1、获取腾讯rsa证书格式是pkcs#! ,需要转换,参考如下
- PKCS#1 转 PKCS#8:
openssl rsa -RSAPublicKey_in -in <filename> -pubout
- PKCS#8 转 PKCS#1:
openssl rsa -pubin -in <filename> -RSAPublicKey_out
Java RSA以 " RSA/ECB/OAEPWITHSHA-1ANDMGF1PADDING"方式加密
/**
* 微信支付取到的rsa证书格式是: 公钥格式PKCS#1 ,需要把证书转换成,PKCS#8
* 命令 : openssl rsa -RSAPublicKey_in -in <filename> -pubout
* pem 公钥 加载
* @return
* @throws Exception
*/
public static PublicKey GeneratePublicKeyFromPem(String cerFilePath) throws Exception {
try {
BASE64Decoder base64decoder = new BASE64Decoder();
BufferedReader br = new BufferedReader(new FileReader(cerFilePath));
String s = br.readLine();
StringBuffer publickey = new StringBuffer();
s = br.readLine();
while (s.charAt(0) != '-') {
publickey.append(s + "\r");
s = br.readLine();
}
System.out.println("publickey="+publickey);
byte[] keybyte = base64decoder.decodeBuffer(publickey.toString());
KeyFactory kf = KeyFactory.getInstance("RSA");
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keybyte);
PublicKey publicKey = kf.generatePublic(keySpec);
return publicKey;
} catch (Exception e) {
Logger.getLogger("").info("读pem文件生成公钥出错:" +e.toString());
throw e;
}
}
/**
* 微信支付使用的RSA 加密方式
* @param str
* @return
*/
public static String RsaEn(String str){
String result=null;
try{
PublicKey publicKey=GeneratePublicKeyFromPem(str);
Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWITHSHA-1ANDMGF1PADDING");
cipher = Cipher.getInstance(keyAlgorithm);
cipher.init(Cipher.ENCRYPT_MODE, publicKey); //公钥加密
byte[] encrypt = cipher.doFinal(str.getBytes());
result=new BASE64Encoder().encode(encrypt);
}catch(Exception e){
Logger.getLogger("").info("RSA加密出现异常:"+e.toString());
e.printStackTrace();
}
return result;
}