import java.io.FileInputStream;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import Decoder.BASE64Encoder;
public class TestRSA {
//**************************************获取私钥******************************************************************
//获取私钥
public static String GetPrivateKey()
{
try{
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
keystore.load(new FileInputStream("C:\\Program Files\\Java\\jre7\\bin\\xiaoyaodijun.keystore"), "xxxxxx".toCharArray());
KeyPair keyPair = getKeyPair(keystore, "xiaoyaodijun.keystore", "7391428");
PrivateKey privateKey = keyPair.getPrivate();
BASE64Encoder encoder=new BASE64Encoder();
String encoded=encoder.encode(privateKey.getEncoded());
System.out.println("private key = " + encoded);
return encoded;
}catch(Exception ex){
return "";
}
}
//获取KeyPair
public static KeyPair getKeyPair(KeyStore keystore, String alias, String password) {
try {
Key key=keystore.getKey(alias,password.toCharArray());
if(key instanceof PrivateKey) {
Certificate cert=keystore.getCertificate(alias);
BASE64Encoder encoder=new BASE64Encoder();
PublicKey publicKey=cert.getPublicKey();
String encoded=encoder.encode(publicKey.getEncoded());
System.out.println("publicKey key = " + encoded);
return new KeyPair(publicKey,(PrivateKey)key);
}
}catch (Exception e) {
}
return null;
}
//**************************************获取私钥******************************************************************
//获取公钥
public static String GetPublicKey()
{
try{
String cerPath="E:\\Java开发\\newTest\\src\\libs\\donghuangtaiyi.cer";
X509Certificate x509Certificate = null;
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
FileInputStream fileInputStream = new FileInputStream(cerPath);
x509Certificate = (X509Certificate) certificateFactory.generateCertificate(fileInputStream);
fileInputStream.close();
PublicKey publicKey = x509Certificate.getPublicKey();
BASE64Encoder encoder=new BASE64Encoder();
String encoded=encoder.encode(publicKey.getEncoded());
System.out.println("publicKey key = " + encoded);
return encoded;
}
catch(Exception ex)
{
System.out.println(ex);
return "";
}
}
//************************************* 加签 ***************************************************************
public static final String KEY_ALGORITHM = "RSA";
/**
* 校验数字签名
*
* @param content 数据
* @param privateKey私钥
* @throws Exception
*
*/
public static String sign(String content, String privateKey) throws Exception {
byte[] data=content.getBytes("utf-8");
// 解密由base64编码的私钥
byte[] keyBytes = HashUtil.decryptBASE64(privateKey);
// 构造PKCS8EncodedKeySpec对象
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
// KEY_ALGORITHM 指定的加密算法
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
// 取私钥匙对象
PrivateKey priKey = keyFactory.generatePrivate(pkcs8KeySpec);
// 用私钥对信息生成数字签名
Signature signature = Signature.getInstance("SHA384WithRSA");
signature.initSign(priKey);
signature.update(data);
return HashUtil.encryptBASE64(signature.sign());
}
/**
* 校验数字签名
*
* @param content 数据
* @param publicKey公钥
* @param sign 数字签名
* @return 校验成功返回true 失败返回false
* @throws Exception
*
*/
public static boolean verify(String content, String publicKey, String sign)
throws Exception {
byte[] data=content.getBytes("utf-8");
// 解密由base64编码的公钥
byte[] keyBytes = HashUtil.decryptBASE64(publicKey);
// 构造X509EncodedKeySpec对象
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
// KEY_ALGORITHM 指定的加密算法
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
// 取公钥匙对象
PublicKey pubKey = keyFactory.generatePublic(keySpec);
Signature signature = Signature.getInstance("SHA384WithRSA");
signature.initVerify(pubKey);
signature.update(data);
// 验证签名是否正常
boolean result= signature.verify(HashUtil.decryptBASE64(sign));
return result;
}
}
public static string ConvertEncodeBase64URLSafe(string data)
{
return data.Replace("=", String.Empty).Replace('+', '-').Replace('/', '_');
}
public static string ConvertDecodeBase64URLSafe(string data)
{
data = data.Replace('-', '+').Replace('_', '/');
int len = data.Length % 4;
if (len > 0)
{
data += "====".Substring(0, 4 - len);
}
return data;
浙公网安备 33010602011771号