标签:
1 import java.io.FileInputStream; 2 import java.security.KeyStore; 3 import java.security.PrivateKey; 4 import java.security.PublicKey; 5 import java.security.Signature; 6 import java.security.cert.Certificate; 7 import java.security.cert.CertificateFactory; 8 import java.security.cert.X509Certificate; 9 10 import javax.crypto.Cipher; 11 12 13 14 15 16 public class CertificateCoder { 17 18 public static final String CERT_TYPE="X.509"; 19 20 21 22 /** 23 * 获取私匙 24 * @param keyStorePath 25 * @param pwd 26 * @param alias 27 * @return PrivateKey 私匙 28 * @throws Exception 29 */ 30 private static PrivateKey getPrivateKey(String keyStorePath,String pwd,String alias) throws Exception{ 31 KeyStore ks=getKeyStore(keyStorePath, pwd); 32 return (PrivateKey)ks.getKey(alias, pwd.toCharArray()); 33 34 } 35 36 37 /** 38 * 39 * @param keyStorePath 40 * @param pwd 41 * @return keyStore 密匙库 42 * @throws Exception 43 */ 44 private static KeyStore getKeyStore(String keyStorePath,String pwd) throws Exception{ 45 KeyStore ks=KeyStore.getInstance(KeyStore.getDefaultType()); 46 FileInputStream in=new FileInputStream(keyStorePath); 47 ks.load(in,pwd.toCharArray()); 48 in.close(); 49 return ks; 50 } 51 52 53 /** 54 * 55 * @param certificatePath 56 * @return Certificate 证书 57 * @throws Exception 58 */ 59 private static Certificate getCertificate(String certificatePath) throws Exception{ 60 CertificateFactory factory=CertificateFactory.getInstance(CERT_TYPE); 61 FileInputStream in=new FileInputStream(certificatePath); 62 Certificate certificate=factory.generateCertificate(in); 63 in.close(); 64 return certificate; 65 66 } 67 68 69 /** 70 * 通过证书返回公匙 71 * @param certificatePath 72 * @return Publickey 返回公匙 73 * @throws Exception 74 */ 75 private static PublicKey getPublicKeyByCertificate(String certificatePath) throws Exception{ 76 Certificate certificate=getCertificate(certificatePath); 77 return certificate.getPublicKey(); 78 } 79 80 81 /** 82 * 83 * @param keyStorePath 84 * @param alias 85 * @param pwd 86 * @return Certificate 证书 87 * @throws Exception 88 */ 89 private static Certificate getCertificate(String keyStorePath,String alias,String pwd) throws Exception{ 90 KeyStore ks=getKeyStore(keyStorePath, pwd); 91 //获取证书 92 return ks.getCertificate(alias); 93 } 94 95 96 /** 97 * 私匙加密 98 * @param data 99 * @param keyStorePath 100 * @param alias 101 * @param pwd 102 * @return byte[] 被私匙加密的数据 103 * @throws Exception 104 */ 105 public static byte[] encryptByPrivateKey(byte[] data,String keyStorePath,String alias,String pwd) throws Exception{ 106 PrivateKey privateKey=getPrivateKey(keyStorePath, pwd, alias); 107 //对数据进行加密 108 Cipher cipher=Cipher.getInstance(privateKey.getAlgorithm()); 109 cipher.init(Cipher.ENCRYPT_MODE, privateKey); 110 return cipher.doFinal(data); 111 112 } 113 114 115 /** 116 * 私匙解密 117 * @param data 118 * @param keyStorePath 119 * @param alias 120 * @param pwd 121 * @return byte[] 私匙解密的数据 122 * @throws Exception 123 */ 124 public static byte[] decryptByPrivateKey(byte[] data,String keyStorePath,String alias,String pwd) throws Exception{ 125 PrivateKey privateKey=getPrivateKey(keyStorePath, pwd, alias); 126 Cipher cipher=Cipher.getInstance(privateKey.getAlgorithm()); 127 cipher.init(cipher.DECRYPT_MODE, privateKey); 128 return cipher.doFinal(data); 129 } 130 131 132 /** 133 * 公匙加密 134 * @param data 135 * @param cerPath 136 * @return byte[] 被公匙加密的数据 137 * @throws Exception 138 */ 139 public static byte[] encryptByPublicKey(byte[] data,String cerPath) throws Exception{ 140 //获取公匙 141 PublicKey publicKey=getPublicKeyByCertificate(cerPath); 142 System.out.println(publicKey.getAlgorithm()); 143 Cipher cipher=Cipher.getInstance(publicKey.getAlgorithm()); 144 cipher.init(Cipher.ENCRYPT_MODE, publicKey); 145 return cipher.doFinal(data); 146 } 147 148 /** 149 * 公匙解密 150 * @param data 151 * @param cerPath 152 * @return 153 * @throws Exception 154 */ 155 public static byte[] decryptByPublicKey(byte[] data,String cerPath) throws Exception{ 156 PublicKey publicKey=getPublicKeyByCertificate(cerPath); 157 Cipher cipher=Cipher.getInstance(publicKey.getAlgorithm()); 158 cipher.init(Cipher.DECRYPT_MODE, publicKey); 159 return cipher.doFinal(data); 160 } 161 162 /** 163 * 签名 164 * @param sign 165 * @param keyStorePath 166 * @param pwd 167 * @param alias 168 * @return 169 * @throws Exception 170 */ 171 public static byte[] sign(byte[] sign,String keyStorePath,String pwd,String alias) throws Exception{ 172 //获取证书 173 X509Certificate x509=(X509Certificate)getCertificate(keyStorePath, alias, pwd); 174 //构建签名,由证书指定签名算法 175 Signature sa=Signature.getInstance(x509.getSigAlgName()); 176 //获取私匙 177 PrivateKey privateKey=getPrivateKey(keyStorePath, pwd, alias); 178 sa.initSign(privateKey); 179 sa.update(sign); 180 return sa.sign(); 181 } 182 183 /** 184 * 验证签名 185 * @param data 186 * @param sign 187 * @param cerPath 188 * @return 189 * @throws Exception 190 */ 191 public static boolean verify(byte[] data,byte[] sign,String cerPath) throws Exception{ 192 X509Certificate x509=(X509Certificate)getCertificate(cerPath); 193 Signature sa=Signature.getInstance(x509.getSigAlgName()); 194 sa.initVerify(x509); 195 sa.update(data); 196 return sa.verify(sign); 197 } 198 }
标签:
原文地址:http://www.cnblogs.com/huzi007/p/4330188.html
