java实现RSA非对称加密的秘钥操作
//初始化秘钥生成器使用非对称加密算法
kpg = KeyPairGenerator.getInstance("RSA");
//初始化为固定秘钥
random = new SecureRandom(def_random.getBytes());
kpg.initialize(KeyLength, random);
KeyPair keys = kpg.generateKeyPair();
公私钥的加载以及签名和验证签名
package com.base.util;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import com.sun.corba.se.spi.legacy.connection.GetEndPointInfoAgainException;
/**
* 秘钥操作类
* @author Administrator
*
*/
public class KeysUtil {
/**
* 从文件中加载公钥
* @param fileurl
* @return
*/
public static PublicKey getPublicKeyFromFileSystem(String fileurl){
PublicKey key = null;
File file = new File(fileurl);
if(file.exists()){
byte[] enc = getEncodByteFromFile(file);
X509EncodedKeySpec spec = new X509EncodedKeySpec(enc);
try {
key = KeyFactory.getInstance("RSA").generatePublic(spec);
} catch (InvalidKeySpecException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
return key;
}
/**
* 从系统文件中加载私钥
* @param fileurl
* @return
*/
public static PrivateKey getPrivateKeyFromFileSystem(String fileurl){
PrivateKey key = null;
File file = new File(fileurl);
if(file.exists()){
byte[] enc = getEncodByteFromFile(file);
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(enc);
try {
key = KeyFactory.getInstance("RSA").generatePrivate(spec);
} catch (InvalidKeySpecException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
return key;
}
private static byte[] getEncodByteFromFile(File file){
byte[] rs = null;
try {
FileInputStream ins = new FileInputStream(file);
rs = new byte[ins.available()];
ins.read(rs);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return rs;
}
/**
* 签名
*
* @param privateKey
* 私钥
* @param plain_text
* 明文
* @return
* @throws Exception
*/
public static byte[] sign(PrivateKey privateKey, String plain_text) throws Exception {
MessageDigest messageDigest;
byte[] signed = null;
messageDigest = MessageDigest.getInstance("SHA-256");
messageDigest.update(plain_text.getBytes());
byte[] outputDigest_sign = messageDigest.digest();
Signature Sign = Signature.getInstance("SHA256withRSA");
Sign.initSign(privateKey);
Sign.update(outputDigest_sign);
signed = Sign.sign();
System.out.println("SHA256withRSA签名后-----》" +signed);
return signed;
}
/**
* 验签
*
* @param publicKey
* 公钥
* @param plain_text
* 明文
* @param signed
* 签名
*/
public static boolean verifySign(PublicKey publicKey, String plain_text, byte[] signed) throws Exception{
MessageDigest messageDigest;
boolean SignedSuccess=false;
messageDigest = MessageDigest.getInstance("SHA-256");
messageDigest.update(plain_text.getBytes());
byte[] outputDigest_verify = messageDigest.digest();
//System.out.println("SHA-256加密后-----》" +bytesToHexString(outputDigest_verify));
Signature verifySign = Signature.getInstance("SHA256withRSA");
verifySign.initVerify(publicKey);
verifySign.update(outputDigest_verify);
SignedSuccess = verifySign.verify(signed);
System.out.println("验证成功?---" + SignedSuccess);
return SignedSuccess;
}
}