Linux(openSSL)上RSA密钥生成和使用(java)
openssl 公私钥生成
生成私钥
openssl genrsa -out rsa_private_key.pem 1024
生成公钥
openssl rsa -in rsa_private_key.pem -out rsa_public_key.pem -pubout
## 查看
hzliubenlong@hzbxs-loantest63:~$ ll
total 8
-rw-r--r-- 1 hzliubenlong neteaseusers 891 May 13 16:18 rsa_private_key.pem
-rw-r--r-- 1 hzliubenlong neteaseusers 272 May 13 16:18 rsa_public_key.pem
此时Java代码还加载不了这里生成的私钥,必须进行pkcs8
转码,否则会报错.
openssl pkcs8 -topk8 -inform PEM -in rsa_private_key.pem -outform PEM -nocrypt
将转码后的秘钥保存使用即可。只有这样,Java代码才可以读取到改私钥
hzliubenlong@hzbxs-loantest63:~$ openssl pkcs8 -topk8 -inform PEM -in rsa_private_key.pem -outform PEM -nocrypt
-----BEGIN PRIVATE KEY-----
MIICeQIBADANBgkqhkiG9w0BAQEFAASCAmMwggJfAgEAAoGBAO7Dey8pwuOy0xdw
RpOB78WhkwaygXNr5roXEsEapQTBFXJFCRcLzP7vnbrM2M0H4dOTdubIrpVz5cUu
bBJ+t1A3Mzhw14jFDyaILMdovj/DafbR6zvfisovWJe1Pa6kW0DUsLPfjdGBZcr3
sCzRJXFSkKpu5ndR9XERzbYQiCRlAgMBAAECgYEAy0skQqcDKo7jT0youwXimtqU
7hnlQNp5rK7iqArAwMiKMy52q+m/VL2/BgNPAVwZuuUPUzdB9zykQfzhxemguAYU
KmRYCFJWa3yCWCoFm7UfyuW3PwlTwI7vIZ5MdhZBj8i8yxOkSBWeNH2fxIf7WQFh
Y+8YKsuX5eeUmtACKo0CQQD38bx1DbZHR+lCq1Hkd0a7pf5dZwfoFaiiAJN9a1ja
VTaS+HRiA1ARj1sYMRJlQIFPcAvEU9lzPZs5qG4+DyxDAkEA9oVimhTdg5G140wC
Rpr8C7MRuNdBfkOwihVXJzDTrFezlXwFaGBN6G3uvQS9D/Fkrx6hwZbCiUcRDSeP
ERq2NwJBAIQXyoJGCt1Q52m4YgmorgtctPZH5MN1foDIc8s2vICdM1T7fu2UvDyO
tkZeJmHBCuMqW2p+DXRC1wbRv+HaLYcCQQDHy4UFceGx71cl14WEqbma1c+IKlU3
Oy8KSo9vAOCdLhsrDO/pDxw1Q1uZMAz2reK3FzFsD36s+b71FVmbODXzAkEA3RTP
atASq6RJmHe2CexpfkUE5eXKFh2aiZEA//ropX0TJyIQOZuorzryDbyn+xu9dP1L
6DB/WbWhhHYKZg5F8A==
-----END PRIVATE KEY-----
Java代码
import org.apache.commons.lang3.ArrayUtils;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;import javax.crypto.Cipher;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.math.BigInteger;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.security.spec.X509EncodedKeySpec;public class RSAUtils {public static final String SIGN_ALGORITHMS = "SHA1WithRSA";private static String RSA = "RSA";public static KeyPair generateRSAKeyPair() {return generateRSAKeyPair(1024);}public static KeyPair generateRSAKeyPair(int keyLength) {try {KeyPairGenerator kpg = KeyPairGenerator.getInstance(RSA);kpg.initialize(keyLength);return kpg.genKeyPair();} catch (NoSuchAlgorithmException e) {e.printStackTrace();return null;}}public static byte[] encryptData(byte[] data, PublicKey publicKey) {try {byte[] dataReturn = new byte[0];Cipher cipher = Cipher.getInstance(RSA);cipher.init(Cipher.ENCRYPT_MODE, publicKey);// 加密时超过117字节就报错。为此采用分段加密的办法来加密StringBuilder sb = new StringBuilder();for (int i = 0; i < data.length; i += 100) {byte[] doFinal = cipher.doFinal(ArrayUtils.subarray(data, i,i + 100));sb.append(new String(doFinal));dataReturn = ArrayUtils.addAll(dataReturn, doFinal);}return dataReturn;} catch (Exception e) {e.printStackTrace();return null;}}/*** 验证数字签名函数入口** @param plainBytes 待验签明文字节数组* @param signBytes 待验签签名后字节数组* @param publicKey 验签使用公钥* @return 验签是否通过* @throws Exception*/public static boolean verifyDigitalSign(byte[] plainBytes, byte[] signBytes, PublicKey publicKey) throws Exception {boolean isValid = false;try {Signature signature = Signature.getInstance(SIGN_ALGORITHMS);signature.initVerify(publicKey);signature.update(plainBytes);isValid = signature.verify(signBytes);return isValid;} catch (NoSuchAlgorithmException e) {throw new Exception(String.format("验证数字签名时没有[%s]此类算法", SIGN_ALGORITHMS));} catch (InvalidKeyException e) {throw new Exception("验证数字签名时公钥无效");} catch (SignatureException e) {throw new Exception("验证数字签名时出现异常");}}public static String rsaSign(byte[] encryptByte, PrivateKey privateKey) {try {Signature signature = Signature.getInstance(SIGN_ALGORITHMS);signature.initSign(privateKey);signature.update(encryptByte);byte[] signed = signature.sign();return (new BASE64Encoder()).encodeBuffer(signed);} catch (Exception e) {e.printStackTrace();}return null;}public static byte[] decryptData(byte[] encryptedData, PrivateKey privateKey) {try {Cipher cipher = Cipher.getInstance(RSA);cipher.init(Cipher.DECRYPT_MODE, privateKey);// 解密时超过128字节就报错。为此采用分段解密的办法来解密byte[] dataReturn = new byte[0];for (int i = 0; i < encryptedData.length; i += 128) {byte[] doFinal = cipher.doFinal(ArrayUtils.subarray(encryptedData, i,i + 128));dataReturn = ArrayUtils.addAll(dataReturn, doFinal);}return dataReturn;} catch (Exception e) {e.printStackTrace();return null;}}public static boolean doCheck(byte[] encryptByte, byte[] bs, PublicKey publicKey) {try {Signature signature = Signature.getInstance(SIGN_ALGORITHMS);signature.initVerify(publicKey);signature.update(encryptByte);return signature.verify(bs);} catch (Exception e) {e.printStackTrace();}return false;}public static PublicKey getPublicKey(byte[] keyBytes) throws NoSuchAlgorithmException,InvalidKeySpecException {X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);KeyFactory keyFactory = KeyFactory.getInstance(RSA);PublicKey publicKey = keyFactory.generatePublic(keySpec);return publicKey;}public static PrivateKey getPrivateKey(byte[] keyBytes) throws NoSuchAlgorithmException,InvalidKeySpecException {PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);KeyFactory keyFactory = KeyFactory.getInstance(RSA);PrivateKey privateKey = keyFactory.generatePrivate(keySpec);return privateKey;}public static PublicKey getPublicKey(String modulus, String publicExponent)throws NoSuchAlgorithmException, InvalidKeySpecException {BigInteger bigIntModulus = new BigInteger(modulus);BigInteger bigIntPrivateExponent = new BigInteger(publicExponent);RSAPublicKeySpec keySpec = new RSAPublicKeySpec(bigIntModulus, bigIntPrivateExponent);KeyFactory keyFactory = KeyFactory.getInstance(RSA);PublicKey publicKey = keyFactory.generatePublic(keySpec);return publicKey;}public static PrivateKey getPrivateKey(String modulus, String privateExponent)throws NoSuchAlgorithmException, InvalidKeySpecException {BigInteger bigIntModulus = new BigInteger(modulus);BigInteger bigIntPrivateExponent = new BigInteger(privateExponent);RSAPublicKeySpec keySpec = new RSAPublicKeySpec(bigIntModulus, bigIntPrivateExponent);KeyFactory keyFactory = KeyFactory.getInstance(RSA);PrivateKey privateKey = keyFactory.generatePrivate(keySpec);return privateKey;}public static PublicKey loadPublicKey(String publicKeyStr) throws Exception {byte[] buffer = (new BASE64Decoder()).decodeBuffer(publicKeyStr);KeyFactory keyFactory = KeyFactory.getInstance(RSA);X509EncodedKeySpec keySpec = new X509EncodedKeySpec(buffer);return keyFactory.generatePublic(keySpec);}public static PrivateKey loadPrivateKey(String privateKeyStr) throws Exception {byte[] buffer = (new BASE64Decoder()).decodeBuffer(privateKeyStr);PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(buffer);KeyFactory keyFactory = KeyFactory.getInstance(RSA);return keyFactory.generatePrivate(keySpec);}public static PublicKey loadPublicKey(InputStream in) throws Exception {return loadPublicKey(readKey(in));}public static PrivateKey loadPrivateKey(InputStream in) throws Exception {return loadPrivateKey(readKey(in));}private static String readKey(InputStream in) throws IOException {BufferedReader br = new BufferedReader(new InputStreamReader(in));String readLine = null;StringBuilder sb = new StringBuilder();while ((readLine = br.readLine()) != null) {if (readLine.charAt(0) == '-') {continue;} else {sb.append(readLine);sb.append('\r');}}return sb.toString();}}
package com.netease.loan.bizmng;import com.netease.loan.bizmng.common.utils.RSAUtils;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;import java.io.File;
import java.io.FileInputStream;
import java.security.PrivateKey;
import java.security.PublicKey;/*** Created by hzliubenlong on 2017/5/13.*/
public class RsaTest {public static void main(String[ ] asdfs) throws Exception {PublicKey publicKey = RSAUtils.loadPublicKey(new FileInputStream(new File("e://my_rsa_public_key_10.165.125.57.pem")));PrivateKey privateKey = RSAUtils.loadPrivateKey(new FileInputStream(new File("e://my_private_key.pem")));//加密String data = "{\"e\":\"sign_check_fail\",\"c\":2}";System.out.println(data);String encryptStr = (new BASE64Encoder()).encodeBuffer(RSAUtils.encryptData(data.getBytes(), publicKey));System.out.println(encryptStr);//解密System.out.println(new String(RSAUtils.decryptData((new BASE64Decoder()).decodeBuffer(encryptStr), privateKey)));}
}
运行结果
{"e":"sign_check_fail","c":2}
xReCIIU9+B5nS8hnPORKfTZZkDCXAeCaaJRjJUr0elcVnBHcQV1L5UXn/krJIY6EsjXlBurHKMrL
fHUOV0fbEfWZ/Ji/JDDTlx1ajPnEhbundCLHkGVBGaQsCv6eddH+dPJ2grH8xAqT/io6EFNWww5I
5SVpMVYAFlHQZPNB+60={"e":"sign_check_fail","c":2}
Linux(openSSL)上RSA密钥生成和使用(java)相关推荐
- linux下OpenSSL的RSA密钥生成
工具的安装: 一.源码安装 OpenSSL Version:openssl-1.0.0e.tar.gz ------------------------安装: 1.将下载的压缩包放在根目录, 2.在文 ...
- linux rsa密钥生成工具,linux下生成rsa密钥的方法
首先生成密钥,用命令ssh-keygen –t rsa 运行后可以一直空格,生成密钥,id_rsa和id_rsa.pub文件 ,默认放在/root/.ssh/下,.ssh文件是隐藏的,要显示隐藏文件才 ...
- RSA密钥生成、加密解密、数据签名验签
公钥.私钥生成 准备工作,基础的帮助类 使用java代码生成公钥私钥 使用openssl生成公钥私钥 加解密 数据签名及验签 数据加解密及签名验签测试 注意项 公钥.私钥生成 准备工作,基础的帮助类 ...
- Android、IOS客户端RSA密钥生成
目录 OpenSSL介绍 使用OpenSSL 生成私钥 生成公钥 生成Java和Android的私钥 创建证书请求文件 生成数字证书 生成iOS使用的公钥文件 生成iOS使用的私钥文件 关于什么是密钥 ...
- Windows下RSA密钥生成工具openssl
点击下载 1. 生成原始 RSA私钥文件 private_key.pem openssl genrsa -out private_key.pem 1024 2. 将原始 RSA私钥转换为 pkcs8格 ...
- windows平台RSA密钥生成
1.安装openssl工具 下载安装openssl工具,执行安装目录bin下的"openssl.exe",执行后会弹出命令窗口. 2.生成私钥 在命令窗口输入"genrs ...
- php 代码生成rsa密钥,生成RSA密钥对
class OpensslServer { /** * 过期时间 * @var int|mixed */ protected $expire; /** * 密钥密码 * @var string */ ...
- linux服务器上的项目读取本地文件,java访问linux服务器读取文件路径
java访问linux服务器读取文件路径 内容精选 换一换 通过ADC将文件传输到Host.参见准备环境完成环境配置.以运行用户登录安装Toolkit组件的服务器.执行命令,将A.java文件传输到H ...
- windows、Linux两用Snowflake雪花算法生成ID,java工具类实现直接调用即可
代码实现: public class SnowflakeManagerUtil {private static final long EPOCH_STAMP = 1262275200000L;priv ...
最新文章
- 古诗-豪放派和婉约派
- jq获取最后一个子节点_如何选择jQuery中的最后一个子元素?
- 【多视图几何】TUM 课程 第6章 多视图重建
- 【转】计算机人工智能技术纵览---入门部分
- Java继承_这10道Java面试题!大部分的人回答不出来
- Css、javascript、dom(一)
- 伪代码之KMeans和DBSCAN
- 聚类分析-K-means clustering 在生物信息学中的应用
- 科学计算机中溢出是指,算术溢出
- linux rhel dns配置,RedHat Linux DNS配置指南
- android studio导入第三方库引发的问题和解决方法
- 上海高一计算机奥赛,上海物理奥赛金牌“大神”爱番剧和高达,已保送清华大学姚班...
- 【蓝桥杯选拔赛真题40】Scratch跳格子 少儿编程scratch蓝桥杯选拔赛真题讲解
- 常见的嵌入式微处理器(Micro Processor Unit,MPU)
- TZOJ 3315 买火车票(线段树区间最小值)
- 微信小程序抓包方法汇总
- 2016,最值得市场营销人员关注的数字营销策略
- 台积电第二代3nm工艺公布;推特收购事件导致大量员工离职,苹果 Meta争先抢人;微软将在亚洲市场投资游戏业务 | 每日大事件...
- 3.PHP数据类型、常量、字符串和运算符
- 利用circom和snarkjs实现zkSNARK零知识证明的智能合约应用
热门文章
- 【看板】看板软件/项目管理软件记录
- 云呐|什么是容灾备份一体机?
- 亚信安全助手卸载方法
- 117页智慧管廊数字管道建设整体技术方案
- Vue packages version mismatch: - vue@2.6.12 (C:\Users\Administrator\WebstormProjects\memorial\node_m
- 高精度乘法(c++实现)
- php过滤ascii控制字符
- LQFP,TQFP,QFP封装的区别
- 网易内部AIGC项目落地长图;Claude开放申请;YC 2023顶级初创公司地图;科研界ChatGPT | ShowMeAI日报
- 久经验证的预测性维护原来是这样做的