java 使用pem密鑰進行RSA加解密

本文轉載自查看原文 2014-06-24 15:29 3981 JAVA

1.使用openssl生成私鑰和公鑰

openssl下載地址：http://www.openssl.org/source

openssl生成私鑰命令： genrsa -out rsa_private_key.pem 1024

openssl生成公鑰命令： rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem

2.此時在openssl安裝目錄下的bin文件夾可以看到 rsa_private_key.pem 和 rsa_public_key.pem 兩個文件。這時候的私鑰是不能直接使用的，需要進行 pkcs8 編碼

openssl的pkcs8編碼命令：pkcs8 -topk8 -in rsa_private_key.pem -out pkcs8_rsa_private_key.pem -nocrypt

那么在bin文件夾可以看到 pkcs8_rsa_private_key.pem 文件。至此，可用的密鑰對已經生成好了，私鑰使用pkcs8_rsa_private_key.pem，公鑰采用rsa_public_key.pem。

3.使用密鑰對進行簽名、加解密

public class RSAPemCoder {
    public static final String KEY_SHA = "SHA";   
    public static final String KEY_MD5 = "MD5";
    public static final String KEY_ALGORITHM = "RSA";
    public static final String SIGNATURE_ALGORITHM = "MD5withRSA";

    /**
     * 用私鑰對信息生成數字簽名
     *
     * @param data 加密數據
     * @param privateKey 私鑰
     * @return
     * @throws Exception
     */
    public static String sign(byte[] data, PrivateKey privateKey) throws Exception {  
        Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
        signature.initSign(privateKey);
        signature.update(data);
        return encryptBASE64(signature.sign());
    }

    /**
     * 校驗數字簽名
     *
     * @param data 加密數據
     * @param publicKey 公鑰
     * @param sign 數字簽名
     * @return 校驗成功返回true 失敗返回false
     * @throws Exception
     */
    public static boolean verify(byte[] data, PublicKey publicKey, String sign) throws Exception {
        Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
        signature.initVerify(publicKey);
        signature.update(data);
        return signature.verify(decryptBASE64(sign));
    }

    /**
     * 私鑰解密
     *
     * @param data 密文
     * @param PrivateKey 私鑰
     * @return
     * @throws Exception
     */
    public static byte[] decryptByPrivateKey(byte[] data, PrivateKey privateKey) throws Exception {
        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
        cipher.init(Cipher.DECRYPT_MODE, privateKey);
        return cipher.doFinal(data);
    }

    /**
     * 用公鑰解密
     *
     * @param data 密文
     * @param publicKey 公鑰 
     * @return
     * @throws Exception
     */
    public static byte[] decryptByPublicKey(byte[] data, PublicKey publicKey) throws Exception {
        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
        cipher.init(Cipher.DECRYPT_MODE, publicKey);
        return cipher.doFinal(data);
    }

    /**
     * 用公鑰加密
     *
     * @param data 明文
     * @param PublicKey 公鑰
     * @return
     * @throws Exception
     */
    public static byte[] encryptByPublicKey(byte[] data, PublicKey publicKey) throws Exception {
        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
        cipher.init(Cipher.ENCRYPT_MODE, publicKey);
        return cipher.doFinal(data);
    }

    /**
     * 用私鑰加密
     *
     * @param data 明文
     * @param privateKey 私鑰
     * @return
     * @throws Exception
     */
    public static byte[] encryptByPrivateKey(byte[] data, PrivateKey privateKey) throws Exception {
        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
        cipher.init(Cipher.ENCRYPT_MODE, privateKey);
        return cipher.doFinal(data);
    }

    public static PrivateKey getPrivateKeyFromPem() throws Exception {
        BufferedReader br = new BufferedReader(new FileReader("e:/pkcs8_privatekey.pem"));
        String s = br.readLine();
        String str = "";
        s = br.readLine();
        while (s.charAt(0) != '-') {
            str += s + "\r";
            s = br.readLine();
        }
        BASE64Decoder base64decoder = new BASE64Decoder();
        byte[] b = base64decoder.decodeBuffer(str);

        // 生成私匙  
        KeyFactory kf = KeyFactory.getInstance("RSA");
        PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(b);
        PrivateKey privateKey = kf.generatePrivate(keySpec);
        return privateKey;
    }

    public static PublicKey getPublicKeyFromPem() throws Exception {
        BufferedReader br = new BufferedReader(new FileReader("e:/publickey.pem"));
        String s = br.readLine();
        String str = "";
        s = br.readLine();
        while (s.charAt(0) != '-') {
            str += s + "\r";
            s = br.readLine();
        }
        BASE64Decoder base64decoder = new BASE64Decoder();
        byte[] b = base64decoder.decodeBuffer(str);
        KeyFactory kf = KeyFactory.getInstance("RSA");
        X509EncodedKeySpec keySpec = new X509EncodedKeySpec(b);
        PublicKey pubKey = kf.generatePublic(keySpec);
        return pubKey;
    }
    
    public static byte[] decryptBASE64(String key) throws Exception {   
        return (new BASE64Decoder()).decodeBuffer(key);   
    }   
  
    public static String encryptBASE64(byte[] key) throws Exception {   
        return (new BASE64Encoder()).encodeBuffer(key);   
    }   

    public static byte[] encryptMD5(byte[] data) throws Exception {   
  
        MessageDigest md5 = MessageDigest.getInstance(KEY_MD5);   
        md5.update(data);   
  
        return md5.digest();   
  
    }   
  
    public static byte[] encryptSHA(byte[] data) throws Exception {   
  
        MessageDigest sha = MessageDigest.getInstance(KEY_SHA);   
        sha.update(data);   
  
        return sha.digest();   
  
    }   
}

免責聲明！

本站轉載的文章為個人學習借鑒使用，本站對版權不負任何法律責任。如果侵犯了您的隱私權益，請聯系本站郵箱yoyou2525@163.com刪除。

猜您在找 全面解決.Net與Java互通時的RSA加解密問題，使用PEM格式的密鑰文件 Java讀取pem格式公鑰/私鑰實現RSA加解密 Java中RSA非對稱密鑰加解密使用示例前端RSA加密解密：支持中文-基於jsencrypt使用任意長度密鑰，對任意長度字符串進行分段加解密 C# RSA加密解密使用Openssl密鑰 XML格式密鑰和 openssl pem格式密鑰互轉, C#RSA獲取PEM格式密鑰 RSA加解密算法以及密鑰格式用Java實現RSA加解密及簽名和驗簽（1）——.pem文件格式秘鑰 java根據特定密鑰對字符串進行加解密 Java中使用OpenSSL生成的RSA公私鑰進行數據加解密 Java中使用OpenSSL生成的RSA公私鑰進行數據加解密