産品隻能運作在具有權限的某台伺服器上,是以在産品伺服器啟動時需要根據伺服器mac校驗其是否具有使用權限。而權限檔案需要通過加密後才能給客戶。
1、擷取使用者計算機的mac位址
package com.mac;
import java.net.NetworkInterface;
import java.net.SocketException;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
public class MacObtainUtil {
/**
* 擷取計算機的所有網卡編号,十六進制字元串表示,每兩個之間用“-”隔開
*
* @return
* @throws SocketException
*/
public static List<String> getComputerMac() throws SocketException {
List<String> macList = new ArrayList<>();
Enumeration<NetworkInterface> en = NetworkInterface.getNetworkInterfaces();
while (en.hasMoreElements()) {
StringBuffer sbf = new StringBuffer();
byte[] macs = en.nextElement().getHardwareAddress();
if (macs == null || macs.length == 0) {
continue;
}
for (byte b : macs) {
sbf.append(byteToHexStr(b));
sbf.append("-");
}
macList.add(sbf.substring(0, sbf.length() - 1));
}
return macList;
}
private static String byteToHexStr(byte b) {
StringBuffer s = new StringBuffer();
int v = b & 0xFF;
String hv = Integer.toHexString(v);
for (int i = 0; i < 2 - hv.length(); i++) {
s.append("0");
}
s.append(hv);
return s.toString();
}
}
2、RSA産生密鑰對、加密資料以及解密資料的工具類
package com.rsa.encrypt;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Cipher;
import org.apache.commons.codec.binary.Base64;
public class RSAUtil {
// 非對稱密鑰算法
public static final String KEY_ALGORITHM = "RSA";
/**
* 密鑰長度,DH算法的預設密鑰長度是1024 密鑰長度必須是64的倍數,在512到65536位之間
*/
private static final int KEY_SIZE = 512;
// 公鑰
public static final String PUBLIC_KEY = "RSAPublicKey";
// 私鑰
public static final String PRIVATE_KEY = "RSAPrivateKey";
/**
* <p>
* 建立秘鑰對,儲存在map中并傳回map, key通過Base64加密
* <p>
* 公鑰key RSAUtil.PUBLIC_KEY
* <p>
* 私鑰key RSAUtil.PRIVATE_KEY
*
* @throws NoSuchAlgorithmException
*/
public static Map<String, String> createKeyPair() throws NoSuchAlgorithmException {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_ALGORITHM);
// 初始化密鑰生成器
keyPairGenerator.initialize(KEY_SIZE);
// 生成密鑰對
KeyPair keyPair = keyPairGenerator.generateKeyPair();
// 公鑰
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
// 私鑰
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
// 将密鑰轉換成字元串存儲在map中
Map<String, String> keyMap = new HashMap<String, String>();
keyMap.put(PUBLIC_KEY, Base64.encodeBase64String(publicKey.getEncoded()));
keyMap.put(PRIVATE_KEY, Base64.encodeBase64String(privateKey.getEncoded()));
return keyMap;
}
/**
* 私鑰加密
*
* @param data待加密資料
* @param key
* 密鑰
* @return String 加密後資料
*/
public static byte[] encryptByPrivateKey(byte[] data, byte[] key) throws Exception {
// 取得私鑰
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(key);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
// 生成私鑰
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
// 資料加密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
return cipher.doFinal(data);
}
/**
* 公鑰解密
* @param data 待解密資料
* @param key 密鑰
* @return byte[] 解密資料
* */
public static byte[] decryptByPublicKey(byte[] data,byte[] key) throws Exception{
//執行個體化密鑰工廠
KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
//初始化公鑰
X509EncodedKeySpec x509KeySpec=new X509EncodedKeySpec(key);
//産生公鑰
PublicKey pubKey=keyFactory.generatePublic(x509KeySpec);
//資料解密
Cipher cipher=Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, pubKey);
return cipher.doFinal(data);
}
}
3、測試類
package test;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
import com.rsa.encrypt.RSAUtil;
public class RSATest {
public static void main(String[] args) {
String data = "123456789";
try {
Map<String, String> keyMap = RSAUtil.createKeyPair();
String publicKey = keyMap.get(RSAUtil.PUBLIC_KEY);
String privateKey = keyMap.get(RSAUtil.PRIVATE_KEY);
byte[] encryptData = RSAUtil.encryptByPrivateKey(Base64.decodeBase64(data),
Base64.decodeBase64(privateKey));
System.out.println("加密後的資料為:" + Base64.encodeBase64String(encryptData));
System.out.println("-------------------");
byte[] decryptData = RSAUtil.decryptByPublicKey(encryptData, Base64.decodeBase64(publicKey));
System.out.println("解密後的資料為:" + Base64.encodeBase64String(decryptData));
} catch (Exception e) {
e.printStackTrace();
}
}
}
控制台輸出
加密後的資料為:IXKaLY8F4xmEhUVt7sitfQE3e+gtvo0PszAFx5GJ1pXWyQAQtF14EKSxtaMiRjbkq/8JSZRPa/fqbTM5dmF4ag==
----------------
解密後的資料為:12345678