java代码如下:

package sign;

import java.io.FileInputStream;

import java.io.FileOutputStream;

import java.io.IOException;

import java.io.InputStream;

import java.security.Key;

import java.security.KeyStore;

import java.security.PrivateKey;

import java.security.Signature;

import java.security.cert.Certificate;

import java.security.cert.CertificateFactory;

import java.security.cert.X509Certificate;

import java.util.Enumeration;

import javax.crypto.Cipher;

@SuppressWarnings({ "rawtypes", "unused" })

public class UtilTools {

    private static final String PKCS12 = "PKCS12";

    private static final String CHARSET = "utf-8";

    private final static String CertType = "X.509";

    public final static String TrustStoreType = "JKS";

    private static final String SHA1WithRSA = "SHA1WithRSA";

    private final static String MD5withRSA = "MD5withRSA";

    private static final String SHA224WithRSA = "SHA224WithRSA";

    private static final String SHA256WithRSA = "SHA256WithRSA";

    private static final String SHA384WithRSA = "SHA384WithRSA";

    private static final String SHA512WithRSA = "SHA512WithRSA";

    private static final String RSA = "RSA";

    private static final String ECB = "ECB";

    private static final String PCKCS1PADDING = "PCKCS1Padding";

    /**

     * generate the signature

     *

     * @param source

     * @param pfxPath

     * @param password

     * @return

     * @throws Exception

     */

    public static String generateSignature(String source, String pfxPath, String password) throws Exception {

        byte[] signature = null;

        PrivateKey privateKey = getPrivateKeyInstance(pfxPath, password);

        Signature sig = Signature.getInstance(SHA1WithRSA);

        sig.initSign(privateKey);

        sig.update(source.getBytes(CHARSET));

        signature = sig.sign();

        return Base64Util.encode(signature);

    }

    /**

     * check the signature

     *

     * @param datasource

     * @param sign

     * @param certificatePath

     * @return

     * @throws Exception

     */

    public static boolean checkSignature(String datasource, String sign, String certificatePath) throws Exception {

        try {

            X509Certificate x509Certificate = (X509Certificate) getInstance(certificatePath);

            Signature signature = Signature.getInstance(SHA1WithRSA);

            signature.initVerify(x509Certificate);

            signature.update(datasource.getBytes(CHARSET));

            return signature.verify(Base64Util.decode(sign));

        } catch (Exception e) {

            System.out.println(e.getMessage());

        }

        return false;

    }

    /**

     * 加载私钥

     *

     * @param strPfx

     * @param strPassword

     * @return

     */

    private static PrivateKey getPrivateKeyInstance(String strPfx, String strPassword) throws Exception {

        FileInputStream fis = null;

        try {

            KeyStore ks = KeyStore.getInstance(PKCS12);

            fis = new FileInputStream(strPfx);

            char[] chars = null;

            if ((strPassword == null) || strPassword.trim().equals("")) {

                chars = null;

            } else {

                chars = strPassword.toCharArray();

            }

            ks.load(fis, chars);

            fis.close();

            Enumeration enumas = ks.aliases();

            String keyAlias = null;

            if (enumas.hasMoreElements()) {

                keyAlias = (String) enumas.nextElement();

            }

            return (PrivateKey) ks.getKey(keyAlias, chars);

        } finally {

            if (fis != null) {

                try {

                    fis.close();

                } catch (IOException e) {

                    System.out.println(e.getMessage());

                }

            }

        }

    }

    /**

     * 获得证书

     *

     * @param certificatePath

     * @return

     */

    private static Certificate getInstance(String certificatePath) throws Exception {

        InputStream is = null;

        try {

            is = new FileInputStream(certificatePath);

            CertificateFactory certificateFactory = CertificateFactory.getInstance(CertType);

            return certificateFactory.generateCertificate(is);

        } catch (Exception e) {

            System.out.println(e.getMessage());

        } finally {

            if (is != null) {

                try {

                    is.close();

                } catch (IOException e) {

                    System.out.println(e.getMessage());

                }

            }

        }

        return null;

    }

    /**

     * 将pfx或p12的文件转为keystore

     *

     * @param pfxFile 原文件路径及名称

     * @param pfxPsw 密码

     * @param keyStoreFile 生成的文件名和路径

     */

    public static void coverTokeyStore(String pfxFile, String pfxPsw, String keyStoreFile) throws Exception {

        KeyStore inputKeyStore = null;

        FileInputStream input = null;

        FileOutputStream output = null;

        String keyAlias = "";

        try {

            inputKeyStore = KeyStore.getInstance(PKCS12);

            input = new FileInputStream(pfxFile);

            char[] password = null;

            if ((pfxPsw == null) || pfxPsw.trim().equals("")) {

                password = null;

            } else {

                password = pfxPsw.toCharArray();

            }

            inputKeyStore.load(input, password);

            KeyStore outputKeyStore = KeyStore.getInstance(TrustStoreType);

            outputKeyStore.load(null, pfxPsw.toCharArray());

            Enumeration enums = inputKeyStore.aliases();

            while (enums.hasMoreElements()) {

                keyAlias = (String) enums.nextElement();

                System.out.println("alias=[" + keyAlias + "]");

                if (inputKeyStore.isKeyEntry(keyAlias)) {

                    Key key = inputKeyStore.getKey(keyAlias, password);

                    Certificate[] certChain = inputKeyStore.getCertificateChain(keyAlias);

                    outputKeyStore.setKeyEntry(keyAlias, key, pfxPsw.toCharArray(), certChain);

                }

            }

            output = new FileOutputStream(keyStoreFile);

            outputKeyStore.store(output, password);

        } catch (Exception e) {

            System.out.println(e.getMessage());

        } finally {

            if (input != null) {

                try {

                    input.close();

                } catch (IOException e) {

                    System.out.println(e.getMessage());

                }

            }

            if (output != null) {

                try {

                    output.close();

                } catch (IOException e) {

                    System.out.println(e.getMessage());

                }

            }

        }

    }

    /**

     * 将keystore转为pfx

     *

     * @param keyStoreFile 生成的文件名和路径

     * @param pfxPsw 密码

     * @param pfxFile 原文件路径及名称

     */

    public static void coverToPfx(String keyStoreFile, String pfxPsw, String pfxFile) throws Exception {

        KeyStore inputKeyStore = null;

        FileInputStream input = null;

        FileOutputStream output = null;

        String keyAlias = "";

        try {

            inputKeyStore = KeyStore.getInstance(TrustStoreType);

            input = new FileInputStream(keyStoreFile);

            char[] password = null;

            if ((pfxPsw == null) || pfxPsw.trim().equals("")) {

                password = null;

            } else {

                password = pfxPsw.toCharArray();

            }

            inputKeyStore.load(input, password);

            KeyStore outputKeyStore = KeyStore.getInstance(PKCS12);

            outputKeyStore.load(null, pfxPsw.toCharArray());

            Enumeration enums = inputKeyStore.aliases();

            while (enums.hasMoreElements()) {

                keyAlias = (String) enums.nextElement();

                System.out.println("alias=[" + keyAlias + "]");

                if (inputKeyStore.isKeyEntry(keyAlias)) {

                    Key key = inputKeyStore.getKey(keyAlias, password);

                    Certificate[] certChain = inputKeyStore.getCertificateChain(keyAlias);

                    outputKeyStore.setKeyEntry(keyAlias, key, pfxPsw.toCharArray(), certChain);

                }

            }

            output = new FileOutputStream(pfxFile);

            outputKeyStore.store(output, password);

        } catch (Exception e) {

            System.out.println(e.getMessage());

        } finally {

            if (input != null) {

                try {

                    input.close();

                } catch (IOException e) {

                    System.out.println(e.getMessage());

                }

            }

            if (output != null) {

                try {

                    output.close();

                } catch (IOException e) {

                    System.out.println(e.getMessage());

                }

            }

        }

    }

    /**

     * 使用公钥 进行 非对称加密数据

     * @param certPath

     * @param dataSource

     * @return

     * @throws Exception

     */

    public static String certEncode(String certPath, String dataSource) throws Exception {

        InputStream input = null;

        try {

            byte[] plainText = dataSource.getBytes(CHARSET);

            // 证书格式为x509

            CertificateFactory certificateFactory = CertificateFactory.getInstance(CertType);

            // 读取证书文件的输入流

            input = new FileInputStream(certPath);

            Certificate certificate = certificateFactory.generateCertificate(input);

            // 支持:RSA/ECB/PCKCS1Padding

            Cipher cipher = Cipher.getInstance(RSA);

            cipher.init(Cipher.ENCRYPT_MODE, certificate.getPublicKey());

            cipher.update(plainText);

            byte[] signByte = cipher.doFinal();

            String sign = Base64Util.encode(signByte);

            return sign;

        } catch (Exception e) {

            System.out.println(e.getMessage());

        } finally {

            if (input != null) {

                try {

                    input.close();

                } catch (IOException e) {

                    System.out.println(e.getMessage());

                }

            }

        }

        return null;

    }

    /**

     * 使用私钥 进行非对称解密数据

     * @param keyStorePath

     * @param keyStorePass

     * @param alias

     * @param certPass

     * @param decodeData

     * @return

     * @throws Exception

     */

    public static String certDecode(String keyStorePath, String keyStorePass, String alias, String certPass, String decodeData) throws Exception {

        InputStream input = null;

        try {

            // 密文数据Base64转换

            byte[] cipherText = Base64Util.decode(decodeData);

            // 提供密钥库类型

            KeyStore keyStore = KeyStore.getInstance(TrustStoreType);

            // 读取keystore文件的输入流

            input = new FileInputStream(keyStorePath);

            keyStore.load(input, keyStorePass.toCharArray());

            // 加载证书

            PrivateKey privateKey = (PrivateKey) keyStore.getKey(alias, certPass.toCharArray());

            // 支持:RSA/ECB/PCKCS1Padding

            Cipher cipher = Cipher.getInstance(RSA);

            cipher.init(Cipher.DECRYPT_MODE, privateKey);

            cipher.update(cipherText);

            byte[] sourceByte = cipher.doFinal();

            String source = new String(sourceByte, CHARSET);

            return source;

        } catch (Exception e) {

            System.out.println(e.getMessage());

        } finally {

            if (input != null) {

                try {

                    input.close();

                } catch (IOException e) {

                    System.out.println(e.getMessage());

                }

            }

        }

        return null;

    }

}

  

加解密工具类(含keystore导出pfx)的更多相关文章

  1. RSA加解密工具类RSAUtils.java,实现公钥加密私钥解密和私钥解密公钥解密

    package com.geostar.gfstack.cas.util; import org.apache.commons.codec.binary.Base64; import javax.cr ...

  2. Java中的AES加解密工具类:AESUtils

    本人手写已测试,大家可以参考使用 package com.mirana.frame.utils.encrypt; import com.mirana.frame.constants.SysConsta ...

  3. Java中的RSA加解密工具类:RSAUtils

    本人手写已测试,大家可以参考使用 package com.mirana.frame.utils.encrypt; import com.mirana.frame.utils.log.LogUtils; ...

  4. DES加解密工具类

    这两天在跟友商对接接口,在对外暴露接口的时候,因为友商不需要登录即可访问对于系统来说存在安全隐患,所以需要友商在调用接口的时候需要将数据加密,系统解密验证后才执行业务.所有的加密方式并不是万能的,只是 ...

  5. vue 核心加解密工具类 方法

    1 /* base64 加解密 2 */ 3 export let Base64 = require('js-base64').Base64 4 5 /* md5 加解密 6 */ 7 export ...

  6. C# 加解密工具类

    using System; using System.IO; using System.Security.Cryptography; using System.Text; namespace Clov ...

  7. Java 通过Xml导出Excel文件,Java Excel 导出工具类,Java导出Excel工具类

    Java 通过Xml导出Excel文件,Java Excel 导出工具类,Java导出Excel工具类 ============================== ©Copyright 蕃薯耀 20 ...

  8. Base64加密解密工具类

    使用Apache commons codec类Base64进行加密解密 maven依赖 <dependency> <groupId>commons-codec</grou ...

  9. XJar: Spring-Boot JAR 包加/解密工具,避免源码泄露以及反编译

    XJar: Spring-Boot JAR 包加/解密工具,避免源码泄露以及反编译 <?xml version="1.0" encoding="UTF-8" ...

随机推荐

  1. 1788:Pell数列

    1788:Pell数列 查看 提交 统计 提问 总时间限制:  3000ms 内存限制:  65536kB 描述 Pell数列a1, a2, a3, ...的定义是这样的,a1 = 1, a2 = 2 ...

  2. 微信小程序地图报错——ret is not defined

    刚刚在使用微信的map做地图时候 发现如下报错: 后来找了一会发现错误为经纬度写反了导致经纬度超出了范围 正确取值范围: latitude   纬度  浮点数,范围 -90 ~ 90 longitud ...

  3. Expo大作战(三十)--expo sdk api之Permissions(权限管理模块),Pedometer(计步器api)

    简要:本系列文章讲会对expo进行全面的介绍,本人从2017年6月份接触expo以来,对expo的研究断断续续,一路走来将近10个月,废话不多说,接下来你看到内容,讲全部来与官网 我猜去全部机翻+个人 ...

  4. The stacking context

    文档中的层叠上下文由满足以下任意一个条件的元素形成: 1. z-index 值不为 "auto"的 绝对/相对定位. 2. position位fixed. 3. opacity 属 ...

  5. 【第五篇】SAP ABAP7.5x新语法之命名规约

    公众号:SAP Technical 本文作者:matinal 原文出处:http://www.cnblogs.com/SAPmatinal/ 原文链接:SAP ABAP7.5x系列之命名规约   命名 ...

  6. 高德地图JS API 开发小结

    项目中有一块功能要用到高德地图,所以,想把编码小结一下. 首先是地图的初始化 var map = new AMap.Map("mapDiv", {                  ...

  7. C# Aspose.Cells方式导入Excel文件

    读取Excel 类 我返回的是DataTable 类型 也可以返回DataSet类型 public class XlsFileHelper { public DataTable ImportExcel ...

  8. gitlab 和 github 配置 SSH Keys

    gitlab 文档上给了很好的配置的例子:https://gitlab.com/help/ssh/README#locating-an-existing-ssh-key-pair 针对mac 下的使用 ...

  9. HDU ACM 2066 一个人的旅行

    一个人的旅行 Time Limit: 1000/1000 MS (Java/Others)    Memory Limit: 32768/32768 K (Java/Others)Total Subm ...

  10. 【PAT】B1059 C语言竞赛(20 分)

    这个题也是个逻辑问题 此题用我这种方式很复杂,应该用map 用两个分别储存成绩,已领过奖的人, #include<stdio.h> #include<math.h> int a ...