一、前言
通过之前定义RSAUtil工具类可以生成获取rsa非对称公私钥,基于私钥我们通过将字符串进行加签加密,再通过公钥进行解密验证,详情参见RSASignUtil代码工具类示例。
二、代码示例
import java.security.KeyFactory;@b@import java.security.PrivateKey;@b@import java.security.PublicKey;@b@import java.security.Signature;@b@import java.security.spec.PKCS8EncodedKeySpec;@b@import java.security.spec.X509EncodedKeySpec;@b@@b@public class RSASignUtil {@b@@b@ private static final String KEY_ALGORITHM = "RSA";@b@ private static final String SIGNATURE_ALGORITHM = "SHA1withRSA";@b@@b@ /**@b@ * 加签数据@b@ * @b@ * @param String@b@ * data 待加签数据@b@ * @param String@b@ * privateKey 私钥@b@ * @return String signedData 加签值(十六进制)@b@ * */@b@ public static String sign(String data, String privateKey) throws Exception {@b@ try {@b@ byte[] signData = sign(data, hexStringToByte(privateKey));@b@@b@ return byteToHexString(signData);@b@@b@ } catch (Exception e) {@b@ throw new Exception("signature.sign.error : " + e.getMessage());@b@ }@b@ }@b@@b@ /**@b@ * 加签数据@b@ * @b@ * @param String@b@ * data 待加签数据@b@ * @param byte[] privateKey 私钥@b@ * @return byte[] signedData@b@ * */@b@ public static byte[] sign(String data, byte[] privateKeyBytes)@b@ throws Exception {@b@@b@ try {@b@ PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec(@b@ privateKeyBytes);@b@ KeyFactory keyf = KeyFactory.getInstance(KEY_ALGORITHM);@b@ PrivateKey key = keyf.generatePrivate(priPKCS8);@b@@b@ // 进行签名服务@b@ Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);@b@ signature.initSign(key);@b@ signature.update(data.getBytes());@b@ byte[] signData = signature.sign();@b@@b@ // 返回签名结果@b@ return signData;@b@ } catch (Exception e) {@b@ throw new Exception("signature.sign.error : " + e.getMessage());@b@ }@b@ }@b@@b@ /**@b@ * 根据对签名数据使用签名者的公钥来解密后验证是否与原数据相同。从而确认用户签名正确@b@ * @b@ * @param String data 被签名数据@b@ * @param String signStr 使用该用户的私钥生成的已签名数据(十六进制)@b@ * @param String publicKey 公钥(十六进制)@b@ * @return true或false,验证成功为true。@b@ * @throws Exception@b@ */@b@ public static boolean verify(String data, String signStr, String publicKey)@b@ throws Exception {@b@ try {@b@ return verify(data, hexStringToByte(signStr),@b@ hexStringToByte(publicKey));@b@ } catch (Exception e) {@b@ throw new Exception("signature.verify.error : " + e.getMessage());@b@ }@b@ }@b@@b@ /**@b@ * 根据对签名数据使用签名者的公钥来解密后验证是否与原数据相同。从而确认用户签名正确@b@ * @param String data 被签名数据@b@ * @param byte[] signStr 使用该用户的私钥生成的已签名数据@b@ * @param String publicKey 公钥@b@ * @return true或false,验证成功为true。@b@ * @throws Exception@b@ */@b@ public static boolean verify(String data, byte[] signStrBytes,@b@ byte[] publicKeyBytes) throws Exception {@b@ try {@b@ KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);@b@ PublicKey pubKey = keyFactory@b@ .generatePublic(new X509EncodedKeySpec(publicKeyBytes));@b@@b@ // 进行验证签名服务@b@ Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);@b@ signature.initVerify(pubKey);@b@ signature.update(data.getBytes());@b@ return signature.verify(signStrBytes);@b@ } catch (Exception e) {@b@ throw new Exception("signature.verify.error : " + e.getMessage());@b@ }@b@ }@b@@b@ /**@b@ * 二进制byte[]转十六进制string@b@ */@b@ public static String byteToHexString(byte[] bytes) {@b@ StringBuffer sb = new StringBuffer();@b@ for (int i = 0; i < bytes.length; i++) {@b@ String strHex = Integer.toHexString(bytes[i]);@b@ if (strHex.length() > 3) {@b@ sb.append(strHex.substring(6));@b@ } else {@b@ if (strHex.length() < 2) {@b@ sb.append("0" + strHex);@b@ } else {@b@ sb.append(strHex);@b@ }@b@ }@b@ }@b@ return sb.toString();@b@ }@b@@b@ /**@b@ * 十六进制string转二进制byte[]@b@ */@b@ public static byte[] hexStringToByte(String s) throws Exception {@b@ byte[] baKeyword = new byte[s.length() / 2];@b@ for (int i = 0; i < baKeyword.length; i++) {@b@ try {@b@ baKeyword[i] = (byte) (0xff & Integer.parseInt(@b@ s.substring(i * 2, i * 2 + 2), 16));@b@ } catch (Exception e) {@b@ System.out.println("十六进制转byte发生错误!!!");@b@ throw (e);@b@ }@b@ }@b@ return baKeyword;@b@ }@b@@b@ public static void main(String[] args) throws Exception {@b@ try {@b@@b@ // 生成 公私密钥@b@ // genKey();@b@@b@ // 测试用@b@ String private_key = "30820276020100300D06092A864886F70D0101010500048202603082025C02010002818100B2FA501F77340FA79D4BB83C48E597FBC4CD1B7DF98A8AEBF89AD7977385BF1C252ECDA30AD3DA1133EFCB935E2331E85398A1DB33DA322C4C9E8FFDAA3244280B9A68421BEE6355510E5D0F8F1E9ED60FB4D3FEA4D978622E19B5903B04B445E07AFD5753E9AF08D36C2CDAA844BF01D089A1313AE3E05C1A438B7346342EC1020301000102818010801746EF5C735D06996680D84FA27569AD672D74061BCCA97CCD077F75032B7B1A178742864982708159095B126F9575AF8AAC84D946EAE29D73B4F52DF12E80712D88FE8DBB078B8900CB6F5619A6EA7EAA2AC177BCC300B27CFE5DDF2A401C4B1ABDAC66C58D0A62073E1E84533A4AD0B599C55217E57D193F4D55720B89024100DFE905D9B6B27BB7C488FF20D1AC2D4D38CB95ABCBFE195661B47B4CC6254AA8DB3F4A1E2329254F738FB84A2033BCB47FEA44101C0492800C9A29222E8CE64B024100CCA0C6BB9B447B2DC0B29AAC36A52935478C6CC928EA5C4D94675BF430156308C9709E6DD9B481C4395805B7DC72E50A5E4ED7D011E9ACF4ABABBD6347A487A3024100DFE3C668D309173242BFE5B3F054249C31AD4804979E85C15D433583282243CC2226DFBAD0D7A4AA14586223249DF713D94FEB2CDC8729E20637E3E77CFA808F02400324E948D2AEEFB1994765470623ED892B0B4654A4F34CEDC83CFA55BB3368ED26A33B5BF6BF664B0C9284ABF9902E62C56632BCB8B9BD7598F9AF9449F2863F02402DC81B3ADB91F58CF130DD62D8A2CC3E217DD365F445E6A516043E75A09CFD64513ADFF3FD70A7C29CBAF8682F88849011682E61243F0D5036AB707497E62B7F";@b@ String public_key = "30819F300D06092A864886F70D010101050003818D0030818902818100B2FA501F77340FA79D4BB83C48E597FBC4CD1B7DF98A8AEBF89AD7977385BF1C252ECDA30AD3DA1133EFCB935E2331E85398A1DB33DA322C4C9E8FFDAA3244280B9A68421BEE6355510E5D0F8F1E9ED60FB4D3FEA4D978622E19B5903B04B445E07AFD5753E9AF08D36C2CDAA844BF01D089A1313AE3E05C1A438B7346342EC10203010001";@b@@b@ String source = "欢迎您光临,小木人印象http://www.xwood.net网站!!!";@b@ System.out.println("原文: ");@b@ System.out.println(source);@b@@b@ // 加签@b@ String signStr = sign(source, private_key);@b@@b@ System.out.println("加签: ");@b@ System.out.println(signStr);@b@@b@ // 验签@b@ boolean flag = verify(source, signStr, public_key);@b@ System.out.println("验签结果 : ");@b@ System.out.println(flag);@b@@b@ } catch (Exception e) {@b@ System.out.println(e.getMessage());@b@ }@b@@b@ }@b@@b@}
控制台打印结果
原文: @b@欢迎您光临,小木人印象http://www.xwood.net网站!!!@b@加签: @b@74ec71ecf9cb57721a68776df49360489dfaaa8e6b97e10e004ec07ce94b65d6023d0b739335aa95c737125b83060be2b74ace8e5cf33f2f7b52c181de1bb5ca8bd61c67e0cc489b993919fdbcd5cbe12bc9e825861f80c56b27e12c2fef73713d51b68fe6ab429d2ede9b1c5b7da4c8a591697de5a005d624e7aa018300ac2e@b@验签结果 : @b@true