RAS加密解密

package com.froad.openapi.util;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;

import org.apache.commons.codec.binary.Base64;
import org.apache.commons.ssl.PKCS8Key;
import org.springframework.util.StringUtils;

import com.froad.openapi.constant.KeyCommand;

public class RSAUtil {
   
    private String prikeyPath = KeyCommand.PRIKEY_PATH;
    private String prikeyPwd = KeyCommand.PRIKEY_PWD;
    private static Map<String, PublicKey> partner_pk_map = new HashMap<String, PublicKey>();
    private static PrivateKey froadPrikay = null;
   
    public RSAUtil() {
        froadPrikay = initPrivateKey(prikeyPath, prikeyPwd);
    }
   
    public static PrivateKey getFroadPrivateKey() {
        return froadPrikay;
    }
   
    public static PublicKey getCerPublicKey(String partnerNo, String keyPath) throws Exception {
        if((null != partnerNo && !"".equals(partnerNo)) || (null != keyPath && !"".equals(keyPath))) {
            if(partner_pk_map.containsKey(partnerNo)) {
                return partner_pk_map.get(partnerNo);
            } else {
                PublicKey pubkey = initCerPublicKey(keyPath);
                partner_pk_map.put(partnerNo, pubkey);
                return pubkey;
            }
        }
        return null;
    }
   
    /**
     * 初始化cer公钥
     * @throws Exception
     */
    public static PublicKey initCerPublicKey(String pubkeypathB) throws Exception {
        PublicKey pubkey = null;
        try {
            CertificateFactory certificatefactory = CertificateFactory
                    .getInstance("X.509");
            FileInputStream bais = new FileInputStream(pubkeypathB);
            X509Certificate Cert = (X509Certificate) certificatefactory
                    .generateCertificate(bais);
            pubkey = Cert.getPublicKey();
            bais.close();
        } catch (Exception e) {
            throw e;
        }
        return pubkey;
    }
   
   
   
   
    /**
      * 方法描述：初始化私钥
      * @param: String str
      * @return: PublicKey
      * @version: 1.0
      * @author: 范兴乾 [email protected]
      * @time: 2011-12-7 上午9:11:15
      */
    public static PrivateKey initPrivateKey(String path, String pwd) {
        try {
           
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
           
            File file = new File(path);
            byte[] b = null;

            InputStream in = new FileInputStream(file);

            PKCS8Key pkcs8 = new PKCS8Key(in, pwd.toCharArray());

            b = pkcs8.getDecryptedBytes();

            PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(b);

            PrivateKey prikey = keyFactory.generatePrivate(keySpec);

            return prikey;
           
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (FileNotFoundException e) {
            e.printStackTrace();
        } catch (GeneralSecurityException e) {
            e.printStackTrace();
        } catch (IOException e) {
            e.printStackTrace();
        }
        return null;
    }
   
    /**
      * 方法描述：初始化公钥
      * @param: String str
      * @return: PublicKey
      * @version: 1.0
      * @author: 范兴乾 [email protected]
     * @throws Exception
      * @time: 2011-12-7 上午9:11:15
      */
    public static PublicKey initPublicKey(String str) throws Exception {
        KeyFactory keyFactory;
        try {
            keyFactory = KeyFactory.getInstance("RSA");

            X509EncodedKeySpec keySpec = new X509EncodedKeySpec(
                    (Base64.decodeBase64(str)));

            PublicKey pubkey = keyFactory.generatePublic(keySpec);

            return pubkey;

        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            throw new Exception("初始化公钥异常", e);
        } catch (InvalidKeySpecException e) {
            e.printStackTrace();
            throw new Exception("初始化公钥异常", e);
        }
    }

    /**
      * 方法描述：签名
      * @param: String content, PrivateKey key, String charsetSet
      * @return: String
      * @version: 1.0
      * @author: 范兴乾 [email protected]
      * @time: 2011-12-7 上午9:12:48
      */
    public static String signPrivateKey(String content, PrivateKey key, String charsetSet) throws NoSuchAlgorithmException,
            IOException, InvalidKeySpecException, InvalidKeyException, SignatureException {
        PrivateKey prikey = key;

        Signature signature = Signature.getInstance("SHA1WithRSA");

        signature.initSign(prikey);

        signature.update(content.getBytes(charsetSet));

        byte[] signBytes = signature.sign();

        String sign = new String(Base64.encodeBase64(signBytes));
        return sign;
    }

    /**
      * 方法描述：验签
      * @param: String content, String sign,PublicKey key,String charsetSet
      * @return: boolean
      * @version: 1.0
      * @author: 范兴乾 [email protected]
      * @time: 2011-12-7 上午9:28:04
      */
    public static boolean verifyPublicKey(String content, String sign, PublicKey key,
            String charsetSet) throws NoSuchAlgorithmException, IOException,
            InvalidKeySpecException, InvalidKeyException, SignatureException {
        PublicKey pubkey = key;

        byte[] signed = Base64.decodeBase64(sign.getBytes());

        Signature signature = Signature.getInstance("SHA1WithRSA");

        signature.initVerify(pubkey);

        signature.update(content.getBytes(charsetSet));

        return signature.verify(signed);
    }

    /**
      * 方法描述：签名
      * @param: String content, PrivateKey key
      * @return: String
      * @version: 1.0
      * @author: 范兴乾 [email protected]
      * @time: 2011-12-7 上午9:22:21
      */
    public static String signPrivateKey(String content, PrivateKey key) throws NoSuchAlgorithmException, IOException,
    InvalidKeySpecException, InvalidKeyException, SignatureException {
        PrivateKey prikey = key;

        Signature signature = Signature.getInstance("SHA1WithRSA");
        signature.initSign(prikey);
        signature.update(content.getBytes("UTF-8"));
        byte[] signBytes = signature.sign();
        String sign = new String(Base64.encodeBase64(signBytes));
       
        return sign;
    }

    /**
      * 方法描述：验签
      * @param: String content, String sign,PublicKey key
      * @return: boolean
      * @version: 1.0
      * @author: 范兴乾 [email protected]
      * @time: 2011-12-7 上午9:25:05
      */
    public static boolean verifyPublicKey(String content, String sign, PublicKey key)
            throws NoSuchAlgorithmException, IOException,
            InvalidKeySpecException, InvalidKeyException, SignatureException {
        PublicKey pubkey = key;

        byte[] signed = Base64.decodeBase64(sign.getBytes());

        Signature signature = Signature.getInstance("SHA1WithRSA");

        signature.initVerify(pubkey);

        signature.update(content.getBytes("UTF-8"));

        return signature.verify(signed);
    }
   
    /**
     * 初始化私钥
     * @param keyPath
     * @param alias
     * @param key
     * @param pwd
     * @return
     * @throws KeyStoreException
     * @throws NoSuchAlgorithmException
     * @throws CertificateException
     * @throws IOException
     * @throws UnrecoverableKeyException
     */
    public static PrivateKey genPrivateKey(String keyPath, String alias, String key, String pwd) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException {
        KeyStore ks;
        PrivateKey prikey = null;
        ks = KeyStore.getInstance("JKS");
        FileInputStream fin = new FileInputStream(keyPath);
        ks.load(fin, alias.toCharArray());
        prikey = (PrivateKey) ks.getKey(key, pwd
                .toCharArray());
       
        return prikey;
    }
   
    public static void main(String[] s) throws Exception {
//        String sr = "dasasdas";
//        PrivateKey pk = RSAUtil.initPrivateKey("C:\\OpenSSL\\bin\\openapi_private_key_froad.key", "froad");
//        String msg = RSAUtil.signPrivateKey(sr, pk, "UTF-8");
//        System.out.println(msg);
//       
////        String publickey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDhaRco+RYyPOmnTmT+YO6svwP9bZoNY0mWm4/saGfRbWVeIleoxOKMII7S3/ZG1816pB2OJ04hT0DCad/kcPdyh1uCgISKQa5mhZfnzuNEV4P+IJM5GITf7h6PRIhOZD+XwpZbjYKyon+NJQyUdNtQslnJ+dOM8Gi59o7aGYXtAQIDAQAB";
//       
//        PublicKey pubk = RSAUtil.initCerPublicKey("C:\\OpenSSL\\bin\\public.cer");
//       
//        boolean b = RSAUtil.verifyPublicKey(sr, msg, pubk);
//       
//        System.out.println(b);
        PrivateKey privateKey  = (RSAPrivateKey) genPrivateKey("E:\\cqzx.jks", "cqtest1", "cqzx", "cqtest0");
        PublicKey publicKey = (RSAPublicKey) initCerPublicKey("E:\\test1.cer");
        String a = "12345";
        String sign = RSAUtil.signPrivateKey(a, privateKey);
        System.out.println(sign);
       
       
        boolean b = RSAUtil.verifyPublicKey(a, sign, publicKey);
        System.out.println(b);
    }
}