RSA工具类

zzzb123456
已于 2023-03-09 16:29:13 修改
阅读量276
点赞数
文章标签： java Powered by 金山文档
于 2023-03-09 14:27:08 首次发布
本文链接：https://blog.csdn.net/zzzb123456/article/details/129422204
版权
import org.apache.commons.codec.binary.Base64;
import org.apache.http.util.TextUtils;

import javax.crypto.Cipher;
import java.io.ByteArrayOutputStream;
import java.security.*;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;

public class RSAUtil {
    /**
     * RSA最大加密明文大小
     */
    private static final int MAX_ENCRYPT_BLOCK = 117;

    /**
     * RSA最大解密密文大小
     */
    private static final int MAX_DECRYPT_BLOCK = 128;
    /**
     * 编码
     */
    private static String charset = "utf-8";

    /**
     * 获取密钥对
     *
     * @return 密钥对
     */
    public static KeyPair getKeyPair() throws Exception {
        KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
        generator.initialize(1024);
        return generator.generateKeyPair();
    }

    /**
     * 获取私钥
     *
     * @param privateKey 私钥字符串
     * @return
     */
    public static PrivateKey getPrivateKey(String privateKey) throws Exception {
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        byte[] decodedKey = Base64.decodeBase64(privateKey.getBytes(charset));
        PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(decodedKey);
        return keyFactory.generatePrivate(keySpec);
    }

    /**
     * 获取公钥
     *
     * @param publicKey 公钥字符串
     * @return
     */
    public static PublicKey getPublicKey(String publicKey) throws Exception {
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        byte[] decodedKey = Base64.decodeBase64(publicKey.getBytes(charset));
        X509EncodedKeySpec keySpec = new X509EncodedKeySpec(decodedKey);
        return keyFactory.generatePublic(keySpec);
    }

    /**
     *
     * 功能描述: 通过证书获取公钥
     *
     * @param: [cert] 证书base64字符串
     * @return: java.security.PublicKey
     */
    public static PublicKey getPublicKeyByCert(String cert) throws CertificateException {
        ByteArrayInputStream bis = new ByteArrayInputStream(Base64.decodeBase64(cert));
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        Certificate certificate = cf.generateCertificate(bis);
        PublicKey publicKey = certificate.getPublicKey();
        return publicKey;
    }

    /**
     * RSA加密
     *
     * @param data 待加密数据
     * @param publicKey 公钥
     * @return
     */
    public static String encrypt(String data, PublicKey publicKey) throws Exception {
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.ENCRYPT_MODE, publicKey);
        int inputLen = data.getBytes(charset).length;
        ByteArrayOutputStream out = new ByteArrayOutputStream();
        int offset = 0;
        byte[] cache;
        int i = 0;
        // 对数据分段加密
        while (inputLen - offset > 0) {
            if (inputLen - offset > MAX_ENCRYPT_BLOCK) {
                cache = cipher.doFinal(data.getBytes(charset), offset, MAX_ENCRYPT_BLOCK);
            } else {
                cache = cipher.doFinal(data.getBytes(charset), offset, inputLen - offset);
            }
            out.write(cache, 0, cache.length);
            i++;
            offset = i * MAX_ENCRYPT_BLOCK;
        }
        byte[] encryptedData = out.toByteArray();
        out.close();
        // 获取加密内容使用base64进行编码,并以UTF-8为标准转化成字符串
        // 加密后的字符串
        return Base64.encodeBase64String(encryptedData);
    }

    /**
     * RSA解密
     *
     * @param data 待解密数据
     * @param privateKey 私钥
     * @return
     */
    public static String decrypt(String data, PrivateKey privateKey) throws Exception {
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.DECRYPT_MODE, privateKey);
        byte[] dataBytes = Base64.decodeBase64(data);
        int inputLen = dataBytes.length;
        ByteArrayOutputStream out = new ByteArrayOutputStream();
        int offset = 0;
        byte[] cache;
        int i = 0;
        // 对数据分段解密
        while (inputLen - offset > 0) {
            if (inputLen - offset > MAX_DECRYPT_BLOCK) {
                cache = cipher.doFinal(dataBytes, offset, MAX_DECRYPT_BLOCK);
            } else {
                cache = cipher.doFinal(dataBytes, offset, inputLen - offset);
            }
            out.write(cache, 0, cache.length);
            i++;
            offset = i * MAX_DECRYPT_BLOCK;
        }
        byte[] decryptedData = out.toByteArray();
        out.close();
        // 解密后的内容
        return new String(decryptedData, "UTF-8");
    }

    /**
     * 签名
     *
     * @param data 待签名数据
     * @param privateKey 私钥
     * @return 签名
     */
    public static String sign(String data, PrivateKey privateKey) throws Exception {
        byte[] keyBytes = privateKey.getEncoded();
        PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        PrivateKey key = keyFactory.generatePrivate(keySpec);
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(key);
        signature.update(toByteArray(data));
        return new String(Base64.encodeBase64(signature.sign()),charset);
    }


    /**
     *
     * 功能描述: 签名
     *
     * @param: [data, privateKey]
     * @return: java.lang.String
     * @date: 2022/7/8 17:13
     */
    public static String signData(String data, PrivateKey privateKey) throws Exception {
        byte[] keyBytes = privateKey.getEncoded();
        PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        PrivateKey key = keyFactory.generatePrivate(keySpec);
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(key);
        signature.update(toByteArray(data));
        byte[] sign = signature.sign();
        return new String(Base64.encodeBase64(sign),charset);
    }

    /**
     * 验签
     *
     * @param srcData 原始字符串
     * @param publicKey 公钥
     * @param sign 签名
     * @return 是否验签通过
     */
    public static boolean verify(String srcData, PublicKey publicKey, String sign) throws Exception {
        byte[] keyBytes = publicKey.getEncoded();
        X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        PublicKey key = keyFactory.generatePublic(keySpec);
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initVerify(key);
        signature.update(toByteArray(srcData));
        return signature.verify(Base64.decodeBase64(sign.getBytes(charset)));
    }

    /**
     * 验签
     *
     * @param srcData 原始字符串
     * @param publicKey 公钥
     * @param sign 签名
     * @return 是否验签通过
     */
    public static boolean verifyNoneWithRSA(String srcData, PublicKey publicKey, String sign) throws Exception {
        byte[] keyBytes = publicKey.getEncoded();
        X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        PublicKey key = keyFactory.generatePublic(keySpec);
        Signature signature = Signature.getInstance("NONEwithRSA");
        signature.initVerify(key);
        signature.update(toByteArray(srcData));
        return signature.verify(Base64.decodeBase64(sign.getBytes(charset)));
    }


    /**
     * 16进制的字符串表示转成字节数组
     *
     * @param hexString 16进制格式的字符串
     * @return 转换后的字节数组
     **/
    public static byte[] toByteArray(String hexString) {
        if (TextUtils.isEmpty(hexString))
            throw new IllegalArgumentException("this hexString must not be empty");

        hexString = hexString.toLowerCase();
        final byte[] byteArray = new byte[hexString.length() / 2];
        int k = 0;
        for (int i = 0; i < byteArray.length; i++) {//因为是16进制，最多只会占用4位，转换成字节需要两个16进制的字符，高位在先
            byte high = (byte) (Character.digit(hexString.charAt(k), 16) & 0xff);
            byte low = (byte) (Character.digit(hexString.charAt(k + 1), 16) & 0xff);
            byteArray[i] = (byte) (high << 4 | low);
            k += 2;
        }
        return byteArray;
    }

    /**
     * byte[]数组转换为16进制的字符串
     *
     * @param bytes 要转换的字节数组
     * @return 转换后的结果
     */
    public static String bytesToHexString(byte[] bytes) {
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < bytes.length; i++) {
            String hex = Integer.toHexString(0xFF & bytes[i]);
            if (hex.length() == 1) {
                sb.append('0');
            }
            sb.append(hex);
        }
        return sb.toString();
    }

    public static void main(String[] args) {
        try {
            // 生成密钥对
            String publicKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwn2Fi+bNXhLIxEKPvGPQaY8Ey2vixX0Wz/rDNBzsLtROWBaKqI1dOu2BjwiEDSCN8tCu+kc9NPt5Yl8hCxhk/DmfyZ4/5beM6qGUqsQumS+iPuO4sVsywNcxHF4n5TqZe3nPOccFTapHO/pEktYBXaukV6S7P9+s3G+bpzJoqMwIDAQAB";
            String privateKey = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALCfYWL5s1eEsjEQo+8Y9BpjwTLa+LFfRbP+sM0HOwu1E5YFoqojV067YGPCIQNII3y0K76Rz00+3liXyELGGT8OZ/Jnj/lt4zqoZSqxC6ZL6I+47ixWzLA1zEcXiflOpl7ec85xwVNqkc7+kSS1gFdq6RXpLs/36zcb5unMmiozAgMBAAECgYAbvVx5RAhzxWaLKDbnFX85KdOtHhETIoh7BZRVDz6pzw29cTMkD5rlxa4U3Od8cXcJXe7E5nethSM8vNH6EsziBJpU6D9ahxTWIZAem11U9NP+Zn76itWt6Oz1tGZ+0xvkMnQpKWXCFnbtjRPIXM3GT97pvmpGKEtzD5QKMcvz+QJBANqtLQop5P20swIbxbCEWHoavSl3PAuKd1k4ReO6y6/Ppfr4gXNqzRZISMjsdI1qVIMa7jV8LdSRcN7Ejh4xqmUCQQDOxLTvdhPhVkTV2/TriehQ32A9Z6RRH279yNcpNYryg0WAj0gt8Y9m1z2JGl43TcUVlnP5Vj9JFxXs+LqxkCy3AkEAxJByMfairiNl3XlVZGwyk9/BNarGQKGA0qQwvpnESg7fZg9HXZYdL/Bd7K4PvqZbvVXR1iX/lFoAGV6ZWS7PuQJAMGXCpDpTNO9odVZi4a8J/cQLVtQnlgVxiV21XyP1PgaUAh+HmZltI3lGIg1V+EPv2bm5s6cIcSdCLpGZwW4pyQJAOZ9gYJajbWTH1GWpI9/RmgpKbfRuerY2bzgbhfs8r0WICrf+9nekerms2UyaV+D8jIKJEjP7CJ+3g5J2JsCUVA==";
            String data = "314b301806092a864886f70d010903310b06092a864886f70d010701302f06092a864886f70d01090431220420cb96dbd584fdbed944deacc130a8c3205fb5f54860a6a94fa891e36a8ab2d069";
            // RSA签名
            String sign = signData(data, getPrivateKey(privateKey));
            // RSA验签
            boolean result = verify(data, getPublicKey(publicKey), sign);
            System.out.print("验签结果:" + result);
        } catch (Exception e) {
            e.printStackTrace();
            System.out.print("加解密异常");
        }
    }
}