packagetest;importjava.io.File;importjava.io.FileInputStream;importjava.io.FileNotFoundException;importjava.io.IOException;importjava.io.InputStream;importjava.security.KeyStore;importjava.security.PrivateKey;importjava.security.PublicKey;importjava.security.Signature;importjava.security.cert.CertificateException;importjava.security.cert.CertificateFactory;importjava.security.cert.X509Certificate;importjava.util.Base64;importjava.util.Enumeration;/*** 私钥签名,公钥验签
*@authorjinzhm
**/
public classSignUtil {private static String CHARSET_ENCODING = "UTF-8";private static String ALGORITHM = "SHA256withRSA";/*** 签名
*@paramsrcData
*@paramprivateKeyPath
*@paramprivateKeyPwd
*@return
*/
public staticString sign(String srcData, String privateKeyPath, String privateKeyPwd){if(srcData==null || privateKeyPath==null || privateKeyPwd==null){return "";
}try{//获取证书的私钥
PrivateKey key =readPrivate(privateKeyPath, privateKeyPwd);//进行签名服务
Signature signature =Signature.getInstance(ALGORITHM);
signature.initSign(key);
signature.update(srcData.getBytes(CHARSET_ENCODING));byte[] signedData =signature.sign();returnBase64.getEncoder().encodeToString(signedData);
}catch(Exception e) {
e.printStackTrace();
}return "";
}/*** 验签
*@paramsrcData
*@paramsignedData
*@parampublicKeyPath
*@return
*/
public static booleanverify(String srcData, String signedData, String publicKeyPath){if(srcData==null || signedData==null || publicKeyPath==null){return false;
}try{
PublicKey publicKey=readPublic(publicKeyPath);
Signature sign=Signature.getInstance(ALGORITHM);
sign.initVerify(publicKey);
sign.update(srcData.getBytes(CHARSET_ENCODING));returnsign.verify(Base64.getDecoder().decode(signedData));
}catch(Exception e) {
e.printStackTrace();
}return false;
}/*** 读取公钥
*@parampublicKeyPath
*@return
*/
private staticPublicKey readPublic(String publicKeyPath){if(publicKeyPath==null){return null;
}
PublicKey pk= null;
FileInputStream bais= null;try{
CertificateFactory certificatefactory= CertificateFactory.getInstance("X.509");
bais= newFileInputStream(publicKeyPath);
X509Certificate cert=(X509Certificate)certificatefactory.generateCertificate(bais);
pk=cert.getPublicKey();
}catch(CertificateException e) {
e.printStackTrace();
}catch(FileNotFoundException e) {
e.printStackTrace();
}finally{if(bais != null){try{
bais.close();
}catch(IOException e) {
e.printStackTrace();
}
}
}returnpk;
}/*** 读取私钥
*@parampath
*@return
*/
private staticPrivateKey readPrivate(String privateKeyPath, String privateKeyPwd){if(privateKeyPath==null || privateKeyPwd==null){return null;
}
InputStream stream= null;try{//获取JKS 服务器私有证书的私钥,取得标准的JKS的 KeyStore实例
KeyStore store = KeyStore.getInstance("JKS");
stream= new FileInputStream(newFile(privateKeyPath));//jks文件密码,根据实际情况修改
store.load(stream, privateKeyPwd.toCharArray());//获取jks证书别名
Enumeration en =store.aliases();
String pName= null;while(en.hasMoreElements()) {
String n=(String) en.nextElement();if(store.isKeyEntry(n)) {
pName=n;
}
}//获取证书的私钥
PrivateKey key =(PrivateKey) store.getKey(pName,
privateKeyPwd.toCharArray());returnkey;
}catch(Exception e) {
e.printStackTrace();
}finally{if(stream != null){try{
stream.close();
}catch(IOException e) {
e.printStackTrace();
}
}
}return null;
}
}