封装同RSA非对称加密算法有关的方法,可用于数字签名,RSA加密解密
封装同RSA非对称加密算法有关的方法,可用于数字签名,RSA加密解密
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
/**
*
* 封装同RSA非对称加密算法有关的方法,可用于数字签名,RSA加密解密
*
*
*/
public class RSAHelper {
/**
* 用一个已打包成byte[]形式的私钥加密数据,即数字签名
*
* @param keyInByte
* 打包成byte[]的私钥
* @param source
* 要签名的数据,一般应是数字摘要
* @return 签名 byte[]
*/
public static byte[] sign(byte[] keyInByte, byte[] source) throws Exception {
PKCS8EncodedKeySpec priv_spec = new PKCS8EncodedKeySpec(keyInByte);
KeyFactory mykeyFactory = KeyFactory.getInstance("RSA");
PrivateKey privKey = mykeyFactory.generatePrivate(priv_spec);
Signature sig = Signature.getInstance("SHA1withRSA");
sig.initSign(privKey);
sig.update(source);
return sig.sign();
}
/**
* 验证数字签名
*
* @param keyInByte
* 打包成byte[]形式的公钥
* @param source
* 原文
* @param sign
* 签名(对原文的数字摘要的签名)
* @return 是否证实 boolean
*/
public static boolean verify(byte[] keyInByte, byte[] source, byte[] sign)
throws Exception {
KeyFactory mykeyFactory = KeyFactory.getInstance("RSA");
Signature sig = Signature.getInstance("SHA1withRSA");
X509EncodedKeySpec pub_spec = new X509EncodedKeySpec(keyInByte);
PublicKey pubKey = mykeyFactory.generatePublic(pub_spec);
sig.initVerify(pubKey);
sig.update(source);
return sig.verify(sign);
}
/**
* 建立新的密钥对,返回打包的byte[]形式私钥和公钥
*
* @return 包含打包成byte[]形式的私钥和公钥的object[],其中,object[0]为私钥byte[],object[1]为工要byte[]
*/
public static Object[] genRSAKeyPairInByte() throws Exception {
KeyPair newKeyPair = creatKeyPair();
if (newKeyPair == null)
return null;
Object[] re = new Object[2];
if (newKeyPair != null) {
PrivateKey priv = newKeyPair.getPrivate();
byte[] b_priv = priv.getEncoded();
PublicKey pub = newKeyPair.getPublic();
byte[] b_pub = pub.getEncoded();
re[0] = b_priv;
re[1] = b_pub;
return re;
}
return null;
}
/**
* 新建密钥对
*
* @return KeyPair对象
*/
public static KeyPair creatKeyPair() throws Exception {
KeyPair myPair;
long mySeed;
mySeed = System.currentTimeMillis();
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
SecureRandom random = SecureRandom.getInstance("SHA1PRNG", "SUN");
random.setSeed(mySeed);
keyGen.initialize(1024, random);
myPair = keyGen.generateKeyPair();
return myPair;
}
/**
* 使用RSA公钥加密数据
*
* @param pubKeyInByte
* 打包的byte[]形式公钥
* @param data
* 要加密的数据
* @return 加密数据
*/
public static byte[] encryptByRSA(byte[] pubKeyInByte, byte[] data)
throws Exception {
KeyFactory mykeyFactory = KeyFactory.getInstance("RSA");
X509EncodedKeySpec pub_spec = new X509EncodedKeySpec(pubKeyInByte);
PublicKey pubKey = mykeyFactory.generatePublic(pub_spec);
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.ENCRYPT_MODE, pubKey);
return cipher.doFinal(data);
}
/**
* 用RSA私钥解密
*
* @param privKeyInByte
* 私钥打包成byte[]形式
* @param data
* 要解密的数据
* @return 解密数据
*/
public static byte[] decryptByRSA(byte[] privKeyInByte, byte[] data)
throws Exception {
PKCS8EncodedKeySpec priv_spec = new PKCS8EncodedKeySpec(privKeyInByte);
KeyFactory mykeyFactory = KeyFactory.getInstance("RSA");
PrivateKey privKey = mykeyFactory.generatePrivate(priv_spec);
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.DECRYPT_MODE, privKey);
return cipher.doFinal(data);
}
/**
* 测试
*/
public static void main(String[] args) {
try {
Object[] v = genRSAKeyPairInByte();
byte[] source = "test".getBytes();
byte[] sign = sign((byte[]) v[0], source);
if (verify((byte[]) v[1], source, sign)) {
System.out.print("verify\n");
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
没有评论:
发表评论