zoukankan      html  css  js  c++  java
  • 生成RSA公私钥

    代码:

    import com.alibaba.fastjson.JSON;
    import sun.misc.BASE64Decoder;
    import sun.misc.BASE64Encoder;
    
    import java.io.ByteArrayOutputStream;
    import java.security.Key;
    import java.security.KeyFactory;
    import java.security.KeyPair;
    import java.security.KeyPairGenerator;
    import java.security.PrivateKey;
    import java.security.PublicKey;
    import java.security.Signature;
    import java.security.interfaces.RSAPrivateKey;
    import java.security.interfaces.RSAPublicKey;
    import java.security.spec.PKCS8EncodedKeySpec;
    import java.security.spec.X509EncodedKeySpec;
    import java.util.Comparator;
    import java.util.HashMap;
    import java.util.Map;
    import java.util.TreeMap;
    
    import javax.crypto.Cipher;
    
    /**
     * <p>
     * RSA公钥/私钥/签名工具包
     * </p>
     * <p>
     * 罗纳德·李维斯特(Ron [R]ivest)、阿迪·萨莫尔(Adi [S]hamir)和伦纳德·阿德曼(Leonard [A]dleman)
     * </p>
     * <p>
     * 字符串格式的密钥在未在特殊说明情况下都为BASE64编码格式<br/>
     * 由于非对称加密速度极其缓慢,一般文件不使用它来加密而是使用对称加密,<br/>
     * 非对称加密算法可以用来对对称加密的密钥加密,这样保证密钥的安全也就保证了数据的安全
     * </p>
     *
     * @author Joe
     * @date 2019-4-15
     * @version 1.0
     */
    public class RSAXUtils {
    
        /**
         * 加密算法RSA
         */
        public static final String KEY_ALGORITHM = "RSA";
    
        /**
         * 签名算法
         */
        public static final String SIGNATURE_ALGORITHM = "MD5withRSA";
    
        /**
         * 获取公钥的key
         */
        private static final String PUBLIC_KEY = "RSAPublicKey";
    
        /**
         * 获取私钥的key
         */
        private static final String PRIVATE_KEY = "RSAPrivateKey";
    
        /**
         * RSA最大加密明文大小
         */
        private static final int MAX_ENCRYPT_BLOCK = 117;
    
        /**
         * RSA最大解密密文大小
         */
        private static final int MAX_DECRYPT_BLOCK = 128;
    
        /**
         * <p>
         * 生成密钥对(公钥和私钥)
         * </p>
         *
         * @return
         * @throws Exception
         */
        public static Map<String, Object> genKeyPair() throws Exception {
            KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(KEY_ALGORITHM);
            keyPairGen.initialize(1024);
            KeyPair keyPair = keyPairGen.generateKeyPair();
            RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
            RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
            Map<String, Object> keyMap = new HashMap<String, Object>(2);
            keyMap.put(PUBLIC_KEY, publicKey);
            keyMap.put(PRIVATE_KEY, privateKey);
            return keyMap;
        }
    
        /**
         * <p>
         * 用私钥对信息生成数字签名
         * </p>
         *
         * @param data 已加密数据
         * @param privateKey 私钥(BASE64编码)
         *
         * @return
         * @throws Exception
         */
        public static String sign(byte[] data, String privateKey) throws Exception {
            byte[] keyBytes = decode(privateKey);
            PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
            KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
            PrivateKey privateK = keyFactory.generatePrivate(pkcs8KeySpec);
            Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
            signature.initSign(privateK);
            signature.update(data);
            return encode(signature.sign());
        }
    
        /**
         * <p>
         * 校验数字签名
         * </p>
         *
         * @param data 已加密数据
         * @param publicKey 公钥(BASE64编码)
         * @param sign 数字签名
         *
         * @return
         * @throws Exception
         *
         */
        public static boolean verify(byte[] data, String publicKey, String sign)
                throws Exception {
            byte[] keyBytes = decode(publicKey);
            X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
            KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
            PublicKey publicK = keyFactory.generatePublic(keySpec);
            Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
            signature.initVerify(publicK);
            signature.update(data);
            return signature.verify(decode(sign));
        }
    
        /**
         * <P>
         * 私钥解密
         * </p>
         *
         * @param encryptedData 已加密数据
         * @param privateKey 私钥(BASE64编码)
         * @return
         * @throws Exception
         */
        public static byte[] decryptByPrivateKey(byte[] encryptedData, String privateKey)
                throws Exception {
            byte[] keyBytes = decode(privateKey);
            PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
            KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
            Key privateK = keyFactory.generatePrivate(pkcs8KeySpec);
            Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
            cipher.init(Cipher.DECRYPT_MODE, privateK);
            int inputLen = encryptedData.length;
            ByteArrayOutputStream out = new ByteArrayOutputStream();
            int offSet = 0;
            byte[] cache;
            int i = 0;
            // 对数据分段解密
            while (inputLen - offSet > 0) {
                if (inputLen - offSet > MAX_DECRYPT_BLOCK) {
                    cache = cipher.doFinal(encryptedData, offSet, MAX_DECRYPT_BLOCK);
                } else {
                    cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet);
                }
                out.write(cache, 0, cache.length);
                i++;
                offSet = i * MAX_DECRYPT_BLOCK;
            }
            byte[] decryptedData = out.toByteArray();
            out.close();
            return decryptedData;
        }
    
        /**
         * <p>
         * 公钥解密
         * </p>
         *
         * @param encryptedData 已加密数据
         * @param publicKey 公钥(BASE64编码)
         * @return
         * @throws Exception
         */
        public static byte[] decryptByPublicKey(byte[] encryptedData, String publicKey)
                throws Exception {
            byte[] keyBytes = decode(publicKey);
            X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
            KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
            Key publicK = keyFactory.generatePublic(x509KeySpec);
            Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
            cipher.init(Cipher.DECRYPT_MODE, publicK);
            int inputLen = encryptedData.length;
            ByteArrayOutputStream out = new ByteArrayOutputStream();
            int offSet = 0;
            byte[] cache;
            int i = 0;
            // 对数据分段解密
            while (inputLen - offSet > 0) {
                if (inputLen - offSet > MAX_DECRYPT_BLOCK) {
                    cache = cipher.doFinal(encryptedData, offSet, MAX_DECRYPT_BLOCK);
                } else {
                    cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet);
                }
                out.write(cache, 0, cache.length);
                i++;
                offSet = i * MAX_DECRYPT_BLOCK;
            }
            byte[] decryptedData = out.toByteArray();
            out.close();
            return decryptedData;
        }
    
        /**
         * <p>
         * 公钥加密
         * </p>
         *
         * @param data 源数据
         * @param publicKey 公钥(BASE64编码)
         * @return
         * @throws Exception
         */
        public static byte[] encryptByPublicKey(byte[] data, String publicKey)
                throws Exception {
            byte[] keyBytes = decode(publicKey);
            X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
            KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
            Key publicK = keyFactory.generatePublic(x509KeySpec);
            // 对数据加密
            Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
            cipher.init(Cipher.ENCRYPT_MODE, publicK);
            int inputLen = data.length;
            ByteArrayOutputStream out = new ByteArrayOutputStream();
            int offSet = 0;
            byte[] cache;
            int i = 0;
            // 对数据分段加密
            while (inputLen - offSet > 0) {
                if (inputLen - offSet > MAX_ENCRYPT_BLOCK) {
                    cache = cipher.doFinal(data, offSet, MAX_ENCRYPT_BLOCK);
                } else {
                    cache = cipher.doFinal(data, offSet, inputLen - offSet);
                }
                out.write(cache, 0, cache.length);
                i++;
                offSet = i * MAX_ENCRYPT_BLOCK;
            }
            byte[] encryptedData = out.toByteArray();
            out.close();
            return encryptedData;
        }
    
        /**
         * <p>
         * 私钥加密
         * </p>
         *
         * @param data 源数据
         * @param privateKey 私钥(BASE64编码)
         * @return
         * @throws Exception
         */
        public static byte[] encryptByPrivateKey(byte[] data, String privateKey)
                throws Exception {
            byte[] keyBytes = decode(privateKey);
            PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
            KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
            Key privateK = keyFactory.generatePrivate(pkcs8KeySpec);
            Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
            cipher.init(Cipher.ENCRYPT_MODE, privateK);
            int inputLen = data.length;
            ByteArrayOutputStream out = new ByteArrayOutputStream();
            int offSet = 0;
            byte[] cache;
            int i = 0;
            // 对数据分段加密
            while (inputLen - offSet > 0) {
                if (inputLen - offSet > MAX_ENCRYPT_BLOCK) {
                    cache = cipher.doFinal(data, offSet, MAX_ENCRYPT_BLOCK);
                } else {
                    cache = cipher.doFinal(data, offSet, inputLen - offSet);
                }
                out.write(cache, 0, cache.length);
                i++;
                offSet = i * MAX_ENCRYPT_BLOCK;
            }
            byte[] encryptedData = out.toByteArray();
            out.close();
            return encryptedData;
        }
    
        /**
         * <p>
         * 获取私钥
         * </p>
         *
         * @param keyMap 密钥对
         * @return
         * @throws Exception
         */
        public static String getPrivateKey(Map<String, Object> keyMap)
                throws Exception {
            Key key = (Key) keyMap.get(PRIVATE_KEY);
            return encode(key.getEncoded());
        }
    
        /**
         * <p>
         * 获取公钥
         * </p>
         *
         * @param keyMap 密钥对
         * @return
         * @throws Exception
         */
        public static String getPublicKey(Map<String, Object> keyMap)
                throws Exception {
            Key key = (Key) keyMap.get(PUBLIC_KEY);
            return encode(key.getEncoded());
        }
    
        /**
         * <p>
         * BASE64字符串解码为二进制数据
         * </p>
         *
         * @param base64
         * @return
         * @throws Exception
         */
        public static byte[] decode(String base64) throws Exception {
            return new BASE64Decoder().decodeBuffer(base64);
        }
    
        /**
         * <p>
         * 二进制数据编码为BASE64字符串
         * </p>
         *
         * @param bytes
         * @return
         * @throws Exception
         */
        public static String encode(byte[] bytes) {
            return new String(new BASE64Encoder().encode(bytes));
        }
    
        /**
         * 按key进行正序排列,之间以&相连
         * <功能描述>
         * @param params
         * @return
         */
        public static String getSortParams(Map<String, Object> params) {
            Map<String, Object> map = new TreeMap<>(Comparator.naturalOrder());
            map.putAll(params);
    
            StringBuffer stringBuffer = new StringBuffer();
            map.forEach((k,v)-> stringBuffer.append(k).append("=").append(v).append("&"));
    
            String str = stringBuffer.toString();
    
            if(str.length() > 0){
                str = str.substring(0, str.length()-1);
            }
            return str;
        }
    
        public static void main(String[] args) throws Exception {
            baseTest();
            // signDemo();
        }
    
        /**
         * 基本测试
         * @throws Exception
         */
        private static void baseTest() throws Exception{
            Map<String, Object> keyPair = genKeyPair();
            // 公钥
            String publicKey = getPublicKey(keyPair);
            System.out.println("公钥-------------"+publicKey);
    
            // 私钥
            String privateKey = getPrivateKey(keyPair);
            System.out.println("私钥-------------"+privateKey);
    
            String source = "这是一行没有任何意义的文字,你看完了等于没看,不是吗?";
    
            // 签名
            String sign = RSAXUtils.sign(source.getBytes(), privateKey);
            System.err.println("签名-------------" + sign);
    
            // 验签
            boolean status = RSAXUtils.verify(source.getBytes(), publicKey, sign);
            System.err.println("验证结果-------------" + status);
    
        }
    
        /**
         * 验签完整demo
         * @throws Exception
         */
        private static void signDemo() throws Exception{
            Map<String, Object> keyPair = genKeyPair();
            // 公钥
            String publicKey = getPublicKey(keyPair);
            System.out.println("公钥-------------"+publicKey);
    
            // 私钥
            String privateKey = getPrivateKey(keyPair);
            System.out.println("私钥-------------"+privateKey);
    
            Map<String, Object> bizData = new HashMap<>();
            bizData.put("autopay_flag", 1);
            bizData.put("order_no", "123456789");
            bizData.put("order_status", 200);
            bizData.put("change_card_flag", 1);
            bizData.put("withdraw_flag", 0);
            Map<String,Object> params = new HashMap<>();
            params.put("sign_type","RSA");
            params.put("app_id","test");
            params.put("version","1.0.0");
            params.put("call","feedbackOrderStatus");
            params.put("timestamp",String.valueOf(System.currentTimeMillis()));
            params.put("biz_data", JSON.toJSONString(bizData));
    
            // 排序并拼接成字符串
            String paramsStr = getSortParams(params);
            System.out.println("排序并拼接成字符串: " + paramsStr);
    
            // 签名
            long begin = System.currentTimeMillis();
            System.err.println("签名-------------begin=" + begin);
            String sign = RSAXUtils.sign(paramsStr.getBytes(), privateKey);
            long end = System.currentTimeMillis();
            System.err.println("签名-------------" + sign );
            System.err.println("签名-------------花费时间=" + (end - begin) + "ms");
    
            params.put("sign", sign);
    
            System.out.println("post请求参数------------" + JSON.toJSONString(params));
    
            // 开始验签-----------------------------------------
    
            Map<String,Object> params2 = JSON.parseObject(JSON.toJSONString(params), Map.class);
    
            // 验签需要去除sign
            params2.remove("sign");
    
            // 排序并拼接成字符串
            String paramsStr2 = getSortParams(params2);
    
            // 验签
            boolean status = RSAXUtils.verify(paramsStr2.getBytes(), publicKey, sign);
            System.err.println("验证结果-------------" + status);
        }
    }
  • 相关阅读:
    LeetCode Array Easy 414. Third Maximum Number
    LeetCode Linked List Medium 2. Add Two Numbers
    LeetCode Array Easy 283. Move Zeroes
    LeetCode Array Easy 268. Missing Number
    LeetCode Array Easy 219. Contains Duplicate II
    LeetCode Array Easy 217. Contains Duplicate
    LeetCode Array Easy 189. Rotate Array
    LeetCode Array Easy169. Majority Element
    LeetCode Array Medium 11. Container With Most Water
    LeetCode Array Easy 167. Two Sum II
  • 原文地址:https://www.cnblogs.com/htyj/p/12462565.html
Copyright © 2011-2022 走看看