RAS非对称加解密-RAS加解密和签名和验签,密钥生成器(java代码) RSA 算法是一种非对称加解密算法。服务方生成一对 RSA 密钥,即公钥 私钥,将公钥提供给调用方,调用方使用公钥对数据进行加密后,服务方根据私钥进行解密。
1. RAS密钥生成器 2. RAS加解密和签名和验签 代码1 3. RAS实现签名和验签 代码2
代码语言:javascript复制import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
/**
* 密钥生成器
*/
public class RSAKeysGenerator {
/**
* RsaKey 密钥生成器
*
* @return stirng[0]-pubKey string[1]-privKey
* @throws Exception
* @author guolei
*/
public static String[] generateRsaKeys() throws Exception {
String[] keys = new String[2];
String pubKeyStr = "", priKeyStr = "";
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
generator.initialize(1024);// 1024 bit
KeyPair pair = generator.generateKeyPair();
PublicKey pubKey = pair.getPublic();
PrivateKey privKey = pair.getPrivate();
pubKeyStr = Base64.encode(pubKey.getEncoded()).replaceAll(" ", "");
priKeyStr = Base64.encode(privKey.getEncoded()).replaceAll(" ", "");
keys[0] = pubKeyStr; // public Key
keys[1] = priKeyStr; // private key
return keys;
}
public static void main(String[] args) {
try {
String[] keys = generateRsaKeys();
System.out.println("Public Key::" keys[0]);
System.out.println("Private Key::" keys[1]);
} catch (Exception e) {
e.printStackTrace();
}
}
}2. RAS加解密和签名和验签 代码1
代码语言:javascript复制import javax.crypto.Cipher;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.security.spec.X509EncodedKeySpec;
public class RSA {
public static final String SIGN_ALGORITHMS = "SHA1WithRSA";
/**
* RSA签名
* @param content 待签名数据
* @param privateKey 商户私钥
* @param input_charset 编码格式
* @return 签名值
*/
public static String sign(String content, String privateKey, String input_charset)
{
try
{
PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec( Base64.decode(privateKey) );
KeyFactory keyf = KeyFactory.getInstance("RSA");
PrivateKey priKey = keyf.generatePrivate(priPKCS8);
java.security.Signature signature = java.security.Signature
.getInstance(SIGN_ALGORITHMS);
signature.initSign(priKey);
signature.update( content.getBytes(input_charset) );
byte[] signed = signature.sign();
return Base64.encode(signed);
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
/**
* RSA验签名检查
* @param content 待签名数据
* @param sign 签名值
* @param ali_public_key 支付宝公钥
* @param input_charset 编码格式
* @return 布尔值
*/
public static boolean verify(String content, String sign, String ali_public_key, String input_charset)
{
try
{
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
byte[] encodedKey = Base64.decode(ali_public_key);
PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));
java.security.Signature signature = java.security.Signature
.getInstance(SIGN_ALGORITHMS);
signature.initVerify(pubKey);
signature.update( content.getBytes(input_charset) );
boolean bverify = signature.verify( Base64.decode(sign) );
return bverify;
}
catch (Exception e)
{
e.printStackTrace();
}
return false;
}
/**
* 私钥解密
* @param content 密文
* @param private_key 商户私钥
* @param input_charset 编码格式
* @return 解密后的字符串
*/
public static String decrypt(String content, String private_key, String input_charset) throws Exception {
PrivateKey prikey = getPrivateKey(private_key);
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE, prikey);
InputStream ins = new ByteArrayInputStream(Base64.decode(content));
ByteArrayOutputStream writer = new ByteArrayOutputStream();
//rsa解密的字节大小最多是128,将需要解密的内容,按128位拆开解密
byte[] buf = new byte[128];
int bufl;
while ((bufl = ins.read(buf)) != -1) {
byte[] block = null;
if (buf.length == bufl) {
block = buf;
} else {
block = new byte[bufl];
for (int i = 0; i < bufl; i ) {
block[i] = buf[i];
}
}
writer.write(cipher.doFinal(block));
}
return new String(writer.toByteArray(), input_charset);
}
/**
* 私钥解密
*
* @param secretText 待解密的密文字符串
* @param privateKeyStr 私钥
* @return 解密后的明文
*/
public static String decrypt1(String secretText, String privateKeyStr,String input_charset) {
try {
// 生成私钥
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE, getPrivateKey(privateKeyStr));
// 密文解码
byte[] secretTextDecoded = Base64.decode(secretText);
byte[] tempBytes = cipher.doFinal(secretTextDecoded);
return new String(tempBytes);
} catch (Exception e) {
throw new RuntimeException("解密字符串[" secretText "]时遇到异常", e);
}
}
/**
* 公钥 加密
* @param content
* @param
* @param input_charset
* @return
* @throws Exception
*/
public static String encrypt(String content, String public_key, String input_charset) throws Exception {
PublicKey pubkey = getPublicKey(public_key);
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, pubkey);
byte[] tempBytes = cipher.doFinal(content.getBytes("UTF-8"));
return Base64.encode(tempBytes);
// return new String(tempBytes, input_charset);
}
/**
* 得到私钥
* @param key 密钥字符串(经过base64编码)
* @throws Exception
*/
private static PrivateKey getPrivateKey(String key) throws Exception {
byte[] keyBytes;
keyBytes = Base64.decode(key);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PrivateKey privateKey = keyFactory.generatePrivate(keySpec);
return privateKey;
}
/**
* 得到公钥
* @param key
* @return
* @throws Exception
*/
private static PublicKey getPublicKey(String key) throws Exception {
byte[] keyBytes;
keyBytes = Base64.decode(key);
//Only RSAPublicKeySpec and X509EncodedKeySpec supported for RSA public keys
// PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PublicKey publicKey = keyFactory.generatePublic(keySpec);
return publicKey;
}
/**
* 报文体签名=f6G0o2wme/8uiQFt6/FRd0kO160Mp NEs9p3JizqHY3SjqYdp28Bk DJW4heYLrmSIt3PyHrOdKGRppqfdjJt02VXUJyc/A0Xg0KuQ3ulfpmqzxOA4gzNea CeZtLUjzshXq2WedEgH4QF4LrFkDeaMWefE3YkIOfwcbNrcJJtE=
* verify flag=true
* enctyptString=g0XdRF6wAELkudaOCdolTBhx4mkSX/7LtvbMKd1AZt79H2MSKI7U fvR4Sb6NL8028LlH9lmmS3Og7BKzNz yBhvGOiA3NKlIMh1GTBNsfmPwXapFcVDFghbkc/cpWyOLHv263fSHxCN4cVYenQYAxOSQgK2VZ7bMtt8E87eZSg=
* detyptString={amount=250, name=张三, orderId=2014061114360001}
* detyptStringNew={amount=250, name=张三, orderId=2014061114360001}
*
* @param args
*/
public static void main(String[] args) {
String pubKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUDWMv2wCwYlFKJebtYc E3rji8rnYEeRZGU9t4Y6RFAhJfsCm1yUGAS26PhAsgYTJIptnBESr RtATxOelh03JwEyFXEYyZyl2VQnbtAftHkkcnLp812z4FyDPRldwVj1AAdFGUEhYW4Hc1sbRJnv41LNJBDio8jiKPGQT9titQIDAQAB";
String priKey = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJQNYy/bALBiUUol5u1hz4TeuOLyudgR5FkZT23hjpEUCEl wKbXJQYBLbo ECyBhMkim2cERKv5G0BPE56WHTcnATIVcRjJnKXZVCdu0B 0eSRycunzXbPgXIM9GV3BWPUAB0UZQSFhbgdzWxtEme/jUs0kEOKjyOIo8ZBP22K1AgMBAAECgYBMmIiCT7mRh6wqwmUw1vO3 EqLD6zafpc3CYMwhAtwP37yFyOwrYo4CxAPVOClRfTe4oqnx2uH1X8lzEOIPn2qJFU1AQdiC9XmvLkqeoa1jXH2rwDwxbs8VYE/1wEzFa/u7dAYu 0lnokgPx03cdZEA5AiQq26fQ0yFoipCHJhAQJBAP5MOI5G1FsXhIXZWFup 7ZkoHVuqoHxafV5I7RVEXmRdVBHEzbY7Rf7QMWGfS7rEGnLuEKjWNMHgUDZHEkJZ5UCQQCVCxkpcrJW7u BLL61Rl1X4wuN0Z4HKQPj/YhGD0lnkssKUPW9GCy1dQUp00yvRfCwz0s4rdfGGMWlA1xqhMahAkEAgn3eb7QM ImC6aR0YOVDU38jj98wA o780ksdzdH9lgcGQu/4l9CmxHFVRcEWfUpwQBXF2r3A6NQQlSm3RvEWQJAJD3OoIWDWCBBnOeEeA/kIrrS1GlkQ9l1WLsNp/uPnd/T/24wUwrN1FHgL4tx2iznmhbN87pR/ZmIddebYUtoAQJAfAPoHMSLPCqZgVFTo/uQU3Zq2GbGmo1B7cLrnBu62DsUlqoVk31dVLC9inKuRwOsXlp8s3gmadiJlMZJUwf xQ==";
String content ="{amount=250, name=张三, orderId=2014061114360001}";
//rsa签名和验证签名
//私钥加密 生成报文体和报文体签名
String signData = sign(content,priKey,"UTF-8");
System.out.println("报文体签名=" signData);
//公钥验证签名
boolean f = verify(content,signData,pubKey,"UTF-8");
System.out.println("verify flag=" f);
try {
String enctyptString = encrypt(content,pubKey,"UTF-8");
System.out.println("enctyptString=" enctyptString);
//解密的方法1
String detyptString = decrypt(enctyptString,priKey,"UTF-8");
System.out.println("detyptString=" detyptString);
//decrypt1 解密的方法2
String detyptStringNew = decrypt1(enctyptString,priKey,"UTF-8");
System.out.println("detyptStringNew=" detyptStringNew);
} catch (Exception e) {
e.printStackTrace();
}
}
}3. RAS实现签名和验签 代码2
代码语言:javascript复制import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.security.KeyFactory;
import java.security.Signature;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
/**
* 签名以及验签
*/
public class RSAUtil {
private static final Logger logger = LoggerFactory.getLogger(RSAUtil.class);
/** RSA:加密算法 */
private static final String KEY_ALGORITHM = "RSA";
/** SHA1WithRSA:用SHA算法进行签名,用RSA算法进行加密 */
private static final String SIGN_ALGORITHMS = "SHA1withRSA";
/**
* 生成报文体和报文体签名
*
* @param privateKey
* @param content
* @param encoding
* @return
*/
public static String[] signData(String privateKey, String content, String encoding) {
logger.info("原始报文内容:" content);
String param[] = new String[2];
try {
// 报文体使用base64编码
content = Base64.encode(content.getBytes(encoding));
// 删除base64编码中的空格
content = content.replaceAll(" ", "");
// 生成报文体签名
String contentSign = envolopData(privateKey, content);
// 报文体签名进行url编码
contentSign = URLEncoder.encode(contentSign, encoding);
logger.info("报文体签名:" contentSign);
// 报文体进行url编码
content = URLEncoder.encode(content, encoding);
logger.info("base64编码报文体:" content);
// 返回报文体签名
param[0] = contentSign;
// 返回报文体
param[1] = content;
} catch (Exception e) {
e.printStackTrace();
}
return param;
}
/**
* 生成报文体签名
*
* @param privateKey
* @param content
* @return
*/
private static String envolopData(String privateKey, String content) {
// 报文体签名
String contentSign = "";
try {
// 根据密钥字符创建密钥类
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64.decode(privateKey));
KeyFactory fac = KeyFactory.getInstance(KEY_ALGORITHM);
RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) fac.generatePrivate(keySpec);
// 创建签名算法类
Signature sigEng = Signature.getInstance(SIGN_ALGORITHMS);
sigEng.initSign(rsaPrivateKey);
// 生成签名
sigEng.update(content.getBytes("UTF-8"));
byte[] signature = sigEng.sign();
// base64编码[请求报文签名]
contentSign = Base64.encode(signature);
// 删除换行符[请求报文签名]
contentSign = contentSign.replaceAll(" ", "");
} catch (Exception e) {
e.printStackTrace();
}
return contentSign;
}
/**
* 验证返回的报文的签名
* @param publicKey 公钥
* @param sign 返回报文体的签名
* @param src 返回报文体
* @param encoding 编码格式
* @return
*/
public static boolean rsaVerify(String publicKey, String sign, String src, String encoding) {
// 验签结果
boolean result = false;
try {
// url解密[返回报文签名]
sign = URLDecoder.decode(sign, encoding);
// base64解密[返回报文签名]
byte[] signature = Base64.decode(sign);
// url解密[返回报文]
src = URLDecoder.decode(src, encoding);
// 根据密钥创建密钥类
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(Base64.decode(publicKey));
KeyFactory fac = KeyFactory.getInstance(KEY_ALGORITHM);
RSAPublicKey rsaPubKey = (RSAPublicKey) fac.generatePublic(keySpec);
// 创建签名方法类
Signature sigEng = Signature.getInstance(SIGN_ALGORITHMS);
sigEng.initVerify(rsaPubKey);
// 生成签名
sigEng.update(src.getBytes(encoding));
// 验证签名是一致
result = sigEng.verify(signature);
} catch (Exception e) {
e.printStackTrace();
}
return result;
}
/**
* 解密返回的报文体信息
*
* @param content
* @param encoding
* @return
*/
public static String decodeContent(String content, String encoding){
String result = "";
try {
// 返回报文体的签名执行url解密
result = URLDecoder.decode(content, encoding);
// 返回报文体的签名执行base64解密
result = new String(Base64.decode(result), encoding);
} catch (Exception e) {
e.printStackTrace();
}
return result;
}
/**
* 报文体签名=JZqGuYnoNkjre6qsIk5avdfYhkHyXDnxkEaSy9UMygX8cvVn4fvMc8can5rZUSefnI3M6a5RCH2YtHuu3TqVb/AIoQ8zNeWXb7OeRWgfbR8KrOGTZdfuZebQwT5Id9HBubLQ4BnnRUoPtgbpVZbHr26RwJMhPg36SYUaHPvA0k0=
* base64编码报文体=e2Ftb3VudD0yNTAsIG5hbWU95byg5LiJLCBvcmRlcklkPTIwMTQwNjExMTQzNjAwMDF9
* 解析={amount=250, name=张三, orderId=2014061114360001}
* verify flag=true
*
* 报文体签名=f6G0o2wme/8uiQFt6/FRd0kO160Mp NEs9p3JizqHY3SjqYdp28Bk DJW4heYLrmSIt3PyHrOdKGRppqfdjJt02VXUJyc/A0Xg0KuQ3ulfpmqzxOA4gzNea CeZtLUjzshXq2WedEgH4QF4LrFkDeaMWefE3YkIOfwcbNrcJJtE=
* verify flag=true
*
* 测试类
* @param args
*/
public static void main(String[] args) {
String pubKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUDWMv2wCwYlFKJebtYc E3rji8rnYEeRZGU9t4Y6RFAhJfsCm1yUGAS26PhAsgYTJIptnBESr RtATxOelh03JwEyFXEYyZyl2VQnbtAftHkkcnLp812z4FyDPRldwVj1AAdFGUEhYW4Hc1sbRJnv41LNJBDio8jiKPGQT9titQIDAQAB";
String priKey = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJQNYy/bALBiUUol5u1hz4TeuOLyudgR5FkZT23hjpEUCEl wKbXJQYBLbo ECyBhMkim2cERKv5G0BPE56WHTcnATIVcRjJnKXZVCdu0B 0eSRycunzXbPgXIM9GV3BWPUAB0UZQSFhbgdzWxtEme/jUs0kEOKjyOIo8ZBP22K1AgMBAAECgYBMmIiCT7mRh6wqwmUw1vO3 EqLD6zafpc3CYMwhAtwP37yFyOwrYo4CxAPVOClRfTe4oqnx2uH1X8lzEOIPn2qJFU1AQdiC9XmvLkqeoa1jXH2rwDwxbs8VYE/1wEzFa/u7dAYu 0lnokgPx03cdZEA5AiQq26fQ0yFoipCHJhAQJBAP5MOI5G1FsXhIXZWFup 7ZkoHVuqoHxafV5I7RVEXmRdVBHEzbY7Rf7QMWGfS7rEGnLuEKjWNMHgUDZHEkJZ5UCQQCVCxkpcrJW7u BLL61Rl1X4wuN0Z4HKQPj/YhGD0lnkssKUPW9GCy1dQUp00yvRfCwz0s4rdfGGMWlA1xqhMahAkEAgn3eb7QM ImC6aR0YOVDU38jj98wA o780ksdzdH9lgcGQu/4l9CmxHFVRcEWfUpwQBXF2r3A6NQQlSm3RvEWQJAJD3OoIWDWCBBnOeEeA/kIrrS1GlkQ9l1WLsNp/uPnd/T/24wUwrN1FHgL4tx2iznmhbN87pR/ZmIddebYUtoAQJAfAPoHMSLPCqZgVFTo/uQU3Zq2GbGmo1B7cLrnBu62DsUlqoVk31dVLC9inKuRwOsXlp8s3gmadiJlMZJUwf xQ==";
String content ="{amount=250, name=张三, orderId=2014061114360001}";
//私钥加密 生成报文体和报文体签名
String[] signData = signData(priKey,content,"UTF-8");
System.out.println("报文体签名=" signData[0]);
System.out.println("base64编码报文体=" signData[1]);
//解密返回的报文体信息
System.out.println("解析=" decodeContent(signData[1],"UTF-8"));
//公钥验证签名
boolean f = rsaVerify(pubKey,signData[0],signData[1],"UTF-8");
System.out.println("verify flag=" f);
}
}
