1、OpenSSL安装
1.1、OpenSSL官网
https://www.openssl.org/source/
源代码在github,实际没啥用,反正我也看不懂是吧
1.2、安装流程
官网有安装包,顶多只能下载项目去运行,直接下载window执行文件,一条龙安装。至于mac的在哪里尚未研究过。
http://slproweb.com/products/Win32OpenSSL.html
下载过后执行exe选择安装路径一直下一步就好了。结束了可能会让你打赏,你要是有钱倒是无所谓。
1.3、配置系统环境变量
1.4、安装完成测试功能
2、RAS公私钥生成
// 生成私钥
openssl genrsa -out rsa_private_key.pem 1024
// 生成公钥
openssl rsa -in rsa_private_key.pem -out rsa_public_key.pem -pubout
// 私钥转为pkcs8格式
openssl pkcs8 -topk8 -in rsa_private_key.pem -out pkcs8_rsa_private_key.pem -nocrypt
3、Java代码实现
package bbg.ip;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
import javax.sound.midi.Soundbank;
import java.security.*;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
public class RsaSignVerify {
private static Signature signature;
static {
try {
signature = Signature.getInstance("SHA1WithRSA");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
}
public static void main(String[] args) throws Exception {
// 传输数据内容
String data = "{\"data\":\"hello world\"}";
String priKey = "MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAJdMglIMPDCifzxQ\n" +
"+v60eKhrpJ4LuUzww+kN+acQy942CXbxzj8/l9WFu+5vRD3DIr78OEs0XSqypeNj\n" +
"ysO0usVysi4lvv0HZVhZs3OF9IsuD6ZZiDQWIvuOEFiad554xJnY4OuIGQNx0Lxx\n" +
"+y/9RvWA7IBZ9iBMyVApYJzQDOiZAgMBAAECgYBbwMpHd6QI2oLO0U1lqYyClsT+\n" +
"E54MSvaEHzWHW2hHGf4jZADv2mD53GBb+J4p1mz75Xk+IkNd4Xk4rQwKI1Af/use\n" +
"ArMlc4sfTDiLspov7J/PYJb4GUYqC69orLChRjYbpp4qiP3ZDDLsexKSaf/30pxc\n" +
"mdpc3R0mtms/Zn/VAQJBAMlAo7uu1lvSfrdUQ04tHDwcN7jY58qD2oqdNFxUVdv7\n" +
"pdTfndAW89EspdtBNVGJ5Awsl0LTIpuEitHLtxudOQsCQQDAdRCCRk7SAtuLi45X\n" +
"sImyXWc0bmrnC/BBHx6z3/+0i0/Cf8ARnar6BQLq1EaLdy6a9TKIJe+7M26lYQVV\n" +
"NtNrAkAYFZ9Cn7rRhFBb2j6vxWBCpVHZ0kNzDfKCcivI/OLFj8kZv6UgOQ72snQq\n" +
"2BPsbScYeeGkQqY6nFMMpmeEa31fAkBQIO1MsCUk/xeVU/dhvxi1cHoFtGtB4xCW\n" +
"rHRGA98ctlvw6Ot46iJDkk6Sour0Khz3W1s8oD7dvB43MNvdjMQdAkB4OciWIJhV\n" +
"oA/WdDeHZZr1IVWpHypGbr+tg28lR3vNv2pDzgxKoIy8P0Wuqnznmhiyp1s7swds\n" +
"KVl3HWvguNvS";
String pubKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCXTIJSDDwwon88UPr+tHioa6Se\n" +
"C7lM8MPpDfmnEMveNgl28c4/P5fVhbvub0Q9wyK+/DhLNF0qsqXjY8rDtLrFcrIu\n" +
"Jb79B2VYWbNzhfSLLg+mWYg0FiL7jhBYmneeeMSZ2ODriBkDcdC8cfsv/Ub1gOyA\n" +
"WfYgTMlQKWCc0AzomQIDAQAB";
String sign = getSign(getPrivateKey(priKey), data);
System.out.println("生成的签名为" + sign);
System.out.println(verify(pubKey, sign, data));
}
public static boolean verify(String pubKey, String sign, String data) throws Exception{
//获取KeyFactory,指定RSA算法
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
//将BASE64编码的公钥字符串进行解码
BASE64Decoder decoder = new BASE64Decoder();
byte[] encodeByte = decoder.decodeBuffer(pubKey);
//将BASE64解码后的字节数组,构造成X509EncodedKeySpec对象,生成公钥对象
PublicKey publicKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodeByte));
//加载公钥
signature.initVerify(publicKey);
//更新原数据
signature.update(data.getBytes("UTF-8"));
//公钥验签(true-验签通过;false-验签失败)
return signature.verify(decoder.decodeBuffer(sign));
}
public static PrivateKey getPrivateKey(String priKey) throws Exception {
//获取KeyFactory,指定RSA算法
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
//将BASE64编码的私钥字符串进行解码
BASE64Decoder decoder = new BASE64Decoder();
byte[] encodeByte = decoder.decodeBuffer(priKey);
//将BASE64解码后的字节数组,构造成PKCS8EncodedKeySpec对象,生成私钥对象
PrivateKey privatekey = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(encodeByte));
return privatekey;
}
public static String getSign(PrivateKey privateKey, String data) throws Exception{
//加载私钥
signature.initSign(privateKey);
//更新待签名的数据
signature.update(data.getBytes("UTF-8"));
//进行签名
byte[] signed = signature.sign();
//将加密后的字节数组,转换成BASE64编码的字符串,作为最终的签名数据
BASE64Encoder encoder = new BASE64Encoder();
return encoder.encode(signed);
}
}