标签:
原文地址:http://www.thinkingquest.net/articles/391.html?utm_source=tuicool
支付宝接口开发相关:
openssl 加密工具 支付宝“手机网站支付“开发包里面有,下载地址:https://b.alipay.com/order/techService.htm
生成命令使用说明:
RSA密钥生成命令
生成RSA私钥
openssl>genrsa -out rsa_private_key.pem 1024
生成RSA公钥
openssl>rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem
将RSA私钥转换成PKCS8格式
openssl>pkcs8 -topk8 -inform PEM -in rsa_private_key.pem -outform PEM -nocrypt
注意:“>”符号后面的才是需要输入的命令。
openssl默认使用的是PEM格式,经过base64。
生成pem格式的私钥:
openssl genrsa -out private_key.pem 1024
生成公钥:
openssl rsa -in private_key.pem -pubout -out public_key.pem
产生的密钥如下:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
[wind@localhost key]$ cat private_key.pem -----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQCd3V5+GjpOwqNks9ProDGaZT2qURAAuAodHcUM3P1mnhOh4l4u VdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs /OD91LS +RpkIAb2gMU8hGrNfR34izZh36 KdfWnEQpniAiFsHsg2ddAaPtGZZ8 /jpjuPq32IVZJkgyKcWqnz5aL3FMXQIDAQAB AoGAJFdkvGTvTVhTYwhe3dxn7uIlmwLES1YSxfcneLmbADedz2OcSNBtKZqL+9Eo AOzf6NgYBLei2O+aUuPvwnMBcGyijFmRoZGVEj70UP0mngyAkvY /juA60QDe5kY5 rsqj4raHUf4iDK85nNwzXu7hIlPAn+ZmH+e2Eekwo1rmgQUCQQDJerucfBKk3qrV xS5NRW99lKMomIsMH55Si+rbrnk8aU3SSRSD6uil3Dytv0erLZbc9d0Nr6SmBZgO 0qzOjXDDAkEAyJVGgHMNuMbpHnim93HAP7wcejmMx7rP4zutw4OCiHrWv3kN8WUC u826taRFtOuiXhQ3X8+tb0l4ifae+vJ8XwJAEcmuKqChnMCz4G+qKNRKhZHL3dep 3wYjmjIUKBT9SyIY5sng78ybgZkyGjza /Pfna9ahD4ZESQwRYq2i6BGAtQJBAJyD bmnYXQKro0e1mYNHbV3OKOJueZ139bM35BTFT1uzjlIF4Y1U5lco5uHJduL /YsjK OZM3d /t4duggWlkyUT0CQBdsjc7eQ9roxphrW4Q/6Zwi0EQ4xxM4SgxPY1RvkKFu i0HdYBj5KRdIbrAbisUyQeKzB7+6oTJH5+kZAU /pxao = -----END RSA PRIVATE KEY----- [wind@localhost key]$ [wind@localhost key]$ [wind@localhost key]$ openssl rsa - in private_key.pem -pubout -out public_key.pem writing RSA key [wind@localhost key]$ cat public_key.pem -----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCd3V5+GjpOwqNks9ProDGaZT2q URAAuAodHcUM3P1mnhOh4l4uVdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs /OD91LS +R pkIAb2gMU8hGrNfR34izZh36KdfWnEQpniAiFsHsg2ddAaPtGZZ8 /jpjuPq32IVZ JkgyKcWqnz5aL3FMXQIDAQAB -----END PUBLIC KEY----- |
某些语言需要pkcs8格式的公钥。 (php就不需要了)
使用openssl将刚才生成的公钥转为pkcs#8格式:
openssl pkcs8 -topk8 -inform PEM -in private_key.pem -outform PEM -nocrypt -out private_key_pkcs8.pem
下面附上java和php语言的加解密demo代码:
php:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
<?php $pri = "-----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQCd3V5+GjpOwqNks9ProDGaZT2qURAAuAodHcUM3P1mnhOh4l4u VdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+RpkIAb2gMU8hGrNfR34izZh36 KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZJkgyKcWqnz5aL3FMXQIDAQAB AoGAJFdkvGTvTVhTYwhe3dxn7uIlmwLES1YSxfcneLmbADedz2OcSNBtKZqL+9Eo AOzf6NgYBLei2O+aUuPvwnMBcGyijFmRoZGVEj70UP0mngyAkvY/juA60QDe5kY5 rsqj4raHUf4iDK85nNwzXu7hIlPAn+ZmH+e2Eekwo1rmgQUCQQDJerucfBKk3qrV xS5NRW99lKMomIsMH55Si+rbrnk8aU3SSRSD6uil3Dytv0erLZbc9d0Nr6SmBZgO 0qzOjXDDAkEAyJVGgHMNuMbpHnim93HAP7wcejmMx7rP4zutw4OCiHrWv3kN8WUC u826taRFtOuiXhQ3X8+tb0l4ifae+vJ8XwJAEcmuKqChnMCz4G+qKNRKhZHL3dep 3wYjmjIUKBT9SyIY5sng78ybgZkyGjza/Pfna9ahD4ZESQwRYq2i6BGAtQJBAJyD bmnYXQKro0e1mYNHbV3OKOJueZ139bM35BTFT1uzjlIF4Y1U5lco5uHJduL/YsjK OZM3d/t4duggWlkyUT0CQBdsjc7eQ9roxphrW4Q/6Zwi0EQ4xxM4SgxPY1RvkKFu i0HdYBj5KRdIbrAbisUyQeKzB7+6oTJH5+kZAU/pxao= ----- END RSA PRIVATE KEY-----"; $pub = "-----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCd3V5+GjpOwqNks9ProDGaZT2q URAAuAodHcUM3P1mnhOh4l4uVdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+R pkIAb2gMU8hGrNfR34izZh36KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZ JkgyKcWqnz5aL3FMXQIDAQAB ----- END PUBLIC KEY-----"; $data = "message" ; echo "\n<br/>\n" ; openssl_public_encrypt( $data , $crypted , $pub ); echo base64_encode ( $crypted ); echo "\n<br/>\n" ; openssl_private_decrypt( $crypted , $decrypted , $pri ); echo $decrypted ; ?> |
下面是java版:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
|
package com.qihoo.srouter.rom; import java.security.KeyFactory; import java.security.PublicKey; import sun.misc.*; import java.security.PrivateKey; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import javax.crypto.Cipher; import sun.misc.BASE64Decoder; public class TestRSA { public static String PRIVATE_KEY = "-----BEGIN RSA PRIVATE KEY-----" + "\n" + "MIICXAIBAAKBgQCd3V5+GjpOwqNks9ProDGaZT2qURAAuAodHcUM3P1mnhOh4l4u" + "\n" + "VdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+RpkIAb2gMU8hGrNfR34izZh36" + "\n" + "KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZJkgyKcWqnz5aL3FMXQIDAQAB" + "\n" + "AoGAJFdkvGTvTVhTYwhe3dxn7uIlmwLES1YSxfcneLmbADedz2OcSNBtKZqL+9Eo" + "\n" + "AOzf6NgYBLei2O+aUuPvwnMBcGyijFmRoZGVEj70UP0mngyAkvY/juA60QDe5kY5" + "\n" + "rsqj4raHUf4iDK85nNwzXu7hIlPAn+ZmH+e2Eekwo1rmgQUCQQDJerucfBKk3qrV" + "\n" + "xS5NRW99lKMomIsMH55Si+rbrnk8aU3SSRSD6uil3Dytv0erLZbc9d0Nr6SmBZgO" + "\n" + "0qzOjXDDAkEAyJVGgHMNuMbpHnim93HAP7wcejmMx7rP4zutw4OCiHrWv3kN8WUC" + "\n" + "u826taRFtOuiXhQ3X8+tb0l4ifae+vJ8XwJAEcmuKqChnMCz4G+qKNRKhZHL3dep" + "\n" + "3wYjmjIUKBT9SyIY5sng78ybgZkyGjza/Pfna9ahD4ZESQwRYq2i6BGAtQJBAJyD" + "\n" + "bmnYXQKro0e1mYNHbV3OKOJueZ139bM35BTFT1uzjlIF4Y1U5lco5uHJduL/YsjK" + "\n" + "OZM3d/t4duggWlkyUT0CQBdsjc7eQ9roxphrW4Q/6Zwi0EQ4xxM4SgxPY1RvkKFu" + "\n" + "i0HdYBj5KRdIbrAbisUyQeKzB7+6oTJH5+kZAU/pxao=" + "\n" + "-----END RSA PRIVATE KEY-----" ; public static String PRIVATE_KEY_PKCS8 = "-----BEGIN PRIVATE KEY-----" + "\n" + "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJ3dXn4aOk7Co2Sz" + "\n" + "0+ugMZplPapREAC4Ch0dxQzc/WaeE6HiXi5V2+Re6dQjsrpcODpe714vVYNBzqop" + "\n" + "ez84P3UtL5GmQgBvaAxTyEas19HfiLNmHfop19acRCmeICIWweyDZ10Bo+0Zlnz+" + "\n" + "OmO4+rfYhVkmSDIpxaqfPlovcUxdAgMBAAECgYAkV2S8ZO9NWFNjCF7d3Gfu4iWb" + "\n" + "AsRLVhLF9yd4uZsAN53PY5xI0G0pmov70SgA7N/o2BgEt6LY75pS4+/CcwFwbKKM" + "\n" + "WZGhkZUSPvRQ/SaeDICS9j+O4DrRAN7mRjmuyqPitodR/iIMrzmc3DNe7uEiU8Cf" + "\n" + "5mYf57YR6TCjWuaBBQJBAMl6u5x8EqTeqtXFLk1Fb32UoyiYiwwfnlKL6tuueTxp" + "\n" + "TdJJFIPq6KXcPK2/R6stltz13Q2vpKYFmA7SrM6NcMMCQQDIlUaAcw24xukeeKb3" + "\n" + "ccA/vBx6OYzHus/jO63Dg4KIeta/eQ3xZQK7zbq1pEW066JeFDdfz61vSXiJ9p76" + "\n" + "8nxfAkARya4qoKGcwLPgb6oo1EqFkcvd16nfBiOaMhQoFP1LIhjmyeDvzJuBmTIa" + "\n" + "PNr89+dr1qEPhkRJDBFiraLoEYC1AkEAnINuadhdAqujR7WZg0dtXc4o4m55nXf1" + "\n" + "szfkFMVPW7OOUgXhjVTmVyjm4cl24v9iyMo5kzd3+3h26CBaWTJRPQJAF2yNzt5D" + "\n" + "2ujGmGtbhD/pnCLQRDjHEzhKDE9jVG+QoW6LQd1gGPkpF0husBuKxTJB4rMHv7qh" + "\n" + "Mkfn6RkBT+nFqg==" + "\n" + "-----END PRIVATE KEY-----" ; public static String PUBLIC_KEY = "-----BEGIN PUBLIC KEY-----" + "\n" + "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCd3V5+GjpOwqNks9ProDGaZT2q" + "\n" + "URAAuAodHcUM3P1mnhOh4l4uVdvkXunUI7K6XDg6Xu9eL1WDQc6qKXs/OD91LS+R" + "\n" + "pkIAb2gMU8hGrNfR34izZh36KdfWnEQpniAiFsHsg2ddAaPtGZZ8/jpjuPq32IVZ" + "\n" + "JkgyKcWqnz5aL3FMXQIDAQAB" + "\n" + "-----END PUBLIC KEY-----" ; public static void main(String[] args) { String text = "message" ; try { String priStr = PRIVATE_KEY_PKCS8.replaceAll( "-----BEGIN PRIVATE KEY-----\n" , "" ); priStr = priStr.replaceAll( "-----END PRIVATE KEY-----" , "" ); byte [] privateKeyBytes = new BASE64Decoder().decodeBuffer(priStr); PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(privateKeyBytes); KeyFactory keyFactory = KeyFactory.getInstance( "RSA" ); PrivateKey privateKey = keyFactory.generatePrivate(privateKeySpec); Cipher cipher = Cipher.getInstance( "RSA" ); cipher.init(Cipher.ENCRYPT_MODE, privateKey); byte [] crypted = cipher.doFinal(text.getBytes()); System.out.println( new BASE64Encoder().encode(crypted)); // decrypt blow. String pubStr = PUBLIC_KEY.replaceAll( "-----BEGIN PUBLIC KEY-----\n" , "" ); pubStr = pubStr.replaceAll( "-----END PUBLIC KEY-----" , "" ); byte [] publicKeyBytes = new BASE64Decoder().decodeBuffer(pubStr); X509EncodedKeySpec pubKeySpec = new X509EncodedKeySpec(publicKeyBytes); keyFactory = KeyFactory.getInstance( "RSA" ); PublicKey publicKey = keyFactory.generatePublic(pubKeySpec); cipher = Cipher.getInstance( "RSA" ); cipher.init(Cipher.DECRYPT_MODE, publicKey); byte [] bytes = cipher.doFinal(crypted); System.out.println( new String(bytes, "ISO-8859-1" )); } catch (Exception e) { e.printStackTrace(); } } } 需要注意的是,java的代码中的 private key必须使用pkcs# 8 格式的。 java加密 php解密 也是没问题的。 |
标签:
原文地址:http://www.cnblogs.com/niaowo/p/4757616.html