RSA加解密代码:
package com.albedo.security; import com.albedo.num.ByteUtils; import javax.crypto.Cipher; import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.PrivateKey; import java.security.PublicKey; import java.security.Signature; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import java.util.Base64; import java.util.Objects; /** * RSA 加解密处理 */ public class RSAUtils extends Base { //字符编码 public static final String CHARSET_UTF8 = "UTF-8"; //字符编码 public static final String ALGORITHM = "RSA"; public static final String SIGN_ALGORITHM = "SHA1withRSA"; private static String RSA_PRIVATE_KEY = "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCeUmEc8wBTZSXQ " + "L2S4rc1tjMJfxOgKkGJnOpW6LuxAuvbcmWuwVGM1oOKAITDMoI6vxLl+koOt6YYs " + "WE+N73MnwwmfvrU20o2m42/NpMo9rFEAVc5/I0/EdZnrOxi7laRx7apPv7bd5Q4f " + "kVdbElczT5cCT832ngVDKlwS+ZXZyjN8LWdn0i7MtWII9e+yHw2KXpdVopq8MU+5 " + "gxTqEwzT8dITnOIhHH4vvfLIi1O0aD9tLfaW+tlZLQmFp3gfFK1We2y1AATHuN/v " + "6pzEL56V8rjYfikMVOeYPu5j+O09Y4XqamHcUz7JwDuZZ14CbToOgPsePbtVRmzc " + "vZHuEifFAgMBAAECggEALCSqASlcAOSl62sbeUa0jYP+ujcrv65MUZ4LG1Nz+gRn " + "SlDYrtyIoO5P2QvoEFYAEtAWLE1ru7Tt/TVOUTPfdsmxyEGjQzrn1g16Iet9nD6M " + "gzxpjBdraUqk9OqQVdU+eamboArDURFJo9GherodaCgb4cAgnE+pBfYsn/nJJ2UC " + "O6wWp+YM4ly11Kwxsth8nFj17ZXwnjuUUrBDzqFF12b97OVjubJ13DoW61NXB89R " + "vARxdhUczaQuIeyDLW6KL8DxiN2KhjzqjJO5PuWXj91SLMFdXJUAiyHwvXt4XK79 " + "3n113RAwn/HMhfggd7oUvD6evHx0NT6rnHp1ICo6IQKBgQDJpnepB60W3YRxeetu " + "R/dd9jMHpRfQ31PX0RJ9zuUnU4PPJ2HBbA7DOZgvKXy2Q7eUt9AAIvTmXRG0TNf3 " + "n5giMUpcfOAyYChrVE6iom9aHKQucrkfV0oN7zFhukE5vktcTMkM27xHtEwsGst3 " + "mWbi9nd5GH/zqbJLfhzVmfyjWQKBgQDI/lHV6YAhv9gLkG16qVKFcJdnh7EL2KGj " + "liqXNKlxGWse7gin7ZSQ9vX1+wNuJCZlplUEjbyxnmjsCQrU73v9DetuT7Oeg/vf " + "BNi9ZBNPkCwePcOpz68OgNL9k1dQ+lGxXQbT4ZXc3qQtbDDqYIb1CP/s7eTiq9Uf " + "oV6LkNp2TQKBgQCMu+SpkJTp72Ie/HMmfY2UA17sB/nOKf9PEThxm3Ls9ml4q0ib " + "gLnw4IJo7/B9GFfIsFy3q632FKBlkHft93Fq87GtSO4D2n57IdTbxrgmUPT5AdJX " + "oEkr3nM9fItHLJtV6LUshzMpbBj5cx3r86EN5+vMFSA/w4CPFY40OYtLyQKBgCyZ " + "+vD8GtniZ3/RcenpTw2beY2Y19noHZ5egV8CaaNWX6YCbltNZk1w8A3AwPcdAIRI " + "D8+t4DSOEXxnWUb9ScdS4m6dMx+27BqGSc5lOb/LH28qh5PUKWWPgsKQgqzOj3hL " + "S2uTQJ09rrMBsi0gdHJFp/0coVEHjoixV3ijEUd1AoGAMgAa3Sdi3qUVF0IHY/8Q " + "7IHEK29FBEBaCuLPRryDX1brg0gAew+WWFcNP2iDHxTVj6HNbP1dDHJuSD1TT7q3 " + "TU9WZNTjSDsk7DV8nOXidSTse5ylUVx2xwltS06wrqb2ys3WiE5wewAy8VyTPMgG " + "ik84KOVusoxvKhakF3PoG/s="; private static String RSA_PUBLIC_KEY = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlJhHPMAU2Ul0C9kuK3N " + "bYzCX8ToCpBiZzqVui7sQLr23JlrsFRjNaDigCEwzKCOr8S5fpKDremGLFhPje9z " + "J8MJn761NtKNpuNvzaTKPaxRAFXOfyNPxHWZ6zsYu5Wkce2qT7+23eUOH5FXWxJX " + "M0+XAk/N9p4FQypcEvmV2cozfC1nZ9IuzLViCPXvsh8Nil6XVaKavDFPuYMU6hMM " + "0/HSE5ziIRx+L73yyItTtGg/bS32lvrZWS0Jhad4HxStVntstQAEx7jf7+qcxC+e " + "lfK42H4pDFTnmD7uY/jtPWOF6mph3FM+ycA7mWdeAm06DoD7Hj27VUZs3L2R7hIn " + "xQIDAQAB"; /** * openssl RSA公钥加密 * * @param str 加密字符串 * @param publicKey 公钥 * @return 密文 * @throws Exception 加密过程中的异常信息 */ public static String encrypt(String str, String publicKey) throws Exception { RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance(ALGORITHM) .generatePublic(new X509EncodedKeySpec(Base64.getMimeDecoder().decode(publicKey))); //RSA加密 Cipher cipher = Cipher.getInstance(ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, pubKey); return new String(Base64.getEncoder().encode(cipher.doFinal(str.getBytes(CHARSET_UTF8)))); } /** * openssl RSA私钥解密 * * @param str 加密字符串 * @param privateKey 私钥 * @return 铭文 * @throws Exception 解密过程中的异常信息 */ public static String decrypt(String str, String privateKey) throws Exception { RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance(ALGORITHM) .generatePrivate(new PKCS8EncodedKeySpec(Base64.getMimeDecoder().decode(privateKey))); Cipher cipher = Cipher.getInstance(ALGORITHM); cipher.init(Cipher.DECRYPT_MODE, priKey); return new String(cipher.doFinal(Base64.getMimeDecoder().decode(str.getBytes(CHARSET_UTF8)))); } /** * RSA 验证签名 * * @param sign 加密签名 * @param str 加密字符串 * @param publicKey 公钥 * @return 密文 * @throws Exception 加密过程中的异常信息 */ public static boolean verify(String sign, String str, String publicKey) throws Exception { return verify(sign, str, publicKey, ALGORITHM, SIGN_ALGORITHM); } /** * RSA 签名 * * @param str 加密字符串 * @param privateKey 私钥 * @return 铭文 * @throws Exception 解密过程中的异常信息 */ public static String sign(String str, String privateKey) throws Exception { return sign(str, privateKey, ALGORITHM, SIGN_ALGORITHM); } public static void main(String[] args) throws Exception { String message = "我要测试RSA"; String encrypt = encrypt(message, RSA_PUBLIC_KEY); String decrypt = decrypt(encrypt, RSA_PRIVATE_KEY); System.out.println(decrypt); String sign = sign(message, getPrivateKey(ALGORITHM, 2048)); System.out.println(verify(sign, message, getPublicKey(ALGORITHM, 2048))); } }
基类代码
package com.albedo.security; import com.albedo.num.ByteUtils; import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.PrivateKey; import java.security.PublicKey; import java.security.Signature; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import java.util.Objects; class Base { static KeyPair keyPair; /** * 生成密钥实际方法,可以使用多种方式 * 一篇文档提供一下多种方式 * { "DSA", "SHA1withDSA", "1024" }, { "DSA", "SHA256withDSA", "1024" }, * { "DSA", "SHA256withDSA", "2048" }, { "RSA", "SHA256withRSA", "1024" }, * { "RSA", "SHA256withRSA", "2048" }, { "RSA", "SHA256withRSA", "3192" }, * { "RSA", "SHA512withRSA", "1024" }, { "RSA", "SHA512withRSA", "2048" }, * { "RSA", "SHA512withRSA", "3192" }, { "RSA", "MD5withRSA", "1024" }, * { "RSA", "MD5withRSA", "2048" }, * { "RSA", "MD5withRSA", "3192" }, { "EC", "SHA1withECDSA", "128" }, * { "EC", "SHA1withECDSA", "256" }, * { "EC", "SHA256withECDSA", "128" }, { "EC", "SHA256withECDSA", "256" }, * { "EC", "SHA512withECDSA", "128" }, { "EC", "SHA512withECDSA", "256" }, * * @param algorithm * @param bit * @return * @throws Exception */ protected static KeyPair createKey(String algorithm, int bit) throws Exception { KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(algorithm); keyPairGenerator.initialize(bit); KeyPair keyPair = keyPairGenerator.generateKeyPair(); return keyPair; } /** * 获取公钥 * * @return * @throws Exception */ public static String getPublicKey(String algorithm,int bit) throws Exception { if (Objects.isNull(keyPair)) { keyPair = createKey(algorithm,bit); } return ByteUtils.byteArr2HexStr(keyPair.getPublic().getEncoded()); } /** * 获取私钥 * * @return * @throws Exception */ public static String getPrivateKey(String algorithm,int bit) throws Exception { if (Objects.isNull(keyPair)) { keyPair = createKey(algorithm,bit); } return ByteUtils.byteArr2HexStr(keyPair.getPrivate().getEncoded()); } /** * 非对称加密签名 * @param str * @param privateKey * @param algorithm * @param signAlgorithm * @return * @throws Exception */ public static String sign(String str, String privateKey, String algorithm, String signAlgorithm) throws Exception { PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(ByteUtils.hexstr2ByteArr(privateKey)); KeyFactory keyFactory = KeyFactory.getInstance(algorithm); PrivateKey dsaPrivateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec); Signature signature = Signature.getInstance(signAlgorithm); signature.initSign(dsaPrivateKey); signature.update(str.getBytes()); return ByteUtils.byteArr2HexStr(signature.sign()); } /** * 非对称加密验证 * @param sign * @param str * @param publicKey * @param algorithm * @param signAlgorithm * @return * @throws Exception */ public static boolean verify(String sign, String str, String publicKey,String algorithm,String signAlgorithm) throws Exception { //base64编码的公钥 X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(ByteUtils.hexstr2ByteArr(publicKey)); KeyFactory keyFactory = KeyFactory.getInstance(algorithm); PublicKey dsaPublicKey = keyFactory.generatePublic(x509EncodedKeySpec); Signature signature = Signature.getInstance(signAlgorithm); signature.initVerify(dsaPublicKey); signature.update(str.getBytes()); return signature.verify(ByteUtils.hexstr2ByteArr(sign)); } }