RSA加密算法是一种非对称加密算法。它通常是先生成一对RSA密钥,其中之一是保密密钥(私钥),由用户保存;另一个为公开密钥(公钥),可对外公开。 公钥作用是加密和验证,私钥作用是解密和签名。 1.加密和解密 公钥加密:
/** * 公钥加密 * @param content * @param privateKey * @param input_charset * @return */ public static String encodeByPublicKey(String content, String publicKey) { byte[] keyBytes = Base64.decode(publicKey); try { X509EncodedKeySpec spec = new X509EncodedKeySpec(keyBytes); KeyFactory keyf = KeyFactory.getInstance(ALGORITHM); //获取PublicKey PublicKey pubKey = keyf.generatePublic(spec); Cipher c = Cipher.getInstance(ALGORITHM); c.init(Cipher.ENCRYPT_MODE, pubKey); byte[] cipherText = c.doFinal(content.getBytes()); return Base64.encode(cipherText); } catch (Exception e) { e.printStackTrace(); } return null; }
私钥解密:
/** * 私钥解密 * @param input * @param privateKey * @return */ public static String decodeByPrivateKey(byte[] input, String privateKey){ PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec( Base64.decode(privateKey) ); try { KeyFactory keyf = KeyFactory.getInstance(ALGORITHM); //获取PrivateKey PrivateKey priKey = keyf.generatePrivate(priPKCS8); Cipher c = Cipher.getInstance(ALGORITHM); c.init(Cipher.DECRYPT_MODE, priKey); byte[] cipherText = c.doFinal(input); return new String(cipherText); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); } return null; }
2.签名验签
/** * 私钥签名 * @param content * @param privateKey * @param input_charset * @return */ public static String signByPrivateKey(String content, String privateKey, String input_charset) { PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec( Base64.decode(privateKey) ); try { KeyFactory keyf = KeyFactory.getInstance(ALGORITHM); //获取PrivateKey PrivateKey priKey = keyf.generatePrivate(priPKCS8); java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS); signature.initSign(priKey); signature.update( content.getBytes(input_charset) ); byte[] signed = signature.sign(); return Base64.encode(signed); }catch (Exception e) { e.printStackTrace(); } return null; }
公钥验签:
/** * 公钥验证 * @param content * @param sign * @param public_key * @param input_charset * @return */ public static boolean verifyByPublicKey(String content, String sign, String public_key, String input_charset) { byte[] encodedKey = Base64.decode(public_key); try { KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM); //获取PublicKey PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey)); java.security.Signature signature = java.security.Signature .getInstance(SIGN_ALGORITHMS); signature.initVerify(pubKey); signature.update( content.getBytes(input_charset) ); byte[] aa = Base64.decode(sign); boolean bverify = signature.verify( aa ); return bverify; } catch (Exception e) { e.printStackTrace(); } return false; }
以上用到的:
private static final String ALGORITHM = "RSA"; public static final String SIGN_ALGORITHMS = "SHA1WithRSA";
验证:
public class TestRSA {
public static void main(String[] args) { String privateKey="可通过支付宝密钥生成工具生成"; String publicKey="可通过支付宝密钥生成工具生成"; System.out.println(RSA.decodeByPrivateKey(Base64.decode(RSA.encodeByPublicKey("hello", publicKey)), privateKey)); System.out.println(RSA.verifyByPublicKey("234545", RSA.signByPrivateKey("234545",privateKey,"UTF-8"), publicKey, "UTF-8")); }
}
