keystore证书文件使用案例
keystore用来保存公钥和私钥验证安全信息不被篡改。
签名--->>>>验签
// 签名方法
public static String sign(String noSign){
String MYBK_KeystorePath = "src/wlpt.keystore"; // 证书文件
String WlptkeyStorePass = "123456"; // 密钥库密码
String WlptPriAlias = "wlpt"; // 私钥别名
String WlptPriPass = "123456"; // 私钥密码
String sign = "";
PrivateKey prikey = getPrivateKey(MYBK_KeystorePath, WlptkeyStorePass, WlptPriAlias, WlptPriPass);
return sign = wlSign(noSign,prikey,"UTF-8");
}
// 获取私钥方法
public static PrivateKey getPrivateKey(String keyStoreFile, String StoreFilePass, String keyAlias, String keyAliasPass) {
KeyStore ks;
PrivateKey prikey = null;
try {
// 得到实例对象
ks = KeyStore.getInstance("JKS");
FileInputStream fin;
try {
// 读取JKS文件
fin = new FileInputStream(keyStoreFile);
try {
// 读取公钥
ks.load(fin, StoreFilePass.toCharArray());
prikey = (PrivateKey)ks.getKey(keyAlias, keyAliasPass.toCharArray());
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (UnrecoverableKeyException e) {
e.printStackTrace();
} catch (CertificateException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
} catch (FileNotFoundException e) {
e.printStackTrace();
}
} catch (KeyStoreException e) {
e.printStackTrace();
}
return prikey;
}
// 签名算法
public static String wlSign(String content, PrivateKey priKey, String encode) {
try {
java.security.Signature signature = java.security.Signature
.getInstance("SHA256WithRSA");
signature.initSign(priKey);
signature.update(content.getBytes(encode));
byte[] signed = signature.sign();
return Base64.encode(signed);
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
验签方法
// 验签方法
public static boolean checkSign(String noSign, String signStr, String head_snd_organ){
//验证签名
boolean verify=false;
PublicKey pubkey = getPublicKey("src/wlpt.keystore", "123456", "wlpt"); // 路径 库密码 别名
verify = wlDoCheck(noSign,signStr,pubkey,"UTF-8");
return verify;
}
// 获取公钥
public static PublicKey getPublicKey(String keyStoreFile, String StoreFilePass, String keyAlias) {
// 读取秘钥是所需要用到的工具类
KeyStore ks;
// 公钥类所对应的类
PublicKey pubkey = null;
try {
// 得到实例对象
ks = KeyStore.getInstance("JKS");
FileInputStream fin;
try {
// 读取JKS文件
fin = new FileInputStream(keyStoreFile);
try {
// 读取公钥
ks.load(fin, StoreFilePass.toCharArray());
Certificate cert = ks.getCertificate(keyAlias);
pubkey = cert.getPublicKey();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (CertificateException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
} catch (FileNotFoundException e) {
e.printStackTrace();
}
} catch (KeyStoreException e) {
e.printStackTrace();
}
return pubkey;
}
// 开始验签
public static boolean wlDoCheck(String content, String sign,
PublicKey pubKey, String encode) {
try {
java.security.Signature signature = java.security.Signature
.getInstance("SHA256WithRSA");
signature.initVerify(pubKey);
signature.update(content.getBytes(encode));
boolean bverify = signature.verify(Base64.decode(sign));
return bverify;
} catch (Exception e) {
e.printStackTrace();
}
return false;
}
public static void main(String[] args) {
String noSign="{\"head_req_date\":\"20160712\",\"head_req_time\":\"12180353\",\"head_snd_organ\":\"ws\",\"head_rev_organ\":\"123456756\",\"head_seq_no\":\"6236330070009512987\",\"busitype\":\"李晨一二\",\"protocol\":\"000000000000000000000\",\"payaccno\":\"1301571105\",\"paybankno\":\"131243\",\"payname\":\"单笔转入\",\"getaccno\":\"157110525555\",\"getbankno\":\"122122\",\"getname\":\"慕容公子\",\"txamt\":\"3000000.0\"}";
String sign = sign(noSign);
System.out.println(sign);
System.out.println(checkSign(noSign,sign,""));
}