- 浏览: 121124 次
- 性别:
- 来自: 福建
文章分类
最新评论
以下内容均摘自我买的书籍《java加密与解密的艺术》作者 梁栋
附证书生成命令:
keytool生成证书
keytool -genkeypair -keyalg RSA -keysize 2048 -sigalg SHA1withRSA -validity 360 -alias www.dominic.com -keystore dominic.keystore
导出数字证书
keytool -exportcert -alias www.dominic.com -keystore dominic.keystore -file dominic.cer -rfc
打印数字证书
keytool -printcert -file dominic.cer
这里是自制证书,如果需要权威机构签发,需要导出证书申请文件由第三方签发
openssl证书创建
根证书构建命令?
echo 构建随机数 private/.rand
openssl rand -out private/.rand 1000
echo 构建根证书私钥 private/ca.key.pem
openssl genrsa -aes256 -out private/ca.key.pem 2048
echo 生成根证书签发申请 private/ca.csr
openssl req -new -key private/ca.key.pem -out private/ca.csr -subj "/C=CN/ST=BJ/L=BJ/O=dominic/OU=dominic/CN=www.dominic.com"
echo 签发根证书 private/ca.cer
openssl x509 -req -days 10000 -sha1 -extensions v3_ca -signkey private/ca.key.pem -in private/ca.csr -out certs/ca.cer
echo 根证书转换 private/ca.p12
openssl pkcs12 -export -cacerts inkey private/ca.key.pem -in private/ca.csr -out certs/ca.cer
服务器证书构建步骤命令?
(1)echo 构建服务器私钥 private/server.key.pem
(2)openssl genrsa -aes256 -out private/server.key.pem 2048
echo 生成服务器证书签发申请 private/server.csr
(3)openssl req -new -key private/server.key.pem -out private/server.csr -subj "/C=CN/ST=BJ/L=BJ/O=dominic/OU=dominic/CN=www.dominic.com"
echo 签发服务器证书 private/server.cer
openssl x509 -req -days 3650 -sha1 -extensions v3_req -CA certs/ca.cer -CAkey private/ca.key.pem -CAserial ca.srl -CAcreateserial -in private/server.csr -out certs/server.cer
echo 服务器证书转换 private/server.p12
openssl pkcs12 -export -clcerts -inkey private/server.key.pem -in certs/server.cer -out certs/server.p12
客户证书构建命令?
echo 构建客户私钥 private/client.key.pem
openssl genrsa -aes256 -out private/client.key.pem 2048
echo 生成服务器证书签发申请 private/client.csr
openssl req -new -key private/client.key.pem -out private/client.csr -subj "/C=CN/ST=BJ/L=BJ/O=dominic/OU=dominic/CN=www.dominic.com"
echo 签发客户证书 private/server.cer
openssl ca -days 3650 -in private/client.csr -out certs/client.cer -cert certs/ca.cer -keyfile private/ca.key.pem
echo 客户证书转换 certs/client.p12
openssl pkcs12 -export -inkey private/client.key.pem -in certs/client.cer -out certs/client.p12
- package com.algorithm;
- import java.security.Key;
- import java.security.KeyFactory;
- import java.security.KeyPair;
- import java.security.KeyPairGenerator;
- import java.security.PrivateKey;
- import java.security.PublicKey;
- import java.security.Signature;
- import java.security.interfaces.RSAPrivateKey;
- import java.security.interfaces.RSAPublicKey;
- import java.security.spec.PKCS8EncodedKeySpec;
- import java.security.spec.X509EncodedKeySpec;
- import java.util.HashMap;
- import java.util.Map;
- import javax.crypto.Cipher;
- import org.apache.commons.codec.binary.Hex;
- /**
- * RSA非对称加密算法安全编码组件
- * @author Administrator
- *
- */
- public abstract class RSACoder {
- //非对称加密密钥算法
- public static final String KEY_ALGORITHM="RSA";
- //数字签名 签名/验证算法
- public static final String SIGNATURE_ALGORRITHM="SHA1withRSA";
- //公钥
- private static final String PUBLIC_KEY="RSAPublicKey";
- //私钥
- private static final String PRIVATE_KEY="RSAPrivateKey";
- //RSA密钥长度,默认为1024,密钥长度必须是64的倍数,范围在521~65526位之间
- private static final int KEY_SIZE=512;
- /**
- * 私钥解密
- * @param data 待解密数据
- * @param key 私钥
- * @return byte[] 解密数据
- * @throws Exception
- */
- public static byte[] decryptByPrivateKey(byte[] data,byte[]key) throws Exception
- {
- //取得私钥
- PKCS8EncodedKeySpec pkcs8KeySpec=new PKCS8EncodedKeySpec(key);
- KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
- //生成私钥
- PrivateKey privateKey=keyFactory.generatePrivate(pkcs8KeySpec);
- //对数据解密
- Cipher cipher=Cipher.getInstance(keyFactory.getAlgorithm());
- cipher.init(Cipher.DECRYPT_MODE, privateKey);
- return cipher.doFinal(data);
- }
- /**
- * 私钥解密
- * @param data 待解密数据
- * @param key 私钥
- * @return byte[] 解密数据
- * @throws Exception
- */
- public static byte[] decryptByPrivateKey(byte[] data,String privateKey) throws Exception
- {
- return decryptByPrivateKey(data,getKey(privateKey));
- }
- /**
- * 公钥解密
- * @param data 待解密数据
- * @param key 公钥
- * @return byte[] 解密数据
- * @throws Exception
- */
- public static byte[] decryptByPublicKey(byte[] data,byte[] key) throws Exception
- {
- //取得公钥
- X509EncodedKeySpec x509KeySpec=new X509EncodedKeySpec(key);
- KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
- //生成公钥
- PublicKey publicKey=keyFactory.generatePublic(x509KeySpec);
- //对数据解密
- Cipher cipher=Cipher.getInstance(keyFactory.getAlgorithm());
- cipher.init(Cipher.DECRYPT_MODE, publicKey);
- return cipher.doFinal(data);
- }
- /**
- * 公钥解密
- * @param data 待解密数据
- * @param key 公钥
- * @return byte[] 解密数据
- * @throws Exception
- */
- public static byte[] decryptByPublicKey(byte[] data,String publicKey) throws Exception
- {
- return decryptByPublicKey(data,getKey(publicKey));
- }
- /**
- * 公钥加密
- * @param data 待加密数据
- * @param key 公钥
- * @return byte[] 加密数据
- * @throws Exception
- */
- public static byte[] encryptByPublicKey(byte[] data,byte[] key) throws Exception
- {
- //取得公钥
- X509EncodedKeySpec x509KeySpec=new X509EncodedKeySpec(key);
- KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
- PublicKey publicKey=keyFactory.generatePublic(x509KeySpec);
- //对数据加密
- Cipher cipher=Cipher.getInstance(keyFactory.getAlgorithm());
- cipher.init(Cipher.ENCRYPT_MODE, publicKey);
- return cipher.doFinal(data);
- }
- /**
- * 公钥加密
- * @param data 待加密数据
- * @param key 公钥
- * @return byte[] 加密数据
- * @throws Exception
- */
- public static byte[] encryptByPublicKey(byte[] data,String publicKey) throws Exception
- {
- return encryptByPublicKey(data,getKey(publicKey));
- }
- /**
- * 私钥加密
- * @param data 待加密数据
- * @param key 私钥
- * @return byte[] 加密数据
- * @throws Exception
- */
- public static byte[] encryptByPrivateKey(byte[] data,byte[] key) throws Exception
- {
- //取得私钥
- PKCS8EncodedKeySpec pkcs8KeySpec=new PKCS8EncodedKeySpec(key);
- KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
- //生成私钥
- PrivateKey privateKey=keyFactory.generatePrivate(pkcs8KeySpec);
- //对数据加密
- Cipher cipher=Cipher.getInstance(keyFactory.getAlgorithm());
- cipher.init(Cipher.ENCRYPT_MODE, privateKey);
- return cipher.doFinal(data);
- }
- /**
- * 私钥加密
- * @param data 待加密数据
- * @param key 私钥
- * @return byte[] 加密数据
- * @throws Exception
- */
- public static byte[] encryptByPrivateKey(byte[] data,String key) throws Exception
- {
- return encryptByPrivateKey(data,getKey(key));
- }
- /**
- * 取得私钥
- * @param keyMap 密钥Map
- * @return byte[] 私钥
- * @throws Exception
- */
- public static byte[] getPrivateKey(Map<String,Object> keyMap) throws Exception
- {
- Key key=(Key)keyMap.get(PRIVATE_KEY);
- return key.getEncoded();
- }
- /**
- * 取得公钥
- * @param keyMap 密钥Map
- * @return byte[] 公钥
- * @throws Exception
- */
- public static byte[] getPublicKey(Map<String,Object> keyMap) throws Exception
- {
- Key key=(Key)keyMap.get(PUBLIC_KEY);
- return key.getEncoded();
- }
- /**
- * 初始化密钥
- * @return 密钥Map
- * @throws Exception
- */
- public static Map<String,Object> initKey() throws Exception
- {
- //实例化实钥对生成器
- KeyPairGenerator keyPairGen=KeyPairGenerator.getInstance(KEY_ALGORITHM);
- //初始化密钥对生成器
- keyPairGen.initialize(KEY_SIZE);
- //生成密钥对
- KeyPair keyPair=keyPairGen.generateKeyPair();
- //公钥
- RSAPublicKey publicKey=(RSAPublicKey) keyPair.getPublic();
- //私钥
- RSAPrivateKey privateKey=(RSAPrivateKey) keyPair.getPrivate();
- //封装密钥
- Map<String,Object> keyMap=new HashMap<String,Object>(2);
- keyMap.put(PUBLIC_KEY, publicKey);
- keyMap.put(PRIVATE_KEY, privateKey);
- return keyMap;
- }
- /**
- * 签名
- * @param data 待签名数据
- * @param privateKey 私钥
- * @return byte[] 数字签名
- * @throws Exception
- */
- public static byte[] sign(byte[] data,byte[] privateKey) throws Exception
- {
- //转接私钥材料
- PKCS8EncodedKeySpec pkcs8KeySpec=new PKCS8EncodedKeySpec(privateKey);
- //实例化密钥工厂
- KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
- //取私钥对象
- PrivateKey priKey=keyFactory.generatePrivate(pkcs8KeySpec);
- //实例化Signature
- Signature signature=Signature.getInstance(SIGNATURE_ALGORRITHM);
- //初始化Signature
- signature.initSign(priKey);
- //更新
- signature.update(data);
- //签名
- return signature.sign();
- }
- /**
- * 公钥校验
- * @param data 待校验数据
- * @param publicKey 公钥
- * @param sign 数字签名
- * @return
- * @throws Exception
- */
- public static boolean verify(byte[] data,byte[] publicKey,byte[] sign) throws Exception
- {
- //转接公钥材料
- X509EncodedKeySpec x509KeySpec=new X509EncodedKeySpec(publicKey);
- //实例化密钥工厂
- KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
- //生成公钥
- PublicKey pubKey=keyFactory.generatePublic(x509KeySpec);
- //实例化Signature
- Signature signature=Signature.getInstance(SIGNATURE_ALGORRITHM);
- //初始化Signature
- signature.initVerify(pubKey);
- //更新
- signature.update(data);
- //验证
- return signature.verify(sign);
- }
- /**
- * 私钥签名
- * @param data 待签名数据
- * @param privateKey 私钥
- * @return String 十六进制签名字符串
- * @throws Exception
- */
- public static String sign(byte[] data,String privateKey) throws Exception
- {
- byte[] sign=sign(data,getKey(privateKey));
- return Hex.encodeHexString(sign);
- }
- /**
- * 公钥校验
- * @param data 待验证数据
- * @param publicKey 公钥
- * @param sign 签名
- * @return boolean 成功返回true,失败返回false
- * @throws Exception
- */
- public static boolean verify(byte[] data,String publicKey,String sign) throws Exception
- {
- return verify(data,getKey(publicKey),Hex.decodeHex(sign.toCharArray()));
- }
- /**
- * 取得私钥十六进制表示形式
- * @param keyMap 密钥Map
- * @return String 私钥十六进制字符串
- * @throws Exception
- */
- public static String getPrivateKeyString(Map<String,Object> keyMap) throws Exception
- {
- return Hex.encodeHexString(getPrivateKey(keyMap));
- }
- /**
- * 取得公钥十六进制表示形式
- * @param keyMap 密钥Map
- * @return String 公钥十六进制字符串
- * @throws Exception
- */
- public static String getPublicKeyString(Map<String,Object> keyMap) throws Exception
- {
- return Hex.encodeHexString(getPublicKey(keyMap));
- }
- /**
- * 获取密钥
- * @param key 密钥
- * @return byte[] 密钥
- * @throws Exception
- */
- public static byte[] getKey(String key) throws Exception
- {
- return Hex.decodeHex(key.toCharArray());
- }
- }
package com.algorithm; import java.security.Key; import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.PrivateKey; import java.security.PublicKey; import java.security.Signature; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import java.util.HashMap; import java.util.Map; import javax.crypto.Cipher; import org.apache.commons.codec.binary.Hex; /** * RSA非对称加密算法安全编码组件 * @author Administrator * */ public abstract class RSACoder { //非对称加密密钥算法 public static final String KEY_ALGORITHM="RSA"; //数字签名 签名/验证算法 public static final String SIGNATURE_ALGORRITHM="SHA1withRSA"; //公钥 private static final String PUBLIC_KEY="RSAPublicKey"; //私钥 private static final String PRIVATE_KEY="RSAPrivateKey"; //RSA密钥长度,默认为1024,密钥长度必须是64的倍数,范围在521~65526位之间 private static final int KEY_SIZE=512; /** * 私钥解密 * @param data 待解密数据 * @param key 私钥 * @return byte[] 解密数据 * @throws Exception */ public static byte[] decryptByPrivateKey(byte[] data,byte[]key) throws Exception { //取得私钥 PKCS8EncodedKeySpec pkcs8KeySpec=new PKCS8EncodedKeySpec(key); KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM); //生成私钥 PrivateKey privateKey=keyFactory.generatePrivate(pkcs8KeySpec); //对数据解密 Cipher cipher=Cipher.getInstance(keyFactory.getAlgorithm()); cipher.init(Cipher.DECRYPT_MODE, privateKey); return cipher.doFinal(data); } /** * 私钥解密 * @param data 待解密数据 * @param key 私钥 * @return byte[] 解密数据 * @throws Exception */ public static byte[] decryptByPrivateKey(byte[] data,String privateKey) throws Exception { return decryptByPrivateKey(data,getKey(privateKey)); } /** * 公钥解密 * @param data 待解密数据 * @param key 公钥 * @return byte[] 解密数据 * @throws Exception */ public static byte[] decryptByPublicKey(byte[] data,byte[] key) throws Exception { //取得公钥 X509EncodedKeySpec x509KeySpec=new X509EncodedKeySpec(key); KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM); //生成公钥 PublicKey publicKey=keyFactory.generatePublic(x509KeySpec); //对数据解密 Cipher cipher=Cipher.getInstance(keyFactory.getAlgorithm()); cipher.init(Cipher.DECRYPT_MODE, publicKey); return cipher.doFinal(data); } /** * 公钥解密 * @param data 待解密数据 * @param key 公钥 * @return byte[] 解密数据 * @throws Exception */ public static byte[] decryptByPublicKey(byte[] data,String publicKey) throws Exception { return decryptByPublicKey(data,getKey(publicKey)); } /** * 公钥加密 * @param data 待加密数据 * @param key 公钥 * @return byte[] 加密数据 * @throws Exception */ public static byte[] encryptByPublicKey(byte[] data,byte[] key) throws Exception { //取得公钥 X509EncodedKeySpec x509KeySpec=new X509EncodedKeySpec(key); KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM); PublicKey publicKey=keyFactory.generatePublic(x509KeySpec); //对数据加密 Cipher cipher=Cipher.getInstance(keyFactory.getAlgorithm()); cipher.init(Cipher.ENCRYPT_MODE, publicKey); return cipher.doFinal(data); } /** * 公钥加密 * @param data 待加密数据 * @param key 公钥 * @return byte[] 加密数据 * @throws Exception */ public static byte[] encryptByPublicKey(byte[] data,String publicKey) throws Exception { return encryptByPublicKey(data,getKey(publicKey)); } /** * 私钥加密 * @param data 待加密数据 * @param key 私钥 * @return byte[] 加密数据 * @throws Exception */ public static byte[] encryptByPrivateKey(byte[] data,byte[] key) throws Exception { //取得私钥 PKCS8EncodedKeySpec pkcs8KeySpec=new PKCS8EncodedKeySpec(key); KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM); //生成私钥 PrivateKey privateKey=keyFactory.generatePrivate(pkcs8KeySpec); //对数据加密 Cipher cipher=Cipher.getInstance(keyFactory.getAlgorithm()); cipher.init(Cipher.ENCRYPT_MODE, privateKey); return cipher.doFinal(data); } /** * 私钥加密 * @param data 待加密数据 * @param key 私钥 * @return byte[] 加密数据 * @throws Exception */ public static byte[] encryptByPrivateKey(byte[] data,String key) throws Exception { return encryptByPrivateKey(data,getKey(key)); } /** * 取得私钥 * @param keyMap 密钥Map * @return byte[] 私钥 * @throws Exception */ public static byte[] getPrivateKey(Map<String,Object> keyMap) throws Exception { Key key=(Key)keyMap.get(PRIVATE_KEY); return key.getEncoded(); } /** * 取得公钥 * @param keyMap 密钥Map * @return byte[] 公钥 * @throws Exception */ public static byte[] getPublicKey(Map<String,Object> keyMap) throws Exception { Key key=(Key)keyMap.get(PUBLIC_KEY); return key.getEncoded(); } /** * 初始化密钥 * @return 密钥Map * @throws Exception */ public static Map<String,Object> initKey() throws Exception { //实例化实钥对生成器 KeyPairGenerator keyPairGen=KeyPairGenerator.getInstance(KEY_ALGORITHM); //初始化密钥对生成器 keyPairGen.initialize(KEY_SIZE); //生成密钥对 KeyPair keyPair=keyPairGen.generateKeyPair(); //公钥 RSAPublicKey publicKey=(RSAPublicKey) keyPair.getPublic(); //私钥 RSAPrivateKey privateKey=(RSAPrivateKey) keyPair.getPrivate(); //封装密钥 Map<String,Object> keyMap=new HashMap<String,Object>(2); keyMap.put(PUBLIC_KEY, publicKey); keyMap.put(PRIVATE_KEY, privateKey); return keyMap; } /** * 签名 * @param data 待签名数据 * @param privateKey 私钥 * @return byte[] 数字签名 * @throws Exception */ public static byte[] sign(byte[] data,byte[] privateKey) throws Exception { //转接私钥材料 PKCS8EncodedKeySpec pkcs8KeySpec=new PKCS8EncodedKeySpec(privateKey); //实例化密钥工厂 KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM); //取私钥对象 PrivateKey priKey=keyFactory.generatePrivate(pkcs8KeySpec); //实例化Signature Signature signature=Signature.getInstance(SIGNATURE_ALGORRITHM); //初始化Signature signature.initSign(priKey); //更新 signature.update(data); //签名 return signature.sign(); } /** * 公钥校验 * @param data 待校验数据 * @param publicKey 公钥 * @param sign 数字签名 * @return * @throws Exception */ public static boolean verify(byte[] data,byte[] publicKey,byte[] sign) throws Exception { //转接公钥材料 X509EncodedKeySpec x509KeySpec=new X509EncodedKeySpec(publicKey); //实例化密钥工厂 KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM); //生成公钥 PublicKey pubKey=keyFactory.generatePublic(x509KeySpec); //实例化Signature Signature signature=Signature.getInstance(SIGNATURE_ALGORRITHM); //初始化Signature signature.initVerify(pubKey); //更新 signature.update(data); //验证 return signature.verify(sign); } /** * 私钥签名 * @param data 待签名数据 * @param privateKey 私钥 * @return String 十六进制签名字符串 * @throws Exception */ public static String sign(byte[] data,String privateKey) throws Exception { byte[] sign=sign(data,getKey(privateKey)); return Hex.encodeHexString(sign); } /** * 公钥校验 * @param data 待验证数据 * @param publicKey 公钥 * @param sign 签名 * @return boolean 成功返回true,失败返回false * @throws Exception */ public static boolean verify(byte[] data,String publicKey,String sign) throws Exception { return verify(data,getKey(publicKey),Hex.decodeHex(sign.toCharArray())); } /** * 取得私钥十六进制表示形式 * @param keyMap 密钥Map * @return String 私钥十六进制字符串 * @throws Exception */ public static String getPrivateKeyString(Map<String,Object> keyMap) throws Exception { return Hex.encodeHexString(getPrivateKey(keyMap)); } /** * 取得公钥十六进制表示形式 * @param keyMap 密钥Map * @return String 公钥十六进制字符串 * @throws Exception */ public static String getPublicKeyString(Map<String,Object> keyMap) throws Exception { return Hex.encodeHexString(getPublicKey(keyMap)); } /** * 获取密钥 * @param key 密钥 * @return byte[] 密钥 * @throws Exception */ public static byte[] getKey(String key) throws Exception { return Hex.decodeHex(key.toCharArray()); } }
- package com.algorithm;
- import java.util.Map;
- import org.apache.commons.codec.binary.Base64;
- /**
- * RSA算法测试用例
- * @author Administrator
- *
- */
- public class RSACoderTest {
- //公钥
- private static byte[] publicKey;
- //私钥
- private static byte[] privateKey;
- /**
- * 初始化密钥
- * @throws Exception
- */
- public static void initKey() throws Exception
- {
- //初始化密钥
- Map<String,Object> keyMap=RSACoder.initKey();
- publicKey=RSACoder.getPublicKey(keyMap);
- privateKey=RSACoder.getPrivateKey(keyMap);
- System.out.println("公钥:"+Base64.encodeBase64String(publicKey));
- System.out.println("私钥:"+Base64.encodeBase64String(privateKey));
- }
- public static void test() throws Exception
- {
- String inputStr="RSA加密算法,私钥加密,公钥解密";
- byte[] data=inputStr.getBytes();
- //私钥加密
- byte[] enCodeData=RSACoder.encryptByPrivateKey(data,privateKey);
- System.out.println("加密字符串:"+Base64.encodeBase64String(enCodeData));
- //公钥解密
- byte[] deCodeData=RSACoder.decryptByPublicKey(enCodeData, publicKey);
- System.out.println(new String(deCodeData).equals(inputStr));
- }
- /**
- * @param args
- * @throws Exception
- */
- public static void main(String[] args) throws Exception {
- // TODO Auto-generated method stub
- initKey();
- RSACoderTest.test();
- }
- }
package com.algorithm; import java.util.Map; import org.apache.commons.codec.binary.Base64; /** * RSA算法测试用例 * @author Administrator * */ public class RSACoderTest { //公钥 private static byte[] publicKey; //私钥 private static byte[] privateKey; /** * 初始化密钥 * @throws Exception */ public static void initKey() throws Exception { //初始化密钥 Map<String,Object> keyMap=RSACoder.initKey(); publicKey=RSACoder.getPublicKey(keyMap); privateKey=RSACoder.getPrivateKey(keyMap); System.out.println("公钥:"+Base64.encodeBase64String(publicKey)); System.out.println("私钥:"+Base64.encodeBase64String(privateKey)); } public static void test() throws Exception { String inputStr="RSA加密算法,私钥加密,公钥解密"; byte[] data=inputStr.getBytes(); //私钥加密 byte[] enCodeData=RSACoder.encryptByPrivateKey(data,privateKey); System.out.println("加密字符串:"+Base64.encodeBase64String(enCodeData)); //公钥解密 byte[] deCodeData=RSACoder.decryptByPublicKey(enCodeData, publicKey); System.out.println(new String(deCodeData).equals(inputStr)); } /** * @param args * @throws Exception */ public static void main(String[] args) throws Exception { // TODO Auto-generated method stub initKey(); RSACoderTest.test(); } }
- package com.algorithm;
- import java.io.FileInputStream;
- import java.security.KeyStore;
- import java.security.PrivateKey;
- import java.security.PublicKey;
- import java.security.Signature;
- import java.security.cert.Certificate;
- import java.security.cert.CertificateFactory;
- import java.security.cert.X509Certificate;
- import javax.crypto.Cipher;
- /**
- * 证书组件
- * @author Administrator
- */
- public abstract class CertificateCoder {
- //类型证书
- private static final String CERT_TYPE="X.509";
- /**
- * 由KeyStore获得私钥
- * @param keyStorePath 密钥库路径
- * @param alias 别名
- * @param password 密码
- * @return PrivateKey 密钥
- * @throws Exception
- */
- private static PrivateKey getPrivateKeyByKeyStore(String keyStorePath,String alias,String password) throws Exception
- {
- //获得密钥库
- KeyStore ks=getKeyStore(keyStorePath,password);
- //获得私钥
- return (PrivateKey)ks.getKey(alias, password.toCharArray());
- }
- /**
- * 由Certificate获得公钥
- * @param certificatePath 证书路径
- * @return PublicKey 公钥
- */
- private static PublicKey getPublicKeyByCertificate(String certificatePath) throws Exception
- {
- //获得证书
- Certificate certificate=getCertificate(certificatePath);
- //获得公钥
- return certificate.getPublicKey();
- }
- /**
- * 获得certificate
- * @param certificatePath 证书路径
- * @return Certificate 证书
- * @throws Exception
- */
- private static Certificate getCertificate(String certificatePath) throws Exception
- {
- //实例化证书工厂
- CertificateFactory certificateFactory=CertificateFactory.getInstance(CERT_TYPE);
- //取得证书文件流
- FileInputStream in=new FileInputStream(certificatePath);
- //生成证书
- Certificate certificate=certificateFactory.generateCertificate(in);
- //关闭证书文件流
- in.close();
- return certificate;
- }
- /**
- * 取得Certificate
- * @param keyStorePath 密钥库路径
- * @param alias 别名
- * @param password 密码
- * @return Certificate 证书
- * @throws Exception
- */
- private static Certificate getCertificate(String keyStorePath,String alias,String password) throws Exception
- {
- //获得密钥库
- KeyStore ks=getKeyStore(keyStorePath,password);
- //获得证书
- return ks.getCertificate(alias);
- }
- /**
- * 获得密钥库
- * @param keyStorePath 密钥库路径
- * @param password 密码
- * @return KeyStore 密钥库
- * @throws Exception
- */
- private static KeyStore getKeyStore(String keyStorePath,String password) throws Exception
- {
- //实例化密钥库
- KeyStore ks=KeyStore.getInstance(KeyStore.getDefaultType());
- //获得密钥库文件流
- FileInputStream in=new FileInputStream(keyStorePath);
- //加载密钥库
- ks.load(in, password.toCharArray());
- //关闭密钥库文件流
- in.close();
- return ks;
- }
- /**
- * 私钥加密
- * @param data 待加密数据
- * @param keyStorePath 密钥库路径
- * @param alias 别名
- * @param password 密码
- * @return byte[] 加密数据
- * @throws Exception
- */
- public static byte[] encryptByPrivateKey(byte[] data,String keyStorePath,String alias,String password) throws Exception
- {
- //取得私钥
- PrivateKey privateKey=getPrivateKeyByKeyStore(keyStorePath,alias,password);
- //对数据加密
- Cipher cipher=Cipher.getInstance(privateKey.getAlgorithm());
- cipher.init(Cipher.ENCRYPT_MODE, privateKey);
- return cipher.doFinal(data);
- }
- /**
- * 私钥解密
- * @param data 待解密数据
- * @param keyStorePath 密钥库路径
- * @param alias 别名
- * @param password 密码
- * @return byte[] 加密数据
- * @throws Exception
- */
- public static byte[] decryptByPrivateKey(byte[] data,String keyStorePath,String alias,String password) throws Exception
- {
- //取得私钥
- PrivateKey privateKey=getPrivateKeyByKeyStore(keyStorePath,alias,password);
- //对数据解密
- Cipher cipher=Cipher.getInstance(privateKey.getAlgorithm());
- cipher.init(Cipher.DECRYPT_MODE, privateKey);
- return cipher.doFinal(data);
- }
- /**
- * 公钥加密
- * @param data 待加密数据
- * @param certificatePath 证书路径
- * @return byte[] 加密数据
- * @throws Exception
- */
- public static byte[] encryptByPublicKey(byte[] data,String certificatePath) throws Exception
- {
- //取得公钥
- PublicKey publicKey=getPublicKeyByCertificate(certificatePath);
- //对数据加密
- Cipher cipher=Cipher.getInstance(publicKey.getAlgorithm());
- cipher.init(Cipher.ENCRYPT_MODE, publicKey);
- return cipher.doFinal(data);
- }
- /**
- * 公钥解密
- * @param data 待解密数据
- * @param certificatePath 证书路径
- * @return byte[] 解密数据
- * @throws Exception
- */
- public static byte[] decryptByPublicKey(byte[] data,String certificatePath) throws Exception
- {
- //取得公钥
- PublicKey publicKey=getPublicKeyByCertificate(certificatePath);
- //对数据解密
- Cipher cipher=Cipher.getInstance(publicKey.getAlgorithm());
- cipher.init(Cipher.DECRYPT_MODE, publicKey);
- return cipher.doFinal(data);
- }
- /**
- * 签名
- * @param data 待签名数据
- * @param keyStorePath 密钥库路径
- * @param alias 别名
- * @param password 密码
- * @return byte[] 签名
- * @throws Exception
- */
- public static byte[] sign(byte[] data,String keyStorePath,String alias,String password) throws Exception
- {
- //获得证书
- X509Certificate x509Certificate=(X509Certificate)getCertificate(keyStorePath,alias,password);
- //构建签名,由证书指定签名算法
- Signature signature=Signature.getInstance(x509Certificate.getSigAlgName());
- //获取私钥
- PrivateKey privateKey=getPrivateKeyByKeyStore(keyStorePath, alias, password);
- //初始化签名,由私钥构建
- signature.initSign(privateKey);
- signature.update(data);
- return signature.sign();
- }
- /**
- * 签名验证
- * @param data 数据
- * @param sign 签名
- * @param certificatePath 证书路径
- * @return boolean 验证通过为true
- * @throws Exception
- */
- public static boolean verify(byte[] data,byte[] sign,String certificatePath) throws Exception
- {
- //获得证书
- X509Certificate x509Certificate=(X509Certificate)getCertificate(certificatePath);
- //构建签名,由证书指定签名算法
- Signature signature=Signature.getInstance(x509Certificate.getSigAlgName());
- //由证书初始化签名,实际上是使用了证书中的公钥
- signature.initVerify(x509Certificate);
- signature.update(data);
- return signature.verify(sign);
- }
- }
package com.algorithm; import java.io.FileInputStream; import java.security.KeyStore; import java.security.PrivateKey; import java.security.PublicKey; import java.security.Signature; import java.security.cert.Certificate; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import javax.crypto.Cipher; /** * 证书组件 * @author Administrator */ public abstract class CertificateCoder { //类型证书 private static final String CERT_TYPE="X.509"; /** * 由KeyStore获得私钥 * @param keyStorePath 密钥库路径 * @param alias 别名 * @param password 密码 * @return PrivateKey 密钥 * @throws Exception */ private static PrivateKey getPrivateKeyByKeyStore(String keyStorePath,String alias,String password) throws Exception { //获得密钥库 KeyStore ks=getKeyStore(keyStorePath,password); //获得私钥 return (PrivateKey)ks.getKey(alias, password.toCharArray()); } /** * 由Certificate获得公钥 * @param certificatePath 证书路径 * @return PublicKey 公钥 */ private static PublicKey getPublicKeyByCertificate(String certificatePath) throws Exception { //获得证书 Certificate certificate=getCertificate(certificatePath); //获得公钥 return certificate.getPublicKey(); } /** * 获得certificate * @param certificatePath 证书路径 * @return Certificate 证书 * @throws Exception */ private static Certificate getCertificate(String certificatePath) throws Exception { //实例化证书工厂 CertificateFactory certificateFactory=CertificateFactory.getInstance(CERT_TYPE); //取得证书文件流 FileInputStream in=new FileInputStream(certificatePath); //生成证书 Certificate certificate=certificateFactory.generateCertificate(in); //关闭证书文件流 in.close(); return certificate; } /** * 取得Certificate * @param keyStorePath 密钥库路径 * @param alias 别名 * @param password 密码 * @return Certificate 证书 * @throws Exception */ private static Certificate getCertificate(String keyStorePath,String alias,String password) throws Exception { //获得密钥库 KeyStore ks=getKeyStore(keyStorePath,password); //获得证书 return ks.getCertificate(alias); } /** * 获得密钥库 * @param keyStorePath 密钥库路径 * @param password 密码 * @return KeyStore 密钥库 * @throws Exception */ private static KeyStore getKeyStore(String keyStorePath,String password) throws Exception { //实例化密钥库 KeyStore ks=KeyStore.getInstance(KeyStore.getDefaultType()); //获得密钥库文件流 FileInputStream in=new FileInputStream(keyStorePath); //加载密钥库 ks.load(in, password.toCharArray()); //关闭密钥库文件流 in.close(); return ks; } /** * 私钥加密 * @param data 待加密数据 * @param keyStorePath 密钥库路径 * @param alias 别名 * @param password 密码 * @return byte[] 加密数据 * @throws Exception */ public static byte[] encryptByPrivateKey(byte[] data,String keyStorePath,String alias,String password) throws Exception { //取得私钥 PrivateKey privateKey=getPrivateKeyByKeyStore(keyStorePath,alias,password); //对数据加密 Cipher cipher=Cipher.getInstance(privateKey.getAlgorithm()); cipher.init(Cipher.ENCRYPT_MODE, privateKey); return cipher.doFinal(data); } /** * 私钥解密 * @param data 待解密数据 * @param keyStorePath 密钥库路径 * @param alias 别名 * @param password 密码 * @return byte[] 加密数据 * @throws Exception */ public static byte[] decryptByPrivateKey(byte[] data,String keyStorePath,String alias,String password) throws Exception { //取得私钥 PrivateKey privateKey=getPrivateKeyByKeyStore(keyStorePath,alias,password); //对数据解密 Cipher cipher=Cipher.getInstance(privateKey.getAlgorithm()); cipher.init(Cipher.DECRYPT_MODE, privateKey); return cipher.doFinal(data); } /** * 公钥加密 * @param data 待加密数据 * @param certificatePath 证书路径 * @return byte[] 加密数据 * @throws Exception */ public static byte[] encryptByPublicKey(byte[] data,String certificatePath) throws Exception { //取得公钥 PublicKey publicKey=getPublicKeyByCertificate(certificatePath); //对数据加密 Cipher cipher=Cipher.getInstance(publicKey.getAlgorithm()); cipher.init(Cipher.ENCRYPT_MODE, publicKey); return cipher.doFinal(data); } /** * 公钥解密 * @param data 待解密数据 * @param certificatePath 证书路径 * @return byte[] 解密数据 * @throws Exception */ public static byte[] decryptByPublicKey(byte[] data,String certificatePath) throws Exception { //取得公钥 PublicKey publicKey=getPublicKeyByCertificate(certificatePath); //对数据解密 Cipher cipher=Cipher.getInstance(publicKey.getAlgorithm()); cipher.init(Cipher.DECRYPT_MODE, publicKey); return cipher.doFinal(data); } /** * 签名 * @param data 待签名数据 * @param keyStorePath 密钥库路径 * @param alias 别名 * @param password 密码 * @return byte[] 签名 * @throws Exception */ public static byte[] sign(byte[] data,String keyStorePath,String alias,String password) throws Exception { //获得证书 X509Certificate x509Certificate=(X509Certificate)getCertificate(keyStorePath,alias,password); //构建签名,由证书指定签名算法 Signature signature=Signature.getInstance(x509Certificate.getSigAlgName()); //获取私钥 PrivateKey privateKey=getPrivateKeyByKeyStore(keyStorePath, alias, password); //初始化签名,由私钥构建 signature.initSign(privateKey); signature.update(data); return signature.sign(); } /** * 签名验证 * @param data 数据 * @param sign 签名 * @param certificatePath 证书路径 * @return boolean 验证通过为true * @throws Exception */ public static boolean verify(byte[] data,byte[] sign,String certificatePath) throws Exception { //获得证书 X509Certificate x509Certificate=(X509Certificate)getCertificate(certificatePath); //构建签名,由证书指定签名算法 Signature signature=Signature.getInstance(x509Certificate.getSigAlgName()); //由证书初始化签名,实际上是使用了证书中的公钥 signature.initVerify(x509Certificate); signature.update(data); return signature.verify(sign); } }
- package com.algorithm;
- import java.io.InputStream;
- import org.apache.commons.codec.binary.Hex;
- /**
- * 数字证书测试用例
- * @author Administrator
- *
- */
- public class CertificateCoderTest {
- //生成证书时的密码
- private static String password="123456";
- //别名
- private static String alias="www.dominic.com";
- //证书路径
- private static String certificatePath="D:\\Program Files\\OpenSSL-Win32\\ca\\certs\\dominic.cer";
- //密钥库路径
- private static String keyStorePath="D:\\Program Files\\OpenSSL-Win32\\ca\\certs\\domini.keystore";
- /**
- * 公钥加密私钥解密
- */
- public static void test1() throws Exception
- {
- String inputStr="数字证书";
- byte[] data=inputStr.getBytes();
- //公钥加密
- byte[] encrypt=CertificateCoder.encryptByPublicKey(data, certificatePath);
- //私钥解密
- byte[] decrypt=CertificateCoder.decryptByPrivateKey(encrypt, keyStorePath, alias, password);
- System.out.println(new String(decrypt).equals(inputStr));
- }
- /**
- * 私加密公钥解密
- */
- public static void test2() throws Exception
- {
- String inputStr="数字证书";
- byte[] data=inputStr.getBytes();
- //私钥加密
- byte[] encrypt=CertificateCoder.encryptByPrivateKey(data, keyStorePath, alias, password);
- //公钥解密
- byte[] decrypt=CertificateCoder.decryptByPublicKey(encrypt, certificatePath);
- System.out.println(new String(decrypt).equals(inputStr));
- }
- /**
- * 签名验证
- */
- public static void test3() throws Exception
- {
- String inputStr="数字签名";
- byte[] data=inputStr.getBytes();
- //私钥签名
- byte[] sign=CertificateCoder.sign(data, keyStorePath, alias, password);
- System.out.println("签名:"+Hex.encodeHexString(sign));
- //公钥验证
- System.out.println(CertificateCoder.verify(data, sign, certificatePath));
- }
- public static void main(String[] args) throws Exception
- {
- CertificateCoderTest.test1();
- CertificateCoderTest.test2();
- CertificateCoderTest.test3();
- }
- }
package com.algorithm; import java.io.InputStream; import org.apache.commons.codec.binary.Hex; /** * 数字证书测试用例 * @author Administrator * */ public class CertificateCoderTest { //生成证书时的密码 private static String password="123456"; //别名 private static String alias="www.dominic.com"; //证书路径 private static String certificatePath="D:\\Program Files\\OpenSSL-Win32\\ca\\certs\\dominic.cer"; //密钥库路径 private static String keyStorePath="D:\\Program Files\\OpenSSL-Win32\\ca\\certs\\domini.keystore"; /** * 公钥加密私钥解密 */ public static void test1() throws Exception { String inputStr="数字证书"; byte[] data=inputStr.getBytes(); //公钥加密 byte[] encrypt=CertificateCoder.encryptByPublicKey(data, certificatePath); //私钥解密 byte[] decrypt=CertificateCoder.decryptByPrivateKey(encrypt, keyStorePath, alias, password); System.out.println(new String(decrypt).equals(inputStr)); } /** * 私加密公钥解密 */ public static void test2() throws Exception { String inputStr="数字证书"; byte[] data=inputStr.getBytes(); //私钥加密 byte[] encrypt=CertificateCoder.encryptByPrivateKey(data, keyStorePath, alias, password); //公钥解密 byte[] decrypt=CertificateCoder.decryptByPublicKey(encrypt, certificatePath); System.out.println(new String(decrypt).equals(inputStr)); } /** * 签名验证 */ public static void test3() throws Exception { String inputStr="数字签名"; byte[] data=inputStr.getBytes(); //私钥签名 byte[] sign=CertificateCoder.sign(data, keyStorePath, alias, password); System.out.println("签名:"+Hex.encodeHexString(sign)); //公钥验证 System.out.println(CertificateCoder.verify(data, sign, certificatePath)); } public static void main(String[] args) throws Exception { CertificateCoderTest.test1(); CertificateCoderTest.test2(); CertificateCoderTest.test3(); } }
- package com.algorithm;
- import java.security.Key;
- import javax.crypto.Cipher;
- import javax.crypto.KeyGenerator;
- import javax.crypto.SecretKey;
- import javax.crypto.spec.SecretKeySpec;
- import org.apache.commons.codec.binary.Base64;
- import org.apache.commons.codec.digest.DigestUtils;
- /**
- * AES对称加密算法,组件类
- * @author Administrator
- *
- */
- public abstract class AESCoder {
- //密钥算法
- public static final String ALGORITHM="AES";
- //密钥长度(java默认只能处理128位以内的长度,如果需要处理大于128位可以使用JCE解除密钥长度限制)
- public static final int KEY_SIZE=128;
- /**
- * 转换密钥
- * @param key 二进制密钥
- * @return Key 密钥
- * @throws Exception
- */
- private static Key toKey(byte[] key) throws Exception
- {
- //实例化AES密钥材料
- SecretKey secretKey=new SecretKeySpec(key,ALGORITHM);
- return secretKey;
- }
- /**
- * 解密
- * @param data 待解密数据
- * @param key 密钥
- * @return byte[] 解密数据
- * @throws Exception
- */
- public static byte[] decrypt(byte[] data,byte[] key) throws Exception
- {
- //还原密钥
- Key k=toKey(key);
- //实例化
- Cipher cipher=Cipher.getInstance(ALGORITHM);
- //初始化,设置为解密模式
- cipher.init(Cipher.DECRYPT_MODE, k);
- //执行操作
- return cipher.doFinal(data);
- }
- /**
- * 解密
- * @param data 待解密数据
- * @param key 密钥
- * @return byte[] 解密数据
- * @throws Exception
- */
- public static byte[] decrypt(byte[] data,String key) throws Exception
- {
- return decrypt(data,getKey(key));
- }
- /**
- * 加密
- * @param data 待加密数据
- * @param key 密钥
- * @return byte[] 加密数据
- * @throws Exception
- */
- public static byte[] encrypt(byte[] data,byte[] key) throws Exception
- {
- //还原密钥
- Key k=toKey(key);
- //实例化
- Cipher cipher=Cipher.getInstance(ALGORITHM);
- //初始化,设置为加密模式
- cipher.init(Cipher.ENCRYPT_MODE, k);
- //执行操作
- return cipher.doFinal(data);
- }
- /**
- * 加密
- * @param data 待加密数据
- * @param key 密钥
- * @return byte[] 加密数据
- * @throws Exception
- */
- public static byte[] encrypt(byte[] data,String key) throws Exception
- {
- return encrypt(data,getKey(key));
- }
- /**
- * 生成密钥
- * @return byte[] 二进制密钥
- * @throws Exception
- */
- public static byte[] initKey() throws Exception
- {
- //实例化
- KeyGenerator kg=KeyGenerator.getInstance(ALGORITHM);
- //初始化密钥长度
- kg.init(KEY_SIZE);
- //生成秘密密钥
- SecretKey secretKey=kg.generateKey();
- //获得密钥的二进制编码形式
- return secretKey.getEncoded();
- }
- /**
- * 初始化密钥
- * @return String Base64编码密钥
- * @throws Exception
- */
- public static String initKeyString() throws Exception
- {
- return Base64.encodeBase64String(initKey());
- }
- /**
- * 获取密钥
- * @param key
- * @return byte[] 密钥
- * @throws Exception
- */
- public static byte[] getKey(String key) throws Exception
- {
- return Base64.decodeBase64(key);
- }
- /**
- * 摘要处理
- * @param data 待摘要数据
- * @return String 摘要字符串
- */
- public static String shaHex(byte[] data)
- {
- return DigestUtils.md5Hex(data);
- }
- /**
- * 验证
- * @param data 待摘要数据
- * @param messageDigest 摘要字符串
- * @return 验证结果
- */
- public static boolean validate(byte[] data,String messageDigest)
- {
- return messageDigest.equals(shaHex(data));
- }
- }
package com.algorithm; import java.security.Key; import javax.crypto.Cipher; import javax.crypto.KeyGenerator; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; import org.apache.commons.codec.binary.Base64; import org.apache.commons.codec.digest.DigestUtils; /** * AES对称加密算法,组件类 * @author Administrator * */ public abstract class AESCoder { //密钥算法 public static final String ALGORITHM="AES"; //密钥长度(java默认只能处理128位以内的长度,如果需要处理大于128位可以使用JCE解除密钥长度限制) public static final int KEY_SIZE=128; /** * 转换密钥 * @param key 二进制密钥 * @return Key 密钥 * @throws Exception */ private static Key toKey(byte[] key) throws Exception { //实例化AES密钥材料 SecretKey secretKey=new SecretKeySpec(key,ALGORITHM); return secretKey; } /** * 解密 * @param data 待解密数据 * @param key 密钥 * @return byte[] 解密数据 * @throws Exception */ public static byte[] decrypt(byte[] data,byte[] key) throws Exception { //还原密钥 Key k=toKey(key); //实例化 Cipher cipher=Cipher.getInstance(ALGORITHM); //初始化,设置为解密模式 cipher.init(Cipher.DECRYPT_MODE, k); //执行操作 return cipher.doFinal(data); } /** * 解密 * @param data 待解密数据 * @param key 密钥 * @return byte[] 解密数据 * @throws Exception */ public static byte[] decrypt(byte[] data,String key) throws Exception { return decrypt(data,getKey(key)); } /** * 加密 * @param data 待加密数据 * @param key 密钥 * @return byte[] 加密数据 * @throws Exception */ public static byte[] encrypt(byte[] data,byte[] key) throws Exception { //还原密钥 Key k=toKey(key); //实例化 Cipher cipher=Cipher.getInstance(ALGORITHM); //初始化,设置为加密模式 cipher.init(Cipher.ENCRYPT_MODE, k); //执行操作 return cipher.doFinal(data); } /** * 加密 * @param data 待加密数据 * @param key 密钥 * @return byte[] 加密数据 * @throws Exception */ public static byte[] encrypt(byte[] data,String key) throws Exception { return encrypt(data,getKey(key)); } /** * 生成密钥 * @return byte[] 二进制密钥 * @throws Exception */ public static byte[] initKey() throws Exception { //实例化 KeyGenerator kg=KeyGenerator.getInstance(ALGORITHM); //初始化密钥长度 kg.init(KEY_SIZE); //生成秘密密钥 SecretKey secretKey=kg.generateKey(); //获得密钥的二进制编码形式 return secretKey.getEncoded(); } /** * 初始化密钥 * @return String Base64编码密钥 * @throws Exception */ public static String initKeyString() throws Exception { return Base64.encodeBase64String(initKey()); } /** * 获取密钥 * @param key * @return byte[] 密钥 * @throws Exception */ public static byte[] getKey(String key) throws Exception { return Base64.decodeBase64(key); } /** * 摘要处理 * @param data 待摘要数据 * @return String 摘要字符串 */ public static String shaHex(byte[] data) { return DigestUtils.md5Hex(data); } /** * 验证 * @param data 待摘要数据 * @param messageDigest 摘要字符串 * @return 验证结果 */ public static boolean validate(byte[] data,String messageDigest) { return messageDigest.equals(shaHex(data)); } }
- package com.algorithm;
- /**
- * 对称加密算法测试用例
- * @author Administrator
- *
- */
- public class AESCoderTest {
- public static void main(String args[])
- {
- try {
- //初始化密钥
- String secretKey=AESCoder.initKeyString();
- System.out.println("密钥为:"+secretKey);
- String s="我们的大中国";
- //加密数据
- byte[] encryptData=AESCoder.encrypt(s.getBytes(), secretKey);
- //解密数据
- byte[] data=AESCoder.decrypt(encryptData, secretKey);
- //比较
- System.out.println(new String(data).equals(s));
- } catch (Exception e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
- }
package com.algorithm; /** * 对称加密算法测试用例 * @author Administrator * */ public class AESCoderTest { public static void main(String args[]) { try { //初始化密钥 String secretKey=AESCoder.initKeyString(); System.out.println("密钥为:"+secretKey); String s="我们的大中国"; //加密数据 byte[] encryptData=AESCoder.encrypt(s.getBytes(), secretKey); //解密数据 byte[] data=AESCoder.decrypt(encryptData, secretKey); //比较 System.out.println(new String(data).equals(s)); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); } } }
附证书生成命令:
keytool生成证书
keytool -genkeypair -keyalg RSA -keysize 2048 -sigalg SHA1withRSA -validity 360 -alias www.dominic.com -keystore dominic.keystore
导出数字证书
keytool -exportcert -alias www.dominic.com -keystore dominic.keystore -file dominic.cer -rfc
打印数字证书
keytool -printcert -file dominic.cer
这里是自制证书,如果需要权威机构签发,需要导出证书申请文件由第三方签发
openssl证书创建
根证书构建命令?
echo 构建随机数 private/.rand
openssl rand -out private/.rand 1000
echo 构建根证书私钥 private/ca.key.pem
openssl genrsa -aes256 -out private/ca.key.pem 2048
echo 生成根证书签发申请 private/ca.csr
openssl req -new -key private/ca.key.pem -out private/ca.csr -subj "/C=CN/ST=BJ/L=BJ/O=dominic/OU=dominic/CN=www.dominic.com"
echo 签发根证书 private/ca.cer
openssl x509 -req -days 10000 -sha1 -extensions v3_ca -signkey private/ca.key.pem -in private/ca.csr -out certs/ca.cer
echo 根证书转换 private/ca.p12
openssl pkcs12 -export -cacerts inkey private/ca.key.pem -in private/ca.csr -out certs/ca.cer
服务器证书构建步骤命令?
(1)echo 构建服务器私钥 private/server.key.pem
(2)openssl genrsa -aes256 -out private/server.key.pem 2048
echo 生成服务器证书签发申请 private/server.csr
(3)openssl req -new -key private/server.key.pem -out private/server.csr -subj "/C=CN/ST=BJ/L=BJ/O=dominic/OU=dominic/CN=www.dominic.com"
echo 签发服务器证书 private/server.cer
openssl x509 -req -days 3650 -sha1 -extensions v3_req -CA certs/ca.cer -CAkey private/ca.key.pem -CAserial ca.srl -CAcreateserial -in private/server.csr -out certs/server.cer
echo 服务器证书转换 private/server.p12
openssl pkcs12 -export -clcerts -inkey private/server.key.pem -in certs/server.cer -out certs/server.p12
客户证书构建命令?
echo 构建客户私钥 private/client.key.pem
openssl genrsa -aes256 -out private/client.key.pem 2048
echo 生成服务器证书签发申请 private/client.csr
openssl req -new -key private/client.key.pem -out private/client.csr -subj "/C=CN/ST=BJ/L=BJ/O=dominic/OU=dominic/CN=www.dominic.com"
echo 签发客户证书 private/server.cer
openssl ca -days 3650 -in private/client.csr -out certs/client.cer -cert certs/ca.cer -keyfile private/ca.key.pem
echo 客户证书转换 certs/client.p12
openssl pkcs12 -export -inkey private/client.key.pem -in certs/client.cer -out certs/client.p12
相关推荐
Java实现的RSA加密解密算法示例 本文主要介绍了Java实现的RSA加密解密算法,结合实例形式分析了Java RSA加密解密算法的相关实现技巧。 知识点1:RSA加密解密算法简介 RSA加密解密算法是一种非对称加密算法,由Ron...
在这个"很强的Java加密解密算法源码.zip"中,我们可以深入学习如何在Java中实现3DES算法来加密和解密文件。 3DES算法是一种块加密算法,它通过三次应用DES密钥来增强安全性。基本流程如下: 1. **加密过程**:输入...
"java实现的RC4加密解密算法示例" RC4加密解密算法是Symmetric-key block cipher的一种,使用同一个密钥进行加密和解密。java实现的RC4加密解密算法可以通过以下步骤实现: 1. 初始化数组:创建一个大小为256的...
java实现MD5加密解密算法,java源代码~
### Java加密解密算法详解 #### 一、加密概述与应用 加密技术是信息安全领域中的关键技术之一,其核心在于通过特定算法对原始信息(明文)进行变换,使其成为不可直接阅读的形式(密文),从而保护信息在传输或...
本实例将探讨一些常见的加密解密算法及其在Java中的实现。以下是一些关键知识点: 1. **对称加密算法**:这类算法使用相同的密钥进行加密和解密,如DES(Data Encryption Standard)、3DES(Triple DES)和AES...
根据提供的文件信息,本文将详细解析“JAVA源码很强的Java加密解密算法源码”这一主题中的关键知识点。从标题和描述来看,这是一份关于Java加密解密算法的源代码,通过百度网盘分享的方式提供给感兴趣的开发者。下面...
在IT行业中,加密和解密是信息安全领域的重要...综上所述,Java加密解密算法源码涵盖了多种安全机制,开发者可以基于这些源码进一步理解并定制自己的加密解决方案。通过深入学习和实践,可以有效提升应用程序的安全性。
Java加密解密是信息安全领域的重要组成部分,用于保护数据的安全性和隐私。在Java中,我们可以使用多种加密算法来实现数据的加密和解密。本篇将详细介绍几种常见的加密算法及其在Java中的应用,包括DES、RSA以及非...
java加密解密算法的集合,AES DES。
在Java中实现AES(Advanced Encryption Standard)加密和解密算法主要涉及到对称密钥加密技术。AES算法是一种块密码,采用固定大小的128位(16字节)块进行加密和解密,支持128、192和256位的密钥长度。在给定的代码...
通过对Java加密解密算法的学习,特别是对Blowfish算法的深入理解,我们能够更好地保护数据的安全性。在实际开发中,选择合适的加密算法非常重要,同时还需要注意算法的安全性和性能之间的平衡。希望本文能帮助大家更...
*网上很多RC4算法在用的时候,都会出现「加密然后立即在内存中解密」可以,但先把加密后的密文写入文件再读取解密就失败的情况。这段代码没有这种情况。...*采用了重载函数,我用了String加密解密,成功。
TripleDES加密解密算法的实现(JAVA)
对文本进行加密和解密,异或加密和转化二进制十六进制加密
本篇文章将深入探讨Java加密解密的核心概念、常用算法以及如何使用它们。 一、加密的基本原理 加密是一种将明文数据转换为看似随机的密文的过程,目的是保护数据免受未经授权的访问。解密则是将密文还原为原始明文...
这个"java加密解密算法类_Cipher"可能包含了上述所有或部分知识点的实现,通过阅读源代码,我们可以更深入地理解Java中加密解密的实际应用和细节。在实际开发中,这些知识对于构建安全的网络通信、数据库存储和数据...
在这篇文档中,我们主要介绍了三种常用加密解密算法:DES算法、RSA算法以及MD5算法,并简要分析了它们的使用规则和安全性。 首先,DES(Data Encryption Standard,数据加密标准)算法是一种经典的对称密钥加密技术...
基于java的开发源码-很强的加密解密算法源码.zip 基于java的开发源码-很强的加密解密算法源码.zip 基于java的开发源码-很强的加密解密算法源码.zip 基于java的开发源码-很强的加密解密算法源码.zip 基于java的开发...