Java使用.cer文件中的公钥对密码加密
问题如标题,我试过了,能得到加密的内容,但是每次都不一样,我看到public key的algorithm是RSA,所以我觉得每次不一样是正常的。但是我调用对方API,一直过不去。所以请高手帮我看看代码,有什么问题!或者给我一个标准的方法。
java 加密
public class EncryptPasswordUtil {
private static LogService log = LogService
.getInstance(EncryptPasswordUtil.class);
private static final String ENCRPTY_FILE_NAME = "test.cer";
public static String generateTCSRSAPassword(String password) {
PublicKey tcsPublicKey = null;
try {
tcsPublicKey = getPublicKeyFromX509(ENCRPTY_FILE_NAME);
if (tcsPublicKey != null) {
log.debug("Load the file: " + ENCRPTY_FILE_NAME);
Cipher tcsCipher = Cipher.getInstance(tcsPublicKey
.getAlgorithm());
tcsCipher.init(Cipher.ENCRYPT_MODE, tcsPublicKey);
String tcsEncryptPassword = Base64.encodeBase64String(tcsCipher
.doFinal(Base64.encodeBase64(password.getBytes())));
return tcsEncryptPassword;
} else {
log.warn(ENCRPTY_FILE_NAME + " cannot be found!");
throw new Exception(ENCRPTY_FILE_NAME
+ " cannot be found!");
}
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
private static PublicKey getPublicKeyFromX509(String filename)
throws Exception {
InputStream fin = Thread.currentThread().getContextClassLoader()
.getResourceAsStream(ENCRPTY_FILE_NAME);
CertificateFactory f = CertificateFactory.getInstance("X.509");
X509Certificate certificate = (X509Certificate) f
.generateCertificate(fin);
PublicKey pk = certificate.getPublicKey();
return pk;
}
}
[解决办法]
给你个例子吧,我自己封装的
package com.gus.encipherment;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import org.apache.commons.codec.binary.Hex;
/**
* 数字证书应用
* @author gus
* @since 2011/02/29
*/
public class DC {
/**
* 由密钥库获得私钥
* @param keyStorePath 密钥库路径
* @param passwd
* @param alias
* @return 16进制封装的私钥
* @throws KeyStoreException
* @throws IOException
* @throws CertificateException
* @throws NoSuchAlgorithmException
* @throws UnrecoverableKeyException
*/
public static PrivateKey getPrikeyByKeyStore(String keyStorePath,String passwd,String alias) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException{
//实例化密钥库
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
FileInputStream is = new FileInputStream(keyStorePath);
//加载密钥库
ks.load(is, passwd.toCharArray());
is.close();
PrivateKey privateKey = (PrivateKey) ks.getKey(alias,passwd.toCharArray());
//封装成16进制
//return Hex.encodeHexString(privateKey.getEncoded());
return privateKey;
}
/**
* 由证书获得公钥
* @param cerPath 证书路径
* @return 16进制封装的公钥
* @throws CertificateException
* @throws IOException
*/
public static PublicKey getPubKeyByCer(String cerPath) throws CertificateException, IOException{
//实例化证书工厂
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
FileInputStream in = new FileInputStream(cerPath);
Certificate certificate = certificateFactory.generateCertificate(in);
in.close();
PublicKey publicKey = certificate.getPublicKey();
//封装成16进制
//return Hex.encodeHexString(publicKey.getEncoded());
return publicKey;
}
/**
* 签名
* @param sign
* @param keyStorePath
* @param passwd
* @param alias
* @param cerPath
* @return
* @throws CertificateException
* @throws IOException
* @throws NoSuchAlgorithmException
* @throws UnrecoverableKeyException
* @throws KeyStoreException
* @throws SignatureException
* @throws InvalidKeyException
*/
public static byte[] sign(byte[] sign, String keyStorePath,String passwd,String alias,String cerPath) throws CertificateException, IOException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, SignatureException, InvalidKeyException{
//获得证书
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
FileInputStream in = new FileInputStream(cerPath);
Certificate certificate = certificateFactory.generateCertificate(in);
in.close();
X509Certificate x509certificate = (X509Certificate) certificate;
//构建签名
Signature signature = Signature.getInstance(x509certificate.getSigAlgName());
PrivateKey privateKey = getPrikeyByKeyStore(keyStorePath,passwd,alias);
//初始化签名
signature.initSign(privateKey);
signature.update(sign);
return signature.sign();
}
/**
* 验证签名
* @param data
* @param sign
* @param cerPath
* @return
* @throws CertificateException
* @throws IOException
* @throws NoSuchAlgorithmException
* @throws InvalidKeyException
* @throws SignatureException
*/
public static boolean verify(byte[] data,byte[] sign,String cerPath) throws CertificateException, IOException, NoSuchAlgorithmException, InvalidKeyException, SignatureException{
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
FileInputStream in = new FileInputStream(cerPath);
Certificate certificate = certificateFactory.generateCertificate(in);
in.close();
X509Certificate x509certificate = (X509Certificate) certificate;
//构建签名
Signature signature = Signature.getInstance(x509certificate.getSigAlgName());
signature.initVerify(x509certificate);
signature.update(data);
return signature.verify(sign);
}
public static void main(String[] args) throws Exception {
String keyStorePath = "d:/gus.keystore";
String cerPath = "d:/gus.cer";
String passwd = "hello!@#";
String alias = "www.gus.com";
PrivateKey prikey = getPrikeyByKeyStore(keyStorePath,passwd,alias);
System.err.println("私钥:\n"+prikey);
PublicKey pubkey = getPubKeyByCer(cerPath);
System.err.println("公钥:\n"+pubkey);
byte[] sign = sign("待签名的".getBytes(), keyStorePath, passwd, alias, cerPath);
System.out.println(Hex.encodeHex(sign));
//传来的数据最好加密
System.out.println(verify("待签名的".getBytes(), sign, cerPath));
}
}