本文主要講解在APP上如何實現雙向RSA + AES加密。
先上一張主要流程圖:
20180124093540459.png
場景預設:
由于客戶端是APP而不是網頁,APP在第一次加載的時候會生成一對RSA秘鑰對(我們稱它為APP公鑰私鑰,不同APP的秘鑰對不一樣),生成以后就寫在配置文件里,而且每次都不變,這樣可以保證Server公鑰和APP公鑰不會在網絡上明文傳輸,從而避免了被掉包的可能。服務器也生成一對RSA秘鑰對(我們稱它為Server公鑰私鑰),也是不可修改的。APP端也會事先將服務端的Server公鑰寫死在配置文件里。主要的交互流程如上圖所示。
接下來上代碼
package com.zhuyun.encrypt;
import java.io.IOException;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
public class AESUtil {
//生成AES秘鑰,然后Base64編碼
public static String genKeyAES() throws Exception{
KeyGenerator keyGen = KeyGenerator.getInstance("AES");
keyGen.init(128);
SecretKey key = keyGen.generateKey();
String base64Str = byte2Base64(key.getEncoded());
return base64Str;
}
//將Base64編碼后的AES秘鑰轉換成SecretKey對象
public static SecretKey loadKeyAES(String base64Key) throws Exception{
byte[] bytes = base642Byte(base64Key);
SecretKeySpec key = new SecretKeySpec(bytes, "AES");
return key;
}
//加密
public static byte[] encryptAES(byte[] source, SecretKey key) throws Exception{
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, key);
return cipher.doFinal(source);
}
//解密
public static byte[] decryptAES(byte[] source, SecretKey key) throws Exception{
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, key);
return cipher.doFinal(source);
}
//字節數組轉Base64編碼
public static String byte2Base64(byte[] bytes){
BASE64Encoder encoder = new BASE64Encoder();
return encoder.encode(bytes);
}
//Base64編碼轉字節數組
public static byte[] base642Byte(String base64Key) throws IOException{
BASE64Decoder decoder = new BASE64Decoder();
return decoder.decodeBuffer(base64Key);
}
}
RSA工具類:RSAUtil
package com.zhuyun.encrypt;
import java.io.IOException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
public class RSAUtil {
//生成秘鑰對
public static KeyPair getKeyPair() throws Exception {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(2048);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
return keyPair;
}
//獲取公鑰(Base64編碼)
public static String getPublicKey(KeyPair keyPair){
PublicKey publicKey = keyPair.getPublic();
byte[] bytes = publicKey.getEncoded();
return byte2Base64(bytes);
}
//獲取私鑰(Base64編碼)
public static String getPrivateKey(KeyPair keyPair){
PrivateKey privateKey = keyPair.getPrivate();
byte[] bytes = privateKey.getEncoded();
return byte2Base64(bytes);
}
//將Base64編碼后的公鑰轉換成PublicKey對象
public static PublicKey string2PublicKey(String pubStr) throws Exception{
byte[] keyBytes = base642Byte(pubStr);
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PublicKey publicKey = keyFactory.generatePublic(keySpec);
return publicKey;
}
//將Base64編碼后的私鑰轉換成PrivateKey對象
public static PrivateKey string2PrivateKey(String priStr) throws Exception{
byte[] keyBytes = base642Byte(priStr);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PrivateKey privateKey = keyFactory.generatePrivate(keySpec);
return privateKey;
}
//公鑰加密
public static byte[] publicEncrypt(byte[] content, PublicKey publicKey) throws Exception{
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
byte[] bytes = cipher.doFinal(content);
return bytes;
}
//私鑰解密
public static byte[] privateDecrypt(byte[] content, PrivateKey privateKey) throws Exception{
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE, privateKey);
byte[] bytes = cipher.doFinal(content);
return bytes;
}
//字節數組轉Base64編碼
public static String byte2Base64(byte[] bytes){
BASE64Encoder encoder = new BASE64Encoder();
return encoder.encode(bytes);
}
//Base64編碼轉字節數組
public static byte[] base642Byte(String base64Key) throws IOException{
BASE64Decoder decoder = new BASE64Decoder();
return decoder.decodeBuffer(base64Key);
}
}
接下來是服務端的秘鑰對(Server公鑰和私鑰),我們選擇寫死在了代碼里:KeyUtil
package com.zhuyun.encrypt;
public class KeyUtil {
//服務端的RSA公鑰(Base64編碼)
public final static String SERVER_PUBLIC_KEY = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkixN3Dc6BLzb/V74VpxRXsSIu9AabGm"
+ "K4xfcPiIqub0JS99a+P6XAOGuiMT2W4p1C8U9MZDRgHjUOrKGcc5ve9uT+U90LiAgwG58YdrklOT"
+ "wlGvo6Xh4HQLRXMNoGsn6jLGdOV1RIVfWQ5EWfEB1+5v86QarLyfLIJ4ujVQfafEJ4dCwmoNSJk8"
+ "xqVBAW9tDZlNOOgaZPJuEXVIFEEjIZCkFkFxkomwVNdp79Xewrj0mCybCDVy6Mcx3jOxY0gGwbGg"
+ "S3YQxDbOpqYna8rcmf6CVJ2GA75sCU61Y8Of244CR5Rwkspbr1Pbf4UNSbVbpxzI08z1jrJvCVYW"
+ "NQLMwwIDAQAB";
//服務端的RSA私鑰(Base64編碼)
public final static String SERVER_PRIVATE_KEY = "MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCmSLE3cNzoEvNv9XvhWnFFexIi"
+ "70BpsaYrjF9w+Iiq5vQlL31r4/pcA4a6IxPZbinULxT0xkNGAeNQ6soZxzm9725P5T3QuICDAbnx"
+ "h2uSU5PCUa+jpeHgdAtFcw2gayfqMsZ05XVEhV9ZDkRZ8QHX7m/zpBqsvJ8sgni6NVB9p8Qnh0LC"
+ "ag1ImTzGpUEBb20NmU046Bpk8m4RdUgUQSMhkKQWQXGSibBU12nv1d7CuPSYLJsINXLoxzHeM7Fj"
+ "SAbBsaBLdhDENs6mpidrytyZ/oJUnYYDvmwJTrVjw5/bjgJHlHCSyluvU9t/hQ1JtVunHMjTzPWO"
+ "sm8JVhY1AszDAgMBAAECggEAFTOHhO4a/GwOJeRC20TQ1G8QrOucZt2DtmG7eYf2xPOVhXg8oZj7"
+ "vuekMe9vBHYLV0Z5gYwV38M13IdTJV5FenYgtocgDpC3sfxyXN1LVejaGhiYMGFiH2AsX7p/rkh7"
+ "Wl0G+LiY7xeiRJSRGnakKYf5NjNiQ0v5b49jHTrW/G5G579xHOC0EXJezgKKflD+XXhpBjVCMfzk"
+ "Y8tK+ZT5XnUf2U+I7o9u6G3Y3wky2ajR0GyBigLGwI0mVqyA4ie3ggSiMxotfcDwP1HpV/fK//DP"
+ "pUgBiUgspFt1NtVcNDxeQlqw3UYakfUn5j3inA4C+fZwAe7VNwZkW2uaCl7HIQKBgQDXE49dGomU"
+ "rvIXeXt/muUw5sy81sufYxUdGm9slfr8DhyEr0KKdrnKFdLtRPdr0mHnp0mlihE+rQQyQg67qys3"
+ "c4C4TcLq6PHmtkd6K0+rUDYM2BNltjgd42UA86tchZ5Qu1u7dqxmnExYUb/kXbNk/euOcv1iNkdV"
+ "Gq61AZVhfwKBgQDF7G+4q92AQTjYk1dT0Us5oAkGj4GRs5XMeJB+0jhWRhyNvgXRuKkhMgEjbSog"
+ "AnywQfD93xDw2nZw2TVFqSS5cGCR+KnwTkQcA2vE2IbduDQRTT9JUQas3EJhZ1Cp+xyXfAQorCQW"
+ "5TSNfb0LskTnV+aJaM/Yxb32NzPlXksuvQKBgDn9FhxeOVYTTUazBG9FTiI/OFh5+XDCAEFWjVBT"
+ "p9Yp39qOfnxiwnkQJUy/2Y4CrU8ONbciYL/rWkRKtzo2TnKm+7+1h6ZapE42O1NfNh3UhJ417BTy"
+ "anL0ipkVGdDaXfMacQM8XgNUhOkTMY/bC7FhHQ/NRTAjvlvd09kN0j71AoGAHKaoWZRPgTRv1TIn"
+ "DxQaDqJzDAcUG5JimfHOAP3Pd/W4RnB+iShxG0QQ1B8GXRHfGOjCyQ1Ud3k4cgePZaEhltKEuDzF"
+ "5Op/g4qfPCSYCVqT9vk2sxdOnxFXbqA1FhYqwmcKdxTMOKA/ZkgQaLQKs26PCc8pX1josc617Xsj"
+ "6QUCgYA3sHC9I8fan7FAneJvE1Fsc1ZATMuo/yNA8WlASg+OPgeCgIv5AHAvkKqj3ZYapnafmHJj"
+ "6L6jUL9dFwKqMncAdVOYI/V0oVoa8wgCHQ6b4S55dWMYhd3hSg8+8mUdxw6oOFL7rpRYduX1KxKc"
+ "8Y4OuB7RsQgdKlT/sEBDEFdS/w==";
}
接下來是主要的交互代碼了,從流程圖可以看出大體分為四個步驟:APP加密,Server解密,Server加密,APP解密。 我們把它封裝成了四個方法,對外可直接調用:
HttpEncryptUtil
package com.zhuyun.encrypt;
import java.security.PrivateKey;
import java.security.PublicKey;
import javax.crypto.SecretKey;
import net.sf.json.JSONObject;
public class HttpEncryptUtil {
//APP加密請求內容
public static String appEncrypt(String appPublicKeyStr, String content) throws Exception{
//將Base64編碼后的Server公鑰轉換成PublicKey對象
PublicKey serverPublicKey = RSAUtil.string2PublicKey(KeyUtil.SERVER_PUBLIC_KEY);
//每次都隨機生成AES秘鑰
String aesKeyStr = AESUtil.genKeyAES();
SecretKey aesKey = AESUtil.loadKeyAES(aesKeyStr);
//用Server公鑰加密AES秘鑰
byte[] encryptAesKey = RSAUtil.publicEncrypt(aesKeyStr.getBytes(), serverPublicKey);
//用AES秘鑰加密APP公鑰
byte[] encryptAppPublicKey = AESUtil.encryptAES(appPublicKeyStr.getBytes(), aesKey);
//用AES秘鑰加密請求內容
byte[] encryptRequest = AESUtil.encryptAES(content.getBytes(), aesKey);
JSONObject result = new JSONObject();
result.put("ak", RSAUtil.byte2Base64(encryptAesKey).replaceAll("\r\n", ""));
result.put("apk", RSAUtil.byte2Base64(encryptAppPublicKey).replaceAll("\r\n", ""));
result.put("ct", RSAUtil.byte2Base64(encryptRequest).replaceAll("\r\n", ""));
return result.toString();
}
//APP解密服務器的響應內容
public static String appDecrypt(String appPrivateKeyStr, String content) throws Exception{
JSONObject result = JSONObject.fromObject(content);
String encryptAesKeyStr = (String) result.get("ak");
String encryptContent = (String) result.get("ct");
//將Base64編碼后的APP私鑰轉換成PrivateKey對象
PrivateKey appPrivateKey = RSAUtil.string2PrivateKey(appPrivateKeyStr);
//用APP私鑰解密AES秘鑰
byte[] aesKeyBytes = RSAUtil.privateDecrypt(RSAUtil.base642Byte(encryptAesKeyStr), appPrivateKey);
//用AES秘鑰解密請求內容
SecretKey aesKey = AESUtil.loadKeyAES(new String(aesKeyBytes));
byte[] response = AESUtil.decryptAES(RSAUtil.base642Byte(encryptContent), aesKey);
return new String(response);
}
//服務器加密響應給APP的內容
public static String serverEncrypt(String appPublicKeyStr, String aesKeyStr, String content) throws Exception{
//將Base64編碼后的APP公鑰轉換成PublicKey對象
PublicKey appPublicKey = RSAUtil.string2PublicKey(appPublicKeyStr);
//將Base64編碼后的AES秘鑰轉換成SecretKey對象
SecretKey aesKey = AESUtil.loadKeyAES(aesKeyStr);
//用APP公鑰加密AES秘鑰
byte[] encryptAesKey = RSAUtil.publicEncrypt(aesKeyStr.getBytes(), appPublicKey);
//用AES秘鑰加密響應內容
byte[] encryptContent = AESUtil.encryptAES(content.getBytes(), aesKey);
JSONObject result = new JSONObject();
result.put("ak", RSAUtil.byte2Base64(encryptAesKey).replaceAll("\r\n", ""));
result.put("ct", RSAUtil.byte2Base64(encryptContent).replaceAll("\r\n", ""));
return result.toString();
}
//服務器解密APP的請求內容
public static String serverDecrypt(String content) throws Exception{
JSONObject result = JSONObject.fromObject(content);
String encryptAesKeyStr = (String) result.get("ak");
String encryptAppPublicKeyStr = (String) result.get("apk");
String encryptContent = (String) result.get("ct");
//將Base64編碼后的Server私鑰轉換成PrivateKey對象
PrivateKey serverPrivateKey = RSAUtil.string2PrivateKey(KeyUtil.SERVER_PRIVATE_KEY);
//用Server私鑰解密AES秘鑰
byte[] aesKeyBytes = RSAUtil.privateDecrypt(RSAUtil.base642Byte(encryptAesKeyStr), serverPrivateKey);
//用AES秘鑰解密APP公鑰
SecretKey aesKey = AESUtil.loadKeyAES(new String(aesKeyBytes));
byte[] appPublicKeyBytes = AESUtil.decryptAES(RSAUtil.base642Byte(encryptAppPublicKeyStr), aesKey);
//用AES秘鑰解密請求內容
byte[] request = AESUtil.decryptAES(RSAUtil.base642Byte(encryptContent), aesKey);
JSONObject result2 = new JSONObject();
result2.put("ak", new String(aesKeyBytes));
result2.put("apk", new String(appPublicKeyBytes));
result2.put("ct", new String(request));
return result2.toString();
}
}
接下來是測試的代碼
TestHttpEncrypt
package com.zhuyun.encrypt;
import java.io.InputStream;
import java.security.KeyPair;
import java.util.Properties;
import org.junit.Test;
public class TestHttpEncrypt {
@Test
public void testGenerateKeyPair() throws Exception{
//生成RSA公鑰和私鑰,并Base64編碼
KeyPair keyPair = RSAUtil.getKeyPair();
String publicKeyStr = RSAUtil.getPublicKey(keyPair);
String privateKeyStr = RSAUtil.getPrivateKey(keyPair);
System.out.println("RSA公鑰Base64編碼:" + publicKeyStr);
System.out.println("RSA私鑰Base64編碼:" + privateKeyStr);
}
@Test
public void testGenerateAesKey() throws Exception{
//生成AES秘鑰,并Base64編碼
String base64Str = AESUtil.genKeyAES();
System.out.println("AES秘鑰Base64編碼:" + base64Str);
}
//測試 APP加密請求內容
@Test
public void testAppEncrypt() throws Exception{
//APP端公鑰和私鑰從配置文件讀取,不能寫死在代碼里
Properties prop = new Properties();
InputStream in = TestHttpEncrypt.class.getClassLoader().getResourceAsStream("client.properties");
prop.load(in);
String appPublicKey = prop.getProperty("app.public.key");
//請求的實際內容
// String content = "{\"name\":\"infi\", \"weight\":\"60\"}";
String content = "{\"tenantid\":\"1\", \"account\":\"13015929018\", \"pwd\":\"123456\"}";
String result = HttpEncryptUtil.appEncrypt(appPublicKey, content);
System.out.println(result);
}
//測試 服務器解密APP的請求內容
@Test
public void testServerDecrypt() throws Exception{
String result = "{\"ak\":\"iLHfi1XRz4gnirU2OKggNCkz5x0i6aSonm1u3bE+ncI4AuiUG9LX2nbrQV/lWUIqwRp/q/P+SrIPnh5JbgEzSi+K46N4enyDFYbWpC6gONqQpF3tNt6Q1Y+UdX3L5l9hFPAS9tIhI2kT10AbhMox2kKOhr6ZQmmC/A3qeFEbTuUUf8bOCr4nqz4qSNyCZgcJdoAQonJeN8IilWuTD+LpbllNimFNR/sGY5jlyjvVydrdpNs15oFaXtfTLUjSXe2e5Ha1r3K7lP93C2E+KL55001xFJhQZcZXa9ZlYCMQgI+2cJlED4uA3bl2ul1dtnvXK+41Yky9e9QrRDc5luqB6w==\",\"apk\":\"P0SJaTzKWuBMi/fj2G8wwZ9+FWFIrE3BAwdoXwIfiTxptYXumLxnMpZZkCBNqQBvhvSzAEPyA3c9kCjhYCxdTnV61N+T/DZM+B62u4vqCy1MsFZT06BJjrNFW29AfSRNmQdKhJEyDPARcf5FerULbIDWGvrHzHys7jVbicjlYWtQpnyQf5Wl0Bd7taEqSwUSKejoEsN74frwlk8Hu4KP4bLvVy9S7DjOP2juXbVkHYaKgVmhM2V3yElVOEb1TDCLSFMNtug74+7itlzlChDR8wEWdh11vQcp69iGmDXMo2vcJ9tO1YZP+hCYZvujHMRwAzHtkqafEoSJsvSN8PWS+qmQdUX2frf6A0cl6SGnTbGUUEV/w0rBIU/oGhP8cl8+ghqPbp7HzvwXFOJsUciy+7tsLRrdDpLeOcz+fh/c0RSpCKNEZtRmcuUqBQ+3tZKYGPhl+StsFh3s1RCkhI4EsSD95bCbES4r1r1E4dytdELi0ebJug7Quk3rwFVXGX9o4wrnnvcbTaSyyAAg2YTNfA==\",\"ct\":\"mkC7hE/crHbmW+h2OCMBANCA64xtMFLTRmLahOU+UysZrXzK30qRj6RUcvpQz4mJ6EOYYAK34+BQBkN9gapdIw==\"}";
System.out.println(HttpEncryptUtil.serverDecrypt(result));
}
//測試 服務器加密響應給APP的內容
@Test
public void testserverEncrypt() throws Exception{
String aesKeyStr = "dSRWXM6IkWkKk7I/ZGouqA==";
String appPublicKeyStr = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqKPH/L0AZyn1fJ9xK2ol2nHY5jPu8qw7COwFukkRdr2j0oNJmD8vCTmxgzKWV0CkihiJ7Y0OekrGc78JL5tpL2SqeZTLa2bCJZJaTM3KFOXYb82nc8Xbr2caDnf7mgjyt0AALHG/YfYwd7hifZRB6Ct89uBTn6W5x/7oxGT6D1C8siXKV+99AZPMv2HobglWyquyjIL5TZOhYmCMzFUPMOiXzzGYXMZj2gmfUFXMf/2jitMPGg3zQPJxPSYunjoE1fMInk1obEhEfU8n2YxT5ZbGMWZGjt4hZwF+FJJLV+WOantfUJ4rMBB8qxgQtkT+VzddfLCEoyy4Rl50fvjzwIDAQAB";
String content = "{\"retcode\":\"200\"}";
System.out.println(HttpEncryptUtil.serverEncrypt(appPublicKeyStr, aesKeyStr, content));
}
//測試 APP解密服務器的響應內容
@Test
public void testAppDecrypt() throws Exception{
//APP端公鑰和私鑰從配置文件讀取,不能寫死在代碼里
Properties prop = new Properties();
InputStream in = TestHttpEncrypt.class.getClassLoader().getResourceAsStream("client.properties");
prop.load(in);
String appPrivateKey = prop.getProperty("app.private.key");
String content = "{\"ak\":\"mRBa005mea+6QIaFhTHrfCTBBFL+sy1uHI1iSN6LUK5/VQK/Bt9JZ+5/e2TQYMiD8U6KXBzZgHOl4RL8AErno9K4bbC+4Ke5Bl/IIGZ6kPJB4OjzbqBwxmmA+zJrcS3TlzIsVGpuIzGMQzIT0rlJl+BsQj6N9F3jfCeXBXH+JoTPEaTZqzQ9odgfPooP8jvuBOneqAiTmIgNzcVJwr7EB1tB65FjYPWFJqC0xrmLlrvev0KrD/XnKkzL1wGHc/eXeYzRXHuz4tbTHQV0mrZNz+tITXPVorRb0Tl0mglUafiqTkUBsXUv4abUvz2JImlF1nSAmQfKWfMNd7Fwag480g==\",\"ct\":\"DPMIYZaJL5e7Jvs2Vsy6jgnEPWBYFgjb1K1yf7gcWUCVyAfBPkLGK93onQkvLl8urp2yTwEsxzP6o1om0mqjkEU4oPpYf4NJC+QPQRQ2YTo=\"}";
System.out.println(HttpEncryptUtil.appDecrypt(appPrivateKey, content));
}
}
上面的過程需要APP從客戶端的配置文件讀取APP公鑰和私鑰,配置文件內容如下:
client.properties
app.public.key=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqKPH/L0AZyn1fJ9xK2ol2nHY5jPu8qw7COwFukkRdr2j0oNJmD8vCTmxgzKWV0CkihiJ7Y0OekrGc78JL5tpL2SqeZTLa2bCJZJaTM3KFOXYb82nc8Xbr2caDnf7mgjyt0AALHG/YfYwd7hifZRB6Ct89uBTn6W5x/7oxGT6D1C8siXKV+99AZPMv2HobglWyquyjIL5TZOhYmCMzFUPMOiXzzGYXMZj2gmfUFXMf/2jitMPGg3zQPJxPSYunjoE1fMInk1obEhEfU8n2YxT5ZbGMWZGjt4hZwF+FJJLV+WOantfUJ4rMBB8qxgQtkT+VzddfLCEoyy4Rl50fvjzwIDAQAB
app.private.key=MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCqoo8f8vQBnKfV8n3EraiXacdjmM+7yrDsI7AW6SRF2vaPSg0mYPy8JObGDMpZXQKSKGIntjQ56SsZzvwkvm2kvZKp5lMtrZsIlklpMzcoU5dhvzadzxduvZxoOd/uaCPK3QAAscb9h9jB3uGJ9lEHoK3z24FOfpbnH/ujEZPoPULyyJcpX730Bk8y/YehuCVbKq7KMgvlNk6FiYIzMVQ8w6JfPMZhcxmPaCZ9QVcx//aOK0w8aDfNA8nE9Ji6eOgTV8wieTWhsSER9TyfZjFPllsYxZkaO3iFnAX4UkktX5Y5qe19QniswEHyrGBC2RP5XN118sISjLLhGXnR++PPAgMBAAECggEAAP6dkvQZlADTwZ1+Oi1A9FD7hosXeuK9kULL/fYx7e5OzZsC5JxgHMCiT7k3XLn8D9oIaG7ZcxT22VmpgpVRkkpAlpjvFy8R3kTx/Jj901BZa4pvyQ+x9UVJqhncQkl9G+uZ2mcu379w9gBUlDdJVaAMI4W+BTUbsBExqEur7wiZ8S3XK3rDltKINIguPRjwVTTuepzrTNd3k7WKPD8za/OV87bGEbaGLLo8KSKzm7bJnyMSbUwkjKA+WezNidUatB1fqaXDnlVYokCdfBD7xypbbVO+HoBNNBgAwT5p3dm3hbgYsb9WNZLJXREMaNtp+AhWHGFj4qeYRl8dfGO7oQKBgQDYXTChQhKdo80nFWMtFvh1yw75uma0oOpnHEiIfYh1ekcTBLlgsGTbg60t5Klb2lF1SdfhNXb+4WQNmSMlQYoKwakiRn2JyKbk+zs/j6q1r1PV1QAP5LJ28J/FjG5bEyCXQdE9nVhTps1EX2Fuy6I9pKCQKuv86NPOsX7IMat4VwKBgQDJ5NFcORrRgxLwcx/eYGjyeyf7EDKacVpd6SzobakXnvaX3WCxw2wjvbex+zL1s+XnLmp+4l87FfuP0+yd78pRHASXwDh6MNqs8bN2ksT4LOb7bImXygcxkX8Iog9qkydKZ1kUgLtDPZMzSUyic0+/6qVro9JR3aw0oJly9p4lSQKBgQCli6gJumRD+XCe1t5rQYgZmKR8rwKmcfjnq9xTkrk2Kbj39EVilZSV4MpAsxRiE0kAVN+4kQ/bNNk5DlK1zs+wKz0d3JFxOvV3fkJ2/5W+LcgXdEH35yQlnTaiEDDfvmLRWKqgWiOa3aVxCwmhnG0mfS/dHvoxKHPnUiePRXHNQQKBgQC7lZrgsT41xC9osc6+c52PDtbK8vXRgdiQwQI0ww8FH3HHEK2y/PwRCUkQWXGz0P6fmgTg97u7zmT58dI7vHyieAHcbYEMJzBG2BwC48OXQ0EqAmKlYdTlPWZmwwzH3Qn4m6Ws4x8bDq8iS8ykc7d5fa9NH91eqzRBgaaRpoqx4QKBgEzWhwVHhTxdSBzqh6JaTKVUOrt1CwsbQOSlOy/Y8k/TJFJaQh+/yGKSBpkGLfWkY5HVra+nhAgWuCB2X301DpSMCQtTiABYvjGNNysrkm40xQOuTOmO6OTqDfyVQZmi/xUXeztiT2vKjz0em+tButyg7OP7zKzYwqW3KhAxZ94t
最后將它放入了Web項目中,部署在tomcat上面,在相同的環境下大概測試了一下API的吞吐量,如下:
| 普通http | https | http加密(本文的方法) | |
|---|---|---|---|
| 同步 | 10000 TPS | 460 TPS | 760 TPS |
| 異步 | 9000 TPS | 760 TPS | 1250 TPS |
實驗表明,在相同環境下它是https方法的吞吐量的1.6倍左右,而且比https更加安全,不過僅限于APP端,在瀏覽器上不適用。
