本文共 2673 字,大约阅读时间需要 8 分钟。
- 现在很多J2EE应用都采用一个license文件来授权系统的使用,特别是在系统购买的早期,会提供有限制的license文件对系统进行限制,比如试用版有譬如IP、日期、最大用户数量的限制等。
-
- 而license控制的方法又有很多,目前比较流行,只要设计的好就很难破解的方法就是采用一对密匙(私匙加密公匙解密)来生成License文件中的Sinature签名内容,再通过Base64或Hex来进行编码。比如原BEA公司现在是Oracle公司的WebLogic就采用的是这种方法来设置License文件。
-
- 这里只进行一个比较简单的实现:
-
- 一共三个类:
-
- A.KeyGenerater类生成公钥私钥对
-
- B.Signaturer类使用私钥进行签名
-
- C.SignProvider类用公钥验证
-
- 公钥和私钥使用Base64加密Base64这个类很多地方都可以查到。
-
-
-
- KeyGenerater类:
-
-
-
- public class KeyGenerater {
-
- private byte[] priKey;
-
- private byte[] pubKey;
-
- public void generater() {
- try {
-
- KeyPairGenerator keygen = KeyPairGenerator .getInstance("RSA");
-
- SecureRandom secrand = new SecureRandom();
-
- secrand.setSeed("www.川江号子.cn".getBytes());
-
- keygen.initialize(1024, secrand);
-
- KeyPair keys = keygen.genKeyPair();
-
- PublicKey pubkey = keys.getPublic();
-
- PrivateKey prikey = keys.getPrivate()
-
- pubKey = Base64.encodeToByte(pubkey.getEncoded());
-
- priKey = Base64.encodeToByte(prikey.getEncoded());
-
- System.out.println("pubKey = " + new String(pubKey));
-
- System.out.println("priKey = " + new String(priKey));
-
- } catch (java.lang.Exception e) {
-
- System.out.println("生成密钥对失败");
-
- e.printStackTrace();
-
- }
-
- }
-
- public byte[] getPriKey() {
-
- return priKey;
-
- }
-
- public byte[] getPubKey() {
-
- return pubKey;
-
- }
-
- }
-
-
- Signaturer 类:
-
-
-
- public class Signaturer {
-
- public static byte[] sign(byte[] priKeyText, String plainText) {
-
- try {
-
- PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec(Base64.decode(priKeyText));
-
- KeyFactory keyf = KeyFactory.getInstance("RSA");
-
- PrivateKey prikey = keyf.generatePrivate(priPKCS8);
-
-
-
- Signature signet = java.security.Signature.getInstance("MD5withRSA");
-
- signet.initSign(prikey);
-
- signet.update(plainText.getBytes());
-
- byte[] signed = Base64.encodeToByte(signet.sign());
-
- return signed;
-
- } catch (java.lang.Exception e) {
-
- System.out.println("签名失败");
-
- e.printStackTrace();
-
- }
-
- return null;
-
- }
-
- }
-
-
- SignProvider 类:
-
- public class SignProvider {
-
- private SignProvider() {
-
- }
-
- public static boolean verify(byte[] pubKeyText, String plainText,
-
- byte[] signText) {
-
- try {
-
-
-
- X509EncodedKeySpec bobPubKeySpec = new X509EncodedKeySpec(Base64.decode(pubKeyText));
-
-
-
- KeyFactory keyFactory = KeyFactory.getInstance("RSA");
-
-
-
- PublicKey pubKey = keyFactory.generatePublic(bobPubKeySpec);
-
-
-
- byte[] signed = Base64.decode(signText);
-
- Signature signatureChecker = Signature.getInstance("MD5withRSA");
-
- signatureChecker.initVerify(pubKey);
-
- signatureChecker.update(plainText.getBytes());
-
-
-
- if (signatureChecker.verify(signed))
-
- return true;
-
- else
-
- return false;
-
- } catch (Throwable e) {
-
- System.out.println("校验签名失败");
-
- e.printStackTrace();
-
- return false;
-
- }
-
- }
-
- }
转载于:https://www.cnblogs.com/lvdongjie/p/4267629.html