Many J2EE applications now use a license file to authorize the use of the system. Especially in the early stages of system purchase, there will be limited license files to restrict the system, for example, the trial version has limits such as IP address, date, and maximum number of users. There are many license control methods, which are currently quite popular. One pair of keys (private key encryption and Public Key decryption) is the method that is hard to crack as long as the design is good) generate the sinature signature content in the license file, and then encode it using base64 or hex. For example, the former Bea Company is Oracle's WebLogic and uses this method to set license files. Here, we only perform a simple implementation: There are three classes:. the keygenerater class generates a public key private key pair B. the signaturer class uses the private key for signature C. the signprovider class verifies the public key and private key using base64 to encrypt base64. This class can be found in many places. Keygenerater class: public class keygenerater {private byte [] prikey; private byte [] pubkey; Public void generater () {try {keypairgenerator keygen = keypairgenerator. getinstance ("RSA"); securerandom secrand = new securerandom (); secrand. setseed ("www. chuanjiang. CN ". getbytes (); // initialize the keygen of the random generator. initialize (1024, secrand); keypair keys = keygen. genkeypair (); publickey pubkey = keys. getpublic (); privatekey prikey = keys. getprivate () pubkey = base64.encodetobyte (pubkey. getencoded (); prikey = base64.encodetobyte (prikey. getencoded (); system. out. println ("pubkey =" + new string (pubkey); system. out. println ("prikey =" + new string (prikey);} catch (Java. lang. exception e) {system. out. println ("failed to generate the key pair"); E. printstacktrace () ;}} public byte [] getprikey () {return prikey;} public byte [] getpubkey () {return pubkey ;}} signaturer class: public class signaturer {public static byte [] Sign (byte [] prikeytext, string plaintext) {try {export pripkcs8 = new pkcs8encodedkeyspec (base64.decode (prikeytext); keyfactory keyf = keyfactory. getinstance ("RSA"); privatekey prikey = keyf. generateprivate (pripkcs8); // use the private key to generate a digital signature signet = Java. security. signature. getinstance ("md5withrsa"); signet. initsign (prikey); signet. update (plaintext. getbytes (); byte [] signed = base64.encodetobyte (signet. sign (); Return signed;} catch (Java. lang. exception e) {system. out. println ("signature failed"); E. printstacktrace ();} return NULL;} signprovider class: public class signprovider {private signprovider () {} public static Boolean verify (byte [] pubkeytext, string plaintext, byte [] signtext) {try {// decrypt the base64-encoded public key and construct the x509encodedkeyspec object x509encodedkeyspec bobpubkeyspec = new x509encodedkeyspec (base64.decode (pubkeytext )); // RSA symmetric encryption algorithm keyfactory = keyfactory. getinstance ("RSA"); // obtain the public key object publickey pubkey = keyfactory. generatepublic (bobpubkeyspec); // decrypt the base64-encoded digital signature byte [] signed = base64.decode (signtext); signature signaturechecker = signature. getinstance ("md5withrsa"); signaturechecker. initverify (pubkey); signaturechecker. update (plaintext. getbytes (); // verify whether the signature is normal if (signaturechecker. verify (Signed) return true; else return false;} catch (throwable e) {system. out. println ("Signature Verification Failed"); E. printstacktrace (); Return false ;}}}
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.