Created
September 10, 2019 04:51
-
-
Save tyrad/751eaf23614047afc7f978f1322e6cbf to your computer and use it in GitHub Desktop.
java 中rsa处理
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package com.xx.auth.util; | |
import org.apache.commons.codec.binary.Base64; | |
import javax.crypto.Cipher; | |
import java.security.*; | |
import java.security.interfaces.RSAPrivateKey; | |
import java.security.interfaces.RSAPublicKey; | |
import java.security.spec.PKCS8EncodedKeySpec; | |
import java.security.spec.X509EncodedKeySpec; | |
import java.util.HashMap; | |
import java.util.Map; | |
/** | |
* RSA加密 https://segmentfault.com/a/1190000008995392 | |
*/ | |
public class RSAUtils { | |
private static final String KEY_RSA = "RSA"; | |
public static final String KEY_RSA_PUBLICKEY = "RSAPublicKey"; | |
public static final String KEY_RSA_PRIVATEKEY = "RSAPrivateKey"; | |
/** | |
* 定义签名算法 | |
*/ | |
private final static String KEY_RSA_SIGNATURE = "MD5withRSA"; | |
/** | |
* 用户登录验证的公钥 | |
*/ | |
public static final String AUTH_PUBLIC_KEY = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVY+0E2/uj03KsLKIz+UFnhGso/YxvbuBINPQuSbOCc5n84q5DzsdN2njJn4ilAXF+8iNUuLGrNi8cUndlw1FkPjTqHJALgsLzgh5f220/PP41hj7hhbsext+lLUX0fXJQrpcLNurZioUv6LWgkX44vL45P8Jkr8BVh167dXJkYQIDAQAB"; | |
/** | |
* 用户登录验证的私钥 | |
*/ | |
public static final String AUTH_PRIVATE_KEY = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJVj7QTb+6PTcqwsojP5QWeEayj9jG9u4Eg09C5Js4JzmfzirkPOx03aeMmfiKUBcX7yI1S4sas2LxxSd2XDUWQ+NOockAuCwvOCHl/bbT88/jWGPuGFux7G36UtRfR9clCulws26tmKhS/otaCRfji8vjk/wmSvwFWHXrt1cmRhAgMBAAECgYAh/BqGeXj0mvzCWGEKC9EqOICcUZnqG8IgCxPll9Sjf6LvWa4lNNw4RNQnoghW6U4lf/YzptScS3ZKLiSFXPqdxp2zlFaCvWmhU7pJx+awx9own0tmspyrobQUNRoixmX8P9rFWX9VYPr8RX7Txe+GVc9af5Kt7sJFzSnJ86zjcQJBAN8JKkNB0P85jtbE0BZz3mous1rmPmoxPR+43ZXS9d2/g8AEK6CbVMP8GzL8FGDi+qRdVfDcv7WWGASR9etMvtUCQQCreEssHnU9SNF1JeuPvIe9jbgGonRnFX5Lylm/JGxI52sCZ9tgLSl0pDlCIQgZRCFYcr2ENZ4VjIigOHcT/01dAkEA1e6mmSiyXX1KI3tY1ZCCkHsHEnOy/o0IQjtCYAmgR/kBWNcnOcCEiBBzzm245k4ReEMGwigbwwObOhb/OZm9mQJAGTTLyCaKEYI82D3EzRJn2eOVY9RJzEWKlVWfr8uI54atYmMmCpNY/r6NdD0q1ZwAUuI7Hc5L+Nr50qO6TYRAOQJACQw/4VD29SgHnGh6EkgzYtQGTRs9TTubtlqp71PIP4MWQ8Vs+TgsU20sSlvaD6h9MsaWTb8+zZB5kKTt0yQ1AA=="; | |
/** | |
* 生成公私钥 | |
*/ | |
public static Map<String, Object> generateKeys() { | |
Map<String, Object> map = init(); | |
Map<String, Object> resMap = new HashMap<String, Object>(); | |
resMap.put(KEY_RSA_PUBLICKEY, getPublicKey(map)); | |
resMap.put(KEY_RSA_PRIVATEKEY, getPrivateKey(map)); | |
return resMap; | |
} | |
/** | |
* 使用私钥进行解密 | |
* | |
* @param enStr 加密的字符串 | |
* @return string | |
*/ | |
public static String decryptString(String enStr) { | |
return decryptByPrivate(enStr, AUTH_PRIVATE_KEY); | |
} | |
/** | |
* (测试代码,方便调试使用) | |
*/ | |
private static void runcode() { | |
//由前四行代码获得公、私密钥 | |
String publicKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVY+0E2/uj03KsLKIz+UFnhGso/YxvbuBINPQuSbOCc5n84q5DzsdN2njJn4ilAXF+8iNUuLGrNi8cUndlw1FkPjTqHJALgsLzgh5f220/PP41hj7hhbsext+lLUX0fXJQrpcLNurZioUv6LWgkX44vL45P8Jkr8BVh167dXJkYQIDAQAB"; | |
String privateKey = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJVj7QTb+6PTcqwsojP5QWeEayj9jG9u4Eg09C5Js4JzmfzirkPOx03aeMmfiKUBcX7yI1S4sas2LxxSd2XDUWQ+NOockAuCwvOCHl/bbT88/jWGPuGFux7G36UtRfR9clCulws26tmKhS/otaCRfji8vjk/wmSvwFWHXrt1cmRhAgMBAAECgYAh/BqGeXj0mvzCWGEKC9EqOICcUZnqG8IgCxPll9Sjf6LvWa4lNNw4RNQnoghW6U4lf/YzptScS3ZKLiSFXPqdxp2zlFaCvWmhU7pJx+awx9own0tmspyrobQUNRoixmX8P9rFWX9VYPr8RX7Txe+GVc9af5Kt7sJFzSnJ86zjcQJBAN8JKkNB0P85jtbE0BZz3mous1rmPmoxPR+43ZXS9d2/g8AEK6CbVMP8GzL8FGDi+qRdVfDcv7WWGASR9etMvtUCQQCreEssHnU9SNF1JeuPvIe9jbgGonRnFX5Lylm/JGxI52sCZ9tgLSl0pDlCIQgZRCFYcr2ENZ4VjIigOHcT/01dAkEA1e6mmSiyXX1KI3tY1ZCCkHsHEnOy/o0IQjtCYAmgR/kBWNcnOcCEiBBzzm245k4ReEMGwigbwwObOhb/OZm9mQJAGTTLyCaKEYI82D3EzRJn2eOVY9RJzEWKlVWfr8uI54atYmMmCpNY/r6NdD0q1ZwAUuI7Hc5L+Nr50qO6TYRAOQJACQw/4VD29SgHnGh6EkgzYtQGTRs9TTubtlqp71PIP4MWQ8Vs+TgsU20sSlvaD6h9MsaWTb8+zZB5kKTt0yQ1AA=="; | |
String str = "你好goldlone, RSA!"; | |
// 公钥加密,私钥解密 | |
String enStr1 = encryptByPublic(str, publicKey); | |
System.out.println("公钥加密后:" + enStr1); | |
String deStr1 = decryptByPrivate(enStr1, privateKey); | |
System.out.println("私钥解密后:" + deStr1); | |
// 私钥加密,公钥解密 | |
String enStr2 = encryptByPrivate(str, privateKey); | |
System.out.println("私钥加密后:" + enStr2); | |
String deStr2 = decryptByPublic(enStr2, publicKey); | |
System.out.println("公钥解密后:" + deStr2); | |
// 产生签名 | |
String sign = sign(enStr2, privateKey); | |
System.out.println("签名:" + sign); | |
// 验证签名 | |
boolean status = verify(enStr2, publicKey, sign); | |
System.out.println("状态:" + status); | |
} | |
/** | |
* 生成公私密钥对 | |
*/ | |
private static Map<String, Object> init() { | |
Map<String, Object> map = null; | |
try { | |
KeyPairGenerator generator = KeyPairGenerator.getInstance(KEY_RSA); | |
//设置密钥对的bit数,越大越安全,但速度减慢,一般使用512或1024 | |
generator.initialize(1024); | |
KeyPair keyPair = generator.generateKeyPair(); | |
// 获取公钥 | |
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); | |
// 获取私钥 | |
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate(); | |
// 将密钥对封装为Map | |
map = new HashMap<String, Object>(); | |
map.put(KEY_RSA_PUBLICKEY, publicKey); | |
map.put(KEY_RSA_PRIVATEKEY, privateKey); | |
} catch (NoSuchAlgorithmException e) { | |
e.printStackTrace(); | |
} | |
return map; | |
} | |
/** | |
* 获取Base64编码的公钥字符串 | |
*/ | |
public static String getPublicKey(Map<String, Object> map) { | |
String str = ""; | |
Key key = (Key) map.get(KEY_RSA_PUBLICKEY); | |
str = encryptBase64(key.getEncoded()); | |
return str; | |
} | |
/** | |
* 获取Base64编码的私钥字符串 | |
*/ | |
public static String getPrivateKey(Map<String, Object> map) { | |
String str = ""; | |
Key key = (Key) map.get(KEY_RSA_PRIVATEKEY); | |
str = encryptBase64(key.getEncoded()); | |
return str; | |
} | |
/** | |
* BASE64 解码 | |
* @param key 需要Base64解码的字符串 | |
* @return 字节数组 | |
*/ | |
public static byte[] decryptBase64(String key) { | |
return Base64.decodeBase64(key); | |
} | |
/** | |
* BASE64 编码 | |
* @param key 需要Base64编码的字节数组 | |
* @return 字符串 | |
*/ | |
public static String encryptBase64(byte[] key) { | |
return new String(Base64.encodeBase64(key)); | |
} | |
/** | |
* 公钥加密 | |
*/ | |
public static String encryptByPublic(String encryptingStr, String publicKeyStr) { | |
try { | |
// 将公钥由字符串转为UTF-8格式的字节数组 | |
byte[] publicKeyBytes = decryptBase64(publicKeyStr); | |
// 获得公钥 | |
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicKeyBytes); | |
// 取得待加密数据 | |
byte[] data = encryptingStr.getBytes("UTF-8"); | |
KeyFactory factory; | |
factory = KeyFactory.getInstance(KEY_RSA); | |
PublicKey publicKey = factory.generatePublic(keySpec); | |
// 对数据加密 | |
Cipher cipher = Cipher.getInstance(factory.getAlgorithm()); | |
cipher.init(Cipher.ENCRYPT_MODE, publicKey); | |
// 返回加密后由Base64编码的加密信息 | |
return encryptBase64(cipher.doFinal(data)); | |
} catch (Exception e) { | |
e.printStackTrace(); | |
} | |
return null; | |
} | |
/** | |
* 私钥解密 | |
*/ | |
public static String decryptByPrivate(String encryptedStr, String privateKeyStr) { | |
try { | |
// 对私钥解密 | |
byte[] privateKeyBytes = decryptBase64(privateKeyStr); | |
// 获得私钥 | |
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(privateKeyBytes); | |
// 获得待解密数据 | |
byte[] data = decryptBase64(encryptedStr); | |
KeyFactory factory = KeyFactory.getInstance(KEY_RSA); | |
PrivateKey privateKey = factory.generatePrivate(keySpec); | |
// 对数据解密 | |
Cipher cipher = Cipher.getInstance(factory.getAlgorithm()); | |
cipher.init(Cipher.DECRYPT_MODE, privateKey); | |
// 返回UTF-8编码的解密信息 | |
return new String(cipher.doFinal(data), "UTF-8"); | |
} catch (Exception e) { | |
e.printStackTrace(); | |
} | |
return null; | |
} | |
/** | |
* 私钥加密 | |
*/ | |
public static String encryptByPrivate(String encryptingStr, String privateKeyStr) { | |
try { | |
byte[] privateKeyBytes = decryptBase64(privateKeyStr); | |
// 获得私钥 | |
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(privateKeyBytes); | |
// 取得待加密数据 | |
byte[] data = encryptingStr.getBytes("UTF-8"); | |
KeyFactory factory = KeyFactory.getInstance(KEY_RSA); | |
PrivateKey privateKey = factory.generatePrivate(keySpec); | |
// 对数据加密 | |
Cipher cipher = Cipher.getInstance(factory.getAlgorithm()); | |
cipher.init(Cipher.ENCRYPT_MODE, privateKey); | |
// 返回加密后由Base64编码的加密信息 | |
return encryptBase64(cipher.doFinal(data)); | |
} catch (Exception e) { | |
e.printStackTrace(); | |
} | |
return null; | |
} | |
/** | |
* 公钥解密 | |
*/ | |
public static String decryptByPublic(String encryptedStr, String publicKeyStr) { | |
try { | |
// 对公钥解密 | |
byte[] publicKeyBytes = decryptBase64(publicKeyStr); | |
// 取得公钥 | |
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicKeyBytes); | |
// 取得待加密数据 | |
byte[] data = decryptBase64(encryptedStr); | |
KeyFactory factory = KeyFactory.getInstance(KEY_RSA); | |
PublicKey publicKey = factory.generatePublic(keySpec); | |
// 对数据解密 | |
Cipher cipher = Cipher.getInstance(factory.getAlgorithm()); | |
cipher.init(Cipher.DECRYPT_MODE, publicKey); | |
// 返回UTF-8编码的解密信息 | |
return new String(cipher.doFinal(data), "UTF-8"); | |
} catch (Exception e) { | |
e.printStackTrace(); | |
} | |
return null; | |
} | |
/** | |
* 用私钥对加密数据进行签名 | |
*/ | |
public static String sign(String encryptedStr, String privateKey) { | |
String str = ""; | |
try { | |
//将私钥加密数据字符串转换为字节数组 | |
byte[] data = encryptedStr.getBytes(); | |
// 解密由base64编码的私钥 | |
byte[] bytes = decryptBase64(privateKey); | |
// 构造PKCS8EncodedKeySpec对象 | |
PKCS8EncodedKeySpec pkcs = new PKCS8EncodedKeySpec(bytes); | |
// 指定的加密算法 | |
KeyFactory factory = KeyFactory.getInstance(KEY_RSA); | |
// 取私钥对象 | |
PrivateKey key = factory.generatePrivate(pkcs); | |
// 用私钥对信息生成数字签名 | |
Signature signature = Signature.getInstance(KEY_RSA_SIGNATURE); | |
signature.initSign(key); | |
signature.update(data); | |
str = encryptBase64(signature.sign()); | |
} catch (Exception e) { | |
e.printStackTrace(); | |
} | |
return str; | |
} | |
/** | |
* 校验数字签名 | |
*/ | |
public static boolean verify(String encryptedStr, String publicKey, String sign) { | |
boolean flag = false; | |
try { | |
//将私钥加密数据字符串转换为字节数组 | |
byte[] data = encryptedStr.getBytes(); | |
// 解密由base64编码的公钥 | |
byte[] bytes = decryptBase64(publicKey); | |
// 构造X509EncodedKeySpec对象 | |
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(bytes); | |
// 指定的加密算法 | |
KeyFactory factory = KeyFactory.getInstance(KEY_RSA); | |
// 取公钥对象 | |
PublicKey key = factory.generatePublic(keySpec); | |
// 用公钥验证数字签名 | |
Signature signature = Signature.getInstance(KEY_RSA_SIGNATURE); | |
signature.initVerify(key); | |
signature.update(data); | |
flag = signature.verify(decryptBase64(sign)); | |
} catch (Exception e) { | |
e.printStackTrace(); | |
} | |
return flag; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment