private static final int DEFAULT_BUFFER_SIZE = 4096;
/**
* <pre>
* 对原始数据进行签名
* </pre>
* @param content 签名内容
* @param privateKey 私钥
* @param charset 字符集
* @return
* @throws SignatureException
*/
public String doSign(String content, String privateKey, String charset)
throws SignatureException {
try {
PrivateKey priKey = this.getPrivateKeyFromPKCS8("RSA", new ByteArrayInputStream(
privateKey.getBytes()));
java.security.Signature signature = java.security.Signature
.getInstance(SIGN_ALGORITHMS);
signature.initSign(priKey);
signature.update(this.getContentBytes(content, charset));
byte[] signed = signature.sign();
return new String(Base64.encodeBase64(signed));
} catch (Exception e) {
throw new SignatureException("RSA签名[content = " + content + "; charset = " + charset
+ "]发生异常!", e);
}
}
/**
* <pre>
* 校验签名
* </pre>
* @param content 校验签名内容
* @param sign 签名字符串
* @param publicKey 公钥
* @param charset 字符集
* @return
* @throws SignatureException
*/
public boolean doCheck(String content, String sign, String publicKey, String charset)
throws SignatureException {
try {
PublicKey pubKey = this.getPublicKeyFromX509("RSA", new ByteArrayInputStream(publicKey
.getBytes()));
java.security.Signature signature = java.security.Signature
.getInstance(SIGN_ALGORITHMS);
signature.initVerify(pubKey);
signature.update(getContentBytes(content, charset));
return signature.verify(Base64.decodeBase64(sign.getBytes()));
} catch (Exception e) {
throw new SignatureException("RSA验证签名[content = " + content + "; charset = " + charset
+ "; signature = " + sign + "]发生异常!", e);
}
}
/** 将输入流中的字节码转换成私钥对象
* @param algorithm 秘钥生成算法
* @param ins 输入流
* @return 私钥对象
* @throws NoSuchAlgorithmException 非法生成算法异常
*/
private PrivateKey getPrivateKeyFromPKCS8(String algorithm, InputStream ins)
throws NoSuchAlgorithmException {
if (ins == null || StringUtils.isBlank(algorithm)) {
return null;
}
try {
KeyFactory keyFactory = KeyFactory.getInstance(algorithm);
byte[] encodedKey = this.readText(ins).getBytes();
// 先base64解码
encodedKey = Base64.decodeBase64(encodedKey);
return keyFactory.generatePrivate(new PKCS8EncodedKeySpec(encodedKey));
} catch (IOException ex) {
// TODO logger.error("获取私钥时发生异常:", ex);
} catch (InvalidKeySpecException ex) {
// TODO logger.error("获取私钥时发生异常:", ex);
}
return null;
}
/** 将输入流中的字节码转换成公钥对象
* @param algorithm 秘钥生成算法
* @param ins 输入流
* @return 公钥对象
* @throws NoSuchAlgorithmException 非法生成算法异常
*/
private PublicKey getPublicKeyFromX509(String algorithm, InputStream ins)
throws NoSuchAlgorithmException {
try {
KeyFactory keyFactory = KeyFactory.getInstance(algorithm);
StringWriter writer = new StringWriter();
io(new InputStreamReader(ins), writer, -1);
byte[] encodedKey = writer.toString().getBytes();
// 先base64解码
encodedKey = Base64.decodeBase64(encodedKey);
return keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));
} catch (IOException ex) {
// TODO logger.error("获取公钥时发生异常:", ex);
} catch (InvalidKeySpecException ex) {
// TODO logger.error("获取公钥时发生异常:", ex);
}
return null;
}
