非对称加密
package test; import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStream; import java.security.KeyStore; import java.security.PrivateKey; import java.security.PublicKey; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.util.Base64; import java.util.Enumeration; import javax.crypto.Cipher; /** * 公钥加密,私钥解密 * @author jinzhm * */ public class RsaUtil { public final static String CIPHER_ALGORITHM = "RSA/ECB/PKCS1Padding"; public final static String CHARSET_ENCODING = "UTF-8"; /** * 加密 * @param publicKeyPath * @param plainText * @return */ private static byte[] encrypt(String publicKeyPath, String plainText) { if(publicKeyPath==null || plainText==null){ return null; } try { PublicKey key = readPublic(publicKeyPath); Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, key); return cipher.doFinal(plainText.getBytes(CHARSET_ENCODING)); } catch (Exception e) { e.printStackTrace(); return null; } } /** * 解密 * @param privateKeyPath * @param privateKeyPwd * @param encryptedText * @return */ private static String decrypt(String privateKeyPath, String privateKeyPwd, String encryptedText) { if(privateKeyPath==null || privateKeyPwd==null || encryptedText==null){ return null; } try { PrivateKey key = readPrivate(privateKeyPath, privateKeyPwd); Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM); cipher.init(Cipher.DECRYPT_MODE, key); return new String(cipher.doFinal(Base64.getDecoder().decode(encryptedText))); } catch (Exception e) { e.printStackTrace(); } return ""; } /** * 读取公钥 * @param publicKeyPath * @return */ private static PublicKey readPublic(String publicKeyPath){ if(publicKeyPath==null){ return null; } PublicKey pk = null; FileInputStream bais = null; try { CertificateFactory certificatefactory = CertificateFactory.getInstance("X.509"); bais = new FileInputStream(publicKeyPath); X509Certificate cert = (X509Certificate)certificatefactory.generateCertificate(bais); pk = cert.getPublicKey(); } catch (CertificateException e) { e.printStackTrace(); } catch (FileNotFoundException e) { e.printStackTrace(); } finally{ if(bais != null){ try { bais.close(); } catch (IOException e) { e.printStackTrace(); } } } return pk; } /** * 读取私钥 * @param path * @return */ private static PrivateKey readPrivate(String privateKeyPath, String privateKeyPwd){ if(privateKeyPath==null || privateKeyPwd==null){ return null; } InputStream stream = null; try { // 获取JKS 服务器私有证书的私钥,取得标准的JKS的 KeyStore实例 KeyStore store = KeyStore.getInstance("JKS"); stream = new FileInputStream(new File(privateKeyPath)); // jks文件密码,根据实际情况修改 store.load(stream, privateKeyPwd.toCharArray()); // 获取jks证书别名 Enumeration en = store.aliases(); String pName = null; while (en.hasMoreElements()) { String n = (String) en.nextElement(); if (store.isKeyEntry(n)) { pName = n; } } // 获取证书的私钥 PrivateKey key = (PrivateKey) store.getKey(pName, privateKeyPwd.toCharArray()); return key; } catch (Exception e) { e.printStackTrace(); } finally { if(stream != null){ try { stream.close(); } catch (IOException e) { e.printStackTrace(); } } } return null; } }