Java 实现RSA签名验签

1. 通过JDK提供的方法生成公私钥：

import java.security.KeyPair;
import java.security.KeyPairGenerator;

KeyPairGenerator keyPair = KeyPairGenerator.getInstance("RSA");
keyPair.initialize(len);
KeyPair kp = keyPair.generateKeyPair();

// 获取公钥
byte[] pubKey = kp.getPublic().getEncoded();
// 获取私钥（pkcs8格式）
byte[] priKey = kp.getPrivate().getEncoded();

// 公私钥可以以base64格式或hex格式明文保存

2. 签名

import java.security.PrivateKey;
import java.security.Signature;
import java.security.KeyFactory;
import java.security.spec.PKCS8EncodedKeySpec;

public static byte[] sign(byte[] signData, byte[] priKey) {
    try {
         PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(priKey);
         KeyFactory keyFactory = KeyFactory.getInstance("RSA");
         PrivateKey privateKey = keyFactory.generatePrivate(keySpec);
         Signature si = Signature.getInstance("SHA1WithRSA");
         si.initSign(privateKey);
         si.update(signData);
         byte[] signRet = si.sign();
         return signRet;
    } catch (Exception var7) {
         throw ...;
    }
}

// 签名结果可以以base64格式或hex格式输出

3. 验签

import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.X509EncodedKeySpec;

    public static boolean verify(byte[] dataBytes, byte[] signBytes, byte[] pubkeyBytes) {
        boolean flg = false;
        try {
            Signature verf = Signature.getInstance("SHA1WithRSA");
            KeyFactory keyFac = KeyFactory.getInstance("RSA");
            PublicKey puk = keyFac.generatePublic(new X509EncodedKeySpec(pubkeyBytes));
            verf.initVerify(puk);
            verf.update(dataBytes);
            flg = verf.verify(signBytes);
        } catch (Exception var7) {
            logger.error("verify data Exception: {}", var7);
            var7.printStackTrace();
            throw new HandleException(HandleCode.RSP_9999, var7.getMessage());
        }
        Asserts.isTrue(flg, "99", "验签失败");
        return flg;
    }

4. 公钥加密

import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;

    public static byte[] encByPubKey(byte[] dataBytes, byte[] pubkeyBytes) {
        try {
            KeyFactory keyFac = KeyFactory.getInstance("RSA");
            PublicKey pubKey = keyFac.generatePublic(new X509EncodedKeySpec(pubkeyBytes));
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, pubKey);
            byte[] result = cipher.doFinal(dataBytes);
            return result;
        } catch (Exception var6) {
            logger.error("Encrypt By Public Key Exception: {}", var6);
            var6.printStackTrace();
            throw ...;
        }
    }

5. 私钥解密

import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import javax.crypto.Cipher;

    public static byte[] decByPriKey(byte[] encDataBytes, byte[] prikeyBytes) {
        try {
            PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(prikeyBytes);
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            PrivateKey priKey = keyFactory.generatePrivate(keySpec);
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(2, priKey);
            byte[] result = cipher.doFinal(encDataBytes);
            return result;
        } catch (Exception var7) {
            logger.error("Decrypt By Private Key Exception: {}", var7);
            var7.printStackTrace();
            throw ...;
        }
    }