openssl 公私钥生成

生成私钥

openssl genrsa -out rsa_private_key.pem 1024

生成公钥

openssl rsa -in rsa_private_key.pem -out rsa_public_key.pem -pubout
## 查看
hzliubenlong@hzbxs-loantest63:~$ ll
total 8
-rw-r--r-- 1 hzliubenlong neteaseusers 891 May 13 16:18 rsa_private_key.pem
-rw-r--r-- 1 hzliubenlong neteaseusers 272 May 13 16:18 rsa_public_key.pem

此时Java代码还加载不了这里生成的私钥,必须进行pkcs8转码,否则会报错.

openssl pkcs8 -topk8 -inform PEM -in rsa_private_key.pem -outform PEM -nocrypt
将转码后的秘钥保存使用即可。只有这样,Java代码才可以读取到改私钥

hzliubenlong@hzbxs-loantest63:~$ openssl pkcs8 -topk8 -inform PEM -in rsa_private_key.pem -outform PEM -nocrypt
-----BEGIN PRIVATE KEY-----
MIICeQIBADANBgkqhkiG9w0BAQEFAASCAmMwggJfAgEAAoGBAO7Dey8pwuOy0xdw
RpOB78WhkwaygXNr5roXEsEapQTBFXJFCRcLzP7vnbrM2M0H4dOTdubIrpVz5cUu
bBJ+t1A3Mzhw14jFDyaILMdovj/DafbR6zvfisovWJe1Pa6kW0DUsLPfjdGBZcr3
sCzRJXFSkKpu5ndR9XERzbYQiCRlAgMBAAECgYEAy0skQqcDKo7jT0youwXimtqU
7hnlQNp5rK7iqArAwMiKMy52q+m/VL2/BgNPAVwZuuUPUzdB9zykQfzhxemguAYU
KmRYCFJWa3yCWCoFm7UfyuW3PwlTwI7vIZ5MdhZBj8i8yxOkSBWeNH2fxIf7WQFh
Y+8YKsuX5eeUmtACKo0CQQD38bx1DbZHR+lCq1Hkd0a7pf5dZwfoFaiiAJN9a1ja
VTaS+HRiA1ARj1sYMRJlQIFPcAvEU9lzPZs5qG4+DyxDAkEA9oVimhTdg5G140wC
Rpr8C7MRuNdBfkOwihVXJzDTrFezlXwFaGBN6G3uvQS9D/Fkrx6hwZbCiUcRDSeP
ERq2NwJBAIQXyoJGCt1Q52m4YgmorgtctPZH5MN1foDIc8s2vICdM1T7fu2UvDyO
tkZeJmHBCuMqW2p+DXRC1wbRv+HaLYcCQQDHy4UFceGx71cl14WEqbma1c+IKlU3
Oy8KSo9vAOCdLhsrDO/pDxw1Q1uZMAz2reK3FzFsD36s+b71FVmbODXzAkEA3RTP
atASq6RJmHe2CexpfkUE5eXKFh2aiZEA//ropX0TJyIQOZuorzryDbyn+xu9dP1L
6DB/WbWhhHYKZg5F8A==
-----END PRIVATE KEY-----

Java代码

import org.apache.commons.lang3.ArrayUtils;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;import javax.crypto.Cipher;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.math.BigInteger;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.security.spec.X509EncodedKeySpec;public class RSAUtils {public static final String SIGN_ALGORITHMS = "SHA1WithRSA";private static String RSA = "RSA";public static KeyPair generateRSAKeyPair() {return generateRSAKeyPair(1024);}public static KeyPair generateRSAKeyPair(int keyLength) {try {KeyPairGenerator kpg = KeyPairGenerator.getInstance(RSA);kpg.initialize(keyLength);return kpg.genKeyPair();} catch (NoSuchAlgorithmException e) {e.printStackTrace();return null;}}public static byte[] encryptData(byte[] data, PublicKey publicKey) {try {byte[] dataReturn = new byte[0];Cipher cipher = Cipher.getInstance(RSA);cipher.init(Cipher.ENCRYPT_MODE, publicKey);// 加密时超过117字节就报错。为此采用分段加密的办法来加密StringBuilder sb = new StringBuilder();for (int i = 0; i < data.length; i += 100) {byte[] doFinal = cipher.doFinal(ArrayUtils.subarray(data, i,i + 100));sb.append(new String(doFinal));dataReturn = ArrayUtils.addAll(dataReturn, doFinal);}return dataReturn;} catch (Exception e) {e.printStackTrace();return null;}}/*** 验证数字签名函数入口** @param plainBytes 待验签明文字节数组* @param signBytes  待验签签名后字节数组* @param publicKey  验签使用公钥* @return 验签是否通过* @throws Exception*/public static boolean verifyDigitalSign(byte[] plainBytes, byte[] signBytes, PublicKey publicKey) throws Exception {boolean isValid = false;try {Signature signature = Signature.getInstance(SIGN_ALGORITHMS);signature.initVerify(publicKey);signature.update(plainBytes);isValid = signature.verify(signBytes);return isValid;} catch (NoSuchAlgorithmException e) {throw new Exception(String.format("验证数字签名时没有[%s]此类算法", SIGN_ALGORITHMS));} catch (InvalidKeyException e) {throw new Exception("验证数字签名时公钥无效");} catch (SignatureException e) {throw new Exception("验证数字签名时出现异常");}}public static String rsaSign(byte[] encryptByte, PrivateKey privateKey) {try {Signature signature = Signature.getInstance(SIGN_ALGORITHMS);signature.initSign(privateKey);signature.update(encryptByte);byte[] signed = signature.sign();return (new BASE64Encoder()).encodeBuffer(signed);} catch (Exception e) {e.printStackTrace();}return null;}public static byte[] decryptData(byte[] encryptedData, PrivateKey privateKey) {try {Cipher cipher = Cipher.getInstance(RSA);cipher.init(Cipher.DECRYPT_MODE, privateKey);// 解密时超过128字节就报错。为此采用分段解密的办法来解密byte[] dataReturn = new byte[0];for (int i = 0; i < encryptedData.length; i += 128) {byte[] doFinal = cipher.doFinal(ArrayUtils.subarray(encryptedData, i,i + 128));dataReturn = ArrayUtils.addAll(dataReturn, doFinal);}return dataReturn;} catch (Exception e) {e.printStackTrace();return null;}}public static boolean doCheck(byte[] encryptByte, byte[] bs, PublicKey publicKey) {try {Signature signature = Signature.getInstance(SIGN_ALGORITHMS);signature.initVerify(publicKey);signature.update(encryptByte);return signature.verify(bs);} catch (Exception e) {e.printStackTrace();}return false;}public static PublicKey getPublicKey(byte[] keyBytes) throws NoSuchAlgorithmException,InvalidKeySpecException {X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);KeyFactory keyFactory = KeyFactory.getInstance(RSA);PublicKey publicKey = keyFactory.generatePublic(keySpec);return publicKey;}public static PrivateKey getPrivateKey(byte[] keyBytes) throws NoSuchAlgorithmException,InvalidKeySpecException {PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);KeyFactory keyFactory = KeyFactory.getInstance(RSA);PrivateKey privateKey = keyFactory.generatePrivate(keySpec);return privateKey;}public static PublicKey getPublicKey(String modulus, String publicExponent)throws NoSuchAlgorithmException, InvalidKeySpecException {BigInteger bigIntModulus = new BigInteger(modulus);BigInteger bigIntPrivateExponent = new BigInteger(publicExponent);RSAPublicKeySpec keySpec = new RSAPublicKeySpec(bigIntModulus, bigIntPrivateExponent);KeyFactory keyFactory = KeyFactory.getInstance(RSA);PublicKey publicKey = keyFactory.generatePublic(keySpec);return publicKey;}public static PrivateKey getPrivateKey(String modulus, String privateExponent)throws NoSuchAlgorithmException, InvalidKeySpecException {BigInteger bigIntModulus = new BigInteger(modulus);BigInteger bigIntPrivateExponent = new BigInteger(privateExponent);RSAPublicKeySpec keySpec = new RSAPublicKeySpec(bigIntModulus, bigIntPrivateExponent);KeyFactory keyFactory = KeyFactory.getInstance(RSA);PrivateKey privateKey = keyFactory.generatePrivate(keySpec);return privateKey;}public static PublicKey loadPublicKey(String publicKeyStr) throws Exception {byte[] buffer = (new BASE64Decoder()).decodeBuffer(publicKeyStr);KeyFactory keyFactory = KeyFactory.getInstance(RSA);X509EncodedKeySpec keySpec = new X509EncodedKeySpec(buffer);return keyFactory.generatePublic(keySpec);}public static PrivateKey loadPrivateKey(String privateKeyStr) throws Exception {byte[] buffer = (new BASE64Decoder()).decodeBuffer(privateKeyStr);PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(buffer);KeyFactory keyFactory = KeyFactory.getInstance(RSA);return keyFactory.generatePrivate(keySpec);}public static PublicKey loadPublicKey(InputStream in) throws Exception {return loadPublicKey(readKey(in));}public static PrivateKey loadPrivateKey(InputStream in) throws Exception {return loadPrivateKey(readKey(in));}private static String readKey(InputStream in) throws IOException {BufferedReader br = new BufferedReader(new InputStreamReader(in));String readLine = null;StringBuilder sb = new StringBuilder();while ((readLine = br.readLine()) != null) {if (readLine.charAt(0) == '-') {continue;} else {sb.append(readLine);sb.append('\r');}}return sb.toString();}}

package com.netease.loan.bizmng;import com.netease.loan.bizmng.common.utils.RSAUtils;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;import java.io.File;
import java.io.FileInputStream;
import java.security.PrivateKey;
import java.security.PublicKey;/*** Created by hzliubenlong on 2017/5/13.*/
public class RsaTest {public  static  void main(String[ ] asdfs) throws Exception {PublicKey publicKey = RSAUtils.loadPublicKey(new FileInputStream(new File("e://my_rsa_public_key_10.165.125.57.pem")));PrivateKey privateKey = RSAUtils.loadPrivateKey(new FileInputStream(new File("e://my_private_key.pem")));//加密String data = "{\"e\":\"sign_check_fail\",\"c\":2}";System.out.println(data);String encryptStr = (new BASE64Encoder()).encodeBuffer(RSAUtils.encryptData(data.getBytes(), publicKey));System.out.println(encryptStr);//解密System.out.println(new String(RSAUtils.decryptData((new BASE64Decoder()).decodeBuffer(encryptStr), privateKey)));}
}

运行结果

{"e":"sign_check_fail","c":2}
xReCIIU9+B5nS8hnPORKfTZZkDCXAeCaaJRjJUr0elcVnBHcQV1L5UXn/krJIY6EsjXlBurHKMrL
fHUOV0fbEfWZ/Ji/JDDTlx1ajPnEhbundCLHkGVBGaQsCv6eddH+dPJ2grH8xAqT/io6EFNWww5I
5SVpMVYAFlHQZPNB+60={"e":"sign_check_fail","c":2}

Linux(openSSL)上RSA密钥生成和使用(java)相关推荐

  1. linux下OpenSSL的RSA密钥生成

    工具的安装: 一.源码安装 OpenSSL Version:openssl-1.0.0e.tar.gz ------------------------安装: 1.将下载的压缩包放在根目录, 2.在文 ...

  2. linux rsa密钥生成工具,linux下生成rsa密钥的方法

    首先生成密钥,用命令ssh-keygen –t rsa 运行后可以一直空格,生成密钥,id_rsa和id_rsa.pub文件 ,默认放在/root/.ssh/下,.ssh文件是隐藏的,要显示隐藏文件才 ...

  3. RSA密钥生成、加密解密、数据签名验签

    公钥.私钥生成 准备工作,基础的帮助类 使用java代码生成公钥私钥 使用openssl生成公钥私钥 加解密 数据签名及验签 数据加解密及签名验签测试 注意项 公钥.私钥生成 准备工作,基础的帮助类 ...

  4. Android、IOS客户端RSA密钥生成

    目录 OpenSSL介绍 使用OpenSSL 生成私钥 生成公钥 生成Java和Android的私钥 创建证书请求文件 生成数字证书 生成iOS使用的公钥文件 生成iOS使用的私钥文件 关于什么是密钥 ...

  5. Windows下RSA密钥生成工具openssl

    点击下载 1. 生成原始 RSA私钥文件 private_key.pem openssl genrsa -out private_key.pem 1024 2. 将原始 RSA私钥转换为 pkcs8格 ...

  6. windows平台RSA密钥生成

    1.安装openssl工具 下载安装openssl工具,执行安装目录bin下的"openssl.exe",执行后会弹出命令窗口. 2.生成私钥 在命令窗口输入"genrs ...

  7. php 代码生成rsa密钥,生成RSA密钥对

    class OpensslServer { /** * 过期时间 * @var int|mixed */ protected $expire; /** * 密钥密码 * @var string */ ...

  8. linux服务器上的项目读取本地文件,java访问linux服务器读取文件路径

    java访问linux服务器读取文件路径 内容精选 换一换 通过ADC将文件传输到Host.参见准备环境完成环境配置.以运行用户登录安装Toolkit组件的服务器.执行命令,将A.java文件传输到H ...

  9. windows、Linux两用Snowflake雪花算法生成ID,java工具类实现直接调用即可

    代码实现: public class SnowflakeManagerUtil {private static final long EPOCH_STAMP = 1262275200000L;priv ...

最新文章

  1. 古诗-豪放派和婉约派
  2. jq获取最后一个子节点_如何选择jQuery中的最后一个子元素?
  3. 【多视图几何】TUM 课程 第6章 多视图重建
  4. 【转】计算机人工智能技术纵览---入门部分
  5. Java继承_这10道Java面试题!大部分的人回答不出来
  6. Css、javascript、dom(一)
  7. 伪代码之KMeans和DBSCAN
  8. 聚类分析-K-means clustering 在生物信息学中的应用
  9. 科学计算机中溢出是指,算术溢出
  10. linux rhel dns配置,RedHat Linux DNS配置指南
  11. android studio导入第三方库引发的问题和解决方法
  12. 上海高一计算机奥赛,上海物理奥赛金牌“大神”爱番剧和高达,已保送清华大学姚班...
  13. 【蓝桥杯选拔赛真题40】Scratch跳格子 少儿编程scratch蓝桥杯选拔赛真题讲解
  14. 常见的嵌入式微处理器(Micro Processor Unit,MPU)
  15. TZOJ 3315 买火车票(线段树区间最小值)
  16. 微信小程序抓包方法汇总
  17. 2016,最值得市场营销人员关注的数字营销策略
  18. 台积电第二代3nm工艺公布;推特收购事件导致大量员工离职,苹果 Meta争先抢人;微软将在亚洲市场投资游戏业务 | 每日大事件...
  19. 3.PHP数据类型、常量、字符串和运算符
  20. 利用circom和snarkjs实现zkSNARK零知识证明的智能合约应用

热门文章

  1. 【看板】看板软件/项目管理软件记录
  2. 云呐|什么是容灾备份一体机?
  3. 亚信安全助手卸载方法
  4. 117页智慧管廊数字管道建设整体技术方案
  5. Vue packages version mismatch: - vue@2.6.12 (C:\Users\Administrator\WebstormProjects\memorial\node_m
  6. 高精度乘法(c++实现)
  7. php过滤ascii控制字符
  8. LQFP,TQFP,QFP封装的区别
  9. 网易内部AIGC项目落地长图;Claude开放申请;YC 2023顶级初创公司地图;科研界ChatGPT | ShowMeAI日报
  10. 久经验证的预测性维护原来是这样做的