加解密工具类(含keystore导出pfx)
java代码如下:
package sign; import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Enumeration; import javax.crypto.Cipher; @SuppressWarnings({ "rawtypes", "unused" })
public class UtilTools { private static final String PKCS12 = "PKCS12";
private static final String CHARSET = "utf-8";
private final static String CertType = "X.509";
public final static String TrustStoreType = "JKS";
private static final String SHA1WithRSA = "SHA1WithRSA";
private final static String MD5withRSA = "MD5withRSA";
private static final String SHA224WithRSA = "SHA224WithRSA";
private static final String SHA256WithRSA = "SHA256WithRSA";
private static final String SHA384WithRSA = "SHA384WithRSA";
private static final String SHA512WithRSA = "SHA512WithRSA";
private static final String RSA = "RSA";
private static final String ECB = "ECB";
private static final String PCKCS1PADDING = "PCKCS1Padding"; /**
* generate the signature
*
* @param source
* @param pfxPath
* @param password
* @return
* @throws Exception
*/
public static String generateSignature(String source, String pfxPath, String password) throws Exception {
byte[] signature = null;
PrivateKey privateKey = getPrivateKeyInstance(pfxPath, password);
Signature sig = Signature.getInstance(SHA1WithRSA);
sig.initSign(privateKey);
sig.update(source.getBytes(CHARSET));
signature = sig.sign();
return Base64Util.encode(signature);
} /**
* check the signature
*
* @param datasource
* @param sign
* @param certificatePath
* @return
* @throws Exception
*/
public static boolean checkSignature(String datasource, String sign, String certificatePath) throws Exception {
try {
X509Certificate x509Certificate = (X509Certificate) getInstance(certificatePath);
Signature signature = Signature.getInstance(SHA1WithRSA);
signature.initVerify(x509Certificate);
signature.update(datasource.getBytes(CHARSET));
return signature.verify(Base64Util.decode(sign));
} catch (Exception e) {
System.out.println(e.getMessage());
}
return false;
} /**
* 加载私钥
*
* @param strPfx
* @param strPassword
* @return
*/
private static PrivateKey getPrivateKeyInstance(String strPfx, String strPassword) throws Exception {
FileInputStream fis = null;
try {
KeyStore ks = KeyStore.getInstance(PKCS12);
fis = new FileInputStream(strPfx);
char[] chars = null;
if ((strPassword == null) || strPassword.trim().equals("")) {
chars = null;
} else {
chars = strPassword.toCharArray();
}
ks.load(fis, chars);
fis.close();
Enumeration enumas = ks.aliases();
String keyAlias = null;
if (enumas.hasMoreElements()) {
keyAlias = (String) enumas.nextElement();
}
return (PrivateKey) ks.getKey(keyAlias, chars);
} finally {
if (fis != null) {
try {
fis.close();
} catch (IOException e) {
System.out.println(e.getMessage());
}
}
}
} /**
* 获得证书
*
* @param certificatePath
* @return
*/
private static Certificate getInstance(String certificatePath) throws Exception {
InputStream is = null;
try {
is = new FileInputStream(certificatePath);
CertificateFactory certificateFactory = CertificateFactory.getInstance(CertType);
return certificateFactory.generateCertificate(is);
} catch (Exception e) {
System.out.println(e.getMessage());
} finally {
if (is != null) {
try {
is.close();
} catch (IOException e) {
System.out.println(e.getMessage());
}
}
}
return null;
} /**
* 将pfx或p12的文件转为keystore
*
* @param pfxFile 原文件路径及名称
* @param pfxPsw 密码
* @param keyStoreFile 生成的文件名和路径
*/
public static void coverTokeyStore(String pfxFile, String pfxPsw, String keyStoreFile) throws Exception {
KeyStore inputKeyStore = null;
FileInputStream input = null;
FileOutputStream output = null;
String keyAlias = "";
try {
inputKeyStore = KeyStore.getInstance(PKCS12);
input = new FileInputStream(pfxFile);
char[] password = null; if ((pfxPsw == null) || pfxPsw.trim().equals("")) {
password = null;
} else {
password = pfxPsw.toCharArray();
}
inputKeyStore.load(input, password);
KeyStore outputKeyStore = KeyStore.getInstance(TrustStoreType);
outputKeyStore.load(null, pfxPsw.toCharArray());
Enumeration enums = inputKeyStore.aliases();
while (enums.hasMoreElements()) {
keyAlias = (String) enums.nextElement(); System.out.println("alias=[" + keyAlias + "]"); if (inputKeyStore.isKeyEntry(keyAlias)) {
Key key = inputKeyStore.getKey(keyAlias, password);
Certificate[] certChain = inputKeyStore.getCertificateChain(keyAlias);
outputKeyStore.setKeyEntry(keyAlias, key, pfxPsw.toCharArray(), certChain);
}
}
output = new FileOutputStream(keyStoreFile);
outputKeyStore.store(output, password);
} catch (Exception e) {
System.out.println(e.getMessage());
} finally {
if (input != null) {
try {
input.close();
} catch (IOException e) {
System.out.println(e.getMessage());
}
}
if (output != null) {
try {
output.close();
} catch (IOException e) {
System.out.println(e.getMessage());
}
}
}
} /**
* 将keystore转为pfx
*
* @param keyStoreFile 生成的文件名和路径
* @param pfxPsw 密码
* @param pfxFile 原文件路径及名称
*/
public static void coverToPfx(String keyStoreFile, String pfxPsw, String pfxFile) throws Exception {
KeyStore inputKeyStore = null;
FileInputStream input = null;
FileOutputStream output = null;
String keyAlias = "";
try {
inputKeyStore = KeyStore.getInstance(TrustStoreType);
input = new FileInputStream(keyStoreFile);
char[] password = null;
if ((pfxPsw == null) || pfxPsw.trim().equals("")) {
password = null;
} else {
password = pfxPsw.toCharArray();
}
inputKeyStore.load(input, password);
KeyStore outputKeyStore = KeyStore.getInstance(PKCS12);
outputKeyStore.load(null, pfxPsw.toCharArray());
Enumeration enums = inputKeyStore.aliases();
while (enums.hasMoreElements()) {
keyAlias = (String) enums.nextElement();
System.out.println("alias=[" + keyAlias + "]");
if (inputKeyStore.isKeyEntry(keyAlias)) {
Key key = inputKeyStore.getKey(keyAlias, password);
Certificate[] certChain = inputKeyStore.getCertificateChain(keyAlias);
outputKeyStore.setKeyEntry(keyAlias, key, pfxPsw.toCharArray(), certChain);
}
}
output = new FileOutputStream(pfxFile);
outputKeyStore.store(output, password);
} catch (Exception e) {
System.out.println(e.getMessage());
} finally {
if (input != null) {
try {
input.close();
} catch (IOException e) {
System.out.println(e.getMessage());
}
}
if (output != null) {
try {
output.close();
} catch (IOException e) {
System.out.println(e.getMessage());
}
}
}
} /**
* 使用公钥 进行 非对称加密数据
* @param certPath
* @param dataSource
* @return
* @throws Exception
*/
public static String certEncode(String certPath, String dataSource) throws Exception {
InputStream input = null;
try {
byte[] plainText = dataSource.getBytes(CHARSET);
// 证书格式为x509
CertificateFactory certificateFactory = CertificateFactory.getInstance(CertType);
// 读取证书文件的输入流
input = new FileInputStream(certPath);
Certificate certificate = certificateFactory.generateCertificate(input);
// 支持:RSA/ECB/PCKCS1Padding
Cipher cipher = Cipher.getInstance(RSA);
cipher.init(Cipher.ENCRYPT_MODE, certificate.getPublicKey());
cipher.update(plainText);
byte[] signByte = cipher.doFinal();
String sign = Base64Util.encode(signByte);
return sign;
} catch (Exception e) {
System.out.println(e.getMessage());
} finally {
if (input != null) {
try {
input.close();
} catch (IOException e) {
System.out.println(e.getMessage());
}
}
}
return null;
} /**
* 使用私钥 进行非对称解密数据
* @param keyStorePath
* @param keyStorePass
* @param alias
* @param certPass
* @param decodeData
* @return
* @throws Exception
*/
public static String certDecode(String keyStorePath, String keyStorePass, String alias, String certPass, String decodeData) throws Exception {
InputStream input = null;
try {
// 密文数据Base64转换
byte[] cipherText = Base64Util.decode(decodeData);
// 提供密钥库类型
KeyStore keyStore = KeyStore.getInstance(TrustStoreType);
// 读取keystore文件的输入流
input = new FileInputStream(keyStorePath);
keyStore.load(input, keyStorePass.toCharArray());
// 加载证书
PrivateKey privateKey = (PrivateKey) keyStore.getKey(alias, certPass.toCharArray());
// 支持:RSA/ECB/PCKCS1Padding
Cipher cipher = Cipher.getInstance(RSA);
cipher.init(Cipher.DECRYPT_MODE, privateKey);
cipher.update(cipherText);
byte[] sourceByte = cipher.doFinal();
String source = new String(sourceByte, CHARSET);
return source;
} catch (Exception e) {
System.out.println(e.getMessage());
} finally {
if (input != null) {
try {
input.close();
} catch (IOException e) {
System.out.println(e.getMessage());
}
}
}
return null; } }
加解密工具类(含keystore导出pfx)的更多相关文章
- RSA加解密工具类RSAUtils.java,实现公钥加密私钥解密和私钥解密公钥解密
package com.geostar.gfstack.cas.util; import org.apache.commons.codec.binary.Base64; import javax.cr ...
- Java中的AES加解密工具类:AESUtils
本人手写已测试,大家可以参考使用 package com.mirana.frame.utils.encrypt; import com.mirana.frame.constants.SysConsta ...
- Java中的RSA加解密工具类:RSAUtils
本人手写已测试,大家可以参考使用 package com.mirana.frame.utils.encrypt; import com.mirana.frame.utils.log.LogUtils; ...
- DES加解密工具类
这两天在跟友商对接接口,在对外暴露接口的时候,因为友商不需要登录即可访问对于系统来说存在安全隐患,所以需要友商在调用接口的时候需要将数据加密,系统解密验证后才执行业务.所有的加密方式并不是万能的,只是 ...
- vue 核心加解密工具类 方法
1 /* base64 加解密 2 */ 3 export let Base64 = require('js-base64').Base64 4 5 /* md5 加解密 6 */ 7 export ...
- C# 加解密工具类
using System; using System.IO; using System.Security.Cryptography; using System.Text; namespace Clov ...
- Java 通过Xml导出Excel文件,Java Excel 导出工具类,Java导出Excel工具类
Java 通过Xml导出Excel文件,Java Excel 导出工具类,Java导出Excel工具类 ============================== ©Copyright 蕃薯耀 20 ...
- Base64加密解密工具类
使用Apache commons codec类Base64进行加密解密 maven依赖 <dependency> <groupId>commons-codec</grou ...
- XJar: Spring-Boot JAR 包加/解密工具,避免源码泄露以及反编译
XJar: Spring-Boot JAR 包加/解密工具,避免源码泄露以及反编译 <?xml version="1.0" encoding="UTF-8" ...
随机推荐
- Python之历史
一.python简单介绍 python的创始人:吉多·范罗苏姆(Guido van Rossum),于1989年开始编写,到1991年完成了第一个python编译器.它是用C语言实现的,并能够调用C语 ...
- 测试思想-集成测试 关于接口测试 Part 2
关于接口测试 by:授客 QQ:1033553122 ------------------接Part 1---------------------- 5. 用例设计思想(举例说明) 如上表,是某 ...
- Java并发编程(五)Lock
一.synchronized的缺陷 synchronized是java中的一个关键字,也就是说是Java语言内置的特性.那么为什么会出现Lock呢? 在上面一篇文章中,我们了解到如果一个代码块被syn ...
- List基础操作
/** * List基础操作 * Created by zhen on 2018/11/14. */ object ListDemo { def main(args: Array[String]) { ...
- IP地址及子网划分
1.IP地址 2.子网掩码 网络号全转为1,主机号全转为0,之后再转化为10进制表示. 3.无分类编址
- mybatis 字段类型Data相
在项目中查询时间段的sql语句(时间类型为datetime或date)(数据库中的时间类型): <if test="beginTime!=null and beginTime!=''& ...
- 3.4Python数据处理篇之Numpy系列(四)---ndarray 数组的运算
目录 目录 (一)数组与标量的运算 1.说明: 2.实例: (二)元素级的运算(一元函数) 1.说明: 2.实例: (三)数组级的运算(二元函数) 1.说明: 2.实例: 目录 1.数组与标量的运算 ...
- 关于HashMap自定义key重写hashCode和equals的问题
使用HashMap,如果key是自定义的类,就必须重写hashcode()和equals() hashcode()和equals()都继承于object,在Object类中的定义为: equals( ...
- String类的常用方法详解
1:获取字符串的长度length(),下标从1开始 2:将其他类型转换为String类型toStrings() 3:去除字符串首尾的空格trim() 4:分割字符串spilt() 5:比较两个字符串是 ...
- leetcode 395. Longest Substring with At Least K Repeating Characters(高质量题)
只能说还是太菜,抄的网上大神的做法: idea: mask 的每一位代表该位字母够不够k次,够k次为0,不够为1 对于每一位将其视为起点,遍历至末尾,找到其最大满足子串T的下标max_idx,之后从m ...