Skip to content

Instantly share code, notes, and snippets.

@medmin

medmin/gist:bbb383dfd13c7e3490f030efcf1469d3

Created April 24, 2019 16:32
Show Gist options
  • Save medmin/bbb383dfd13c7e3490f030efcf1469d3 to your computer and use it in GitHub Desktop.
Save medmin/bbb383dfd13c7e3490f030efcf1469d3 to your computer and use it in GitHub Desktop.
Download ZIP
UnionPay-intl-ATM-demo
Raw
gistfile1.txt
package topic180313;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import com.alibaba.fastjson.JSONObject;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
public class SignDemo {
/**得到产生的私钥/公钥对
* @return
* @author hym
*/
public static KeyPair getKeypair(){
//产生RSA密钥对(myKeyPair)
KeyPairGenerator myKeyGen = null;
try {
myKeyGen = KeyPairGenerator.getInstance("RSA");
myKeyGen.initialize(1024);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
KeyPair myKeyPair = myKeyGen.generateKeyPair();
return myKeyPair;
}
/**根据密钥对对信息进行加密,返回公钥值
* @param mySig
* @param myKeyPair
* @param infomation
* @return
* @author hym
*/
public static byte[] getpublicByKeypair(Signature mySig,PrivateKey myKeyPair,byte[] infomation){
byte[] publicInfo=null;
try {
mySig.initSign(myKeyPair); //用私钥初始化签名对象
mySig.update(infomation); //将待签名的数据传送给签名对象
publicInfo = mySig.sign(); //返回签名结果字节数组
} catch (Exception e) {
e.printStackTrace();
}
return publicInfo;
}
/**公钥验证签名
* @param mySig
* @param myKeyPair
* @param infomation
* @param publicInfo
* @return
* @author hym
*/
public static boolean decryptBypublic(Signature mySig, X509Certificate myKeyPair,String infomation,byte[] publicInfo){
boolean verify=false;
try {
mySig.initVerify(myKeyPair); //使用公钥初始化签名对象,用于验证签名
mySig.update(infomation.getBytes()); //更新签名内容
verify= mySig.verify(publicInfo); //得到验证结果
} catch (Exception e) {
e.printStackTrace();
}
return verify;
}
/**
* 获取私钥
* @param keyPath 私钥地址
* @param pass 密码
* @return
* @throws SignatureException
*/
public static PrivateKey getPrivateKey(String keyPath, String pass) throws SignatureException, IOException {
FileInputStream inputStream = null;
try {
String alias = "";
char[] password = pass.toCharArray();
KeyStore ks = KeyStore.getInstance("PKCS12");//证书类型
inputStream = new FileInputStream(keyPath);
ks.load(inputStream, password);
for (Enumeration<String> e = ks.aliases(); e.hasMoreElements();) {
alias = (String) e.nextElement();
break;
}
PrivateKey privateKey = (PrivateKey) ks.getKey(alias, password);
return privateKey;
} catch (FileNotFoundException e) {
throw new SignatureException("证书文件[" + keyPath + "]不存在");
} catch (Exception e) {
return null;
} finally {
if (inputStream != null) {
inputStream.close();
}
}
}
public static void main(String[] args) throws IOException, ClassNotFoundException, SignatureException {
try {
PrivateKey prk = getPrivateKey("D:\\密钥\\私钥\\mykeystore.keystore","123456");
Signature mySig = Signature.getInstance("SHA256WithRSA");//用指定算法产生签名对象
JSONObject data = new JSONObject();
JSONObject conten = new JSONObject();
JSONObject fields = new JSONObject();
fields.put("lang","cn");
// fields.put("countryId", "1005012");
// fields.put("typeId", "1002");
// fields.put("cardId", "1004,1005");
conten.put("appId", "liuliangjigou");
conten.put("appKey","liuliangjigoukey");
// conten.put("pageNo","1");
// conten.put("pageSize","10");
conten.put("procType","getCountry");
conten.put("fields",fields);
data.put("data", conten);
String contens = conten.toJSONString();
byte[] publicinfo=getpublicByKeypair(mySig,prk,contens.getBytes()); //数据域 参数1 制定算法的签名对象 2公钥 3数据
String s = new String(publicinfo); //byte转string
BASE64Decoder base64Decoder = new BASE64Decoder();
BASE64Encoder base64Encoder = new BASE64Encoder();//加密
String baseen = base64Encoder.encode(publicinfo);//base64加密后的数据
String con = base64Encoder.encode(contens.getBytes("GBK"));//base64加密后的数据
data.put("data",con);
byte[] cos = base64Decoder.decodeBuffer(con);//解密数据域
String sss = new String(cos,"GBK");
System.out.println("-------解密数据"+sss.toString());
data.put("signature",baseen);
System.out.println("----------------"+data.toJSONString());
System.out.println("--------------------传输的数据加密后:"+data);
System.out.println("--------------------传输的签名加密后:"+baseen);
X509Certificate receivedCertificate = getCertificateByCertPath("D:\\密钥\\公钥\\mypublickey.cer","X.509");
byte[] classBytes = base64Decoder.decodeBuffer(baseen);//解密签名域
byte[] co = base64Decoder.decodeBuffer(con);//解密数据域
System.out.println("--------------------传输的签名解密后:"+new String(classBytes,"UTF-8").toString());
System.out.println("--------------------传输的数据解密后:"+new String(co,"GBK").toString());
boolean verify=decryptBypublic(mySig, receivedCertificate,new String (co,"UTF-8").toString(), classBytes);
System.out.println("验证签名的结果是:"+verify);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
}
/**
* 通过证书路径生成证书,与加载密钥库差不多,都要用到流。
*
* @param path
* @param certType
* @return
* @throws IOException
*/
public static X509Certificate getCertificateByCertPath(String path, String certType) throws IOException {
InputStream inputStream = null;
try {
// 实例化证书工厂
CertificateFactory factory = CertificateFactory.getInstance(certType);
// 取得证书文件流
inputStream = new FileInputStream(path);
// 生成证书
Certificate certificate = factory.generateCertificate(inputStream);
return (X509Certificate) certificate;
} catch (Exception e) {
e.printStackTrace();
} finally {
if (null != inputStream) {
inputStream.close();
}
}
return null;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment