java加密签名代码备忘

这类代码很容易忘记，所以记到这里，以后方便翻阅：

package com.olivephone.olivestat.task;

import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;

import javax.crypto.Cipher;

import org.junit.Test;

import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;

public class ChiperTest {
	public static final String ALGORITHM = "RSA";
	public static final String SIGNATURE_ALGORITHM = "MD5withRSA";

	@Test
	public void test() throws Exception {

		// 先在服务端先成一个密钥对，将PrivateKey发给客户端
		String[] keyPair = createKeyPair();
		String data = "helloworld";

		// Client:1.客户端将要发送的数据data，用PrivateKey加密后，生成加密数据data1
		byte[] data1 = encryptByPrivateKey(data.getBytes(), keyPair[0]);
		System.out.println("加密后>>" + encryptBASE64(data1));

		// Client:2.客户端将加密数据data1用PrivateKey生成签名sign,
		// Client:3.客户端要发送的数据包括：data1,sign
		String sign = sign(keyPair[0], new String(data1));

		// Server:1.服务端接收到客户端发送过来的：data1,sign;
		// Server:2.服务端用PublicKey和sign,来验证data1的签名是否正确
		boolean success = verify(sign, keyPair[1], new String(data1));

		// Server:3.服务端如果签名正确，则用PublicKey将data1解密=>data2,即为客户端发送过来的明文数据
		byte[] data2 = decryptByPublicKey(data1, keyPair[1]);
		System.out.println("解密后>>" + new String(data2));
		System.out.println(success);
	}

	public String[] createKeyPair() {
		KeyPairGenerator keyGen;
		try {
			keyGen = KeyPairGenerator.getInstance(ALGORITHM);
			keyGen.initialize(1024, new SecureRandom());
			KeyPair keypair = keyGen.generateKeyPair();
			return new String[] { encryptBASE64(keypair.getPrivate().getEncoded()), encryptBASE64(keypair.getPublic().getEncoded()) };
		} catch (Exception e) {
			e.printStackTrace();
		}
		return null;
	}

	/* 签名相关 */
	public String sign(String key, String data) throws Exception {
		byte[] keyBytes = decryptBASE64(key);

		PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
		KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM);
		PrivateKey priKey = keyFactory.generatePrivate(pkcs8KeySpec);

		Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
		signature.initSign(priKey);
		signature.update(data.getBytes());

		String sign = encryptBASE64(signature.sign());
		return sign;
	}

	public boolean verify(String sign, String key, String data) throws Exception {
		byte[] keyBytes = decryptBASE64(key);

		X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
		KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM);
		PublicKey pubKey = keyFactory.generatePublic(keySpec);

		Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
		signature.initVerify(pubKey);
		signature.update(data.getBytes());

		return signature.verify(decryptBASE64(sign));
	}

	/* 加密相关 */
	public static byte[] encryptByPublicKey(byte[] data, String key) throws Exception {
		byte[] keyBytes = decryptBASE64(key);

		X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
		KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM);
		Key publicKey = keyFactory.generatePublic(x509KeySpec);

		Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
		cipher.init(Cipher.ENCRYPT_MODE, publicKey);

		return cipher.doFinal(data);
	}

	public static byte[] decryptByPrivateKey(byte[] data, String key) throws Exception {
		byte[] keyBytes = decryptBASE64(key);

		PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
		KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM);
		Key privateKey = keyFactory.generatePrivate(pkcs8KeySpec);

		Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
		cipher.init(Cipher.DECRYPT_MODE, privateKey);

		return cipher.doFinal(data);
	}

	public static byte[] encryptByPrivateKey(byte[] data, String key) throws Exception {
		byte[] keyBytes = decryptBASE64(key);

		PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
		KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM);
		Key privateKey = keyFactory.generatePrivate(pkcs8KeySpec);

		Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
		cipher.init(Cipher.ENCRYPT_MODE, privateKey);

		return cipher.doFinal(data);
	}

	public static byte[] decryptByPublicKey(byte[] data, String key) throws Exception {
		byte[] keyBytes = decryptBASE64(key);

		X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
		KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM);
		Key publicKey = keyFactory.generatePublic(x509KeySpec);

		Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
		cipher.init(Cipher.DECRYPT_MODE, publicKey);

		return cipher.doFinal(data);
	}

	public static byte[] decryptBASE64(String key) throws Exception {
		return (new BASE64Decoder()).decodeBuffer(key);
	}

	public static String encryptBASE64(byte[] key) throws Exception {
		return (new BASE64Encoder()).encodeBuffer(key);
	}
}