企业官网建设流程全解析

WordPress主题添加点赞喜欢按钮,淘宝优化关键词的步骤,永州建设网站,广东中山网站建设 光龙1.解决问题前后端在交互过程中#xff0c;请求和响应的数据需要加密处理#xff0c;并保证安全和性能。 方案名称#xff1a;ECIES (Elliptic Curve Integrated Encryption Scheme#xff0c;椭圆曲线集成加密方案)2.核心思路 服务端准备 生成密钥对#xff08;EC-椭圆曲线…1.解决问题前后端在交互过程中请求和响应的数据需要加密处理并保证安全和性能。方案名称ECIES (Elliptic Curve Integrated Encryption Scheme椭圆曲线集成加密方案)2.核心思路服务端准备生成密钥对EC-椭圆曲线私钥servPriKey放在服务端。公钥servPubKey安全地预置或下发给客户端如通过初始化接口。客户端加密每次请求生成临时密钥对EC-椭圆曲线公钥pubKey私钥priKey计算共享密钥KeyECDH-协商sha256用私钥priKey 服务端公钥servPubKey加密请求业务数据AESencryptData AES.encrypt(data, Key)发送加密后的业务数据encryptData和公钥pubKey给服务端服务端解密计算共享密钥KeyECDH-协商sha256用私钥servPriKey 客户端公钥pubKey解密请求数据data AES.decrypt(encryptData, Key)服务端加密通过3中计算的Key直接加密数据即可客户端解密通过2中计算的Key直接解密数据即可3.代码示例packagecom.visy.utils;importcn.hutool.crypto.symmetric.AES;importjavax.crypto.KeyAgreement;importjava.security.*;importjava.security.spec.ECGenParameterSpec;importjava.security.spec.PKCS8EncodedKeySpec;importjava.security.spec.X509EncodedKeySpec;importjava.util.Base64;importjava.util.function.BiConsumer;importjava.util.function.Consumer;/** * ECIES (Elliptic Curve Integrated Encryption Scheme椭圆曲线集成加密方案) * 这个方案是椭圆曲线密码学中的密码学方案用于实现前后端间通信的数据加密是应用内的加密机制。 * 核心是密钥协商使用ECDH算法生成密钥对并计算出共享密钥。 */publicclassECIESDemo{//Base64工具类staticclassBASE64{publicstaticStringencode(byte[]data){returnBase64.getEncoder().encodeToString(data);}publicstaticbyte[]decode(Stringbase64Str){returnBase64.getDecoder().decode(base64Str);}}//ECDH工具staticclassECDH{publicstaticStrKeyPairgenerateKeyPair(StringcurveName)throwsException{// 1. 指定椭圆曲线参数例如 secp256r1 (NIST P-256)ECGenParameterSpececSpecnewECGenParameterSpec(curveName);// 2. 生成ECC密钥对KeyPairGeneratorkpgKeyPairGenerator.getInstance(EC);kpg.initialize(ecSpec,newSecureRandom());KeyPairkeyPairkpg.generateKeyPair();returnStrKeyPair.of(keyPair);}/** * ECDH核心方法计算共享秘密 * param myPriKey 己方的私钥Base64字符串 * param otherPubKey 对方的公钥Base64字符串 * return Base64编码的共享秘密字符串 */publicstaticStringderiveSharedSecret(StringmyPriKey,StringotherPubKey)throwsException{PrivateKey_myPriKeyprivateKeyFromBase64(myPriKey);PublicKey_otherPubKeypublicKeyFromBase64(otherPubKey);KeyAgreementkaKeyAgreement.getInstance(ECDH);ka.init(_myPriKey);ka.doPhase(_otherPubKey,true);byte[]rawSecretka.generateSecret();//用SHA-256哈希一次得到32字节AES-256密钥MessageDigestsha256MessageDigest.getInstance(SHA-256);StringshearedSecretBASE64.encode(sha256.digest(rawSecret));System.out.println(【共享密钥】计算-私钥myPriKey);System.out.println(【共享密钥】计算-公钥otherPubKey);System.out.println(【共享密钥】计算-结果shearedSecret);System.out.println(---------------------------------);returnshearedSecret;}privatestaticPublicKeypublicKeyFromBase64(StringpublicKeyBase64)throwsException{byte[]decodedBytesBASE64.decode(publicKeyBase64);KeyFactorykeyFactoryKeyFactory.getInstance(EC);X509EncodedKeySpeckeySpecnewX509EncodedKeySpec(decodedBytes);returnkeyFactory.generatePublic(keySpec);}privatestaticPrivateKeyprivateKeyFromBase64(StringprivateKeyBase64)throwsException{byte[]decodedBytesBASE64.decode(privateKeyBase64);KeyFactorykeyFactoryKeyFactory.getInstance(EC);PKCS8EncodedKeySpeckeySpecnewPKCS8EncodedKeySpec(decodedBytes);returnkeyFactory.generatePrivate(keySpec);}}//AES加解密工具staticclassAes{publicstaticStringencrypt(Stringdata,Stringkey){AESaesnewAES(BASE64.decode(key));returnaes.encryptBase64(data);}publicstaticStringdecrypt(Stringdata,Stringkey){AESaesnewAES(BASE64.decode(key));returnaes.decryptStr(BASE64.decode(data));}}//模拟客户端如浏览器staticclassClient{//服务端公钥固定值后续不再更新privatefinalStringservPubKey;publicClient(StringservPubKey){this.servPubKeyservPubKey;System.out.println(【客户端】初始化完成服务端公钥: servPubKey);System.out.println(---------------------------------);}publicvoidrequest(Serverserver,Stringmessage,BiConsumerString,Stringcallback)throwsException{//生成密钥对StrKeyPairkeyPairgenKeyPair();//计算共享密钥StringsharedSecretgetSharedSecret(keyPair.getPriKey());//对称加密数据StringreqDataAes.encrypt(message,sharedSecret);//封装传输通道ChannelchannelnewChannel(keyPair.getPubKey(),reqData,resData-{callback.accept(resData,sharedSecret);//回调把请求的共享密钥带上用于解密});//发送给服务端server.receive(channel);}privateStrKeyPairgenKeyPair()throwsException{StrKeyPairkeyPairECDH.generateKeyPair(secp256r1);System.out.println(【客户端】公钥: keyPair.getPubKey());System.out.println(【客户端】私钥: keyPair.getPriKey());System.out.println(【客户端】已刷新密钥对);System.out.println(---------------------------------);returnkeyPair;}privateStringgetSharedSecret(StringpriKey)throwsException{returnECDH.deriveSharedSecret(priKey,this.servPubKey);}}//模拟后台服务端staticclassServer{//服务端密钥对只生成一次privatefinalStrKeyPairkeyPair;publicServer()throwsException{this.keyPairECDH.generateKeyPair(secp256r1);System.out.println(【服务端】公钥: this.keyPair.getPubKey());System.out.println(【服务端】私钥: this.keyPair.getPriKey());System.out.println(【服务端】初始化完成);System.out.println(---------------------------------);}publicStringgetPubKey(){returnthis.keyPair.getPubKey();}publicvoidreceive(Channelchannel)throwsException{//客户端公钥StringclientPubKeychannel.getClientPubKey();//计算共享密钥StringsharedSecretgetSharedSecret(clientPubKey);//解密数据StringmessageAes.decrypt(channel.read(),sharedSecret);System.out.println(【服务端】收到消息: message);System.out.println(【服务端】客户端公钥clientPubKey);System.out.println(---------------------------------);//响应消息StringresMsg服务端已收到消息-message;//加密StringdataAes.encrypt(resMsg,sharedSecret);//发送channel.write(data);}/** * 计算共享密钥服务端私钥 客户端公钥 */privateStringgetSharedSecret(StringclientPubKey)throwsException{returnECDH.deriveSharedSecret(this.keyPair.getPriKey(),clientPubKey);}}//模拟请求通道staticclassChannel{privatefinalStringreqData;privatefinalStringclientPubKey;privatefinalConsumerStringcallback;publicChannel(StringclientPubKey,StringreqData,ConsumerStringcallback){this.reqDatareqData;this.clientPubKeyclientPubKey;this.callbackcallback;}//获取客户端公钥publicStringgetClientPubKey(){returnthis.clientPubKey;}//读取数据publicStringread(){returnthis.reqData;}//写入数据publicvoidwrite(StringresData){this.callback.accept(resData);}}//密钥对base64字符串staticclassStrKeyPair{privatefinalStringpriKey;privatefinalStringpubKey;privateStrKeyPair(KeyPairkeyPair){this.priKeyBASE64.encode(keyPair.getPrivate().getEncoded());this.pubKeyBASE64.encode(keyPair.getPublic().getEncoded());}publicstaticStrKeyPairof(KeyPairkeyPair){returnnewStrKeyPair(keyPair);}publicStringgetPriKey(){returnthis.priKey;}publicStringgetPubKey(){returnthis.pubKey;}}//测试publicstaticvoidmain(String[]args)throwsException{//创建服务端ServerservernewServer();//创建客户端ClientclientnewClient(server.getPubKey());//向服务端发送请求client.request(server,hello world,(resData,sharedSecret)-{//解密数据StringmessageAes.decrypt(resData,sharedSecret);System.out.println(【客户端】收到消息: message);});System.out.println();//向服务端发送请求client.request(server,{\name\: \张三\},(resData,sharedSecret)-{//解密数据StringmessageAes.decrypt(resData,sharedSecret);System.out.println(【客户端】收到消息: message);});System.out.println();}}4.输出【服务端】公钥:MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEUutqZsAN1KhFFvS95lKFob0zKZZY0mtBKNOYFSZ/WzaLO8CHH1zjcH3nV82MxXwyj0tyhP/Dugfriy8VIWbg【服务端】私钥:MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCAaJ/UnsK4Tt1Vyt9vyAnYqinr8uobgPZOlvCMeihKkg【服务端】初始化完成---------------------------------【客户端】初始化完成服务端公钥:MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEUutqZsAN1KhFFvS95lKFob0zKZZY0mtBKNOYFSZ/WzaLO8CHH1zjcH3nV82MxXwyj0tyhP/Dugfriy8VIWbg---------------------------------【客户端】公钥:MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDz5YRdfRm1l0Wj0BqIBMEq2zLca96eidX/DEIZipQol8gzV4YKiLwtWxmS2rplAay1/4stiuofvLFZZAJ0rM/w【客户端】私钥:MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCDLGtJ2Lxm8cdo1iDbxkigojjFdy9k/wVhQ0XJTRQw【客户端】已刷新密钥对---------------------------------【共享密钥】计算-私钥MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCDLGtJ2Lxm8cdo1iDbxkigojjFdy9k/wVhQ0XJTRQw【共享密钥】计算-公钥MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEUutqZsAN1KhFFvS95lKFob0zKZZY0mtBKNOYFSZ/WzaLO8CHH1zjcH3nV82MxXwyj0tyhP/Dugfriy8VIWbg【共享密钥】计算-结果fIPyLCxiu26stP2C4bGyCU8EhuYUWp3w8PjRWdxh8k---------------------------------【共享密钥】计算-私钥MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCAaJ/UnsK4Tt1Vyt9vyAnYqinr8uobgPZOlvCMeihKkg【共享密钥】计算-公钥MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDz5YRdfRm1l0Wj0BqIBMEq2zLca96eidX/DEIZipQol8gzV4YKiLwtWxmS2rplAay1/4stiuofvLFZZAJ0rM/w【共享密钥】计算-结果fIPyLCxiu26stP2C4bGyCU8EhuYUWp3w8PjRWdxh8k---------------------------------【服务端】收到消息:hello world 【服务端】客户端公钥MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDz5YRdfRm1l0Wj0BqIBMEq2zLca96eidX/DEIZipQol8gzV4YKiLwtWxmS2rplAay1/4stiuofvLFZZAJ0rM/w---------------------------------【客户端】收到消息:服务端已收到消息-hello world【客户端】公钥:MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEGbyRS8JTE32TLAMXYaFpi8pY8Cf2R7u9gdtaPnB7thgyAZ5FEBGjgRhNEL2MFD7g5B8yLX3cTghpjisajs4Tw【客户端】私钥:MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCADaXXP8AmBXXhrDJIXpFBH9byFrak38DAY1J1zCktQ【客户端】已刷新密钥对---------------------------------【共享密钥】计算-私钥MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCADaXXP8AmBXXhrDJIXpFBH9byFrak38DAY1J1zCktQ【共享密钥】计算-公钥MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEUutqZsAN1KhFFvS95lKFob0zKZZY0mtBKNOYFSZ/WzaLO8CHH1zjcH3nV82MxXwyj0tyhP/Dugfriy8VIWbg【共享密钥】计算-结果7ngHo0nz8W2Zv9vMKORu5jC7uPIhgsZaS/657vCpcUs---------------------------------【共享密钥】计算-私钥MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCAaJ/UnsK4Tt1Vyt9vyAnYqinr8uobgPZOlvCMeihKkg【共享密钥】计算-公钥MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEGbyRS8JTE32TLAMXYaFpi8pY8Cf2R7u9gdtaPnB7thgyAZ5FEBGjgRhNEL2MFD7g5B8yLX3cTghpjisajs4Tw【共享密钥】计算-结果7ngHo0nz8W2Zv9vMKORu5jC7uPIhgsZaS/657vCpcUs---------------------------------【服务端】收到消息:{name:张三}【服务端】客户端公钥MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEGbyRS8JTE32TLAMXYaFpi8pY8Cf2R7u9gdtaPnB7thgyAZ5FEBGjgRhNEL2MFD7g5B8yLX3cTghpjisajs4Tw---------------------------------【客户端】收到消息:服务端已收到消息-{name:张三}