RSA+Base64工具类
- RSA加密后的,需要进行base64
/** * BASE64工具类 * * @author Frank.Z * */
public class Base64Utils {
static private final int BASELENGTH = 128;
static private final int LOOKUPLENGTH = 64;
static private final int TWENTYFOURBITGROUP = 24;
static private final int EIGHTBIT = 8;
static private final int SIXTEENBIT = 16;
static private final int FOURBYTE = 4;
static private final int SIGN = -128;
static private final char PAD = '=';
static private final boolean fDebug = false;
static final private byte[] base64Alphabet = new byte[BASELENGTH];
static final private char[] lookUpBase64Alphabet = new char[LOOKUPLENGTH];
static {
for (int i = 0; i < BASELENGTH; ++i) {
base64Alphabet[i] = -1;
}
for (int i = 'Z'; i >= 'A'; i--) {
base64Alphabet[i] = (byte) (i - 'A');
}
for (int i = 'z'; i >= 'a'; i--) {
base64Alphabet[i] = (byte) (i - 'a' + 26);
}
for (int i = '9'; i >= '0'; i--) {
base64Alphabet[i] = (byte) (i - '0' + 52);
}
base64Alphabet['+'] = 62;
base64Alphabet['/'] = 63;
for (int i = 0; i <= 25; i++) {
lookUpBase64Alphabet[i] = (char) ('A' + i);
}
for (int i = 26, j = 0; i <= 51; i++, j++) {
lookUpBase64Alphabet[i] = (char) ('a' + j);
}
for (int i = 52, j = 0; i <= 61; i++, j++) {
lookUpBase64Alphabet[i] = (char) ('0' + j);
}
lookUpBase64Alphabet[62] = (char) '+';
lookUpBase64Alphabet[63] = (char) '/';
}
private static boolean isWhiteSpace(char octect) {
return (octect == 0x20 || octect == 0xd || octect == 0xa || octect == 0x9);
}
private static boolean isPad(char octect) {
return (octect == PAD);
}
private static boolean isData(char octect) {
return (octect < BASELENGTH && base64Alphabet[octect] != -1);
}
public static String encodeToString(byte[] binaryData) {
return encodeBase64String(binaryData);
}
/** * Encodes hex octects into Base64 * * @param binaryData Array containing binaryData * @return Encoded Base64 array */
public static String encodeBase64String(byte[] binaryData) {
if (binaryData == null) {
return null;
}
int lengthDataBits = binaryData.length * EIGHTBIT;
if (lengthDataBits == 0) {
return "";
}
int fewerThan24bits = lengthDataBits % TWENTYFOURBITGROUP;
int numberTriplets = lengthDataBits / TWENTYFOURBITGROUP;
int numberQuartet = fewerThan24bits != 0 ? numberTriplets + 1 : numberTriplets;
char encodedData[] = null;
encodedData = new char[numberQuartet * 4];
byte k = 0, l = 0, b1 = 0, b2 = 0, b3 = 0;
int encodedIndex = 0;
int dataIndex = 0;
if (fDebug) {
System.out.println("number of triplets = " + numberTriplets);
}
for (int i = 0; i < numberTriplets; i++) {
b1 = binaryData[dataIndex++];
b2 = binaryData[dataIndex++];
b3 = binaryData[dataIndex++];
if (fDebug) {
System.out.println("b1= " + b1 + ", b2= " + b2 + ", b3= " + b3);
}
l = (byte) (b2 & 0x0f);
k = (byte) (b1 & 0x03);
byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4) : (byte) ((b2) >> 4 ^ 0xf0);
byte val3 = ((b3 & SIGN) == 0) ? (byte) (b3 >> 6) : (byte) ((b3) >> 6 ^ 0xfc);
if (fDebug) {
System.out.println("val2 = " + val2);
System.out.println("k4 = " + (k << 4));
System.out.println("vak = " + (val2 | (k << 4)));
}
encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
encodedData[encodedIndex++] = lookUpBase64Alphabet[val2 | (k << 4)];
encodedData[encodedIndex++] = lookUpBase64Alphabet[(l << 2) | val3];
encodedData[encodedIndex++] = lookUpBase64Alphabet[b3 & 0x3f];
}
// form integral number of 6-bit groups
if (fewerThan24bits == EIGHTBIT) {
b1 = binaryData[dataIndex];
k = (byte) (b1 & 0x03);
if (fDebug) {
System.out.println("b1=" + b1);
System.out.println("b1<<2 = " + (b1 >> 2));
}
byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
encodedData[encodedIndex++] = lookUpBase64Alphabet[k << 4];
encodedData[encodedIndex++] = PAD;
encodedData[encodedIndex++] = PAD;
} else if (fewerThan24bits == SIXTEENBIT) {
b1 = binaryData[dataIndex];
b2 = binaryData[dataIndex + 1];
l = (byte) (b2 & 0x0f);
k = (byte) (b1 & 0x03);
byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4) : (byte) ((b2) >> 4 ^ 0xf0);
encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
encodedData[encodedIndex++] = lookUpBase64Alphabet[val2 | (k << 4)];
encodedData[encodedIndex++] = lookUpBase64Alphabet[l << 2];
encodedData[encodedIndex++] = PAD;
}
return new String(encodedData);
}
/** * Decodes Base64 data into octects * * @param encoded string containing Base64 data * @return Array containind decoded data. */
public static byte[] decodeBase64(String encoded) {
if (encoded == null) {
return null;
}
char[] base64Data = encoded.toCharArray();
// remove white spaces
int len = removeWhiteSpace(base64Data);
if (len % FOURBYTE != 0) {
return null;// should be divisible by four
}
int numberQuadruple = (len / FOURBYTE);
if (numberQuadruple == 0) {
return new byte[0];
}
byte decodedData[] = null;
byte b1 = 0, b2 = 0, b3 = 0, b4 = 0;
char d1 = 0, d2 = 0, d3 = 0, d4 = 0;
int i = 0;
int encodedIndex = 0;
int dataIndex = 0;
decodedData = new byte[(numberQuadruple) * 3];
for (; i < numberQuadruple - 1; i++) {
if (!isData((d1 = base64Data[dataIndex++])) || !isData((d2 = base64Data[dataIndex++]))
|| !isData((d3 = base64Data[dataIndex++])) || !isData((d4 = base64Data[dataIndex++]))) {
return null;
} // if found "no data" just return null
b1 = base64Alphabet[d1];
b2 = base64Alphabet[d2];
b3 = base64Alphabet[d3];
b4 = base64Alphabet[d4];
decodedData[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
decodedData[encodedIndex++] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
decodedData[encodedIndex++] = (byte) (b3 << 6 | b4);
}
if (!isData((d1 = base64Data[dataIndex++])) || !isData((d2 = base64Data[dataIndex++]))) {
return null;// if found "no data" just return null
}
b1 = base64Alphabet[d1];
b2 = base64Alphabet[d2];
d3 = base64Data[dataIndex++];
d4 = base64Data[dataIndex++];
if (!isData((d3)) || !isData((d4))) {// Check if they are PAD characters
if (isPad(d3) && isPad(d4)) {
if ((b2 & 0xf) != 0)// last 4 bits should be zero
{
return null;
}
byte[] tmp = new byte[i * 3 + 1];
System.arraycopy(decodedData, 0, tmp, 0, i * 3);
tmp[encodedIndex] = (byte) (b1 << 2 | b2 >> 4);
return tmp;
} else if (!isPad(d3) && isPad(d4)) {
b3 = base64Alphabet[d3];
if ((b3 & 0x3) != 0)// last 2 bits should be zero
{
return null;
}
byte[] tmp = new byte[i * 3 + 2];
System.arraycopy(decodedData, 0, tmp, 0, i * 3);
tmp[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
tmp[encodedIndex] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
return tmp;
} else {
return null;
}
} else { // No PAD e.g 3cQl
b3 = base64Alphabet[d3];
b4 = base64Alphabet[d4];
decodedData[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
decodedData[encodedIndex++] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
decodedData[encodedIndex++] = (byte) (b3 << 6 | b4);
}
return decodedData;
}
/** * remove WhiteSpace from MIME containing encoded Base64 data. * * @param data the byte array of base64 data (with WS) * @return the new length */
private static int removeWhiteSpace(char[] data) {
if (data == null) {
return 0;
}
// count characters that's not whitespace
int newSize = 0;
int len = data.length;
for (int i = 0; i < len; i++) {
if (!isWhiteSpace(data[i])) {
data[newSize++] = data[i];
}
}
return newSize;
}
}
- RSA加密
import java.io.ByteArrayOutputStream;
import java.security.Key;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import javax.crypto.Cipher;
/** * RSA工具类,返回baser64编码后的字符串 <br> * 使用RSA-SHA1 * * @author Frank.Z * */
public class RSAUtils {
public static final String SIGN_ALGORITHMS = "SHA1WithRSA";
private static final String KEY_ALGORITHM = "RSA";
private static final int KEY_SIZE = 2048;
private static final int DECRYPT_BLOCK_SIZE = KEY_SIZE / 8;
public static String CHAR_SET = "UTF-8";
/** * 加密,根据字符串进行加密,返回base64编码后的字符串 * * @param content * @param publicKey * @return * @throws Exception */
public static String encryptByPublicKey(String content, String publicKey) throws Exception {
return Base64Utils.encodeToString(encryptByPublicKey(content.getBytes("UTF-8"), publicKey));
}
/** * 加密,根据字节数组进行加密,返回普通字符串 * * @param data * @param publicKey * @return * @throws Exception */
// 2.1 2.3
private static byte[] encryptByPublicKey(byte[] data, String publicKey) throws Exception {
byte[] keyBytes = Base64Utils.decodeBase64(publicKey);
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
Key publicK = keyFactory.generatePublic(x509KeySpec);
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(1, publicK);
int inputLen = data.length;
ByteArrayOutputStream out = new ByteArrayOutputStream();
int offSet = 0;
int i = 0;
while (inputLen - offSet > 0) {
byte[] cache;
if (inputLen - offSet > 117) {
cache = cipher.doFinal(data, offSet, 117);
} else {
cache = cipher.doFinal(data, offSet, inputLen - offSet);
}
out.write(cache, 0, cache.length);
i++;
offSet = i * 117;
}
byte[] encryptedData = out.toByteArray();
out.close();
return encryptedData;
}
/** * 签名,对明文和私钥,进行签名,避免被篡改 * * @param content * @param privateKey * @return */
// 2.1 2.3
public static String sign(String content, String privateKey) {
try {
PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec(Base64Utils.decodeBase64(privateKey));
KeyFactory keyf = KeyFactory.getInstance("RSA");
PrivateKey priKey = keyf.generatePrivate(priPKCS8);
java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS);
signature.initSign(priKey);
signature.update(content.getBytes());
byte[] signed = signature.sign();
return Base64Utils.encodeToString(signed);
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
/** * 验签,根据加密的content参数,和sign前面后的值,和公钥,进行验签,确定没被篡改 * * @param content * @param sign * @param publicKey * @return */
// 2.2
public static boolean validateByPublicKey(String content, String sign, String publicKey) {
try {
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
byte[] publicBytes = Base64Utils.decodeBase64(publicKey);
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicBytes);
PublicKey pubKey = keyFactory.generatePublic(keySpec);
java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS);
signature.initVerify(pubKey);
signature.update(content.getBytes("UTF-8"));
sign = sign.replaceAll("[\\s*\t\n\r]", "");
boolean bverify = signature.verify(Base64Utils.decodeBase64(sign));
return bverify;
} catch (Exception e) {
e.printStackTrace();
}
return false;
}
/** * 根据私钥,对加密内容进行解密 * * @param content * @param privateKey * @return * @throws Exception */
// 2.1 2.3 2.2
public static String decryptByPrivateKey(String content, String privateKey) throws Exception {
byte[] privateKeyBytes = Base64Utils.decodeBase64(privateKey);
content = content.replaceAll("[\\s*\t\n\r]", "");
byte[] decryptBytes = Base64Utils.decodeBase64(content);
if (decryptBytes.length <= DECRYPT_BLOCK_SIZE) {
return new String(decrypt(decryptBytes, privateKeyBytes), "UTF-8");
} else {
byte[] buffer = null;
int index = ((decryptBytes.length - 1) / DECRYPT_BLOCK_SIZE) + 1;
byte[] blockBytes = new byte[DECRYPT_BLOCK_SIZE];
for (int i = 0; i < index; i++) {
if (i == index - 1) {
blockBytes = new byte[DECRYPT_BLOCK_SIZE];
}
int startIndex = i * DECRYPT_BLOCK_SIZE;
int endIndex = startIndex + DECRYPT_BLOCK_SIZE;
blockBytes = Arrays.copyOfRange(decryptBytes, startIndex,
endIndex > decryptBytes.length ? decryptBytes.length : endIndex);
if (buffer == null) {
buffer = decrypt(blockBytes, privateKeyBytes);
} else {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
baos.write(buffer);
baos.write(decrypt(blockBytes, privateKeyBytes));
buffer = baos.toByteArray();
baos.close();
}
}
return new String(buffer, "UTF-8");
}
}
private static byte[] decrypt(byte[] decrypt, byte[] privateKeyBytes) throws Exception {
PrivateKey privateKey = codeToPrivateKey(privateKeyBytes);
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.DECRYPT_MODE, privateKey);
byte[] resultBytes = cipher.doFinal(decrypt);
return resultBytes;
}
private static PrivateKey codeToPrivateKey(byte[] privateKey) throws Exception {
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(privateKey);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
PrivateKey keyPrivate = keyFactory.generatePrivate(keySpec);
return keyPrivate;
}
private static boolean verify(String content, String sign, String public_key) throws Exception {
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
byte[] encodedKey = Base64Utils.decodeBase64(public_key);
PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));
java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS);
signature.initVerify(pubKey);
signature.update(content.getBytes(CHAR_SET));
boolean bverify = signature.verify(Base64Utils.decodeBase64(sign));
return bverify;
}
}
-
测试验证
public class M { private static final String publicKey = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukjUCe0xtO3BQMKP/XOX2k82gvyTHrXpqMHUx3/ZeUJ8XbaihYjrtN4844Yb7/eJjuXDmtCo0tZjfIi0sAXCzkOPbf2ZfZuCNFiDAchE7d5RCvMeBmA9eytXDxbtk6as0BK3ktCvSVuQcwciavyhVGV4xkabEdsKKJc64kDETGGlk9JhIrUJY3Bq0u1CKVpXvBJATLaue8lv4gDAOa9LRXl83Fz0yD0qHZpvCT7+PILh2L6noiQd3OHlpfhnO4fqSAs0y6OaJjpKhk+3nWQHpzZK3PMe2lQjosWHl8Hvuva23FizKNfVMSdI4pkxCJVmv0aTnbVDWiQEcOBbkEfj0QIDAQAB"; private static final String privateKey = "MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC6SNQJ7TG07cFAwo/9c5faTzaC/JMetemowdTHf9l5QnxdtqKFiOu03jzjhhvv94mO5cOa0KjS1mN8iLSwBcLOQ49t/Zl9m4I0WIMByETt3lEK8x4GYD17K1cPFu2TpqzQEreS0K9JW5BzByJq/KFUZXjGRpsR2woolzriQMRMYaWT0mEitQljcGrS7UIpWle8EkBMtq57yW/iAMA5r0tFeXzcXPTIPSodmm8JPv48guHYvqeiJB3c4eWl+Gc7h+pICzTLo5omOkqGT7edZAenNkrc8x7aVCOixYeXwe+69rbcWLMo19UxJ0jimTEIlWa/RpOdtUNaJARw4FuQR+PRAgMBAAECggEAOB74woTTFM8MCZaUCqdoeDylD5FIQVhMrKq4j+HUgtOk5BbBn7lASZ0qeuFMSV8p8gMGiv2R3vL3xezpgp45sipoa5qbQ1w2Pc7sqPzMx1zSzZmw0frsis7jy4f8yx7LsWPyKij0pgUP35emptS1RdfMKu/ah+aViOUGuGMKwHem1gPl/g74etRgvEIFXukSeN8LUyCnM3H81gB1u7TlkCUrYuQAMQnRNXZP7XL/KJzZB/p+r9BAv1kjv1hgDV/6ZkHV0puRu+O2/6AyoI+ZpYc3NdWmHi4STISFLDRWpEFMfYw7Lkr5OIy/Egej/NbsDsYOJRe2EAmI8znOtA0KgQKBgQDkEGXrfSDNPxsl9iga5YdA+eI7bMAmy/YKiQz0uuL8wZ8vnG78rwgntHi2CpHWy0wBtB+/mqWmFQ1AKJw4uaIKSvT13FrhbFdahGwC7mm6NTLiimvCfundcXtwEna/Vq5wliYdfYkwXwCSbnPC8B8h6SEUffZ3QeTBAND93eZDwwKBgQDRGk/h6cR8va7yfoy0UpL3nXLD6cP8BCQXp9II86pEfeejCCHLA+q2E5AE3+9gV4qqjpWxIJwgcnAyqCVr1vRLyNthG3Q7Hm6EgI0q7FsNRm+91Q8Wz1QR++KMuT3f/rvRSMgL/WE3p1aJPokjWn+yTJN856gKOxrXmlhdhGGk2wKBgQDffc5S8gEWAVR6Y/ozOWDM5NO1RkIbAt7uvhVLMmVEKf30K0l8J45HUozEYCFAq2KlfL1sB4Fy+shMaj+FOyy3B3N8B9+rbn8//erXCInlZ0KhS+KD69kEH7RGRGHH6YryW8GoPqAVHdQyqziX/LWVhp7bNQE1JwajuEgVr8F5/wKBgQCjAG/lG+Yfl34Zaq0kpHoMrKAaONCeVFwOVLRWZhwE6GD5pg0xxQvig71xD1/7KkLeUeg++7y5TnxIAOuq9RXbPehF+rDQpRhiEhP5seYIoy/YO45XqadPnZstN/oT8u9WZfYL4qk2SSwcMLOW66U/yJHwfGVyFEEIcTkRLXEwoQKBgQCRJ0KtjA7+jCqf5SPMvCgHf3Ww9epA7Hy7Wqrhl4RaFHrm7PGwCuh/cza0E611GDc7pcvRZsfZ6mZjLf9GExTzWxFfhrssUZ/h8o2Nkx6alUel7vTMJNPY6p9eelxRxAmCxQSr72scsROmQL3Sy/emrXH5fPNcrhqorzz3lHFhTw=="; public static void main(String[] args) { String content = "我是centent"; System.out.println("明文是:" + content); try { String encodeContent = RSAUtils.encryptByPublicKey(content, publicKey); System.out.println("加密后是:" + encodeContent); String decryptContent = RSAUtils.decryptByPrivateKey(encodeContent, privateKey); System.out.println("解密后是:" + decryptContent); System.out.println("明文和解密后,是否相同?:"+content.equals(decryptContent)); } catch (Exception e) { e.printStackTrace(); } } }