java rsa私钥加密是一种加密算法。私钥加密算法是用私钥来进行加密与解密信息。私钥加密也被称作对称加密,原因是加密与解密使用的秘钥是同一个。
RSA加密需要注意的事项如下:
1. 首先产生公钥与私钥
2. 设计加密与解密的算法
3. 私钥加密的数据信息只能由公钥可以解密
4. 公钥加密的数据信息只能由私钥可以解密
实战演练,具体步骤如下: public class RsaCryptTools { private static final String CHARSET = "utf-8" private static final Base64.Decoder decoder64 = Base64.getDecoder() private static final Base64.Encoder encoder64 = Base64.getEncoder() /** * 生成公私钥 * @param keySize * @return * @throws NoSuchAlgorithmException */ public static SecretKey generateSecretKey(int keySize) throws NoSuchAlgorithmException { //生成密钥对 KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA") keyGen.initialize(keySize, new SecureRandom()) KeyPair pair = keyGen.generateKeyPair() PrivateKey privateKey = pair.getPrivate() PublicKey publicKey = pair.getPublic() //这里可以将密钥对保存到本地 return new SecretKey(encoder64.encodeToString(publicKey.getEncoded()), encoder64.encodeToString(privateKey.getEncoded())) } /** * 私钥加密 * @param data * @param privateInfoStr * @return * @throws IOException * @throws InvalidCipherTextException */ public static String encryptData(String data, String privateInfoStr) throws IOException, InvalidKeySpecException, NoSuchAlgorithmException, InvalidKeyException, NoSuchPaddingException, BadPaddingException, IllegalBlockSizeException { Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding") cipher.init(Cipher.ENCRYPT_MODE, getPrivateKey(privateInfoStr)) return encoder64.encodeToString(cipher.doFinal(data.getBytes(CHARSET))) } /** * 公钥解密 * @param data * @param publicInfoStr * @return */ public static String decryptData(String data, String publicInfoStr) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, UnsupportedEncodingException { byte[] encryptDataBytes=decoder64.decode(data.getBytes(CHARSET)) //解密 Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding") cipher.init(Cipher.DECRYPT_MODE, getPublicKey(publicInfoStr)) return new String(cipher.doFinal(encryptDataBytes), CHARSET) } private static PublicKey getPublicKey(String base64PublicKey) throws NoSuchAlgorithmException, InvalidKeySpecException { X509EncodedKeySpec keySpec = new X509EncodedKeySpec(Base64.getDecoder().decode(base64PublicKey.getBytes())) KeyFactory keyFactory = KeyFactory.getInstance("RSA") return keyFactory.generatePublic(keySpec) } private static PrivateKey getPrivateKey(String base64PrivateKey) throws NoSuchAlgorithmException, InvalidKeySpecException { PrivateKey privateKey = null PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64.getDecoder().decode(base64PrivateKey.getBytes())) KeyFactory keyFactory = null keyFactory = KeyFactory.getInstance("RSA") privateKey = keyFactory.generatePrivate(keySpec) return privateKey } /** * 密钥实体 * @author hank * @since 2020/2/28 0028 下午 16:27 */ public static class SecretKey { /** * 公钥 */ private String publicKey /** * 私钥 */ private String privateKey public SecretKey(String publicKey, String privateKey) { this.publicKey = publicKey this.privateKey = privateKey } public String getPublicKey() { return publicKey } public void setPublicKey(String publicKey) { this.publicKey = publicKey } public String getPrivateKey() { return privateKey } public void setPrivateKey(String privateKey) { this.privateKey = privateKey } @Override public String toString() { return "SecretKey{" + "publicKey='" + publicKey + '\'' + ", privateKey='" + privateKey + '\'' + '}' } } private static void writeToFile(String path, byte[] key) throws IOException { File f = new File(path) f.getParentFile().mkdirs() try(FileOutputStream fos = new FileOutputStream(f)) { fos.write(key) fos.flush() } } public static void main(String[] args) throws NoSuchAlgorithmException, NoSuchPaddingException, IOException, BadPaddingException, IllegalBlockSizeException, InvalidKeyException, InvalidKeySpecException { SecretKey secretKey = generateSecretKey(2048) System.out.println(secretKey) String enStr = encryptData("你好测试测试", secretKey.getPrivateKey()) System.out.println(enStr) String deStr = decryptData(enStr, secretKey.getPublicKey()) System.out.println(deStr) enStr = encryptData("你好测试测试hello", secretKey.getPrivateKey()) System.out.println(enStr) deStr = decryptData(enStr, secretKey.getPublicKey()) System.out.println(deStr) } }
对支付宝进行设置再回主页面进行转义,具体步骤如下。
支付宝APP支付(Java后台生成签名具体步骤)
/**
*支付宝支付
* @param orderId 订单编号
* @param actualPay 实际支付金额
* @return
*/
private String getOrderInfoByAliPay(String orderId,float actualPay) {
//回调页面
String ali_call_back_url = propertiesService.ALI_CALL_BACK_URL
String seller_id = propertiesService.SELLER_ID//商户编号
String[] parameters={
"service=\"mobile.securitypay.pay\"",//固定值(手机快捷支付)
"partner=\"2088421544444\"",//合作身份者ID(16位)
"_input_charset=\"utf-8\"",
"notify_url=\""+ali_call_back_url+"\"",//通知地址
"out_trade_no=\""+orderId+"\"",//商户内部订单号
"subject=\"测试\"",//测试
"payment_type=\"1\"",//固定值
"seller_id=\""+seller_id+"\"",//账户邮箱
"total_fee=\""+"0.01"+"\"",//支付金额(元)
"body=\"订单说明\"",//订单说明
"it_b_pay=\"30m\""(订单过期时间 30分钟过期无效)
}
String signOrderUrl = signAllString(parameters)
return signOrderUrl
}
/**
* 支付宝签名
* @param array
* @return
*/
private String signAllString(String [] array){
StringBuffer sb = new StringBuffer("")
for (int i = 0i <array.lengthi++) {
if(i==(array.length-1)){
sb.append(array[i])
}else{
sb.append(array[i]+"&")
}
}
System.out.println(sb.toString())
String sign = ""
try {
sign = URLEncoder.encode(RSA.sign(sb.toString(), AlipayConfig.private_key, "utf-8"), "utf-8")//private_key私钥
} catch (UnsupportedEncodingException e) {
e.printStackTrace()
}
sb.append("&sign=\""+sign+"\"&")
sb.append("sign_type=\"RSA\"")
return sb.toString()
}
package com.alipay.sign
import javax.crypto.Cipher
import java.io.ByteArrayInputStream
import java.io.ByteArrayOutputStream
import java.io.InputStream
import java.security.KeyFactory
import java.security.PrivateKey
import java.security.PublicKey
import java.security.spec.PKCS8EncodedKeySpec
import java.security.spec.X509EncodedKeySpec
public class RSA{
public static final String SIGN_ALGORITHMS = "SHA1WithRSA"
/**
* RSA签名
* @param content 待签名数据
* @param privateKey 商户私钥
* @param input_charset 编码格式
* @return 签名值
*/
public static String sign(String content, String privateKey, String input_charset)
{
try
{
byte[] decode = Base64.decode(privateKey)
PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec(decode )
KeyFactory keyf= KeyFactory.getInstance("RSA")
PrivateKey priKey= keyf.generatePrivate(priPKCS8)
java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS)
signature.initSign(priKey)
signature.update( content.getBytes(input_charset) )
byte[] signed = signature.sign()
return Base64.encode(signed)
}
catch (Exception e)
{
e.printStackTrace()
}
return null
}
/**
* RSA验签名检查
* @param content 待签名数据
* @param sign 签名值
* @param ali_public_key 支付宝公钥
* @param input_charset 编码格式
* @return 布尔值
*/
public static boolean verify(String content, String sign, String ali_public_key, String input_charset)
{
try
{
KeyFactory keyFactory = KeyFactory.getInstance("RSA")
byte[] encodedKey = Base64.decode(ali_public_key)
PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey))
java.security.Signature signature = java.security.Signature
.getInstance(SIGN_ALGORITHMS)
signature.initVerify(pubKey)
signature.update( content.getBytes(input_charset) )
boolean bverify = signature.verify( Base64.decode(sign) )
return bverify
}
catch (Exception e)
{
e.printStackTrace()
}
return false
}
/**
* 解密
* @param content 密文
* @param private_key 商户私钥
* @param input_charset 编码格式
* @return 解密后的字符串
*/
public static String decrypt(String content, String private_key, String input_charset) throws Exception {
PrivateKey prikey = getPrivateKey(private_key)
Cipher cipher = Cipher.getInstance("RSA")
cipher.init(Cipher.DECRYPT_MODE, prikey)
InputStream ins = new ByteArrayInputStream(Base64.decode(content))
ByteArrayOutputStream writer = new ByteArrayOutputStream()
//rsa解密的字节大小最多是128,将需要解密的内容,按128位拆开解密
byte[] buf = new byte[128]
int bufl
while ((bufl = ins.read(buf)) != -1) {
byte[] block = null
if (buf.length == bufl) {
block = buf
} else {
block = new byte[bufl]
for (int i = 0i <bufli++) {
block[i] = buf[i]
}
}
writer.write(cipher.doFinal(block))
}
return new String(writer.toByteArray(), input_charset)
}
/**
* 得到私钥
* @param key 密钥字符串(经过base64编码)
* @throws Exception
*/
public static PrivateKey getPrivateKey(String key) throws Exception {
byte[] keyBytes
keyBytes = Base64.decode(key)
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes)
KeyFactory keyFactory = KeyFactory.getInstance("RSA")
PrivateKey privateKey = keyFactory.generatePrivate(keySpec)
return privateKey
}
}