RSA公私钥生成(二)
参考博客:https://blog.csdn.net/freezingxu/article/details/71547485
一、确认Linux系统安装openssl
确认指令:openssl verison -a
二、生成RSA公私钥
1、生成RSA公私钥
keytool -genkey -alias snowball -keyalg RSA -keystore /home/snowball/RSA/snowball.jks -keysize 1024 -validity 3650
2、转换PKCS12
keytool -importkeystore -srcstoretype JKS -srckeystore /home/snowball/RSA/snowball.keystore -srcstorepass 123456 -srcalias snowball -srckeypass 123456 -deststoretype PKCS12 -destkeystore snowball.p12 -deststorepass 111111 -destalias snowball -destkeypass 222222 -noprompt
3、openssl导出公钥
openssl pkcs12 -in /home/snowball/RSA/snowball.p12 -passin pass:111111 -nokeys -out snowball.pem
4、openssl导出私钥
openssl pkcs12 -in snowball.p12 -passin pass:snowball1219 -nocerts -out snowball.crt -nodes
三、代码使用
package com.snowball.common.util; import java.io.ByteArrayInputStream; import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; import java.security.Key; import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyStore; import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; import java.security.PublicKey; import java.security.cert.Certificate; import java.security.spec.InvalidKeySpecException; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import javax.crypto.Cipher; import org.apache.commons.codec.binary.Base64; import org.apache.commons.lang3.StringUtils; import org.apache.poi.util.IOUtils; import org.bouncycastle.util.encoders.Base64Encoder; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import com.snowball.common.SpRedisService; import com.snowball.common.config.Props; @Component public class RSAUtils { @Autowired private static SpRedisService spRedisService; // spRedisService.getValue(SpRedisService.HASH_CONFIG, Props.ISSUE_URL); // public static String keystoreFile ; // public static String keyStoreType; // public static String password; // public static String alias; // public static String friendPassword; public static String keystoreFile = "snowball.keystore"; public static String keyStoreType = "jks"; public static String password = "123456"; public static String alias = "snowball"; public static String friendPassword = "123456"; public static void main(String[] args) { String data = "13392801646"; String encryptData = encrypt(data); System.out.println("加密后:"+encryptData); String decryptData = decrypt(encryptData); System.out.println("解密后:"+decryptData); } public static String encrypt(String data){ try { KeyPair keyPair = getKeyPair("jks", keystoreFile, alias, password, friendPassword); String publicKey = Base64.encodeBase64String(keyPair.getPublic().getEncoded()); System.out.println("公钥:"+publicKey); Cipher cipher = cipher = Cipher.getInstance("RSA"); PublicKey pubKey = getPublicKeyFromX509("RSA", publicKey); cipher.init(Cipher.ENCRYPT_MODE, pubKey); byte[] cipherText = cipher.doFinal(data.getBytes()); return Base64.encodeBase64String(cipherText); } catch (Exception e) { e.printStackTrace(); } return null; } public static String decrypt(String data){ try { KeyPair keyPair = getKeyPair(keyStoreType, keystoreFile, alias, password, friendPassword); String privateKey = Base64.encodeBase64String(keyPair.getPrivate().getEncoded()); System.out.println("私钥:"+privateKey); Cipher cipher = cipher = Cipher.getInstance("RSA"); PrivateKey privKey = getPrivateKeyFromPKCS8("RSA", privateKey); cipher.init(Cipher.DECRYPT_MODE, privKey); byte[] cipherText = cipher.doFinal(Base64.decodeBase64(data)); return new String(cipherText); } catch (Exception e) { e.printStackTrace(); } return null; } public static KeyPair getKeyPair(String keyStoreType, String keystoreFile,String alias,String password,String friendPassword){ try{ KeyStore keyStore = KeyStore.getInstance(keyStoreType); keyStore.load(new FileInputStream(RSAUtils.class.getClassLoader().getResource(keystoreFile).getPath()), password.toCharArray()); // keyStore.load(new FileInputStream(keystoreFile), password.toCharArray()); Key key = keyStore.getKey(alias, password.toCharArray()); if (key instanceof PrivateKey){ Certificate certificate = keyStore.getCertificate(alias); PublicKey publicKey = certificate.getPublicKey(); return new KeyPair(publicKey, (PrivateKey) key); } }catch (Exception e){ e.printStackTrace(); } return null; } public static PublicKey getPublicKeyFromX509(String algorithm, String publicKey) throws NoSuchAlgorithmException { return getPublicKeyFromX509(algorithm, new ByteArrayInputStream(publicKey.getBytes())); } public static PublicKey getPublicKeyFromX509(String algorithm, InputStream ins) throws NoSuchAlgorithmException { try { KeyFactory keyFactory = KeyFactory.getInstance(algorithm); byte[] encodedKey = IOUtils.toByteArray(ins); encodedKey = Base64.decodeBase64(encodedKey); return keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey)); } catch (IOException ex) { } catch (InvalidKeySpecException ex) { } return null; } public static PrivateKey getPrivateKeyFromPKCS8(String algorithm, String privateKey) throws Exception { return getPrivateKeyFromPKCS8(algorithm, new ByteArrayInputStream(privateKey.getBytes())); } public static PrivateKey getPrivateKeyFromPKCS8(String algorithm, InputStream ins) throws Exception { if (ins == null || StringUtils.isEmpty(algorithm)) { return null; } KeyFactory keyFactory = KeyFactory.getInstance(algorithm); byte[] encodedKey = IOUtils.toByteArray(ins); encodedKey = Base64.decodeBase64(encodedKey); return keyFactory.generatePrivate(new PKCS8EncodedKeySpec(encodedKey)); } }
浙公网安备 33010602011771号