1.公钥与私钥码生成
http://web.chacuo.net/netrsakeypair
2.获取公钥
/**
* 获取公钥
* @return
*/
private PublicKey getPublicKey(){
byte[] bytesPublic = getBytesBASE64(publicKey);
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(bytesPublic);
try {
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
return keyFactory.generatePublic(keySpec);
} catch (Exception e) {
log.error("getPublicKey-Exception", e);
return null;
}
}
获取私钥
/**
* 获取私钥
* @return
*/
private PrivateKey getPrivateKey(){
byte[] bytesPrivate = getBytesBASE64(privateKey);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(bytesPrivate);
try {
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
return keyFactory.generatePrivate(keySpec);
} catch (Exception e) {
log.error("getPrivateKey-Exception", e);
return null;
}
}
base64转码工具类
/**
* BASE64 编码的字符串 str 进行解码
* @param str
* @return
*/
private byte[] getBytesBASE64(String str) {
if (str == null) {
return null;
}
BASE64Decoder decoder = new BASE64Decoder();
try {
return decoder.decodeBuffer(str);
} catch (Exception e) {
return null;
}
}
3.加密数据
/**
* 加密数据
* @param originData
* @return
*/
public String encodeData(String originData){
try {
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE,getPublicKey());
byte[] bytesEncrypt = cipher.doFinal(originData.getBytes());
byte[] bytesEncryptBase64 = Base64.getEncoder().encode(bytesEncrypt);
return new String(bytesEncryptBase64);
} catch (Exception e) {
log.error("encodeData-Exception", e);
return null;
}
}
解密数据
/**
* 解密数据
* @param encodeData
* @return
*/
public String decodeData(String encodeData){
try {
byte[] bytesEncrypt = getBytesBASE64(encodeData);
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE,getPrivateKey());
byte[] bytesDecrypt = cipher.doFinal(bytesEncrypt);
return new String(bytesDecrypt);
} catch (Exception e) {
log.error("decodeData-Exception", e);
return null;
}
}
4.加签
/**
* 加签
* @param data
* @return
*/
public String sign(String data) {
try {
PrivateKey privateKey = getPrivateKey();
Signature signature = Signature.getInstance("Sha1WithRSA");
signature.initSign(privateKey);
signature.update(data.getBytes(StandardCharsets.UTF_8));
byte[] signed = signature.sign();
return Base64.getEncoder().encodeToString(signed);
}catch (Exception e){
log.error("sign-Exception", e);
return null;
}
}
验签
/**
* 验签
* @param data
* @param sign
* @return
*/
public boolean verify(String data, String sign){
try {
PublicKey publicKey = getPublicKey();
Signature signature = Signature.getInstance("Sha1WithRSA");
signature.initVerify(publicKey);
signature.update(data.getBytes(StandardCharsets.UTF_8));
byte[] signby = getBytesBASE64(sign);
return signature.verify(signby);
}catch (Exception e){
log.error("verify-Exception", e);
return false;
}
}
json排序工具类
/**
* 生成待签名串
* @param jsonObject
* @return
*/
private String buildSignData(JSONObject jsonObject) {
StringBuilder content = new StringBuilder();
// 按照key做首字母升序排列
List<String> keys = new ArrayList<String>(jsonObject.keySet());
keys.sort(String.CASE_INSENSITIVE_ORDER);
for (int i = 0; i < keys.size(); i++) {
String key = (String) keys.get(i);
if ("sign".equals(key)) {
continue;
}
String value = jsonObject.getString(key);
if (StringUtils.isBlank(value)) {
continue;
}
content.append(i == 0 ? "" : "&").append(key).append("=").append(value);
}
String signSrc = content.toString();
if (signSrc.startsWith("&")) {
signSrc = signSrc.replaceFirst("&", "");
}
return signSrc;
}