forked from rongchao/epmet-cloud-rizhao
jianjun
5 years ago
4 changed files with 158 additions and 298 deletions
@ -1,251 +0,0 @@ |
|||||
package com.epmet.commons.tools.utils; |
|
||||
|
|
||||
import javax.crypto.Cipher; |
|
||||
import java.security.*; |
|
||||
import java.security.spec.PKCS8EncodedKeySpec; |
|
||||
import java.security.spec.X509EncodedKeySpec; |
|
||||
import java.util.Base64; |
|
||||
|
|
||||
/** |
|
||||
* @author jianjun liu |
|
||||
* @date 2020-06-05 16:48 |
|
||||
**/ |
|
||||
|
|
||||
public class RSASignature { |
|
||||
|
|
||||
|
|
||||
//非对称密钥算法
|
|
||||
private static final String KEY_ALGORITHM = "RSA"; |
|
||||
//密钥长度,在512到65536位之间,建议不要太长,否则速度很慢,生成的加密数据很长
|
|
||||
private static final int KEY_SIZE = 512; |
|
||||
//字符编码
|
|
||||
private static final String CHARSET = "UTF-8"; |
|
||||
|
|
||||
/** |
|
||||
* 生成密钥对 |
|
||||
* |
|
||||
* @return KeyPair 密钥对 |
|
||||
*/ |
|
||||
public static KeyPair getKeyPair() throws Exception { |
|
||||
return getKeyPair(null); |
|
||||
} |
|
||||
|
|
||||
/** |
|
||||
* 生成密钥对 |
|
||||
* |
|
||||
* @param password 生成密钥对的密码 |
|
||||
* @return |
|
||||
* @throws Exception |
|
||||
*/ |
|
||||
public static KeyPair getKeyPair(String password) throws Exception { |
|
||||
//实例化密钥生成器
|
|
||||
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_ALGORITHM); |
|
||||
//初始化密钥生成器
|
|
||||
if (password == null) { |
|
||||
keyPairGenerator.initialize(KEY_SIZE); |
|
||||
} else { |
|
||||
SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG"); |
|
||||
secureRandom.setSeed(password.getBytes(CHARSET)); |
|
||||
keyPairGenerator.initialize(KEY_SIZE, secureRandom); |
|
||||
} |
|
||||
//生成密钥对
|
|
||||
return keyPairGenerator.generateKeyPair(); |
|
||||
} |
|
||||
|
|
||||
/** |
|
||||
* 取得私钥 |
|
||||
* |
|
||||
* @param keyPair 密钥对 |
|
||||
* @return byte[] 私钥 |
|
||||
*/ |
|
||||
public static byte[] getPrivateKeyBytes(KeyPair keyPair) { |
|
||||
return keyPair.getPrivate().getEncoded(); |
|
||||
} |
|
||||
|
|
||||
/** |
|
||||
* 取得Base64编码的私钥 |
|
||||
* |
|
||||
* @param keyPair 密钥对 |
|
||||
* @return String Base64编码的私钥 |
|
||||
*/ |
|
||||
public static String getPrivateKey(KeyPair keyPair) { |
|
||||
return Base64.getEncoder().encodeToString(getPrivateKeyBytes(keyPair)); |
|
||||
} |
|
||||
|
|
||||
/** |
|
||||
* 取得公钥 |
|
||||
* |
|
||||
* @param keyPair 密钥对 |
|
||||
* @return byte[] 公钥 |
|
||||
*/ |
|
||||
public static byte[] getPublicKeyBytes(KeyPair keyPair) { |
|
||||
return keyPair.getPublic().getEncoded(); |
|
||||
} |
|
||||
|
|
||||
/** |
|
||||
* 取得Base64编码的公钥 |
|
||||
* |
|
||||
* @param keyPair 密钥对 |
|
||||
* @return String Base64编码的公钥 |
|
||||
*/ |
|
||||
public static String getPublicKey(KeyPair keyPair) { |
|
||||
return Base64.getEncoder().encodeToString(getPublicKeyBytes(keyPair)); |
|
||||
} |
|
||||
|
|
||||
/** |
|
||||
* 私钥加密 |
|
||||
* |
|
||||
* @param data 待加密数据 |
|
||||
* @param privateKey 私钥字节数组 |
|
||||
* @return byte[] 加密数据 |
|
||||
*/ |
|
||||
public static byte[] encryptByPrivateKey(byte[] data, byte[] privateKey) throws Exception { |
|
||||
//实例化密钥工厂
|
|
||||
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); |
|
||||
//生成私钥
|
|
||||
PrivateKey key = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(privateKey)); |
|
||||
//数据加密
|
|
||||
Cipher cipher = Cipher.getInstance(KEY_ALGORITHM); |
|
||||
cipher.init(Cipher.ENCRYPT_MODE, key); |
|
||||
return cipher.doFinal(data); |
|
||||
} |
|
||||
|
|
||||
/** |
|
||||
* 私钥加密 |
|
||||
* |
|
||||
* @param data 待加密数据 |
|
||||
* @param privateKey Base64编码的私钥 |
|
||||
* @return String Base64编码的加密数据 |
|
||||
*/ |
|
||||
public static String encryptByPrivateKey(String data, String privateKey) throws Exception { |
|
||||
byte[] key = Base64.getDecoder().decode(privateKey); |
|
||||
return Base64.getEncoder().encodeToString(encryptByPrivateKey(data.getBytes(CHARSET), key)); |
|
||||
} |
|
||||
|
|
||||
/** |
|
||||
* 公钥加密 |
|
||||
* |
|
||||
* @param data 待加密数据 |
|
||||
* @param publicKey 公钥字节数组 |
|
||||
* @return byte[] 加密数据 |
|
||||
*/ |
|
||||
public static byte[] encryptByPublicKey(byte[] data, byte[] publicKey) throws Exception { |
|
||||
//实例化密钥工厂
|
|
||||
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); |
|
||||
//生成公钥
|
|
||||
PublicKey key = keyFactory.generatePublic(new X509EncodedKeySpec(publicKey)); |
|
||||
//数据加密
|
|
||||
Cipher cipher = Cipher.getInstance(KEY_ALGORITHM); |
|
||||
cipher.init(Cipher.ENCRYPT_MODE, key); |
|
||||
return cipher.doFinal(data); |
|
||||
} |
|
||||
|
|
||||
/** |
|
||||
* 公钥加密 |
|
||||
* |
|
||||
* @param data 待加密数据 |
|
||||
* @param publicKey Base64编码的公钥 |
|
||||
* @return String Base64编码的加密数据 |
|
||||
*/ |
|
||||
public static String encryptByPublicKey(String data, String publicKey) throws Exception { |
|
||||
byte[] key = Base64.getDecoder().decode(publicKey); |
|
||||
return Base64.getEncoder().encodeToString(encryptByPublicKey(data.getBytes(CHARSET), key)); |
|
||||
} |
|
||||
|
|
||||
/** |
|
||||
* 私钥解密 |
|
||||
* |
|
||||
* @param data 待解密数据 |
|
||||
* @param privateKey 私钥字节数组 |
|
||||
* @return byte[] 解密数据 |
|
||||
*/ |
|
||||
public static byte[] decryptByPrivateKey(byte[] data, byte[] privateKey) throws Exception { |
|
||||
//实例化密钥工厂
|
|
||||
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); |
|
||||
//生成私钥
|
|
||||
PrivateKey key = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(privateKey)); |
|
||||
//数据解密
|
|
||||
Cipher cipher = Cipher.getInstance(KEY_ALGORITHM); |
|
||||
cipher.init(Cipher.DECRYPT_MODE, key); |
|
||||
return cipher.doFinal(data); |
|
||||
} |
|
||||
|
|
||||
/** |
|
||||
* 私钥解密 |
|
||||
* |
|
||||
* @param data Base64编码的待解密数据 |
|
||||
* @param privateKey Base64编码的私钥 |
|
||||
* @return String 解密数据 |
|
||||
*/ |
|
||||
public static String decryptByPrivateKey(String data, String privateKey) throws Exception { |
|
||||
byte[] key = Base64.getDecoder().decode(privateKey); |
|
||||
return new String(decryptByPrivateKey(Base64.getDecoder().decode(data), key), CHARSET); |
|
||||
} |
|
||||
|
|
||||
/** |
|
||||
* 公钥解密 |
|
||||
* |
|
||||
* @param data 待解密数据 |
|
||||
* @param publicKey 公钥字节数组 |
|
||||
* @return byte[] 解密数据 |
|
||||
*/ |
|
||||
public static byte[] decryptByPublicKey(byte[] data, byte[] publicKey) throws Exception { |
|
||||
//实例化密钥工厂
|
|
||||
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); |
|
||||
//产生公钥
|
|
||||
PublicKey key = keyFactory.generatePublic(new X509EncodedKeySpec(publicKey)); |
|
||||
//数据解密
|
|
||||
Cipher cipher = Cipher.getInstance(KEY_ALGORITHM); |
|
||||
cipher.init(Cipher.DECRYPT_MODE, key); |
|
||||
return cipher.doFinal(data); |
|
||||
} |
|
||||
|
|
||||
/** |
|
||||
* 公钥解密 |
|
||||
* |
|
||||
* @param data Base64编码的待解密数据 |
|
||||
* @param publicKey Base64编码的公钥 |
|
||||
* @return String 解密数据 |
|
||||
*/ |
|
||||
public static String decryptByPublicKey(String data, String publicKey) throws Exception { |
|
||||
byte[] key = Base64.getDecoder().decode(publicKey); |
|
||||
return new String(decryptByPublicKey(Base64.getDecoder().decode(data), key), CHARSET); |
|
||||
} |
|
||||
|
|
||||
/** |
|
||||
* 测试加解密方法 |
|
||||
* |
|
||||
* @param args |
|
||||
* @throws Exception |
|
||||
*/ |
|
||||
public static void main(String[] args) throws Exception { |
|
||||
//生成密钥对,一般生成之后可以放到配置文件中
|
|
||||
KeyPair keyPair = RSASignature.getKeyPair(); |
|
||||
//公钥
|
|
||||
String publicKey = RSASignature.getPublicKey(keyPair); |
|
||||
//私钥
|
|
||||
String privateKey = RSASignature.getPrivateKey(keyPair); |
|
||||
|
|
||||
System.out.println("公钥:\n" + publicKey); |
|
||||
System.out.println("私钥:\n" + privateKey); |
|
||||
|
|
||||
String data = "RSA 加解密测试!"; |
|
||||
{ |
|
||||
System.out.println("\n===========私钥加密,公钥解密=============="); |
|
||||
String s1 = RSASignature.encryptByPrivateKey(data, privateKey); |
|
||||
System.out.println("加密后的数据:" + s1); |
|
||||
String s2 = RSASignature.decryptByPublicKey(s1, publicKey); |
|
||||
System.out.println("解密后的数据:" + s2 + "\n\n"); |
|
||||
} |
|
||||
|
|
||||
{ |
|
||||
System.out.println("\n===========公钥加密,私钥解密=============="); |
|
||||
String s1 = RSASignature.encryptByPublicKey(data, publicKey); |
|
||||
System.out.println("加密后的数据:" + s1); |
|
||||
String s2 = RSASignature.decryptByPrivateKey(s1, privateKey); |
|
||||
System.out.println("解密后的数据:" + s2 + "\n\n"); |
|
||||
} |
|
||||
|
|
||||
} |
|
||||
|
|
||||
} |
|
||||
@ -0,0 +1,152 @@ |
|||||
|
package com.epmet.openapi.scan.common.util; |
||||
|
|
||||
|
import org.apache.commons.codec.binary.Base64; |
||||
|
import org.bouncycastle.util.encoders.UrlBase64; |
||||
|
import org.slf4j.Logger; |
||||
|
import org.slf4j.LoggerFactory; |
||||
|
|
||||
|
import javax.crypto.Cipher; |
||||
|
import java.io.ByteArrayInputStream; |
||||
|
import java.io.InputStream; |
||||
|
import java.security.KeyFactory; |
||||
|
import java.security.PrivateKey; |
||||
|
import java.security.PublicKey; |
||||
|
import java.security.Signature; |
||||
|
import java.security.cert.Certificate; |
||||
|
import java.security.cert.CertificateFactory; |
||||
|
import java.security.spec.PKCS8EncodedKeySpec; |
||||
|
import java.security.spec.X509EncodedKeySpec; |
||||
|
|
||||
|
/** |
||||
|
* @author jianjun liu |
||||
|
* @date 2020-06-05 16:48 |
||||
|
**/ |
||||
|
|
||||
|
public class RSASignature { |
||||
|
private static final Logger LOGGER = LoggerFactory.getLogger(RSASignature.class); |
||||
|
public static final String KEY_ALGORITHM = "RSA"; |
||||
|
public static final String SIGNATURE_ALGORITHM = "SHA1WithRSA"; |
||||
|
public static final String ENCODING = "utf-8"; |
||||
|
public static final String X509 = "X.509"; |
||||
|
|
||||
|
/** |
||||
|
* 获取私钥 |
||||
|
* |
||||
|
* @param key |
||||
|
* @return |
||||
|
* @throws Exception |
||||
|
*/ |
||||
|
public static PrivateKey getPrivateKey(String key) throws Exception { |
||||
|
byte[] keyBytes = Base64.decodeBase64(key.getBytes(ENCODING)); |
||||
|
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes); |
||||
|
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); |
||||
|
PrivateKey privateKey = keyFactory.generatePrivate(keySpec); |
||||
|
return privateKey; |
||||
|
} |
||||
|
|
||||
|
/** |
||||
|
* 获取公钥 |
||||
|
* |
||||
|
* @param key |
||||
|
* @return |
||||
|
* @throws Exception |
||||
|
*/ |
||||
|
public static PublicKey getPublicKey(String key) throws Exception { |
||||
|
byte[] keyBytes = Base64.decodeBase64(key.getBytes(ENCODING)); |
||||
|
CertificateFactory certificateFactory = CertificateFactory.getInstance(X509); |
||||
|
InputStream in = new ByteArrayInputStream(keyBytes); |
||||
|
Certificate certificate = certificateFactory.generateCertificate(in); |
||||
|
PublicKey publicKey = certificate.getPublicKey(); |
||||
|
return publicKey; |
||||
|
} |
||||
|
|
||||
|
/** |
||||
|
* 使用公钥对明文进行加密,返回BASE64编码的字符串 |
||||
|
* |
||||
|
* @param publicKey |
||||
|
* @param plainText |
||||
|
* @return |
||||
|
*/ |
||||
|
public static String encrypt(String publicKey, String plainText) { |
||||
|
try { |
||||
|
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); |
||||
|
byte[] encodedKey = Base64.decodeBase64(publicKey.getBytes(ENCODING)); |
||||
|
PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey)); |
||||
|
Cipher cipher = Cipher.getInstance(KEY_ALGORITHM); |
||||
|
cipher.init(Cipher.ENCRYPT_MODE, pubKey); |
||||
|
byte[] enBytes = cipher.doFinal(plainText.getBytes()); |
||||
|
return new String(Base64.encodeBase64(enBytes)); |
||||
|
} catch (Exception e) { |
||||
|
LOGGER.error("rsa encrypt exception: {}", e.getMessage(), e); |
||||
|
} |
||||
|
return null; |
||||
|
} |
||||
|
|
||||
|
/** |
||||
|
* 使用私钥对明文密文进行解密 |
||||
|
* |
||||
|
* @param privateKey |
||||
|
* @param enStr |
||||
|
* @return |
||||
|
*/ |
||||
|
public static String decrypt(String privateKey, String enStr) { |
||||
|
try { |
||||
|
PrivateKey priKey = getPrivateKey(privateKey); |
||||
|
Cipher cipher = Cipher.getInstance(KEY_ALGORITHM); |
||||
|
cipher.init(Cipher.DECRYPT_MODE, priKey); |
||||
|
byte[] deBytes = cipher.doFinal(Base64.decodeBase64(enStr)); |
||||
|
return new String(deBytes); |
||||
|
} catch (Exception e) { |
||||
|
LOGGER.error("rsa decrypt exception: {}", e.getMessage(), e); |
||||
|
} |
||||
|
return null; |
||||
|
} |
||||
|
|
||||
|
/** |
||||
|
* RSA私钥签名 |
||||
|
* |
||||
|
* @param content 待签名数据 |
||||
|
* @param privateKey 私钥 |
||||
|
* @return 签名值 |
||||
|
*/ |
||||
|
public static String signByPrivateKey(String content, String privateKey) { |
||||
|
try { |
||||
|
PrivateKey priKey = getPrivateKey(privateKey); |
||||
|
Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM); |
||||
|
signature.initSign(priKey); |
||||
|
signature.update(content.getBytes(ENCODING)); |
||||
|
byte[] signed = signature.sign(); |
||||
|
return new String(UrlBase64.encode(signed), ENCODING); |
||||
|
} catch (Exception e) { |
||||
|
LOGGER.error("sign error, content: {}", content, e); |
||||
|
} |
||||
|
return null; |
||||
|
} |
||||
|
|
||||
|
/** |
||||
|
* 公钥验签 |
||||
|
* |
||||
|
* @param content |
||||
|
* @param sign |
||||
|
* @param publicKey |
||||
|
* @return |
||||
|
*/ |
||||
|
public static boolean verifySignByPublicKey(String content, String sign, String publicKey) { |
||||
|
try { |
||||
|
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); |
||||
|
byte[] encodedKey = Base64.decodeBase64(publicKey.getBytes(ENCODING)); |
||||
|
PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey)); |
||||
|
|
||||
|
Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM); |
||||
|
signature.initVerify(pubKey); |
||||
|
signature.update(content.getBytes(ENCODING)); |
||||
|
|
||||
|
return signature.verify(UrlBase64.decode(sign.getBytes(ENCODING))); |
||||
|
|
||||
|
} catch (Exception e) { |
||||
|
LOGGER.error("verify sign error, content: {}, sign: {}", content, sign, e); |
||||
|
} |
||||
|
return false; |
||||
|
} |
||||
|
|
||||
|
} |
||||
Loading…
Reference in new issue