123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109 |
- package cn.efunbox.base.util;
- import org.apache.commons.codec.binary.Base64;
- import org.bouncycastle.util.encoders.UrlBase64;
- import java.io.ByteArrayInputStream;
- import java.io.InputStream;
- import java.security.KeyFactory;
- import java.security.PrivateKey;
- import java.security.PublicKey;
- import java.security.Signature;
- import java.security.cert.Certificate;
- import java.security.cert.CertificateFactory;
- import java.security.spec.PKCS8EncodedKeySpec;
- import java.security.spec.X509EncodedKeySpec;
- public class RSASignature {
- public static final String KEY_ALGORITHM = "RSA";
- public static final String SIGNATURE_ALGORITHM = "SHA1WithRSA";
- public static final String ENCODING = "utf-8";
- public static final String X509 = "X.509";
- /**
- * query RSA private key
- *
- * @param key
- * @return
- * @throws Exception
- */
- public static PrivateKey getPrivateKey(String key) throws Exception {
- byte[] keyBytes = Base64.decodeBase64(key.getBytes(ENCODING));
- PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
- KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
- PrivateKey privateKey = keyFactory.generatePrivate(keySpec);
- return privateKey;
- }
- /**
- * query RSA public key
- *
- * @param key
- * @return
- * @throws Exception
- */
- public static PublicKey getPublicKey(String key) throws Exception {
- byte[] keyBytes = Base64.decodeBase64(key.getBytes(ENCODING));
- CertificateFactory certificateFactory = CertificateFactory.getInstance(X509);
- InputStream in = new ByteArrayInputStream(keyBytes);
- Certificate certificate = certificateFactory.generateCertificate(in);
- PublicKey publicKey = certificate.getPublicKey();
- return publicKey;
- }
- /**
- * sign by private key
- *
- * @param content
- * content data which will be signed
- * @param privateKey
- * private key data
- * @return signed data
- */
- public static String signByPrivateKey(String content, String privateKey) {
- return signByPrivateKey(content, privateKey, true);
- }
- public static boolean verifySignByPublicKey(String content, String sign, String publicKey) {
- return verifySignByPublicKey(content, sign, publicKey, true);
- }
-
- public static String signByPrivateKey(String content, String privateKey, boolean useUrlBase64) {
- try {
- PrivateKey priKey = getPrivateKey(privateKey);
- Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
- signature.initSign(priKey);
- signature.update(content.getBytes(ENCODING));
- byte[] signed = signature.sign();
- if (useUrlBase64) {
- return new String(UrlBase64.encode(signed), ENCODING);
- } else {
- return new String(Base64.encodeBase64(signed), ENCODING);
- }
- } catch (Exception e) {
- //ignore exception
- }
- return null;
- }
- public static boolean verifySignByPublicKey(String content, String sign, String publicKey, boolean useUrlBase64) {
- try {
- KeyFactory keyFactory = KeyFactory.getInstance("RSA");
- byte[] encodedKey = Base64.decodeBase64(publicKey.getBytes(ENCODING));
- PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));
- Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
- signature.initVerify(pubKey);
- signature.update(content.getBytes(ENCODING));
- if (useUrlBase64) {
- return signature.verify(UrlBase64.decode(sign.getBytes(ENCODING)));
- } else {
- return signature.verify(Base64.decodeBase64(sign.getBytes(ENCODING)));
- }
- } catch (Exception e) {
- // ignore exception
- }
- return false;
- }
- }
|