package com.lunhan.water.common.security; import org.apache.commons.codec.binary.Base64; import javax.crypto.Cipher; import java.io.BufferedReader; import java.io.FileReader; import java.io.IOException; import java.nio.charset.StandardCharsets; import java.security.*; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; public class RSAUtil { private static String getKey(String filePath) { try { // Read key from file String strKeyPEM = ""; BufferedReader br = new BufferedReader(new FileReader(filePath)); String line; while ((line = br.readLine()) != null) { strKeyPEM += line + "\n"; } br.close(); return strKeyPEM; } catch (Exception e) { throw new RuntimeException("RSA读取文件(" + filePath + ")失败: " + e.getMessage()); } } /** * 从pem文件获取私钥PrivateKey * * @param filePath pem文件路径 */ public static PrivateKey getPrivateKey(String filePath) { String privateKeyPEM = RSAUtil.getKey(filePath); return RSAUtil.getPrivateKeyFromString(privateKeyPEM); } /** * String转私钥PrivateKey * * @param key */ public static PrivateKey getPrivateKeyFromString(String key) { try { String privateKeyPEM = key; privateKeyPEM = privateKeyPEM.replaceFirst("\\-+BEGIN PRIVATE KEY\\-+[^a-zA-Z0-9_\\-]+", ""); privateKeyPEM = privateKeyPEM.replaceFirst("\\-+END PRIVATE KEY\\-+", "").replaceAll("\\s+", ""); byte[] encoded = Base64.decodeBase64(privateKeyPEM); KeyFactory kf = KeyFactory.getInstance("RSA"); PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encoded); return kf.generatePrivate(keySpec); } catch (Exception e) { throw new RuntimeException("RSA从字符串获取私钥失败: " + e.getMessage()); } } public static PublicKey getPublicKey(String filename) throws IOException, GeneralSecurityException { String publicKeyPEM = RSAUtil.getKey(filename); return RSAUtil.getPublicKeyFromString(publicKeyPEM); } public static PublicKey getPublicKeyFromString(String key) { try { String publicKeyPEM = key; publicKeyPEM = publicKeyPEM.replace("-----BEGIN PUBLIC KEY-----\n", ""); publicKeyPEM = publicKeyPEM.replace("-----END PUBLIC KEY-----", ""); byte[] encoded = Base64.decodeBase64(publicKeyPEM); KeyFactory kf = KeyFactory.getInstance("RSA"); PublicKey pubKey = kf.generatePublic(new X509EncodedKeySpec(encoded)); return pubKey; } catch (Exception e) { throw new RuntimeException("RSA从字符串获取公钥失败: " + e.getMessage()); } } public static String sign(PrivateKey privateKey, String message) { try { Signature sign = Signature.getInstance("SHA1withRSA"); sign.initSign(privateKey); sign.update(message.getBytes(StandardCharsets.UTF_8)); return new String(Base64.encodeBase64(sign.sign()), StandardCharsets.UTF_8); } catch (Exception e) { throw new RuntimeException("RSA签名生成失败: " + e.getMessage()); } } public static boolean verify(PublicKey publicKey, String message, String signature) { try { Signature sign = Signature.getInstance("SHA1withRSA"); sign.initVerify(publicKey); sign.update(message.getBytes(StandardCharsets.UTF_8)); return sign.verify(Base64.decodeBase64(signature.getBytes(StandardCharsets.UTF_8))); } catch (Exception e) { throw new RuntimeException("RSA签名验证失败: " + e.getMessage()); } } public static String encryptRSA(String rawText, String publicKey) { return RSAUtil.encryptRSA(rawText, RSAUtil.getPublicKeyFromString(publicKey)); } public static String encryptRSA(String rawText, PublicKey publicKey) { try { Cipher cipher = Cipher.getInstance("RSA"); cipher.init(Cipher.ENCRYPT_MODE, publicKey); return Base64.encodeBase64String(cipher.doFinal(rawText.getBytes(StandardCharsets.UTF_8))); } catch (Exception e) { throw new RuntimeException("RSA加密失败: " + e.getMessage()); } } //公钥加密 // public static String encrypt(String content, String publicKey) { // return RSAUtil.encrypt(content, RSAUtil.getPublicKeyFromString(publicKey)); // } // public static String encrypt(String content, PublicKey publicKey) { // try { // byte[] output = RSAUtil.encrypt(content.getBytes(), publicKey); // BASE64Encoder encoder = new BASE64Encoder(); // return encoder.encode(output); // } catch (Exception e) { // throw new RuntimeException("RSA加密失败: " + e.getMessage()); // } // } //公钥加密 public static byte[] encrypt(byte[] content, PublicKey publicKey) { try { Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");//java默认"RSA"="RSA/ECB/PKCS1Padding" cipher.init(Cipher.ENCRYPT_MODE, publicKey); return cipher.doFinal(content); } catch (Exception e) { throw new RuntimeException("RSA加密失败: " + e.getMessage()); } } public static String decryptRSA(String cipherText, String privateKey) { return RSAUtil.decryptRSA(cipherText, RSAUtil.getPrivateKey(privateKey)); } public static String decryptRSA(String cipherText, PrivateKey privateKey) { try { Cipher cipher = Cipher.getInstance("RSA"); cipher.init(Cipher.DECRYPT_MODE, privateKey); return new String(cipher.doFinal(Base64.decodeBase64(cipherText)), StandardCharsets.UTF_8); } catch (Exception e) { throw new RuntimeException("RSA解密失败: " + e.getMessage()); } } //私钥解密 // public static String decrypt(String content, String privateKey) { // return RSAUtil.decrypt(content, RSAUtil.getPrivateKey(privateKey)); // } // public static String decrypt(String content, PrivateKey privateKey) { // try { // byte[] buffer = RSAUtil.decrypt(content.getBytes(), privateKey); // BASE64Encoder encoder = new BASE64Encoder(); // return encoder.encode(buffer); // } catch (Exception e) { // throw new RuntimeException("RSA解密失败: " + e.getMessage()); // } // } //私钥解密 public static byte[] decrypt(byte[] content, PrivateKey privateKey) { try { Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding"); cipher.init(Cipher.DECRYPT_MODE, privateKey); return cipher.doFinal(content); } catch (Exception e) { throw new RuntimeException("RSA解密失败: " + e.getMessage()); } } }