SHA256withRSA证书签名,私钥签名/公钥验签(证书文件加载公私钥)
https://www.cnblogs.com/jinzhiming/p/10576385.html
证书签名
package test;import java.io.File;import java.io.FileInputStream;import java.io.FileNotFoundException;import java.io.IOException;import java.io.InputStream;import java.security.KeyStore;import java.security.PrivateKey;import java.security.PublicKey;import java.security.Signature;import java.security.cert.CertificateException;import java.security.cert.CertificateFactory;import java.security.cert.X509Certificate;import java.util.Base64;import java.util.Enumeration;/*** 私钥签名,公钥验签* @author jinzhm**/public class SignUtil {private static String CHARSET_ENCODING = "UTF-8";private static String ALGORITHM = "SHA256withRSA";/*** 签名* @param srcData* @param privateKeyPath* @param privateKeyPwd* @return*/public static String sign(String srcData, String privateKeyPath, String privateKeyPwd){if(srcData==null || privateKeyPath==null || privateKeyPwd==null){return "";}try {// 获取证书的私钥PrivateKey key = readPrivate(privateKeyPath, privateKeyPwd);// 进行签名服务Signature signature = Signature.getInstance(ALGORITHM);signature.initSign(key);signature.update(srcData.getBytes(CHARSET_ENCODING));byte[] signedData = signature.sign();return Base64.getEncoder().encodeToString(signedData);} catch (Exception e) {e.printStackTrace();}return "";}/*** 验签* @param srcData* @param signedData* @param publicKeyPath* @return*/public static boolean verify(String srcData, String signedData, String publicKeyPath){if(srcData==null || signedData==null || publicKeyPath==null){return false;}try {PublicKey publicKey = readPublic(publicKeyPath);Signature sign = Signature.getInstance(ALGORITHM);sign.initVerify(publicKey);sign.update(srcData.getBytes(CHARSET_ENCODING));return sign.verify(Base64.getDecoder().decode(signedData));} catch (Exception e) {e.printStackTrace();}return false;}/*** 读取公钥* @param publicKeyPath* @return*/private static PublicKey readPublic(String publicKeyPath){if(publicKeyPath==null){return null;}PublicKey pk = null;FileInputStream bais = null;try {CertificateFactory certificatefactory = CertificateFactory.getInstance("X.509");bais = new FileInputStream(publicKeyPath);X509Certificate cert = (X509Certificate)certificatefactory.generateCertificate(bais);pk = cert.getPublicKey();} catch (CertificateException e) {e.printStackTrace();} catch (FileNotFoundException e) {e.printStackTrace();} finally{if(bais != null){try {bais.close();} catch (IOException e) {e.printStackTrace();}}}return pk;}/*** 读取私钥* @param path* @return*/private static PrivateKey readPrivate(String privateKeyPath, String privateKeyPwd){if(privateKeyPath==null || privateKeyPwd==null){return null;}InputStream stream = null;try {// 获取JKS 服务器私有证书的私钥,取得标准的JKS的 KeyStore实例KeyStore store = KeyStore.getInstance("JKS");stream = new FileInputStream(new File(privateKeyPath));// jks文件密码,根据实际情况修改store.load(stream, privateKeyPwd.toCharArray());// 获取jks证书别名Enumeration en = store.aliases();String pName = null;while (en.hasMoreElements()) {String n = (String) en.nextElement();if (store.isKeyEntry(n)) {pName = n;}}// 获取证书的私钥PrivateKey key = (PrivateKey) store.getKey(pName,privateKeyPwd.toCharArray());return key;} catch (Exception e) {e.printStackTrace();} finally {if(stream != null){try {stream.close();} catch (IOException e) {e.printStackTrace();}}}return null;}}
╰半夏微凉°
左手的ㄟ右手
傷城~
╰+攻爆jí腚メ
还没有评论,来说两句吧...