JAVA中RSA簽名算法實現

import java.security.InvalidKeyException; import java.security.Key; import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; import java.security.PublicKey; import java.security.Signature; import java.security.SignatureException; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; import java.security.spec.InvalidKeySpecException; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import java.util.HashMap; import java.util.Map; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import org.apache.commons.codec.DecoderException; import org.apache.commons.codec.binary.Hex; /** * Created by Lb on 2017/9/10. */ public class RSACoder { //非對稱加密算法 public static final String KEY_ALGORITHM = "RSA"; //數字簽名 簽名/驗證算法 public static final String SIGNATURE_ALGORITHM = "SHA1withRSA"; //公鑰 private static final String PUBLIC_KEY = "RSAPublicKey"; //私鑰 private static final String PRIVATE_KEY = "RSAPrivateKey"; //RSA密鑰長度默認1024位，密鑰長度必須是64的倍數，範圍在512-65536位之間 private static final int KEY_SIZE = 512; /** * 私鑰解密 */ public static byte[] decryptByPrivateKey(byte[] data, byte[] key) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException { //取得私鑰 PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(key); KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); //生成私鑰 PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec); //對數據解密 Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); cipher.init(Cipher.DECRYPT_MODE, privateKey); return cipher.doFinal(data); } /** * 公鑰解密 */ public static byte[] decryptByPublicKey(byte[] data, byte[] key) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException { //取得公鑰 X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(key); KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); //生成公鑰 PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec); //對數據解密 Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); cipher.init(Cipher.DECRYPT_MODE, publicKey); return cipher.doFinal(data); } /** * 公鑰加密 */ public static byte[] encryptByPublicKey(byte[] data, byte[] key) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException { //取得公鑰 X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(key); KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); //生成公鑰 PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec); //對數據加密 Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); cipher.init(Cipher.ENCRYPT_MODE, publicKey); return cipher.doFinal(data); } /** * 私鑰加密 */ public static byte[] encryptByPrivateKey(byte[] data, byte[] key) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException { //取得私鑰 PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(key); KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); //生成私鑰 PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec); //對數據加密 Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); cipher.init(Cipher.ENCRYPT_MODE, privateKey); return cipher.doFinal(data); } /** * 取得私鑰 */ public static byte[] getPrivateKey(Map keyMap) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException { Key key = (Key) keyMap.get(PRIVATE_KEY); return key.getEncoded(); } /** * 取得公鑰 */ public static byte[] getPublicKey(Map keyMap) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException { Key key = (Key) keyMap.get(PUBLIC_KEY); return key.getEncoded(); } /** * 初始化密鑰 */ public static Map initKey() throws NoSuchAlgorithmException { //實例化密鑰生成器 KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_ALGORITHM); //初始化密鑰對生成器 keyPairGenerator.initialize(KEY_SIZE); //生成密鑰對 KeyPair keyPair = keyPairGenerator.generateKeyPair(); //公鑰 RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); //私鑰 RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate(); //封裝密鑰 Map keyMap = new HashMap<>(); keyMap.put(PUBLIC_KEY, publicKey); keyMap.put(PRIVATE_KEY, privateKey); return keyMap; } /** * 簽名 * * @param data 待簽名數據 * @param privateKey 私鑰 * @return 數字簽名 */ public static byte[] sign(byte[] data, byte[] privateKey) throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, SignatureException { //轉換私鑰材料 PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(privateKey); //實例化密鑰工廠 KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); //取私鑰對象 PrivateKey priKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec); //實例化Signature Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM); //初始化Signature signature.initSign(priKey); //更新 signature.update(data); //簽名 return signature.sign(); } /** * 公鑰校驗 * * @param data 待校驗數據 * @param publicKey 公鑰 * @param sign 數字簽名 * @return 校驗成功返回true 失敗返回false */ public static boolean verify(byte[] data, byte[] publicKey, byte[] sign) throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, SignatureException { //轉換公鑰材料 X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicKey); //實例化密鑰工廠 KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); //生成公鑰 PublicKey pubKey = keyFactory.generatePublic(keySpec); //實例化Signature Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM); //初始化Signature signature.initVerify(pubKey); //更新 signature.update(data); //驗證 return signature.verify(sign); } /** * 私鑰簽名 * * @param data 待簽名數據 * @param privateKey 私鑰 * @return 十六進行簽名字符串 */ public static String sign(byte[] data, String privateKey) throws DecoderException, InvalidKeySpecException, NoSuchAlgorithmException, InvalidKeyException, SignatureException { byte[] sign = sign(data, getKey(privateKey)); return Hex.encodeHexString(sign); } /** * 公鑰校驗 * * @param data 待校驗數據 * @param publicKey 公鑰 * @param sign 簽名 * @return 成功返回true，失敗返回false */ public static boolean verify(byte[] data, String publicKey, String sign) throws DecoderException, InvalidKeySpecException, NoSuchAlgorithmException, InvalidKeyException, SignatureException { return verify(data, getKey(publicKey), Hex.decodeHex(sign.toCharArray())); } /** * 私鑰加密 */ public static byte[] encryptByPrivateKey(byte[] data, String key) throws DecoderException, NoSuchPaddingException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, InvalidKeySpecException { return encryptByPrivateKey(data, getKey(key)); } /** * 公鑰加密 */ public static byte[] encryptByPublicKey(byte[] data, String key) throws DecoderException, NoSuchPaddingException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, InvalidKeySpecException { return encryptByPublicKey(data, getKey(key)); } /** * 私鑰解密 */ public static byte[] decryptByPrivateKey(byte[] data, String key) throws DecoderException, NoSuchPaddingException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, InvalidKeySpecException { return decryptByPrivateKey(data, getKey(key)); } /** * 公鑰解密 */ public static byte[] decryptByPublicKey(byte[] data, String key) throws DecoderException, NoSuchPaddingException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, InvalidKeySpecException { return decryptByPublicKey(data, getKey(key)); } /** * 初始化密鑰 * * @return 十六進制編碼密鑰 */ public static String getPrivateKeyString(Map keyMap) throws NoSuchPaddingException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, InvalidKeySpecException { // return Base64.encodeBase64String(getPrivateKey(keyMap)); return Hex.encodeHexString(getPrivateKey(keyMap)); } /** * 初始化密鑰 * * @return 十六進制編碼密鑰 */ public static String getPublicKeyString(Map keyMap) throws NoSuchPaddingException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, InvalidKeySpecException { // return Base64.encodeBase64String(getPublicKey(keyMap)); return Hex.encodeHexString(getPublicKey(keyMap)); } /** * 獲取密鑰 * * @param key 密鑰 * @return 密鑰 */ public static byte[] getKey(String key) throws DecoderException { return Hex.decodeHex(key.toCharArray()); // return Base64.decodeBase64(key); } public static void main(String[] args) throws NoSuchAlgorithmException, IllegalBlockSizeException, InvalidKeyException, BadPaddingException, InvalidKeySpecException, NoSuchPaddingException, DecoderException, SignatureException { Map keyMap = RSACoder.initKey(); //獲取並打印公鑰 String publicKey = RSACoder.getPublicKeyString(keyMap); System.out.println("publicKey=" + publicKey); //獲取並打印私鑰 String privateKey = RSACoder.getPrivateKeyString(keyMap); System.out.println("privateKey=" + privateKey); String inputStr = "測試加密18803696960http://www.baidu.com///xxxx"; byte[] data = inputStr.getBytes(); System.out.println("原文：" + inputStr); byte[] encodeData = RSACoder.encryptByPublicKey(data, publicKey); System.out.println("加密後：" + Hex.encodeHexString(encodeData)); byte[] decodeData = RSACoder.decryptByPrivateKey(encodeData, privateKey); System.out.println("解密後：" + new String(decodeData)); //私鑰簽名 公鑰校驗 String sign = RSACoder.sign(data, privateKey); System.out.println("校驗=" + RSACoder.verify(data, publicKey, sign)); } }