当前位置:   article > 正文

JAVA中的RSA密钥生成及签名验签_sign.initsign

sign.initsign

RSA密钥生成

生成一个别名为test的私钥和证书,需要按提示输入私钥密码和证书信息,

keytool -genkey -keystore test.p12 -alias test -keyalg RSA -keysize 1024 -storetype pkcs12

导出公钥证书

keytool -export -alias test -keystore test.p12 -file test.crt

  1. @Component
  2. public class RSAEncrypt {
  3. private static Logger logger = LoggerFactory.getLogger(RSAEncrypt.class);
  4. private static RSAEncrypt rsaEncrypt;
  5. @PostConstruct
  6. private void initPro() throws Exception {
  7. rsaEncrypt = this;
  8. rsaEncrypt.hbpayConfig = this.hbpayConfig;
  9. RSAEncrypt.init();
  10. }
  11. /**
  12. * 初始化证书
  13. * @throws Exception
  14. */
  15. private static void init() throws Exception {
  16. getPrivateKey();
  17. getPublicKey();
  18. }
  19. @Autowired
  20. private HBpayConfig hbpayConfig;
  21. private static PrivateKey privateKey;
  22. private static PublicKey publicKey;
  23. // 从keystore文件中提取私钥 filename:D:\certs\test.p12
  24. private static PrivateKey getPrivateKey() {
  25. if(rsaEncrypt.privateKey == null){
  26. BufferedInputStream bufferedInputStream = null;
  27. try {
  28. FileInputStream is = new FileInputStream(rsaEncrypt.hbpayConfig.getPrivateKeyPath());
  29. bufferedInputStream = new BufferedInputStream(is);
  30. KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
  31. char[] passwd = rsaEncrypt.hbpayConfig.getPrivateKeyPwd().toCharArray();
  32. keystore.load(bufferedInputStream, passwd);
  33. rsaEncrypt.privateKey = (PrivateKey) keystore.getKey(rsaEncrypt.hbpayConfig.getPrivateKeyAlias(), passwd);
  34. return rsaEncrypt.privateKey;
  35. } catch (KeyStoreException e) {
  36. e.printStackTrace();
  37. } catch (IOException e) {
  38. e.printStackTrace();
  39. } catch (NoSuchAlgorithmException e) {
  40. e.printStackTrace();
  41. } catch (CertificateException e) {
  42. e.printStackTrace();
  43. } catch (UnrecoverableKeyException e) {
  44. e.printStackTrace();
  45. } finally {
  46. try {
  47. if(bufferedInputStream != null){
  48. bufferedInputStream.close();
  49. }
  50. } catch (IOException e) {
  51. e.printStackTrace();
  52. }
  53. }
  54. return null;
  55. }else{
  56. return rsaEncrypt.privateKey;
  57. }
  58. }
  59. // 签名
  60. private static String sign(PrivateKey privateKey, String message) throws Exception {
  61. Signature sign = Signature.getInstance("SHA1withRSA");
  62. sign.initSign(privateKey);
  63. sign.update(message.getBytes("UTF-8"));
  64. return new String(Base64.getEncoder().encodeToString(sign.sign()));
  65. }
  66. // 验签 读取公钥 ,公钥和包提供filename:D:\certs\test.crt
  67. private static PublicKey getPublicKey() throws Exception {
  68. if(rsaEncrypt.publicKey == null){
  69. BufferedInputStream bufferedInputStream = null;
  70. try {
  71. CertificateFactory cf = CertificateFactory.getInstance("X.509");
  72. FileInputStream inStream = new FileInputStream(rsaEncrypt.hbpayConfig.getPublicKeyPath());
  73. bufferedInputStream = new BufferedInputStream(inStream);
  74. Certificate cert = cf.generateCertificate(bufferedInputStream);
  75. rsaEncrypt.publicKey = cert.getPublicKey();
  76. return rsaEncrypt.publicKey;
  77. } catch (CertificateException e) {
  78. e.printStackTrace();
  79. } catch (FileNotFoundException e) {
  80. e.printStackTrace();
  81. } finally {
  82. try {
  83. if(bufferedInputStream != null){
  84. bufferedInputStream.close();
  85. }
  86. } catch (IOException e) {
  87. e.printStackTrace();
  88. }
  89. }
  90. return null;
  91. }
  92. return rsaEncrypt.publicKey;
  93. }
  94. // 验签
  95. public static boolean verify(String message, String signature) throws Exception {
  96. Signature sign = Signature.getInstance("SHA1withRSA");
  97. sign.initVerify(rsaEncrypt.publicKey);
  98. sign.update(message.getBytes("UTF-8"));
  99. return sign.verify(Base64.getDecoder().decode(signature));
  100. }
  101. // 请求报文 签名 message=body
  102. public static String getSign(String message) {
  103. logger.info("签名数据:{}",message);
  104. String sign = null;
  105. try {
  106. sign = sign(rsaEncrypt.privateKey, message);
  107. } catch (Exception e) {
  108. e.printStackTrace();
  109. }
  110. return sign;
  111. }
  112. // 请求报文 签名 map=body
  113. public String getSignByMap(LinkedHashMap<String, String> header, LinkedHashMap<String, String> body) {
  114. String sign = null;
  115. StringBuilder message = new StringBuilder();
  116. for (Map.Entry<String, String> entry : header.entrySet()) {
  117. String value = entry.getValue();
  118. message.append(value);
  119. }
  120. for (Map.Entry<String, String> entry : body.entrySet()) {
  121. String value = entry.getValue();
  122. message.append(value);
  123. }
  124. try {
  125. sign = sign(rsaEncrypt.privateKey, message.toString());
  126. } catch (Exception e) {
  127. e.printStackTrace();
  128. }
  129. return sign;
  130. }
  131. }

 

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/小蓝xlanll/article/detail/732669
推荐阅读
相关标签
  

闽ICP备14008679号