SHA256withRSA证书签名,私钥签名/公钥验签
package test;import java.io.File;import java.io.FileInputStream;import java.io.FileNotFoundException;import java.io.IOException;import java.io.InputStream;import java.security.KeyStore;import java.security.PrivateKey;import java.security.PublicKey;import java.security.Signature;import java.security.cert.CertificateException;import java.security.cert.CertificateFactory;import java.security.cert.X509Certificate;import java.util.Base64;import java.util.Enumeration;/** * 私钥签名,公钥验签
*
@author jinzhm *
*/publicclass SignUtil {
privatestatic String CHARSET_ENCODING = "UTF-8";
privatestatic String ALGORITHM = "SHA256withRSA";
/**
* 签名
* @param srcData
* @param privateKeyPath
* @param privateKeyPwd
* @return
*/
publicstatic String sign(String srcData, String privateKeyPath, String privateKeyPwd){
if(srcData==null || privateKeyPath==null || privateKeyPwd==null){
return "";
}
try {
// 获取证书的私钥
PrivateKey key = readPrivate(privateKeyPath, privateKeyPwd);
// 进行签名服务
Signature signature = Signature.getInstance(ALGORITHM);
signature.initSign(key);
signature.update(srcData.getBytes(CHARSET_ENCODING));
byte[] signedData = signature.sign();
return Base64.getEncoder().encodeToString(signedData);
} catch (Exception e) {
e.printStackTrace();
}
return "";
}
/**
* 验签
* @param srcData
* @param signedData
* @param publicKeyPath
* @return
*/
publicstaticboolean verify(String srcData, String signedData, String publicKeyPath){
if(srcData==null || signedData==null || publicKeyPath==null){
returnfalse;
}
try {
PublicKey publicKey = readPublic(publicKeyPath);
Signature sign = Signature.getInstance(ALGORITHM);
sign.initVerify(publicKey);
sign.update(srcData.getBytes(CHARSET_ENCODING));
return sign.verify(Base64.getDecoder().decode(signedData));
} catch (Exception e) {
e.printStackTrace();
}
returnfalse;
}
/**
* 读取公钥
* @param publicKeyPath
* @return
*/
privatestatic PublicKey readPublic(String publicKeyPath){
if(publicKeyPath==null){
returnnull;
}
PublicKey pk = null;
FileInputStream bais = null;
try {
CertificateFactory certificatefactory = CertificateFactory.getInstance("X.509");
bais = new FileInputStream(publicKeyPath);
X509Certificate cert = (X509Certificate)certificatefactory.generateCertificate(bais);
pk = cert.getPublicKey();
} catch (CertificateException e) {
e.printStackTrace();
} catch (FileNotFoundException e) {
e.printStackTrace();
} finally{
if(bais != null){
try {
bais.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
return pk;
}
/**
* 读取私钥
* @param path
* @return
*/
privatestatic PrivateKey readPrivate(String privateKeyPath, String privateKeyPwd){
if(privateKeyPath==null || privateKeyPwd==null){
returnnull;
}
InputStream stream = null;
try {
// 获取JKS 服务器私有证书的私钥,取得标准的JKS的 KeyStore实例
KeyStore store = KeyStore.getInstance("JKS");
stream = new FileInputStream(new File(privateKeyPath));
// jks文件密码,根据实际情况修改
store.load(stream, privateKeyPwd.toCharArray());
// 获取jks证书别名
Enumeration en = store.aliases();
String pName = null;
while (en.hasMoreElements()) {
String n = (String) en.nextElement();
if (store.isKeyEntry(n)) {
pName = n;
}
}
// 获取证书的私钥
PrivateKey key = (PrivateKey) store.getKey(pName,
privateKeyPwd.toCharArray());
return key;
} catch (Exception e) {
e.printStackTrace();
} finally {
if(stream != null){
try {
stream.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
returnnull;
}
}
以上是 SHA256withRSA证书签名,私钥签名/公钥验签 的全部内容, 来源链接: utcz.com/z/510143.html
