非对称加密
package test; import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Base64;
import java.util.Enumeration;
import javax.crypto.Cipher; /**
* 公钥加密,私钥解密
* @author jinzhm
*
*/
public class RsaUtil {
public final static String CIPHER_ALGORITHM = "RSA/ECB/PKCS1Padding";
public final static String CHARSET_ENCODING = "UTF-8"; /**
* 加密
* @param publicKeyPath
* @param plainText
* @return
*/
private static byte[] encrypt(String publicKeyPath, String plainText) {
if(publicKeyPath==null || plainText==null){
return null;
}
try {
PublicKey key = readPublic(publicKeyPath);
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, key);
return cipher.doFinal(plainText.getBytes(CHARSET_ENCODING));
} catch (Exception e) {
e.printStackTrace();
return null;
}
} /**
* 解密
* @param privateKeyPath
* @param privateKeyPwd
* @param encryptedText
* @return
*/
private static String decrypt(String privateKeyPath, String privateKeyPwd, String encryptedText) {
if(privateKeyPath==null || privateKeyPwd==null || encryptedText==null){
return null;
}
try {
PrivateKey key = readPrivate(privateKeyPath, privateKeyPwd);
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, key);
return new String(cipher.doFinal(Base64.getDecoder().decode(encryptedText)));
} catch (Exception e) {
e.printStackTrace();
}
return "";
} /**
* 读取公钥
* @param publicKeyPath
* @return
*/
private static PublicKey readPublic(String publicKeyPath){
if(publicKeyPath==null){
return null;
}
PublicKey pk = null;
FileInputStream bais = null;
try {
CertificateFactory certificatefactory = CertificateFactory.getInstance("X.509");
bais = new FileInputStream(publicKeyPath);
X509Certificate cert = (X509Certificate)certificatefactory.generateCertificate(bais);
pk = cert.getPublicKey();
} catch (CertificateException e) {
e.printStackTrace();
} catch (FileNotFoundException e) {
e.printStackTrace();
} finally{
if(bais != null){
try {
bais.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
return pk;
} /**
* 读取私钥
* @param path
* @return
*/
private static PrivateKey readPrivate(String privateKeyPath, String privateKeyPwd){
if(privateKeyPath==null || privateKeyPwd==null){
return null;
}
InputStream stream = null;
try {
// 获取JKS 服务器私有证书的私钥,取得标准的JKS的 KeyStore实例
KeyStore store = KeyStore.getInstance("JKS");
stream = new FileInputStream(new File(privateKeyPath));
// jks文件密码,根据实际情况修改
store.load(stream, privateKeyPwd.toCharArray());
// 获取jks证书别名
Enumeration en = store.aliases();
String pName = null;
while (en.hasMoreElements()) {
String n = (String) en.nextElement();
if (store.isKeyEntry(n)) {
pName = n;
}
}
// 获取证书的私钥
PrivateKey key = (PrivateKey) store.getKey(pName,
privateKeyPwd.toCharArray());
return key;
} catch (Exception e) {
e.printStackTrace();
} finally {
if(stream != null){
try {
stream.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
return null;
}
}