|
|
@@ -19,7 +19,12 @@ import java.util.Base64;
|
|
|
|
|
|
public class DataEncryption {
|
|
|
|
|
|
- private static String iv = "12345678";
|
|
|
+ //签名算法名称
|
|
|
+ private static final String RSA_KEY_ALGORITHM = "RSA";
|
|
|
+
|
|
|
+ //标准签名算法名称
|
|
|
+ private static final String RSA_SIGNATURE_ALGORITHM = "SHA1withRSA";
|
|
|
+ public static final String RSA2_SIGNATURE_ALGORITHM = "SHA256withRSA";
|
|
|
|
|
|
/**
|
|
|
* 对给定的字符串进行加密操作
|
|
|
@@ -267,7 +272,7 @@ public class DataEncryption {
|
|
|
* @return base64编码后的字符串
|
|
|
* @throws Exception
|
|
|
*/
|
|
|
- public static String encryptByPublicKey(String data, String publicKeyStr,String type,String algorithm) throws Exception {
|
|
|
+ public static String encryptByPublicKey(String data, String publicKeyStr, String type, String algorithm) throws Exception {
|
|
|
//根据X509编码密钥规范产生公钥对象
|
|
|
PublicKey publicKey = getPublicKey(publicKeyStr, type);
|
|
|
//根据转换的名称获取密码对象Cipher(转换的名称:算法/工作模式/填充模式)
|
|
|
@@ -279,15 +284,16 @@ public class DataEncryption {
|
|
|
//返回base64编码后的字符串
|
|
|
return Base64.getEncoder().encodeToString(encrypt);
|
|
|
}
|
|
|
+
|
|
|
/**
|
|
|
* 私钥加密(用于数据加密)
|
|
|
*
|
|
|
- * @param data 加密前的字符串
|
|
|
+ * @param data 加密前的字符串
|
|
|
* @param privateKeyStr base64编码后的私钥
|
|
|
* @return base64编码后的字符串
|
|
|
* @throws Exception
|
|
|
*/
|
|
|
- public static String encryptByPrivateKey(String data, String privateKeyStr,String type,String algorithm) throws Exception {
|
|
|
+ public static String encryptByPrivateKey(String data, String privateKeyStr, String type, String algorithm) throws Exception {
|
|
|
//根据X509编码密钥规范产生公钥对象
|
|
|
PrivateKey privateKey = getPrivateKey(privateKeyStr, type);
|
|
|
//根据转换的名称获取密码对象Cipher(转换的名称:算法/工作模式/填充模式)
|
|
|
@@ -308,7 +314,7 @@ public class DataEncryption {
|
|
|
* @return 解密后的字符串
|
|
|
* @throws Exception
|
|
|
*/
|
|
|
- public static String decryptByPrivateKey(String data, String privateKeyStr,String type,String algorithm) throws Exception {
|
|
|
+ public static String decryptByPrivateKey(String data, String privateKeyStr, String type, String algorithm) throws Exception {
|
|
|
|
|
|
//根据PKCS8编码密钥规范产生私钥对象
|
|
|
PrivateKey privateKey = getPrivateKey(privateKeyStr, type);
|
|
|
@@ -321,15 +327,16 @@ public class DataEncryption {
|
|
|
//返回字符串
|
|
|
return new String(decrypt);
|
|
|
}
|
|
|
+
|
|
|
/**
|
|
|
* 公钥解密(用于数据解密)
|
|
|
*
|
|
|
- * @param data 解密前的字符串
|
|
|
+ * @param data 解密前的字符串
|
|
|
* @param publicKeyStr 公钥
|
|
|
* @return 解密后的字符串
|
|
|
* @throws Exception
|
|
|
*/
|
|
|
- public static String decryptByPublicKey(String data, String publicKeyStr,String type,String algorithm) throws Exception {
|
|
|
+ public static String decryptByPublicKey(String data, String publicKeyStr, String type, String algorithm) throws Exception {
|
|
|
|
|
|
//根据PKCS8编码密钥规范产生私钥对象
|
|
|
PublicKey publicKey = getPublicKey(publicKeyStr, type);
|
|
|
@@ -389,7 +396,6 @@ public class DataEncryption {
|
|
|
}
|
|
|
|
|
|
|
|
|
-
|
|
|
private static PublicKey getPublicKey(String publicKeyStr, String type) throws NoSuchAlgorithmException, InvalidKeySpecException {
|
|
|
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(Base64.getDecoder().decode(publicKeyStr.getBytes()));
|
|
|
KeyFactory keyFactory = KeyFactory.getInstance(type);
|
|
|
@@ -402,6 +408,75 @@ public class DataEncryption {
|
|
|
return keyFactory.generatePrivate(keySpec);
|
|
|
}
|
|
|
|
|
|
+ public static KeyPair initKey(int keySize, String algorithm) throws NoSuchAlgorithmException {
|
|
|
+ KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(algorithm);
|
|
|
+ keyPairGen.initialize(keySize);
|
|
|
+ return keyPairGen.generateKeyPair();
|
|
|
+
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+ /**
|
|
|
+ * RSA签名
|
|
|
+ *
|
|
|
+ * @param data 待签名数据
|
|
|
+ * @param priKey 私钥
|
|
|
+ * @param type RSA或DSA
|
|
|
+ * @param algorithm SHA1或256
|
|
|
+ * @return 签名
|
|
|
+ * @throws Exception
|
|
|
+ */
|
|
|
+ public static String sign(String data, String priKey, String type, String algorithm) throws Exception {
|
|
|
+ return sign(data.getBytes(), Base64.getDecoder().decode(priKey), type, algorithm);
|
|
|
+ }
|
|
|
+
|
|
|
+ private static String sign(byte[] data, byte[] priKey, String type, String algorithm) throws Exception {
|
|
|
+ //创建PKCS8编码密钥规范
|
|
|
+ PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(priKey);
|
|
|
+ //返回转换指定算法的KeyFactory对象
|
|
|
+ KeyFactory keyFactory = KeyFactory.getInstance(type);
|
|
|
+ //根据PKCS8编码密钥规范产生私钥对象
|
|
|
+ PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
|
|
|
+ //用指定算法产生签名对象Signature
|
|
|
+ Signature signature = Signature.getInstance(algorithm);
|
|
|
+ //用私钥初始化签名对象Signature
|
|
|
+ signature.initSign(privateKey);
|
|
|
+ //将待签名的数据传送给签名对象(须在初始化之后)
|
|
|
+ signature.update(data);
|
|
|
+ //返回签名结果字节数组
|
|
|
+ byte[] sign = signature.sign();
|
|
|
+ //返回Base64编码后的字符串
|
|
|
+ return Base64.getEncoder().encodeToString(sign);
|
|
|
+ }
|
|
|
|
|
|
+ /**
|
|
|
+ * RSA校验数字签名
|
|
|
+ *
|
|
|
+ * @param data 待校验数据
|
|
|
+ * @param sign 数字签名
|
|
|
+ * @param pubKey 公钥
|
|
|
+ * @param type RSA或DSA
|
|
|
+ * @param algorithm SHA1或256
|
|
|
+ * @return boolean 校验成功返回true,失败返回false
|
|
|
+ */
|
|
|
+ public static boolean verify(String data, String sign, String pubKey, String type, String algorithm) throws Exception {
|
|
|
+ return verify(data.getBytes(), Base64.getDecoder().decode(sign), Base64.getDecoder().decode(pubKey), type, algorithm);
|
|
|
+ }
|
|
|
|
|
|
+ private static boolean verify(byte[] data, byte[] sign, byte[] pubKey, String type, String algorithm) throws Exception {
|
|
|
+ //返回转换指定算法的KeyFactory对象
|
|
|
+ KeyFactory keyFactory = KeyFactory.getInstance(type);
|
|
|
+ //创建X509编码密钥规范
|
|
|
+ X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(pubKey);
|
|
|
+ //根据X509编码密钥规范产生公钥对象
|
|
|
+ PublicKey publicKey = keyFactory.generatePublic(x509KeySpec);
|
|
|
+ //用指定算法产生签名对象Signature
|
|
|
+ Signature signature = Signature.getInstance(algorithm);
|
|
|
+ //用公钥初始化签名对象,用于验证签名
|
|
|
+ signature.initVerify(publicKey);
|
|
|
+ //更新签名内容
|
|
|
+ signature.update(data);
|
|
|
+ //得到验证结果
|
|
|
+ return signature.verify(sign);
|
|
|
+ }
|
|
|
}
|
