~chenjiahe/hx_common.git

chenjiahe

2023-07-17 d4fa5269e214e8bbe1f7dd79a922cefe9fc9916b

提交 \| 用户 \| age
cf178e	1	package com.hx.util.rsa;
C	2
f96f39	3	import com.hx.util.StringUtils;
608831	4	import org.bouncycastle.asn1.ASN1Encodable;
F	5	import org.bouncycastle.asn1.ASN1ObjectIdentifier;
	6	import org.bouncycastle.asn1.ASN1Primitive;
	7	import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
	8	import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
	9	import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
f96f39	10
cf178e	11	import java.security.KeyFactory;
C	12	import java.security.PrivateKey;
	13	import java.security.PublicKey;
	14	import java.security.spec.PKCS8EncodedKeySpec;
	15	import java.security.spec.X509EncodedKeySpec;
608831	16	import java.util.ArrayList;
F	17	import java.util.Collections;
	18	import java.util.List;
	19	import java.util.Map;
cf178e	20
C	21
	22	/**
	23	* RSA签名验签类
	24	*/
	25	public class RSASignature{
	26
	27	/**
	28	* 签名算法
	29	*/
	30	public static final String SIGN_ALGORITHMS = "SHA1WithRSA";
	31
	32	/**
	33	* RSA签名
	34	* @param content 待签名数据
	35	* @param privateKey 商户私钥
	36	* @param encode 字符集编码
	37	* @return 签名值
	38	*/
f96f39	39	public static String createSign(String content, String privateKey, String encode) {
cf178e	40	try {
C	41	PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec( Base64.decode(privateKey) );
	42
	43	KeyFactory keyf = KeyFactory.getInstance("RSA");
	44	PrivateKey priKey = keyf.generatePrivate(priPKCS8);
	45
	46	java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS);
	47
	48	signature.initSign(priKey);
	49	signature.update( content.getBytes(encode));
	50
	51	byte[] signed = signature.sign();
	52
	53	return Base64.encode(signed);
	54	}
	55	catch (Exception e)
	56	{
	57	e.printStackTrace();
	58	}
	59
	60	return null;
	61	}
	62
608831	63	/**
F	64	* RSA签名Pkcs1ToPkcs8
	65	* @param rawKey 商户私钥
	66	* @return 签名值
	67	*/
	68	public static String formatPkcs1ToPkcs8(String rawKey) {
	69	if (!StringUtils.isEmpty(rawKey)) {
	70	try {
	71	//将BASE64编码的私钥字符串进行解码
	72	byte[] encodeByte = Base64.decode(rawKey);
	73	AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.pkcs8ShroudedKeyBag);
	74	PrivateKeyInfo privKeyInfo = new PrivateKeyInfo(algorithmIdentifier, ASN1ObjectIdentifier.fromByteArray(encodeByte));
	75	return Base64.encode(privKeyInfo.getEncoded());
	76	} catch (Exception e) {
	77	e.printStackTrace();
	78	}
	79	}
	80	return null;
	81	}
	82	/**
	83	* RSA签名Pkcs8ToPkcs1
	84	* @param rawKey 商户私钥
	85	* @return 签名值
	86	*/
	87	public static String formatPkcs8ToPkcs1(String rawKey){
	88	try {
	89	byte[] encodeByte = Base64.decode(rawKey);
	90	PrivateKeyInfo pki = PrivateKeyInfo.getInstance(encodeByte);
	91	ASN1Encodable asn = pki.parsePrivateKey();
	92	ASN1Primitive primitive = asn.toASN1Primitive();
	93	return Base64.encode(primitive.getEncoded());
	94	} catch (Exception e) {
	95	e.printStackTrace();
	96	return null;
	97	}
	98	}
	99
f96f39	100	public static String createSign(String content, String privateKey) {
cf178e	101	try{
C	102	PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec( Base64.decode(privateKey) );
	103	KeyFactory keyf = KeyFactory.getInstance("RSA");
	104	PrivateKey priKey = keyf.generatePrivate(priPKCS8);
	105	java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS);
	106	signature.initSign(priKey);
	107	signature.update( content.getBytes());
	108	byte[] signed = signature.sign();
	109	return Base64.encode(signed);
	110	} catch (Exception e) {
	111	e.printStackTrace();
	112	}
	113	return null;
	114	}
	115
	116	/**
	117	* RSA验签名检查
	118	* @param content 待签名数据
	119	* @param sign 签名值
	120	* @param publicKey 分配给开发商公钥
	121	* @param encode 字符集编码
	122	* @return 布尔值
	123	*/
	124	public static boolean doCheck(String content, String sign, String publicKey,String encode) {
	125	try {
	126	KeyFactory keyFactory = KeyFactory.getInstance("RSA");
	127	byte[] encodedKey = Base64.decode(publicKey);
	128	PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));
	129
	130
	131	java.security.Signature signature = java.security.Signature
	132	.getInstance(SIGN_ALGORITHMS);
	133
	134	signature.initVerify(pubKey);
	135	signature.update( content.getBytes(encode) );
	136
	137	boolean bverify = signature.verify( Base64.decode(sign) );
	138	return bverify;
	139
	140	} catch (Exception e) {
	141	e.printStackTrace();
	142	}
	143
	144	return false;
	145	}
	146
	147	public static boolean doCheck(String content, String sign, String publicKey) {
	148	try {
	149	KeyFactory keyFactory = KeyFactory.getInstance("RSA");
	150	byte[] encodedKey = Base64.decode(publicKey);
	151	PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));
	152
	153
	154	java.security.Signature signature = java.security.Signature
	155	.getInstance(SIGN_ALGORITHMS);
	156
	157	signature.initVerify(pubKey);
	158	signature.update( content.getBytes() );
	159
	160	boolean bverify = signature.verify( Base64.decode(sign) );
	161	return bverify;
	162
	163	} catch (Exception e) {
	164	e.printStackTrace();
	165	}
	166
	167	return false;
	168	}
	169
5d99e5	170	/**
C	171	* ASCII码递增排序（剔除空值）
	172	* @param params
	173	* @return
	174	*/
	175	public static String getSignCheckContent(Map<String, String> params) {
	176	if (params == null) {
	177	return null;
	178	} else {
	179	StringBuilder content = new StringBuilder();
	180	List<String> keys = new ArrayList(params.keySet());
	181	Collections.sort(keys);
	182
	183	for(int i = 0; i < keys.size(); ++i) {
	184	String key = (String)keys.get(i);
c22d92	185	Object value = params.get(key);
C	186	if(value == null \|\| StringUtils.isEmpty(value.toString())){
5d99e5	187	continue;
C	188	}
	189	content.append(i == 0 ? "" : "&").append(key).append("=").append(value);
	190	}
	191	return content.toString();
	192	}
	193	}
	194
cf178e	195	}