package com.hx.util.rsa;
|
|
import com.hx.util.StringUtils;
|
import org.bouncycastle.asn1.ASN1Encodable;
|
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
|
import org.bouncycastle.asn1.ASN1Primitive;
|
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
|
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
|
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
|
|
import java.security.KeyFactory;
|
import java.security.PrivateKey;
|
import java.security.PublicKey;
|
import java.security.spec.PKCS8EncodedKeySpec;
|
import java.security.spec.X509EncodedKeySpec;
|
import java.util.ArrayList;
|
import java.util.Collections;
|
import java.util.List;
|
import java.util.Map;
|
|
|
/**
|
* RSA签名验签类
|
*/
|
public class RSASignature{
|
|
/**
|
* 签名算法
|
*/
|
public static final String SIGN_ALGORITHMS = "SHA1WithRSA";
|
|
/**
|
* RSA签名
|
* @param content 待签名数据
|
* @param privateKey 商户私钥
|
* @param encode 字符集编码
|
* @return 签名值
|
*/
|
public static String createSign(String content, String privateKey, String encode) {
|
try {
|
PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec( Base64.decode(privateKey) );
|
|
KeyFactory keyf = KeyFactory.getInstance("RSA");
|
PrivateKey priKey = keyf.generatePrivate(priPKCS8);
|
|
java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS);
|
|
signature.initSign(priKey);
|
signature.update( content.getBytes(encode));
|
|
byte[] signed = signature.sign();
|
|
return Base64.encode(signed);
|
}
|
catch (Exception e)
|
{
|
e.printStackTrace();
|
}
|
|
return null;
|
}
|
|
/**
|
* RSA签名Pkcs1ToPkcs8
|
* @param rawKey 商户私钥
|
* @return 签名值
|
*/
|
public static String formatPkcs1ToPkcs8(String rawKey) {
|
if (!StringUtils.isEmpty(rawKey)) {
|
try {
|
//将BASE64编码的私钥字符串进行解码
|
byte[] encodeByte = Base64.decode(rawKey);
|
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.pkcs8ShroudedKeyBag);
|
PrivateKeyInfo privKeyInfo = new PrivateKeyInfo(algorithmIdentifier, ASN1ObjectIdentifier.fromByteArray(encodeByte));
|
return Base64.encode(privKeyInfo.getEncoded());
|
} catch (Exception e) {
|
e.printStackTrace();
|
}
|
}
|
return null;
|
}
|
/**
|
* RSA签名Pkcs8ToPkcs1
|
* @param rawKey 商户私钥
|
* @return 签名值
|
*/
|
public static String formatPkcs8ToPkcs1(String rawKey){
|
try {
|
byte[] encodeByte = Base64.decode(rawKey);
|
PrivateKeyInfo pki = PrivateKeyInfo.getInstance(encodeByte);
|
ASN1Encodable asn = pki.parsePrivateKey();
|
ASN1Primitive primitive = asn.toASN1Primitive();
|
return Base64.encode(primitive.getEncoded());
|
} catch (Exception e) {
|
e.printStackTrace();
|
return null;
|
}
|
}
|
|
public static String createSign(String content, String privateKey) {
|
try{
|
PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec( Base64.decode(privateKey) );
|
KeyFactory keyf = KeyFactory.getInstance("RSA");
|
PrivateKey priKey = keyf.generatePrivate(priPKCS8);
|
java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS);
|
signature.initSign(priKey);
|
signature.update( content.getBytes());
|
byte[] signed = signature.sign();
|
return Base64.encode(signed);
|
} catch (Exception e) {
|
e.printStackTrace();
|
}
|
return null;
|
}
|
|
/**
|
* RSA验签名检查
|
* @param content 待签名数据
|
* @param sign 签名值
|
* @param publicKey 分配给开发商公钥
|
* @param encode 字符集编码
|
* @return 布尔值
|
*/
|
public static boolean doCheck(String content, String sign, String publicKey,String encode) {
|
try {
|
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
|
byte[] encodedKey = Base64.decode(publicKey);
|
PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));
|
|
|
java.security.Signature signature = java.security.Signature
|
.getInstance(SIGN_ALGORITHMS);
|
|
signature.initVerify(pubKey);
|
signature.update( content.getBytes(encode) );
|
|
boolean bverify = signature.verify( Base64.decode(sign) );
|
return bverify;
|
|
} catch (Exception e) {
|
e.printStackTrace();
|
}
|
|
return false;
|
}
|
|
public static boolean doCheck(String content, String sign, String publicKey) {
|
try {
|
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
|
byte[] encodedKey = Base64.decode(publicKey);
|
PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));
|
|
|
java.security.Signature signature = java.security.Signature
|
.getInstance(SIGN_ALGORITHMS);
|
|
signature.initVerify(pubKey);
|
signature.update( content.getBytes() );
|
|
boolean bverify = signature.verify( Base64.decode(sign) );
|
return bverify;
|
|
} catch (Exception e) {
|
e.printStackTrace();
|
}
|
|
return false;
|
}
|
|
/**
|
* ASCII码递增排序(剔除空值)
|
* @param params
|
* @return
|
*/
|
public static String getSignCheckContent(Map<String, String> params) {
|
if (params == null) {
|
return null;
|
} else {
|
StringBuilder content = new StringBuilder();
|
List<String> keys = new ArrayList(params.keySet());
|
Collections.sort(keys);
|
|
for(int i = 0; i < keys.size(); ++i) {
|
String key = (String)keys.get(i);
|
Object value = params.get(key);
|
if(value == null || StringUtils.isEmpty(value.toString())){
|
continue;
|
}
|
content.append(i == 0 ? "" : "&").append(key).append("=").append(value);
|
}
|
return content.toString();
|
}
|
}
|
|
}
|
