在网络中进行信息交互,像手机号,银行卡号之类的都算是敏感数据了,因此为了安全起见,程序中往往对这些字段串进行加密传输,在另一端程序中进行解密。在这使用java类库jce.jar包中的javax.crypto.Cipher类实现对一个“银行卡号”的RSA加密以及解密。
工具类:
package com.icitic.ceb.fit.common;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Enumeration;
import javax.crypto.Cipher;
public class TestRSA {
//非对称密钥算法
private static final String KEY_ALGORITHM="RSA";
private static String privateKeyPath ="D:\\tenpay.pfx";//私钥位置
private static String publicKeyPath ="D:\\fit_server.cer";//公钥位置
private static PublicKey publicKey;//公钥
private static PrivateKey privateKey;//私钥
static {
try {
privateKey=(RSAPrivateKey)getPrivateKey(privateKeyPath);
publicKey=(RSAPublicKey)getPublicKey(publicKeyPath);
} catch (Exception e) {
e.printStackTrace();
}
}
public static PrivateKey getPrivateKey(String privateKeyPath) throws Exception {
String password = "123456";
FileInputStream fs = null;
PrivateKey privateKey =null;
try {
KeyStore ks = KeyStore.getInstance("PKCS12");
fs = new FileInputStream(privateKeyPath);
ks.load(fs, password.toCharArray());
Enumeration aliases = ks.aliases();
String keyAlias = null;
if (aliases.hasMoreElements()){
keyAlias = (String)aliases.nextElement();
}
privateKey = (PrivateKey) ks.getKey(keyAlias, password.toCharArray());
} catch (Exception e) {
throw new Exception("证书异常!Exception is :" + e);
} finally {
if (fs != null) {
try {
fs.close();
} catch (IOException e) {
throw new Exception("RSAUtils中getPrivateKey方法的文件流关闭异常");
}
}
}
return privateKey;
}
public static PublicKey getPublicKey(String publicKeyPath) throws Exception {
FileInputStream fs = null;
PublicKey publicKey=null;
try {
fs = new FileInputStream(publicKeyPath);
CertificateFactory certificatefactory = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate) certificatefactory.generateCertificate(fs);
publicKey = cert.getPublicKey();
} catch (Exception e) {
throw new Exception("证书异常!Exception is :" + e);
} finally {
if (fs != null) {
try {
fs.close();
} catch (IOException e) {
throw new Exception("RSAUtils中getPublicKey方法的文件流关闭异常");
}
}
}
return publicKey;
}
/**
* 公钥加密
* @param data
* @return
* @throws Exception
*/
public static byte[] encrypt(byte[] data) throws Exception {
Cipher ci = Cipher.getInstance(KEY_ALGORITHM);
ci.init(Cipher.ENCRYPT_MODE, publicKey);
return ci.doFinal(data);
}
/**
* 私钥解密
* @param data
* @return
* @throws Exception
*/
public static byte[] decrypt(byte[] data) throws Exception {
Cipher ci = Cipher.getInstance(KEY_ALGORITHM);
ci.init(Cipher.DECRYPT_MODE, privateKey);
return ci.doFinal(data);
}
}
测试类:
package com.icitic.fit.test;
import org.springframework.util.Base64Utils;
import com.icitic.ceb.fit.common.TestRSA;
public class TestCipher {
//测试
public static void main(String[] args) throws Exception {
String cardNo="6226111122223333";//原始卡号
byte[] encrypt = TestRSA.encrypt(cardNo.getBytes());//使用工具方法加密
String encode = Base64Utils.encodeToString(encrypt);//对加密结果进行编码
System.out.println(encode);//打印编码结果
System.out.println("=======");
byte[] decode = Base64Utils.decodeFromString(encode);//另一端先进行解码
byte[] decrypt = TestRSA.decrypt(decode);//再进行解密
System.out.println(new String(decrypt));//打印解密结果
}
}
控制台输出:
加密,编码;解码,解密都正常。