赞
踩
RSA密钥生成
生成一个别名为test的私钥和证书,需要按提示输入私钥密码和证书信息,
keytool -genkey -keystore test.p12 -alias test -keyalg RSA -keysize 1024 -storetype pkcs12
导出公钥证书
keytool -export -alias test -keystore test.p12 -file test.crt
- @Component
- public class RSAEncrypt {
-
- private static Logger logger = LoggerFactory.getLogger(RSAEncrypt.class);
- private static RSAEncrypt rsaEncrypt;
-
- @PostConstruct
- private void initPro() throws Exception {
- rsaEncrypt = this;
- rsaEncrypt.hbpayConfig = this.hbpayConfig;
- RSAEncrypt.init();
- }
-
- /**
- * 初始化证书
- * @throws Exception
- */
- private static void init() throws Exception {
- getPrivateKey();
- getPublicKey();
- }
-
- @Autowired
- private HBpayConfig hbpayConfig;
-
- private static PrivateKey privateKey;
-
- private static PublicKey publicKey;
-
- // 从keystore文件中提取私钥 filename:D:\certs\test.p12
- private static PrivateKey getPrivateKey() {
- if(rsaEncrypt.privateKey == null){
- BufferedInputStream bufferedInputStream = null;
- try {
- FileInputStream is = new FileInputStream(rsaEncrypt.hbpayConfig.getPrivateKeyPath());
- bufferedInputStream = new BufferedInputStream(is);
- KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
- char[] passwd = rsaEncrypt.hbpayConfig.getPrivateKeyPwd().toCharArray();
- keystore.load(bufferedInputStream, passwd);
- rsaEncrypt.privateKey = (PrivateKey) keystore.getKey(rsaEncrypt.hbpayConfig.getPrivateKeyAlias(), passwd);
- return rsaEncrypt.privateKey;
- } catch (KeyStoreException e) {
- e.printStackTrace();
- } catch (IOException e) {
- e.printStackTrace();
- } catch (NoSuchAlgorithmException e) {
- e.printStackTrace();
- } catch (CertificateException e) {
- e.printStackTrace();
- } catch (UnrecoverableKeyException e) {
- e.printStackTrace();
- } finally {
-
- try {
- if(bufferedInputStream != null){
- bufferedInputStream.close();
- }
- } catch (IOException e) {
- e.printStackTrace();
- }
- }
- return null;
- }else{
- return rsaEncrypt.privateKey;
- }
-
- }
-
- // 签名
- private static String sign(PrivateKey privateKey, String message) throws Exception {
- Signature sign = Signature.getInstance("SHA1withRSA");
- sign.initSign(privateKey);
- sign.update(message.getBytes("UTF-8"));
- return new String(Base64.getEncoder().encodeToString(sign.sign()));
- }
-
- // 验签 读取公钥 ,公钥和包提供filename:D:\certs\test.crt
- private static PublicKey getPublicKey() throws Exception {
- if(rsaEncrypt.publicKey == null){
- BufferedInputStream bufferedInputStream = null;
- try {
- CertificateFactory cf = CertificateFactory.getInstance("X.509");
- FileInputStream inStream = new FileInputStream(rsaEncrypt.hbpayConfig.getPublicKeyPath());
- bufferedInputStream = new BufferedInputStream(inStream);
- Certificate cert = cf.generateCertificate(bufferedInputStream);
- rsaEncrypt.publicKey = cert.getPublicKey();
- return rsaEncrypt.publicKey;
- } catch (CertificateException e) {
- e.printStackTrace();
- } catch (FileNotFoundException e) {
- e.printStackTrace();
- } finally {
- try {
- if(bufferedInputStream != null){
- bufferedInputStream.close();
- }
- } catch (IOException e) {
- e.printStackTrace();
- }
- }
- return null;
- }
- return rsaEncrypt.publicKey;
- }
-
- // 验签
- public static boolean verify(String message, String signature) throws Exception {
- Signature sign = Signature.getInstance("SHA1withRSA");
- sign.initVerify(rsaEncrypt.publicKey);
- sign.update(message.getBytes("UTF-8"));
- return sign.verify(Base64.getDecoder().decode(signature));
- }
-
- // 请求报文 签名 message=body
- public static String getSign(String message) {
-
- logger.info("签名数据:{}",message);
- String sign = null;
- try {
- sign = sign(rsaEncrypt.privateKey, message);
- } catch (Exception e) {
- e.printStackTrace();
- }
- return sign;
- }
-
- // 请求报文 签名 map=body
- public String getSignByMap(LinkedHashMap<String, String> header, LinkedHashMap<String, String> body) {
- String sign = null;
- StringBuilder message = new StringBuilder();
- for (Map.Entry<String, String> entry : header.entrySet()) {
- String value = entry.getValue();
- message.append(value);
- }
- for (Map.Entry<String, String> entry : body.entrySet()) {
- String value = entry.getValue();
- message.append(value);
- }
- try {
- sign = sign(rsaEncrypt.privateKey, message.toString());
- } catch (Exception e) {
- e.printStackTrace();
- }
- return sign;
- }
- }

Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。