zgc168
- 浏览: 120855 次
- 性别:
- 来自: 福建
-
文章分类
最新评论
以下内容均摘自我买的书籍《java加密与解密的艺术》作者 梁栋
附证书生成命令:
keytool生成证书
keytool -genkeypair -keyalg RSA -keysize 2048 -sigalg SHA1withRSA -validity 360 -alias www.dominic.com -keystore dominic.keystore
导出数字证书
keytool -exportcert -alias www.dominic.com -keystore dominic.keystore -file dominic.cer -rfc
打印数字证书
keytool -printcert -file dominic.cer
这里是自制证书,如果需要权威机构签发,需要导出证书申请文件由第三方签发
openssl证书创建
根证书构建命令?
echo 构建随机数 private/.rand
openssl rand -out private/.rand 1000
echo 构建根证书私钥 private/ca.key.pem
openssl genrsa -aes256 -out private/ca.key.pem 2048
echo 生成根证书签发申请 private/ca.csr
openssl req -new -key private/ca.key.pem -out private/ca.csr -subj "/C=CN/ST=BJ/L=BJ/O=dominic/OU=dominic/CN=www.dominic.com"
echo 签发根证书 private/ca.cer
openssl x509 -req -days 10000 -sha1 -extensions v3_ca -signkey private/ca.key.pem -in private/ca.csr -out certs/ca.cer
echo 根证书转换 private/ca.p12
openssl pkcs12 -export -cacerts inkey private/ca.key.pem -in private/ca.csr -out certs/ca.cer
服务器证书构建步骤命令?
(1)echo 构建服务器私钥 private/server.key.pem
(2)openssl genrsa -aes256 -out private/server.key.pem 2048
echo 生成服务器证书签发申请 private/server.csr
(3)openssl req -new -key private/server.key.pem -out private/server.csr -subj "/C=CN/ST=BJ/L=BJ/O=dominic/OU=dominic/CN=www.dominic.com"
echo 签发服务器证书 private/server.cer
openssl x509 -req -days 3650 -sha1 -extensions v3_req -CA certs/ca.cer -CAkey private/ca.key.pem -CAserial ca.srl -CAcreateserial -in private/server.csr -out certs/server.cer
echo 服务器证书转换 private/server.p12
openssl pkcs12 -export -clcerts -inkey private/server.key.pem -in certs/server.cer -out certs/server.p12
客户证书构建命令?
echo 构建客户私钥 private/client.key.pem
openssl genrsa -aes256 -out private/client.key.pem 2048
echo 生成服务器证书签发申请 private/client.csr
openssl req -new -key private/client.key.pem -out private/client.csr -subj "/C=CN/ST=BJ/L=BJ/O=dominic/OU=dominic/CN=www.dominic.com"
echo 签发客户证书 private/server.cer
openssl ca -days 3650 -in private/client.csr -out certs/client.cer -cert certs/ca.cer -keyfile private/ca.key.pem
echo 客户证书转换 certs/client.p12
openssl pkcs12 -export -inkey private/client.key.pem -in certs/client.cer -out certs/client.p12
- package com.algorithm;
- import java.security.Key;
- import java.security.KeyFactory;
- import java.security.KeyPair;
- import java.security.KeyPairGenerator;
- import java.security.PrivateKey;
- import java.security.PublicKey;
- import java.security.Signature;
- import java.security.interfaces.RSAPrivateKey;
- import java.security.interfaces.RSAPublicKey;
- import java.security.spec.PKCS8EncodedKeySpec;
- import java.security.spec.X509EncodedKeySpec;
- import java.util.HashMap;
- import java.util.Map;
- import javax.crypto.Cipher;
- import org.apache.commons.codec.binary.Hex;
- /**
- * RSA非对称加密算法安全编码组件
- * @author Administrator
- *
- */
- public abstract class RSACoder {
- //非对称加密密钥算法
- public static final String KEY_ALGORITHM="RSA";
- //数字签名 签名/验证算法
- public static final String SIGNATURE_ALGORRITHM="SHA1withRSA";
- //公钥
- private static final String PUBLIC_KEY="RSAPublicKey";
- //私钥
- private static final String PRIVATE_KEY="RSAPrivateKey";
- //RSA密钥长度,默认为1024,密钥长度必须是64的倍数,范围在521~65526位之间
- private static final int KEY_SIZE=512;
- /**
- * 私钥解密
- * @param data 待解密数据
- * @param key 私钥
- * @return byte[] 解密数据
- * @throws Exception
- */
- public static byte[] decryptByPrivateKey(byte[] data,byte[]key) throws Exception
- {
- //取得私钥
- PKCS8EncodedKeySpec pkcs8KeySpec=new PKCS8EncodedKeySpec(key);
- KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
- //生成私钥
- PrivateKey privateKey=keyFactory.generatePrivate(pkcs8KeySpec);
- //对数据解密
- Cipher cipher=Cipher.getInstance(keyFactory.getAlgorithm());
- cipher.init(Cipher.DECRYPT_MODE, privateKey);
- return cipher.doFinal(data);
- }
- /**
- * 私钥解密
- * @param data 待解密数据
- * @param key 私钥
- * @return byte[] 解密数据
- * @throws Exception
- */
- public static byte[] decryptByPrivateKey(byte[] data,String privateKey) throws Exception
- {
- return decryptByPrivateKey(data,getKey(privateKey));
- }
- /**
- * 公钥解密
- * @param data 待解密数据
- * @param key 公钥
- * @return byte[] 解密数据
- * @throws Exception
- */
- public static byte[] decryptByPublicKey(byte[] data,byte[] key) throws Exception
- {
- //取得公钥
- X509EncodedKeySpec x509KeySpec=new X509EncodedKeySpec(key);
- KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
- //生成公钥
- PublicKey publicKey=keyFactory.generatePublic(x509KeySpec);
- //对数据解密
- Cipher cipher=Cipher.getInstance(keyFactory.getAlgorithm());
- cipher.init(Cipher.DECRYPT_MODE, publicKey);
- return cipher.doFinal(data);
- }
- /**
- * 公钥解密
- * @param data 待解密数据
- * @param key 公钥
- * @return byte[] 解密数据
- * @throws Exception
- */
- public static byte[] decryptByPublicKey(byte[] data,String publicKey) throws Exception
- {
- return decryptByPublicKey(data,getKey(publicKey));
- }
- /**
- * 公钥加密
- * @param data 待加密数据
- * @param key 公钥
- * @return byte[] 加密数据
- * @throws Exception
- */
- public static byte[] encryptByPublicKey(byte[] data,byte[] key) throws Exception
- {
- //取得公钥
- X509EncodedKeySpec x509KeySpec=new X509EncodedKeySpec(key);
- KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
- PublicKey publicKey=keyFactory.generatePublic(x509KeySpec);
- //对数据加密
- Cipher cipher=Cipher.getInstance(keyFactory.getAlgorithm());
- cipher.init(Cipher.ENCRYPT_MODE, publicKey);
- return cipher.doFinal(data);
- }
- /**
- * 公钥加密
- * @param data 待加密数据
- * @param key 公钥
- * @return byte[] 加密数据
- * @throws Exception
- */
- public static byte[] encryptByPublicKey(byte[] data,String publicKey) throws Exception
- {
- return encryptByPublicKey(data,getKey(publicKey));
- }
- /**
- * 私钥加密
- * @param data 待加密数据
- * @param key 私钥
- * @return byte[] 加密数据
- * @throws Exception
- */
- public static byte[] encryptByPrivateKey(byte[] data,byte[] key) throws Exception
- {
- //取得私钥
- PKCS8EncodedKeySpec pkcs8KeySpec=new PKCS8EncodedKeySpec(key);
- KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
- //生成私钥
- PrivateKey privateKey=keyFactory.generatePrivate(pkcs8KeySpec);
- //对数据加密
- Cipher cipher=Cipher.getInstance(keyFactory.getAlgorithm());
- cipher.init(Cipher.ENCRYPT_MODE, privateKey);
- return cipher.doFinal(data);
- }
- /**
- * 私钥加密
- * @param data 待加密数据
- * @param key 私钥
- * @return byte[] 加密数据
- * @throws Exception
- */
- public static byte[] encryptByPrivateKey(byte[] data,String key) throws Exception
- {
- return encryptByPrivateKey(data,getKey(key));
- }
- /**
- * 取得私钥
- * @param keyMap 密钥Map
- * @return byte[] 私钥
- * @throws Exception
- */
- public static byte[] getPrivateKey(Map<String,Object> keyMap) throws Exception
- {
- Key key=(Key)keyMap.get(PRIVATE_KEY);
- return key.getEncoded();
- }
- /**
- * 取得公钥
- * @param keyMap 密钥Map
- * @return byte[] 公钥
- * @throws Exception
- */
- public static byte[] getPublicKey(Map<String,Object> keyMap) throws Exception
- {
- Key key=(Key)keyMap.get(PUBLIC_KEY);
- return key.getEncoded();
- }
- /**
- * 初始化密钥
- * @return 密钥Map
- * @throws Exception
- */
- public static Map<String,Object> initKey() throws Exception
- {
- //实例化实钥对生成器
- KeyPairGenerator keyPairGen=KeyPairGenerator.getInstance(KEY_ALGORITHM);
- //初始化密钥对生成器
- keyPairGen.initialize(KEY_SIZE);
- //生成密钥对
- KeyPair keyPair=keyPairGen.generateKeyPair();
- //公钥
- RSAPublicKey publicKey=(RSAPublicKey) keyPair.getPublic();
- //私钥
- RSAPrivateKey privateKey=(RSAPrivateKey) keyPair.getPrivate();
- //封装密钥
- Map<String,Object> keyMap=new HashMap<String,Object>(2);
- keyMap.put(PUBLIC_KEY, publicKey);
- keyMap.put(PRIVATE_KEY, privateKey);
- return keyMap;
- }
- /**
- * 签名
- * @param data 待签名数据
- * @param privateKey 私钥
- * @return byte[] 数字签名
- * @throws Exception
- */
- public static byte[] sign(byte[] data,byte[] privateKey) throws Exception
- {
- //转接私钥材料
- PKCS8EncodedKeySpec pkcs8KeySpec=new PKCS8EncodedKeySpec(privateKey);
- //实例化密钥工厂
- KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
- //取私钥对象
- PrivateKey priKey=keyFactory.generatePrivate(pkcs8KeySpec);
- //实例化Signature
- Signature signature=Signature.getInstance(SIGNATURE_ALGORRITHM);
- //初始化Signature
- signature.initSign(priKey);
- //更新
- signature.update(data);
- //签名
- return signature.sign();
- }
- /**
- * 公钥校验
- * @param data 待校验数据
- * @param publicKey 公钥
- * @param sign 数字签名
- * @return
- * @throws Exception
- */
- public static boolean verify(byte[] data,byte[] publicKey,byte[] sign) throws Exception
- {
- //转接公钥材料
- X509EncodedKeySpec x509KeySpec=new X509EncodedKeySpec(publicKey);
- //实例化密钥工厂
- KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
- //生成公钥
- PublicKey pubKey=keyFactory.generatePublic(x509KeySpec);
- //实例化Signature
- Signature signature=Signature.getInstance(SIGNATURE_ALGORRITHM);
- //初始化Signature
- signature.initVerify(pubKey);
- //更新
- signature.update(data);
- //验证
- return signature.verify(sign);
- }
- /**
- * 私钥签名
- * @param data 待签名数据
- * @param privateKey 私钥
- * @return String 十六进制签名字符串
- * @throws Exception
- */
- public static String sign(byte[] data,String privateKey) throws Exception
- {
- byte[] sign=sign(data,getKey(privateKey));
- return Hex.encodeHexString(sign);
- }
- /**
- * 公钥校验
- * @param data 待验证数据
- * @param publicKey 公钥
- * @param sign 签名
- * @return boolean 成功返回true,失败返回false
- * @throws Exception
- */
- public static boolean verify(byte[] data,String publicKey,String sign) throws Exception
- {
- return verify(data,getKey(publicKey),Hex.decodeHex(sign.toCharArray()));
- }
- /**
- * 取得私钥十六进制表示形式
- * @param keyMap 密钥Map
- * @return String 私钥十六进制字符串
- * @throws Exception
- */
- public static String getPrivateKeyString(Map<String,Object> keyMap) throws Exception
- {
- return Hex.encodeHexString(getPrivateKey(keyMap));
- }
- /**
- * 取得公钥十六进制表示形式
- * @param keyMap 密钥Map
- * @return String 公钥十六进制字符串
- * @throws Exception
- */
- public static String getPublicKeyString(Map<String,Object> keyMap) throws Exception
- {
- return Hex.encodeHexString(getPublicKey(keyMap));
- }
- /**
- * 获取密钥
- * @param key 密钥
- * @return byte[] 密钥
- * @throws Exception
- */
- public static byte[] getKey(String key) throws Exception
- {
- return Hex.decodeHex(key.toCharArray());
- }
- }
package com.algorithm;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Cipher;
import org.apache.commons.codec.binary.Hex;
/**
* RSA非对称加密算法安全编码组件
* @author Administrator
*
*/
public abstract class RSACoder {
//非对称加密密钥算法
public static final String KEY_ALGORITHM="RSA";
//数字签名 签名/验证算法
public static final String SIGNATURE_ALGORRITHM="SHA1withRSA";
//公钥
private static final String PUBLIC_KEY="RSAPublicKey";
//私钥
private static final String PRIVATE_KEY="RSAPrivateKey";
//RSA密钥长度,默认为1024,密钥长度必须是64的倍数,范围在521~65526位之间
private static final int KEY_SIZE=512;
/**
* 私钥解密
* @param data 待解密数据
* @param key 私钥
* @return byte[] 解密数据
* @throws Exception
*/
public static byte[] decryptByPrivateKey(byte[] data,byte[]key) throws Exception
{
//取得私钥
PKCS8EncodedKeySpec pkcs8KeySpec=new PKCS8EncodedKeySpec(key);
KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
//生成私钥
PrivateKey privateKey=keyFactory.generatePrivate(pkcs8KeySpec);
//对数据解密
Cipher cipher=Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, privateKey);
return cipher.doFinal(data);
}
/**
* 私钥解密
* @param data 待解密数据
* @param key 私钥
* @return byte[] 解密数据
* @throws Exception
*/
public static byte[] decryptByPrivateKey(byte[] data,String privateKey) throws Exception
{
return decryptByPrivateKey(data,getKey(privateKey));
}
/**
* 公钥解密
* @param data 待解密数据
* @param key 公钥
* @return byte[] 解密数据
* @throws Exception
*/
public static byte[] decryptByPublicKey(byte[] data,byte[] key) throws Exception
{
//取得公钥
X509EncodedKeySpec x509KeySpec=new X509EncodedKeySpec(key);
KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
//生成公钥
PublicKey publicKey=keyFactory.generatePublic(x509KeySpec);
//对数据解密
Cipher cipher=Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, publicKey);
return cipher.doFinal(data);
}
/**
* 公钥解密
* @param data 待解密数据
* @param key 公钥
* @return byte[] 解密数据
* @throws Exception
*/
public static byte[] decryptByPublicKey(byte[] data,String publicKey) throws Exception
{
return decryptByPublicKey(data,getKey(publicKey));
}
/**
* 公钥加密
* @param data 待加密数据
* @param key 公钥
* @return byte[] 加密数据
* @throws Exception
*/
public static byte[] encryptByPublicKey(byte[] data,byte[] key) throws Exception
{
//取得公钥
X509EncodedKeySpec x509KeySpec=new X509EncodedKeySpec(key);
KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
PublicKey publicKey=keyFactory.generatePublic(x509KeySpec);
//对数据加密
Cipher cipher=Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
return cipher.doFinal(data);
}
/**
* 公钥加密
* @param data 待加密数据
* @param key 公钥
* @return byte[] 加密数据
* @throws Exception
*/
public static byte[] encryptByPublicKey(byte[] data,String publicKey) throws Exception
{
return encryptByPublicKey(data,getKey(publicKey));
}
/**
* 私钥加密
* @param data 待加密数据
* @param key 私钥
* @return byte[] 加密数据
* @throws Exception
*/
public static byte[] encryptByPrivateKey(byte[] data,byte[] key) throws Exception
{
//取得私钥
PKCS8EncodedKeySpec pkcs8KeySpec=new PKCS8EncodedKeySpec(key);
KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
//生成私钥
PrivateKey privateKey=keyFactory.generatePrivate(pkcs8KeySpec);
//对数据加密
Cipher cipher=Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
return cipher.doFinal(data);
}
/**
* 私钥加密
* @param data 待加密数据
* @param key 私钥
* @return byte[] 加密数据
* @throws Exception
*/
public static byte[] encryptByPrivateKey(byte[] data,String key) throws Exception
{
return encryptByPrivateKey(data,getKey(key));
}
/**
* 取得私钥
* @param keyMap 密钥Map
* @return byte[] 私钥
* @throws Exception
*/
public static byte[] getPrivateKey(Map<String,Object> keyMap) throws Exception
{
Key key=(Key)keyMap.get(PRIVATE_KEY);
return key.getEncoded();
}
/**
* 取得公钥
* @param keyMap 密钥Map
* @return byte[] 公钥
* @throws Exception
*/
public static byte[] getPublicKey(Map<String,Object> keyMap) throws Exception
{
Key key=(Key)keyMap.get(PUBLIC_KEY);
return key.getEncoded();
}
/**
* 初始化密钥
* @return 密钥Map
* @throws Exception
*/
public static Map<String,Object> initKey() throws Exception
{
//实例化实钥对生成器
KeyPairGenerator keyPairGen=KeyPairGenerator.getInstance(KEY_ALGORITHM);
//初始化密钥对生成器
keyPairGen.initialize(KEY_SIZE);
//生成密钥对
KeyPair keyPair=keyPairGen.generateKeyPair();
//公钥
RSAPublicKey publicKey=(RSAPublicKey) keyPair.getPublic();
//私钥
RSAPrivateKey privateKey=(RSAPrivateKey) keyPair.getPrivate();
//封装密钥
Map<String,Object> keyMap=new HashMap<String,Object>(2);
keyMap.put(PUBLIC_KEY, publicKey);
keyMap.put(PRIVATE_KEY, privateKey);
return keyMap;
}
/**
* 签名
* @param data 待签名数据
* @param privateKey 私钥
* @return byte[] 数字签名
* @throws Exception
*/
public static byte[] sign(byte[] data,byte[] privateKey) throws Exception
{
//转接私钥材料
PKCS8EncodedKeySpec pkcs8KeySpec=new PKCS8EncodedKeySpec(privateKey);
//实例化密钥工厂
KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
//取私钥对象
PrivateKey priKey=keyFactory.generatePrivate(pkcs8KeySpec);
//实例化Signature
Signature signature=Signature.getInstance(SIGNATURE_ALGORRITHM);
//初始化Signature
signature.initSign(priKey);
//更新
signature.update(data);
//签名
return signature.sign();
}
/**
* 公钥校验
* @param data 待校验数据
* @param publicKey 公钥
* @param sign 数字签名
* @return
* @throws Exception
*/
public static boolean verify(byte[] data,byte[] publicKey,byte[] sign) throws Exception
{
//转接公钥材料
X509EncodedKeySpec x509KeySpec=new X509EncodedKeySpec(publicKey);
//实例化密钥工厂
KeyFactory keyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
//生成公钥
PublicKey pubKey=keyFactory.generatePublic(x509KeySpec);
//实例化Signature
Signature signature=Signature.getInstance(SIGNATURE_ALGORRITHM);
//初始化Signature
signature.initVerify(pubKey);
//更新
signature.update(data);
//验证
return signature.verify(sign);
}
/**
* 私钥签名
* @param data 待签名数据
* @param privateKey 私钥
* @return String 十六进制签名字符串
* @throws Exception
*/
public static String sign(byte[] data,String privateKey) throws Exception
{
byte[] sign=sign(data,getKey(privateKey));
return Hex.encodeHexString(sign);
}
/**
* 公钥校验
* @param data 待验证数据
* @param publicKey 公钥
* @param sign 签名
* @return boolean 成功返回true,失败返回false
* @throws Exception
*/
public static boolean verify(byte[] data,String publicKey,String sign) throws Exception
{
return verify(data,getKey(publicKey),Hex.decodeHex(sign.toCharArray()));
}
/**
* 取得私钥十六进制表示形式
* @param keyMap 密钥Map
* @return String 私钥十六进制字符串
* @throws Exception
*/
public static String getPrivateKeyString(Map<String,Object> keyMap) throws Exception
{
return Hex.encodeHexString(getPrivateKey(keyMap));
}
/**
* 取得公钥十六进制表示形式
* @param keyMap 密钥Map
* @return String 公钥十六进制字符串
* @throws Exception
*/
public static String getPublicKeyString(Map<String,Object> keyMap) throws Exception
{
return Hex.encodeHexString(getPublicKey(keyMap));
}
/**
* 获取密钥
* @param key 密钥
* @return byte[] 密钥
* @throws Exception
*/
public static byte[] getKey(String key) throws Exception
{
return Hex.decodeHex(key.toCharArray());
}
}
Java代码
- package com.algorithm;
- import java.util.Map;
- import org.apache.commons.codec.binary.Base64;
- /**
- * RSA算法测试用例
- * @author Administrator
- *
- */
- public class RSACoderTest {
- //公钥
- private static byte[] publicKey;
- //私钥
- private static byte[] privateKey;
- /**
- * 初始化密钥
- * @throws Exception
- */
- public static void initKey() throws Exception
- {
- //初始化密钥
- Map<String,Object> keyMap=RSACoder.initKey();
- publicKey=RSACoder.getPublicKey(keyMap);
- privateKey=RSACoder.getPrivateKey(keyMap);
- System.out.println("公钥:"+Base64.encodeBase64String(publicKey));
- System.out.println("私钥:"+Base64.encodeBase64String(privateKey));
- }
- public static void test() throws Exception
- {
- String inputStr="RSA加密算法,私钥加密,公钥解密";
- byte[] data=inputStr.getBytes();
- //私钥加密
- byte[] enCodeData=RSACoder.encryptByPrivateKey(data,privateKey);
- System.out.println("加密字符串:"+Base64.encodeBase64String(enCodeData));
- //公钥解密
- byte[] deCodeData=RSACoder.decryptByPublicKey(enCodeData, publicKey);
- System.out.println(new String(deCodeData).equals(inputStr));
- }
- /**
- * @param args
- * @throws Exception
- */
- public static void main(String[] args) throws Exception {
- // TODO Auto-generated method stub
- initKey();
- RSACoderTest.test();
- }
- }
package com.algorithm;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
/**
* RSA算法测试用例
* @author Administrator
*
*/
public class RSACoderTest {
//公钥
private static byte[] publicKey;
//私钥
private static byte[] privateKey;
/**
* 初始化密钥
* @throws Exception
*/
public static void initKey() throws Exception
{
//初始化密钥
Map<String,Object> keyMap=RSACoder.initKey();
publicKey=RSACoder.getPublicKey(keyMap);
privateKey=RSACoder.getPrivateKey(keyMap);
System.out.println("公钥:"+Base64.encodeBase64String(publicKey));
System.out.println("私钥:"+Base64.encodeBase64String(privateKey));
}
public static void test() throws Exception
{
String inputStr="RSA加密算法,私钥加密,公钥解密";
byte[] data=inputStr.getBytes();
//私钥加密
byte[] enCodeData=RSACoder.encryptByPrivateKey(data,privateKey);
System.out.println("加密字符串:"+Base64.encodeBase64String(enCodeData));
//公钥解密
byte[] deCodeData=RSACoder.decryptByPublicKey(enCodeData, publicKey);
System.out.println(new String(deCodeData).equals(inputStr));
}
/**
* @param args
* @throws Exception
*/
public static void main(String[] args) throws Exception {
// TODO Auto-generated method stub
initKey();
RSACoderTest.test();
}
}
Java代码 
- package com.algorithm;
- import java.io.FileInputStream;
- import java.security.KeyStore;
- import java.security.PrivateKey;
- import java.security.PublicKey;
- import java.security.Signature;
- import java.security.cert.Certificate;
- import java.security.cert.CertificateFactory;
- import java.security.cert.X509Certificate;
- import javax.crypto.Cipher;
- /**
- * 证书组件
- * @author Administrator
- */
- public abstract class CertificateCoder {
- //类型证书
- private static final String CERT_TYPE="X.509";
- /**
- * 由KeyStore获得私钥
- * @param keyStorePath 密钥库路径
- * @param alias 别名
- * @param password 密码
- * @return PrivateKey 密钥
- * @throws Exception
- */
- private static PrivateKey getPrivateKeyByKeyStore(String keyStorePath,String alias,String password) throws Exception
- {
- //获得密钥库
- KeyStore ks=getKeyStore(keyStorePath,password);
- //获得私钥
- return (PrivateKey)ks.getKey(alias, password.toCharArray());
- }
- /**
- * 由Certificate获得公钥
- * @param certificatePath 证书路径
- * @return PublicKey 公钥
- */
- private static PublicKey getPublicKeyByCertificate(String certificatePath) throws Exception
- {
- //获得证书
- Certificate certificate=getCertificate(certificatePath);
- //获得公钥
- return certificate.getPublicKey();
- }
- /**
- * 获得certificate
- * @param certificatePath 证书路径
- * @return Certificate 证书
- * @throws Exception
- */
- private static Certificate getCertificate(String certificatePath) throws Exception
- {
- //实例化证书工厂
- CertificateFactory certificateFactory=CertificateFactory.getInstance(CERT_TYPE);
- //取得证书文件流
- FileInputStream in=new FileInputStream(certificatePath);
- //生成证书
- Certificate certificate=certificateFactory.generateCertificate(in);
- //关闭证书文件流
- in.close();
- return certificate;
- }
- /**
- * 取得Certificate
- * @param keyStorePath 密钥库路径
- * @param alias 别名
- * @param password 密码
- * @return Certificate 证书
- * @throws Exception
- */
- private static Certificate getCertificate(String keyStorePath,String alias,String password) throws Exception
- {
- //获得密钥库
- KeyStore ks=getKeyStore(keyStorePath,password);
- //获得证书
- return ks.getCertificate(alias);
- }
- /**
- * 获得密钥库
- * @param keyStorePath 密钥库路径
- * @param password 密码
- * @return KeyStore 密钥库
- * @throws Exception
- */
- private static KeyStore getKeyStore(String keyStorePath,String password) throws Exception
- {
- //实例化密钥库
- KeyStore ks=KeyStore.getInstance(KeyStore.getDefaultType());
- //获得密钥库文件流
- FileInputStream in=new FileInputStream(keyStorePath);
- //加载密钥库
- ks.load(in, password.toCharArray());
- //关闭密钥库文件流
- in.close();
- return ks;
- }
- /**
- * 私钥加密
- * @param data 待加密数据
- * @param keyStorePath 密钥库路径
- * @param alias 别名
- * @param password 密码
- * @return byte[] 加密数据
- * @throws Exception
- */
- public static byte[] encryptByPrivateKey(byte[] data,String keyStorePath,String alias,String password) throws Exception
- {
- //取得私钥
- PrivateKey privateKey=getPrivateKeyByKeyStore(keyStorePath,alias,password);
- //对数据加密
- Cipher cipher=Cipher.getInstance(privateKey.getAlgorithm());
- cipher.init(Cipher.ENCRYPT_MODE, privateKey);
- return cipher.doFinal(data);
- }
- /**
- * 私钥解密
- * @param data 待解密数据
- * @param keyStorePath 密钥库路径
- * @param alias 别名
- * @param password 密码
- * @return byte[] 加密数据
- * @throws Exception
- */
- public static byte[] decryptByPrivateKey(byte[] data,String keyStorePath,String alias,String password) throws Exception
- {
- //取得私钥
- PrivateKey privateKey=getPrivateKeyByKeyStore(keyStorePath,alias,password);
- //对数据解密
- Cipher cipher=Cipher.getInstance(privateKey.getAlgorithm());
- cipher.init(Cipher.DECRYPT_MODE, privateKey);
- return cipher.doFinal(data);
- }
- /**
- * 公钥加密
- * @param data 待加密数据
- * @param certificatePath 证书路径
- * @return byte[] 加密数据
- * @throws Exception
- */
- public static byte[] encryptByPublicKey(byte[] data,String certificatePath) throws Exception
- {
- //取得公钥
- PublicKey publicKey=getPublicKeyByCertificate(certificatePath);
- //对数据加密
- Cipher cipher=Cipher.getInstance(publicKey.getAlgorithm());
- cipher.init(Cipher.ENCRYPT_MODE, publicKey);
- return cipher.doFinal(data);
- }
- /**
- * 公钥解密
- * @param data 待解密数据
- * @param certificatePath 证书路径
- * @return byte[] 解密数据
- * @throws Exception
- */
- public static byte[] decryptByPublicKey(byte[] data,String certificatePath) throws Exception
- {
- //取得公钥
- PublicKey publicKey=getPublicKeyByCertificate(certificatePath);
- //对数据解密
- Cipher cipher=Cipher.getInstance(publicKey.getAlgorithm());
- cipher.init(Cipher.DECRYPT_MODE, publicKey);
- return cipher.doFinal(data);
- }
- /**
- * 签名
- * @param data 待签名数据
- * @param keyStorePath 密钥库路径
- * @param alias 别名
- * @param password 密码
- * @return byte[] 签名
- * @throws Exception
- */
- public static byte[] sign(byte[] data,String keyStorePath,String alias,String password) throws Exception
- {
- //获得证书
- X509Certificate x509Certificate=(X509Certificate)getCertificate(keyStorePath,alias,password);
- //构建签名,由证书指定签名算法
- Signature signature=Signature.getInstance(x509Certificate.getSigAlgName());
- //获取私钥
- PrivateKey privateKey=getPrivateKeyByKeyStore(keyStorePath, alias, password);
- //初始化签名,由私钥构建
- signature.initSign(privateKey);
- signature.update(data);
- return signature.sign();
- }
- /**
- * 签名验证
- * @param data 数据
- * @param sign 签名
- * @param certificatePath 证书路径
- * @return boolean 验证通过为true
- * @throws Exception
- */
- public static boolean verify(byte[] data,byte[] sign,String certificatePath) throws Exception
- {
- //获得证书
- X509Certificate x509Certificate=(X509Certificate)getCertificate(certificatePath);
- //构建签名,由证书指定签名算法
- Signature signature=Signature.getInstance(x509Certificate.getSigAlgName());
- //由证书初始化签名,实际上是使用了证书中的公钥
- signature.initVerify(x509Certificate);
- signature.update(data);
- return signature.verify(sign);
- }
- }
package com.algorithm;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.crypto.Cipher;
/**
* 证书组件
* @author Administrator
*/
public abstract class CertificateCoder {
//类型证书
private static final String CERT_TYPE="X.509";
/**
* 由KeyStore获得私钥
* @param keyStorePath 密钥库路径
* @param alias 别名
* @param password 密码
* @return PrivateKey 密钥
* @throws Exception
*/
private static PrivateKey getPrivateKeyByKeyStore(String keyStorePath,String alias,String password) throws Exception
{
//获得密钥库
KeyStore ks=getKeyStore(keyStorePath,password);
//获得私钥
return (PrivateKey)ks.getKey(alias, password.toCharArray());
}
/**
* 由Certificate获得公钥
* @param certificatePath 证书路径
* @return PublicKey 公钥
*/
private static PublicKey getPublicKeyByCertificate(String certificatePath) throws Exception
{
//获得证书
Certificate certificate=getCertificate(certificatePath);
//获得公钥
return certificate.getPublicKey();
}
/**
* 获得certificate
* @param certificatePath 证书路径
* @return Certificate 证书
* @throws Exception
*/
private static Certificate getCertificate(String certificatePath) throws Exception
{
//实例化证书工厂
CertificateFactory certificateFactory=CertificateFactory.getInstance(CERT_TYPE);
//取得证书文件流
FileInputStream in=new FileInputStream(certificatePath);
//生成证书
Certificate certificate=certificateFactory.generateCertificate(in);
//关闭证书文件流
in.close();
return certificate;
}
/**
* 取得Certificate
* @param keyStorePath 密钥库路径
* @param alias 别名
* @param password 密码
* @return Certificate 证书
* @throws Exception
*/
private static Certificate getCertificate(String keyStorePath,String alias,String password) throws Exception
{
//获得密钥库
KeyStore ks=getKeyStore(keyStorePath,password);
//获得证书
return ks.getCertificate(alias);
}
/**
* 获得密钥库
* @param keyStorePath 密钥库路径
* @param password 密码
* @return KeyStore 密钥库
* @throws Exception
*/
private static KeyStore getKeyStore(String keyStorePath,String password) throws Exception
{
//实例化密钥库
KeyStore ks=KeyStore.getInstance(KeyStore.getDefaultType());
//获得密钥库文件流
FileInputStream in=new FileInputStream(keyStorePath);
//加载密钥库
ks.load(in, password.toCharArray());
//关闭密钥库文件流
in.close();
return ks;
}
/**
* 私钥加密
* @param data 待加密数据
* @param keyStorePath 密钥库路径
* @param alias 别名
* @param password 密码
* @return byte[] 加密数据
* @throws Exception
*/
public static byte[] encryptByPrivateKey(byte[] data,String keyStorePath,String alias,String password) throws Exception
{
//取得私钥
PrivateKey privateKey=getPrivateKeyByKeyStore(keyStorePath,alias,password);
//对数据加密
Cipher cipher=Cipher.getInstance(privateKey.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
return cipher.doFinal(data);
}
/**
* 私钥解密
* @param data 待解密数据
* @param keyStorePath 密钥库路径
* @param alias 别名
* @param password 密码
* @return byte[] 加密数据
* @throws Exception
*/
public static byte[] decryptByPrivateKey(byte[] data,String keyStorePath,String alias,String password) throws Exception
{
//取得私钥
PrivateKey privateKey=getPrivateKeyByKeyStore(keyStorePath,alias,password);
//对数据解密
Cipher cipher=Cipher.getInstance(privateKey.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, privateKey);
return cipher.doFinal(data);
}
/**
* 公钥加密
* @param data 待加密数据
* @param certificatePath 证书路径
* @return byte[] 加密数据
* @throws Exception
*/
public static byte[] encryptByPublicKey(byte[] data,String certificatePath) throws Exception
{
//取得公钥
PublicKey publicKey=getPublicKeyByCertificate(certificatePath);
//对数据加密
Cipher cipher=Cipher.getInstance(publicKey.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
return cipher.doFinal(data);
}
/**
* 公钥解密
* @param data 待解密数据
* @param certificatePath 证书路径
* @return byte[] 解密数据
* @throws Exception
*/
public static byte[] decryptByPublicKey(byte[] data,String certificatePath) throws Exception
{
//取得公钥
PublicKey publicKey=getPublicKeyByCertificate(certificatePath);
//对数据解密
Cipher cipher=Cipher.getInstance(publicKey.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, publicKey);
return cipher.doFinal(data);
}
/**
* 签名
* @param data 待签名数据
* @param keyStorePath 密钥库路径
* @param alias 别名
* @param password 密码
* @return byte[] 签名
* @throws Exception
*/
public static byte[] sign(byte[] data,String keyStorePath,String alias,String password) throws Exception
{
//获得证书
X509Certificate x509Certificate=(X509Certificate)getCertificate(keyStorePath,alias,password);
//构建签名,由证书指定签名算法
Signature signature=Signature.getInstance(x509Certificate.getSigAlgName());
//获取私钥
PrivateKey privateKey=getPrivateKeyByKeyStore(keyStorePath, alias, password);
//初始化签名,由私钥构建
signature.initSign(privateKey);
signature.update(data);
return signature.sign();
}
/**
* 签名验证
* @param data 数据
* @param sign 签名
* @param certificatePath 证书路径
* @return boolean 验证通过为true
* @throws Exception
*/
public static boolean verify(byte[] data,byte[] sign,String certificatePath) throws Exception
{
//获得证书
X509Certificate x509Certificate=(X509Certificate)getCertificate(certificatePath);
//构建签名,由证书指定签名算法
Signature signature=Signature.getInstance(x509Certificate.getSigAlgName());
//由证书初始化签名,实际上是使用了证书中的公钥
signature.initVerify(x509Certificate);
signature.update(data);
return signature.verify(sign);
}
}
Java代码
- package com.algorithm;
- import java.io.InputStream;
- import org.apache.commons.codec.binary.Hex;
- /**
- * 数字证书测试用例
- * @author Administrator
- *
- */
- public class CertificateCoderTest {
- //生成证书时的密码
- private static String password="123456";
- //别名
- private static String alias="www.dominic.com";
- //证书路径
- private static String certificatePath="D:\\Program Files\\OpenSSL-Win32\\ca\\certs\\dominic.cer";
- //密钥库路径
- private static String keyStorePath="D:\\Program Files\\OpenSSL-Win32\\ca\\certs\\domini.keystore";
- /**
- * 公钥加密私钥解密
- */
- public static void test1() throws Exception
- {
- String inputStr="数字证书";
- byte[] data=inputStr.getBytes();
- //公钥加密
- byte[] encrypt=CertificateCoder.encryptByPublicKey(data, certificatePath);
- //私钥解密
- byte[] decrypt=CertificateCoder.decryptByPrivateKey(encrypt, keyStorePath, alias, password);
- System.out.println(new String(decrypt).equals(inputStr));
- }
- /**
- * 私加密公钥解密
- */
- public static void test2() throws Exception
- {
- String inputStr="数字证书";
- byte[] data=inputStr.getBytes();
- //私钥加密
- byte[] encrypt=CertificateCoder.encryptByPrivateKey(data, keyStorePath, alias, password);
- //公钥解密
- byte[] decrypt=CertificateCoder.decryptByPublicKey(encrypt, certificatePath);
- System.out.println(new String(decrypt).equals(inputStr));
- }
- /**
- * 签名验证
- */
- public static void test3() throws Exception
- {
- String inputStr="数字签名";
- byte[] data=inputStr.getBytes();
- //私钥签名
- byte[] sign=CertificateCoder.sign(data, keyStorePath, alias, password);
- System.out.println("签名:"+Hex.encodeHexString(sign));
- //公钥验证
- System.out.println(CertificateCoder.verify(data, sign, certificatePath));
- }
- public static void main(String[] args) throws Exception
- {
- CertificateCoderTest.test1();
- CertificateCoderTest.test2();
- CertificateCoderTest.test3();
- }
- }
package com.algorithm;
import java.io.InputStream;
import org.apache.commons.codec.binary.Hex;
/**
* 数字证书测试用例
* @author Administrator
*
*/
public class CertificateCoderTest {
//生成证书时的密码
private static String password="123456";
//别名
private static String alias="www.dominic.com";
//证书路径
private static String certificatePath="D:\\Program Files\\OpenSSL-Win32\\ca\\certs\\dominic.cer";
//密钥库路径
private static String keyStorePath="D:\\Program Files\\OpenSSL-Win32\\ca\\certs\\domini.keystore";
/**
* 公钥加密私钥解密
*/
public static void test1() throws Exception
{
String inputStr="数字证书";
byte[] data=inputStr.getBytes();
//公钥加密
byte[] encrypt=CertificateCoder.encryptByPublicKey(data, certificatePath);
//私钥解密
byte[] decrypt=CertificateCoder.decryptByPrivateKey(encrypt, keyStorePath, alias, password);
System.out.println(new String(decrypt).equals(inputStr));
}
/**
* 私加密公钥解密
*/
public static void test2() throws Exception
{
String inputStr="数字证书";
byte[] data=inputStr.getBytes();
//私钥加密
byte[] encrypt=CertificateCoder.encryptByPrivateKey(data, keyStorePath, alias, password);
//公钥解密
byte[] decrypt=CertificateCoder.decryptByPublicKey(encrypt, certificatePath);
System.out.println(new String(decrypt).equals(inputStr));
}
/**
* 签名验证
*/
public static void test3() throws Exception
{
String inputStr="数字签名";
byte[] data=inputStr.getBytes();
//私钥签名
byte[] sign=CertificateCoder.sign(data, keyStorePath, alias, password);
System.out.println("签名:"+Hex.encodeHexString(sign));
//公钥验证
System.out.println(CertificateCoder.verify(data, sign, certificatePath));
}
public static void main(String[] args) throws Exception
{
CertificateCoderTest.test1();
CertificateCoderTest.test2();
CertificateCoderTest.test3();
}
}
Java代码
- package com.algorithm;
- import java.security.Key;
- import javax.crypto.Cipher;
- import javax.crypto.KeyGenerator;
- import javax.crypto.SecretKey;
- import javax.crypto.spec.SecretKeySpec;
- import org.apache.commons.codec.binary.Base64;
- import org.apache.commons.codec.digest.DigestUtils;
- /**
- * AES对称加密算法,组件类
- * @author Administrator
- *
- */
- public abstract class AESCoder {
- //密钥算法
- public static final String ALGORITHM="AES";
- //密钥长度(java默认只能处理128位以内的长度,如果需要处理大于128位可以使用JCE解除密钥长度限制)
- public static final int KEY_SIZE=128;
- /**
- * 转换密钥
- * @param key 二进制密钥
- * @return Key 密钥
- * @throws Exception
- */
- private static Key toKey(byte[] key) throws Exception
- {
- //实例化AES密钥材料
- SecretKey secretKey=new SecretKeySpec(key,ALGORITHM);
- return secretKey;
- }
- /**
- * 解密
- * @param data 待解密数据
- * @param key 密钥
- * @return byte[] 解密数据
- * @throws Exception
- */
- public static byte[] decrypt(byte[] data,byte[] key) throws Exception
- {
- //还原密钥
- Key k=toKey(key);
- //实例化
- Cipher cipher=Cipher.getInstance(ALGORITHM);
- //初始化,设置为解密模式
- cipher.init(Cipher.DECRYPT_MODE, k);
- //执行操作
- return cipher.doFinal(data);
- }
- /**
- * 解密
- * @param data 待解密数据
- * @param key 密钥
- * @return byte[] 解密数据
- * @throws Exception
- */
- public static byte[] decrypt(byte[] data,String key) throws Exception
- {
- return decrypt(data,getKey(key));
- }
- /**
- * 加密
- * @param data 待加密数据
- * @param key 密钥
- * @return byte[] 加密数据
- * @throws Exception
- */
- public static byte[] encrypt(byte[] data,byte[] key) throws Exception
- {
- //还原密钥
- Key k=toKey(key);
- //实例化
- Cipher cipher=Cipher.getInstance(ALGORITHM);
- //初始化,设置为加密模式
- cipher.init(Cipher.ENCRYPT_MODE, k);
- //执行操作
- return cipher.doFinal(data);
- }
- /**
- * 加密
- * @param data 待加密数据
- * @param key 密钥
- * @return byte[] 加密数据
- * @throws Exception
- */
- public static byte[] encrypt(byte[] data,String key) throws Exception
- {
- return encrypt(data,getKey(key));
- }
- /**
- * 生成密钥
- * @return byte[] 二进制密钥
- * @throws Exception
- */
- public static byte[] initKey() throws Exception
- {
- //实例化
- KeyGenerator kg=KeyGenerator.getInstance(ALGORITHM);
- //初始化密钥长度
- kg.init(KEY_SIZE);
- //生成秘密密钥
- SecretKey secretKey=kg.generateKey();
- //获得密钥的二进制编码形式
- return secretKey.getEncoded();
- }
- /**
- * 初始化密钥
- * @return String Base64编码密钥
- * @throws Exception
- */
- public static String initKeyString() throws Exception
- {
- return Base64.encodeBase64String(initKey());
- }
- /**
- * 获取密钥
- * @param key
- * @return byte[] 密钥
- * @throws Exception
- */
- public static byte[] getKey(String key) throws Exception
- {
- return Base64.decodeBase64(key);
- }
- /**
- * 摘要处理
- * @param data 待摘要数据
- * @return String 摘要字符串
- */
- public static String shaHex(byte[] data)
- {
- return DigestUtils.md5Hex(data);
- }
- /**
- * 验证
- * @param data 待摘要数据
- * @param messageDigest 摘要字符串
- * @return 验证结果
- */
- public static boolean validate(byte[] data,String messageDigest)
- {
- return messageDigest.equals(shaHex(data));
- }
- }
package com.algorithm;
import java.security.Key;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.digest.DigestUtils;
/**
* AES对称加密算法,组件类
* @author Administrator
*
*/
public abstract class AESCoder {
//密钥算法
public static final String ALGORITHM="AES";
//密钥长度(java默认只能处理128位以内的长度,如果需要处理大于128位可以使用JCE解除密钥长度限制)
public static final int KEY_SIZE=128;
/**
* 转换密钥
* @param key 二进制密钥
* @return Key 密钥
* @throws Exception
*/
private static Key toKey(byte[] key) throws Exception
{
//实例化AES密钥材料
SecretKey secretKey=new SecretKeySpec(key,ALGORITHM);
return secretKey;
}
/**
* 解密
* @param data 待解密数据
* @param key 密钥
* @return byte[] 解密数据
* @throws Exception
*/
public static byte[] decrypt(byte[] data,byte[] key) throws Exception
{
//还原密钥
Key k=toKey(key);
//实例化
Cipher cipher=Cipher.getInstance(ALGORITHM);
//初始化,设置为解密模式
cipher.init(Cipher.DECRYPT_MODE, k);
//执行操作
return cipher.doFinal(data);
}
/**
* 解密
* @param data 待解密数据
* @param key 密钥
* @return byte[] 解密数据
* @throws Exception
*/
public static byte[] decrypt(byte[] data,String key) throws Exception
{
return decrypt(data,getKey(key));
}
/**
* 加密
* @param data 待加密数据
* @param key 密钥
* @return byte[] 加密数据
* @throws Exception
*/
public static byte[] encrypt(byte[] data,byte[] key) throws Exception
{
//还原密钥
Key k=toKey(key);
//实例化
Cipher cipher=Cipher.getInstance(ALGORITHM);
//初始化,设置为加密模式
cipher.init(Cipher.ENCRYPT_MODE, k);
//执行操作
return cipher.doFinal(data);
}
/**
* 加密
* @param data 待加密数据
* @param key 密钥
* @return byte[] 加密数据
* @throws Exception
*/
public static byte[] encrypt(byte[] data,String key) throws Exception
{
return encrypt(data,getKey(key));
}
/**
* 生成密钥
* @return byte[] 二进制密钥
* @throws Exception
*/
public static byte[] initKey() throws Exception
{
//实例化
KeyGenerator kg=KeyGenerator.getInstance(ALGORITHM);
//初始化密钥长度
kg.init(KEY_SIZE);
//生成秘密密钥
SecretKey secretKey=kg.generateKey();
//获得密钥的二进制编码形式
return secretKey.getEncoded();
}
/**
* 初始化密钥
* @return String Base64编码密钥
* @throws Exception
*/
public static String initKeyString() throws Exception
{
return Base64.encodeBase64String(initKey());
}
/**
* 获取密钥
* @param key
* @return byte[] 密钥
* @throws Exception
*/
public static byte[] getKey(String key) throws Exception
{
return Base64.decodeBase64(key);
}
/**
* 摘要处理
* @param data 待摘要数据
* @return String 摘要字符串
*/
public static String shaHex(byte[] data)
{
return DigestUtils.md5Hex(data);
}
/**
* 验证
* @param data 待摘要数据
* @param messageDigest 摘要字符串
* @return 验证结果
*/
public static boolean validate(byte[] data,String messageDigest)
{
return messageDigest.equals(shaHex(data));
}
}
Java代码
- package com.algorithm;
- /**
- * 对称加密算法测试用例
- * @author Administrator
- *
- */
- public class AESCoderTest {
- public static void main(String args[])
- {
- try {
- //初始化密钥
- String secretKey=AESCoder.initKeyString();
- System.out.println("密钥为:"+secretKey);
- String s="我们的大中国";
- //加密数据
- byte[] encryptData=AESCoder.encrypt(s.getBytes(), secretKey);
- //解密数据
- byte[] data=AESCoder.decrypt(encryptData, secretKey);
- //比较
- System.out.println(new String(data).equals(s));
- } catch (Exception e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
- }
package com.algorithm;
/**
* 对称加密算法测试用例
* @author Administrator
*
*/
public class AESCoderTest {
public static void main(String args[])
{
try {
//初始化密钥
String secretKey=AESCoder.initKeyString();
System.out.println("密钥为:"+secretKey);
String s="我们的大中国";
//加密数据
byte[] encryptData=AESCoder.encrypt(s.getBytes(), secretKey);
//解密数据
byte[] data=AESCoder.decrypt(encryptData, secretKey);
//比较
System.out.println(new String(data).equals(s));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
附证书生成命令:
keytool生成证书
keytool -genkeypair -keyalg RSA -keysize 2048 -sigalg SHA1withRSA -validity 360 -alias www.dominic.com -keystore dominic.keystore
导出数字证书
keytool -exportcert -alias www.dominic.com -keystore dominic.keystore -file dominic.cer -rfc
打印数字证书
keytool -printcert -file dominic.cer
这里是自制证书,如果需要权威机构签发,需要导出证书申请文件由第三方签发
openssl证书创建
根证书构建命令?
echo 构建随机数 private/.rand
openssl rand -out private/.rand 1000
echo 构建根证书私钥 private/ca.key.pem
openssl genrsa -aes256 -out private/ca.key.pem 2048
echo 生成根证书签发申请 private/ca.csr
openssl req -new -key private/ca.key.pem -out private/ca.csr -subj "/C=CN/ST=BJ/L=BJ/O=dominic/OU=dominic/CN=www.dominic.com"
echo 签发根证书 private/ca.cer
openssl x509 -req -days 10000 -sha1 -extensions v3_ca -signkey private/ca.key.pem -in private/ca.csr -out certs/ca.cer
echo 根证书转换 private/ca.p12
openssl pkcs12 -export -cacerts inkey private/ca.key.pem -in private/ca.csr -out certs/ca.cer
服务器证书构建步骤命令?
(1)echo 构建服务器私钥 private/server.key.pem
(2)openssl genrsa -aes256 -out private/server.key.pem 2048
echo 生成服务器证书签发申请 private/server.csr
(3)openssl req -new -key private/server.key.pem -out private/server.csr -subj "/C=CN/ST=BJ/L=BJ/O=dominic/OU=dominic/CN=www.dominic.com"
echo 签发服务器证书 private/server.cer
openssl x509 -req -days 3650 -sha1 -extensions v3_req -CA certs/ca.cer -CAkey private/ca.key.pem -CAserial ca.srl -CAcreateserial -in private/server.csr -out certs/server.cer
echo 服务器证书转换 private/server.p12
openssl pkcs12 -export -clcerts -inkey private/server.key.pem -in certs/server.cer -out certs/server.p12
客户证书构建命令?
echo 构建客户私钥 private/client.key.pem
openssl genrsa -aes256 -out private/client.key.pem 2048
echo 生成服务器证书签发申请 private/client.csr
openssl req -new -key private/client.key.pem -out private/client.csr -subj "/C=CN/ST=BJ/L=BJ/O=dominic/OU=dominic/CN=www.dominic.com"
echo 签发客户证书 private/server.cer
openssl ca -days 3650 -in private/client.csr -out certs/client.cer -cert certs/ca.cer -keyfile private/ca.key.pem
echo 客户证书转换 certs/client.p12
openssl pkcs12 -export -inkey private/client.key.pem -in certs/client.cer -out certs/client.p12
分享到:
发表评论
相关推荐
Java实现的RSA加密解密算法示例 本文主要介绍了Java实现的RSA加密解密算法,结合实例形式分析了Java RSA加密解密算法的相关实现技巧。 知识点1:RSA加密解密算法简介 RSA加密解密算法是一种非对称加密算法,由Ron...
在这个"很强的Java加密解密算法源码.zip"中,我们可以深入学习如何在Java中实现3DES算法来加密和解密文件。 3DES算法是一种块加密算法,它通过三次应用DES密钥来增强安全性。基本流程如下: 1. **加密过程**:输入...
"java实现的RC4加密解密算法示例" RC4加密解密算法是Symmetric-key block cipher的一种,使用同一个密钥进行加密和解密。java实现的RC4加密解密算法可以通过以下步骤实现: 1. 初始化数组:创建一个大小为256的...
java实现MD5加密解密算法,java源代码~
### Java加密解密算法详解 #### 一、加密概述与应用 加密技术是信息安全领域中的关键技术之一,其核心在于通过特定算法对原始信息(明文)进行变换,使其成为不可直接阅读的形式(密文),从而保护信息在传输或...
本实例将探讨一些常见的加密解密算法及其在Java中的实现。以下是一些关键知识点: 1. **对称加密算法**:这类算法使用相同的密钥进行加密和解密,如DES(Data Encryption Standard)、3DES(Triple DES)和AES...
根据提供的文件信息,本文将详细解析“JAVA源码很强的Java加密解密算法源码”这一主题中的关键知识点。从标题和描述来看,这是一份关于Java加密解密算法的源代码,通过百度网盘分享的方式提供给感兴趣的开发者。下面...
在IT行业中,加密和解密是信息安全领域的重要...综上所述,Java加密解密算法源码涵盖了多种安全机制,开发者可以基于这些源码进一步理解并定制自己的加密解决方案。通过深入学习和实践,可以有效提升应用程序的安全性。
Java加密解密是信息安全领域的重要组成部分,用于保护数据的安全性和隐私。在Java中,我们可以使用多种加密算法来实现数据的加密和解密。本篇将详细介绍几种常见的加密算法及其在Java中的应用,包括DES、RSA以及非...
java加密解密算法的集合,AES DES。
在Java中实现AES(Advanced Encryption Standard)加密和解密算法主要涉及到对称密钥加密技术。AES算法是一种块密码,采用固定大小的128位(16字节)块进行加密和解密,支持128、192和256位的密钥长度。在给定的代码...
通过对Java加密解密算法的学习,特别是对Blowfish算法的深入理解,我们能够更好地保护数据的安全性。在实际开发中,选择合适的加密算法非常重要,同时还需要注意算法的安全性和性能之间的平衡。希望本文能帮助大家更...
*网上很多RC4算法在用的时候,都会出现「加密然后立即在内存中解密」可以,但先把加密后的密文写入文件再读取解密就失败的情况。这段代码没有这种情况。...*采用了重载函数,我用了String加密解密,成功。
TripleDES加密解密算法的实现(JAVA)
对文本进行加密和解密,异或加密和转化二进制十六进制加密
本篇文章将深入探讨Java加密解密的核心概念、常用算法以及如何使用它们。 一、加密的基本原理 加密是一种将明文数据转换为看似随机的密文的过程,目的是保护数据免受未经授权的访问。解密则是将密文还原为原始明文...
这个"java加密解密算法类_Cipher"可能包含了上述所有或部分知识点的实现,通过阅读源代码,我们可以更深入地理解Java中加密解密的实际应用和细节。在实际开发中,这些知识对于构建安全的网络通信、数据库存储和数据...
在这篇文档中,我们主要介绍了三种常用加密解密算法:DES算法、RSA算法以及MD5算法,并简要分析了它们的使用规则和安全性。 首先,DES(Data Encryption Standard,数据加密标准)算法是一种经典的对称密钥加密技术...
基于java的开发源码-很强的加密解密算法源码.zip 基于java的开发源码-很强的加密解密算法源码.zip 基于java的开发源码-很强的加密解密算法源码.zip 基于java的开发源码-很强的加密解密算法源码.zip 基于java的开发...