腾讯云通信服务端返回签名

package com.love.util.qcloud;

import net.sf.json.JSONObject;
import org.apache.commons.codec.binary.Base64;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import java.io.CharArrayReader;
import java.io.IOException;
import java.io.Reader;
import java.nio.charset.Charset;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import java.util.zip.Deflater;
import java.util.zip.Inflater;

/**
 * Created by liping.sang on 2017/1/18 0018.
 */
public class QChatUtils {

    private static final long EXPIRE_SECOND = Long.valueOf(60 * 60 * 24 * 180);
    private static final String BC = "BC";
    private static final String SHA256withECDSA = "SHA256withECDSA";
    private static final String UTF8 = "UTF-8";

    private static final String QC_ACCOUNT_TYPE="10209";
    private static final String QC_SDK_APP_ID="1400023855";
    private static final String QC_PRIVATE_KEY="自己的私钥";

    private static final String QC_PUBLIC_KEY="自己的公钥";

    private QChatUtils() {}

    private static Signature getSignatureWithPrivateKey(PrivateKey privateKey, String content) throws Exception {
        Signature signature = Signature.getInstance(SHA256withECDSA, BC);
        signature.initSign(privateKey);
        signature.update(content.getBytes(Charset.forName(UTF8)));
        return signature;
    }

    private static Signature getSignatureWithPublicKey(PublicKey publicKey, String content) throws Exception {
        Signature signature = Signature.getInstance(SHA256withECDSA, BC);
        signature.initVerify(publicKey);
        signature.update(content.getBytes(Charset.forName(UTF8)));
        return signature;
    }

    private static PrivateKey getPrivateKey(String privateKeyStr) throws IOException {
        Security.addProvider(new BouncyCastleProvider());
        Reader reader = new CharArrayReader(privateKeyStr.toCharArray());
        JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
        PEMParser parser = new PEMParser(reader);
        PrivateKeyInfo privateKeyInfo = (PrivateKeyInfo) parser.readObject();
        parser.close();
        PrivateKey privateKey = converter.getPrivateKey(privateKeyInfo);
        return privateKey;
    }

    private static PublicKey getPublicKey(String publicKeyStr) throws IOException {
        Reader reader = new CharArrayReader(publicKeyStr.toCharArray());
        PEMParser parser = new PEMParser(reader);
        JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
        SubjectPublicKeyInfo subjectPublicKeyInfo = (SubjectPublicKeyInfo) parser.readObject();
        parser.close();
        PublicKey publicKey = converter.getPublicKey(subjectPublicKeyInfo);
        return publicKey;
    }

    private static String getContent(String identifier, String time) {
        StringBuffer sb = new StringBuffer();
        sb.append("TLS.appid_at_3rd:").append(0).append("\n").append("TLS.account_type:").append(QC_ACCOUNT_TYPE).append("\n").append("TLS.identifier:")
                .append(identifier).append("\n").append("TLS.sdk_appid:").append(QC_SDK_APP_ID).append("\n").append("TLS.time:").append(time).append("\n")
                .append("TLS.expire_after:").append(EXPIRE_SECOND).append("\n");
        return sb.toString();
    }

    /**
     * 生成UserSig
     *
     * @param identifier 用户ID
     * @return
     * @throws Exception
     */
    public static String getUserSig(String identifier) throws Exception {
        String time = String.valueOf(System.currentTimeMillis() / 1000);
        Signature signature = getSignatureWithPrivateKey(getPrivateKey(QC_PRIVATE_KEY), getContent(identifier, time));
        byte[] signatureBytes = signature.sign();

        String sigTLS = Base64.encodeBase64String(signatureBytes);

        Map<String, Object> map = new HashMap<String, Object>();
        map.put("TLS.account_type", 0);
        map.put("TLS.identifier", identifier);
        map.put("TLS.appid_at_3rd", 0);
        map.put("TLS.sdk_appid", QC_SDK_APP_ID);
        map.put("TLS.expire_after", EXPIRE_SECOND);
        map.put("TLS.version", "201512300000");
        map.put("TLS.sig", sigTLS);
        map.put("TLS.time", time);
        JSONObject jsonObject = JSONObject.fromObject(map);
        String jsonString = jsonObject.toString();

        Deflater deflater = new Deflater();
        deflater.setInput(jsonString.getBytes(Charset.forName(UTF8)));

        deflater.finish();
        byte[] compressBytes = new byte[512];
        int compressBytesLength = deflater.deflate(compressBytes);
        deflater.end();
        return new String(Base64.encodeBase64(Arrays.copyOfRange(compressBytes, 0, compressBytesLength)));
    }

    /**
     * 验证签名
     *
     * @param userSig 签名
     * @param identifier 用户ID
     * @return
     * @throws Exception
     */
    public static boolean checkUserSig(String userSig, String identifier) throws Exception {
        Security.addProvider(new BouncyCastleProvider());

        Base64 decoder = new Base64();

        byte[] compressBytes = Base64.decodeBase64(userSig.getBytes(Charset.forName(UTF8)));

        Inflater inflater = new Inflater();
        inflater.setInput(compressBytes, 0, compressBytes.length);
        byte[] decompressBytes = new byte[1024];
        int decompressLength = inflater.inflate(decompressBytes);
        inflater.end();

        String jsonString = new String(Arrays.copyOfRange(decompressBytes, 0, decompressLength));

        JSONObject jsonObject = JSONObject.fromObject(jsonString);
        String sigTLS = jsonObject.getString("TLS.sig");

        byte[] signatureBytes = decoder.decode(sigTLS.getBytes(Charset.forName(UTF8)));

        String sigTime = jsonObject.getString("TLS.time");
        Signature signature = getSignatureWithPublicKey(QChatUtils.getPublicKey(QC_PUBLIC_KEY), getContent(identifier, sigTime));
        return signature.verify(signatureBytes);
    }

    public static void main(String[] args) {
        try {

            String userSig = QChatUtils.getUserSig("xxx@foxmail.com");
            System.out.println("UserSig: " + userSig);

            boolean checkResult = QChatUtils.checkUserSig(userSig, "xxx@foxmail.com");
            System.out.println("Check UserSig Result: " + checkResult);

        } catch (Exception e) {
            e.printStackTrace();
        }
    }

}

以上为第一种使用的时候直接String  usrsig=QChatUtils.getUserSig("用户名");

 

package com.love.util.qcloud.qcim;

import com.tls.tls_sigature.tls_sigature;
import com.tls.tls_sigature.tls_sigature.GenTLSSignatureResult;

import java.io.IOException;

public class SigUtil { 
    
    private static String privatekey = "";
    private static String usersig = "";
    private static long usersig_gentime = 0;
    
    public static String GetSignature(String identifier)    throws SigException{
        boolean needGenSig = false;
        do
        {
            if(usersig == "" || usersig_gentime == 0)
            {
                needGenSig = true;
                break;
            }

            long expect_expire_time = usersig_gentime + SigConfig.expire;
            long nowtime = System.currentTimeMillis();
            if(expect_expire_time < nowtime)//这里会有一些问题，如果不同账户请求有时会出现生成相同的签名
            {
                needGenSig = true;
                break;
            }

        }while(false);

        if(needGenSig)
        {
            GenSignature(identifier);
        }
        
        if(usersig == "")
        {
            throw new SigException("invalid signature");
        }
        return usersig;
    }
    
    private static void GenSignature(String identifier) throws SigException {
        
        if(privatekey == "") {
            privatekey="-----BEGIN PRIVATE KEY-----私钥 -----END PRIVATE KEY-----";
        }

        GenTLSSignatureResult result = null;
        try {
            
        /**
         * @brief 生成 tls 票据，精简参数列表
         * @param skdAppid 应用的 sdkappid
         * @param identifier 用户 id
         * @param privStr 私钥文件内容
         * @param expire 有效期，以秒为单位，推荐时长一个月
         * @return
         * @throws IOException
         */
        result = tls_sigature.GenTLSSignatureEx(
                SigConfig.sdkappid,
                identifier,
                privatekey,
                SigConfig.expire
                );
        } catch (IOException e) {
            throw new SigException("tls_sigature.GenTLSSignatureEx failed: " + e.getMessage());
        }
        
        if (0 == result.urlSig.length()) {
            usersig = "";
            throw new SigException("tls_sigature.GenTLSSignatureEx failed: " + result.errMessage);
        } else {
                usersig = result.urlSig;
                usersig_gentime = System.currentTimeMillis();
        }
    }
}

package com.love.util.qcloud.qcim;

import java.io.FileInputStream;
import java.io.IOException;
import java.util.Properties;

public class SigConfig {
    
    public static String identifier;
    public static long sdkappid;
    public static long expire;
    public static String privateKey;
    
    private SigConfig() {
        
    }
    
    public static void loadConfig(String config) throws ConfigFileException {
        Properties prop =  new  Properties();
        try {
            FileInputStream in = new FileInputStream(config);
            prop.load(in);
        } catch (IOException e) {
            throw new ConfigFileException("invalid config file path");
        }

        //identifier = prop.getProperty( "identifier" ).trim();
        privateKey = prop.getProperty( "privateKey" ).trim();
        
        try {
            sdkappid = Long.parseLong(prop.getProperty( "sdkappid" ).trim());
        } catch (NumberFormatException e) {
            throw new ConfigFileException("invalid sdkappid");
        }

        try {
            expire = Long.parseLong(prop.getProperty( "expire" ).trim());
        } catch (NumberFormatException e) {
            throw new ConfigFileException("invalid expire time");
        }
        
    }
}

package com.love.util.qcloud.qcim;

public class SigException extends Exception {

    private static final long serialVersionUID = 1L;

    public SigException(String msg) {
        super(msg);
    }
}

package com.love.util.qcloud.qcim;

public class ConfigFileException extends Exception {

    private static final long serialVersionUID = 8602127640556152351L;

    public ConfigFileException(String msg) {
        super(msg);
    }
}

这个是官网demo的一个方式