腾讯云通信服务端返回签名

最新推荐文章于 2024-06-06 14:26:48 发布

李吵吵

最新推荐文章于 2024-06-06 14:26:48 发布

阅读量1k

点赞数

分类专栏：学习笔记

学习笔记专栏收录该内容

3 篇文章

订阅专栏

本文介绍了一种基于腾讯云即时通讯(IM)服务的用户签名(UserSig)生成及验证方法。通过使用私钥对特定内容进行签名，并采用公钥进行验证，确保了用户身份的安全性和有效性。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

package com.love.util.qcloud;

import net.sf.json.JSONObject;
import org.apache.commons.codec.binary.Base64;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import java.io.CharArrayReader;
import java.io.IOException;
import java.io.Reader;
import java.nio.charset.Charset;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import java.util.zip.Deflater;
import java.util.zip.Inflater;

/**
* Created by liping.sang on 2017/1/18 0018.
*/
public class QChatUtils {

private static final long EXPIRE_SECOND = Long.valueOf(60 * 60 * 24 * 180);
private static final String BC = "BC";
private static final String SHA256withECDSA = "SHA256withECDSA";
private static final String UTF8 = "UTF-8";

private static final String QC_ACCOUNT_TYPE="10209";
private static final String QC_SDK_APP_ID="1400023855";
private static final String QC_PRIVATE_KEY="自己的私钥";

private static final String QC_PUBLIC_KEY="自己的公钥";

private QChatUtils() {}

private static Signature getSignatureWithPrivateKey(PrivateKey privateKey, String content) throws Exception {
Signature signature = Signature.getInstance(SHA256withECDSA, BC);
signature.initSign(privateKey);
signature.update(content.getBytes(Charset.forName(UTF8)));
return signature;
}

private static Signature getSignatureWithPublicKey(PublicKey publicKey, String content) throws Exception {
Signature signature = Signature.getInstance(SHA256withECDSA, BC);
signature.initVerify(publicKey);
signature.update(content.getBytes(Charset.forName(UTF8)));
return signature;
}

private static PrivateKey getPrivateKey(String privateKeyStr) throws IOException {
Security.addProvider(new BouncyCastleProvider());
Reader reader = new CharArrayReader(privateKeyStr.toCharArray());
JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
PEMParser parser = new PEMParser(reader);
PrivateKeyInfo privateKeyInfo = (PrivateKeyInfo) parser.readObject();
parser.close();
PrivateKey privateKey = converter.getPrivateKey(privateKeyInfo);
return privateKey;
}

private static PublicKey getPublicKey(String publicKeyStr) throws IOException {
Reader reader = new CharArrayReader(publicKeyStr.toCharArray());
PEMParser parser = new PEMParser(reader);
JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
SubjectPublicKeyInfo subjectPublicKeyInfo = (SubjectPublicKeyInfo) parser.readObject();
parser.close();
PublicKey publicKey = converter.getPublicKey(subjectPublicKeyInfo);
return publicKey;
}

private static String getContent(String identifier, String time) {
StringBuffer sb = new StringBuffer();
sb.append("TLS.appid_at_3rd:").append(0).append("\n").append("TLS.account_type:").append(QC_ACCOUNT_TYPE).append("\n").append("TLS.identifier:")
.append(identifier).append("\n").append("TLS.sdk_appid:").append(QC_SDK_APP_ID).append("\n").append("TLS.time:").append(time).append("\n")
.append("TLS.expire_after:").append(EXPIRE_SECOND).append("\n");
return sb.toString();
}

/**
* 生成UserSig
*
* @param identifier 用户ID
* @return
* @throws Exception
*/
public static String getUserSig(String identifier) throws Exception {
String time = String.valueOf(System.currentTimeMillis() / 1000);
Signature signature = getSignatureWithPrivateKey(getPrivateKey(QC_PRIVATE_KEY), getContent(identifier, time));
byte[] signatureBytes = signature.sign();

String sigTLS = Base64.encodeBase64String(signatureBytes);

Map<String, Object> map = new HashMap<String, Object>();
map.put("TLS.account_type", 0);
map.put("TLS.identifier", identifier);
map.put("TLS.appid_at_3rd", 0);
map.put("TLS.sdk_appid", QC_SDK_APP_ID);
map.put("TLS.expire_after", EXPIRE_SECOND);
map.put("TLS.version", "201512300000");
map.put("TLS.sig", sigTLS);
map.put("TLS.time", time);
JSONObject jsonObject = JSONObject.fromObject(map);
String jsonString = jsonObject.toString();

Deflater deflater = new Deflater();
deflater.setInput(jsonString.getBytes(Charset.forName(UTF8)));

deflater.finish();
byte[] compressBytes = new byte[512];
int compressBytesLength = deflater.deflate(compressBytes);
deflater.end();
return new String(Base64.encodeBase64(Arrays.copyOfRange(compressBytes, 0, compressBytesLength)));
}

/**
* 验证签名
*
* @param userSig 签名
* @param identifier 用户ID
* @return
* @throws Exception
*/
public static boolean checkUserSig(String userSig, String identifier) throws Exception {
Security.addProvider(new BouncyCastleProvider());

Base64 decoder = new Base64();

byte[] compressBytes = Base64.decodeBase64(userSig.getBytes(Charset.forName(UTF8)));

Inflater inflater = new Inflater();
inflater.setInput(compressBytes, 0, compressBytes.length);
byte[] decompressBytes = new byte[1024];
int decompressLength = inflater.inflate(decompressBytes);
inflater.end();

String jsonString = new String(Arrays.copyOfRange(decompressBytes, 0, decompressLength));

JSONObject jsonObject = JSONObject.fromObject(jsonString);
String sigTLS = jsonObject.getString("TLS.sig");

byte[] signatureBytes = decoder.decode(sigTLS.getBytes(Charset.forName(UTF8)));

String sigTime = jsonObject.getString("TLS.time");
Signature signature = getSignatureWithPublicKey(QChatUtils.getPublicKey(QC_PUBLIC_KEY), getContent(identifier, sigTime));
return signature.verify(signatureBytes);
}

public static void main(String[] args) {
try {

String userSig = QChatUtils.getUserSig("xxx@foxmail.com");
System.out.println("UserSig: " + userSig);

boolean checkResult = QChatUtils.checkUserSig(userSig, "xxx@foxmail.com");
System.out.println("Check UserSig Result: " + checkResult);

} catch (Exception e) {
e.printStackTrace();
}
}

}