ASP源码.NET源码PHP源码JSP源码JAVA源码DELPHI源码PB源码VC源码VB源码Android源码
当前位置:首页 >> 操作系统 >> Linux教程 >> RSA公钥私钥在在实际应用的具体运用

RSA公钥私钥在在实际应用的具体运用

来源:网络整理     时间:2017-12-27     关键词:

本篇文章主要介绍了" RSA公钥私钥在在实际应用的具体运用",主要涉及到方面的内容,对于Linux教程感兴趣的同学可以参考一下:   在《在Linux下如何使用openssl生成RSA公钥和私钥对》一文中,讲述了在Linux环境下如何生成RSA公钥和私钥,但在Java中,我们又是如何去很好...

  在《在Linux下如何使用openssl生成RSA公钥和私钥对》一文中,讲述了在Linux环境下如何生成RSA公钥和私钥,但在Java中,我们又是如何去很好的用它们呢?下面我来看下两个案例,特别是RSA私钥的生成是有输入密码的(在生产环境上一般都应该是这样用的),即在产生密钥对时有输入密码,如输出了12345678。


一.加签验签

import java.io.File;
import java.io.FileReader;
import java.io.IOException;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.Security;
import java.security.Signature;
import java.security.interfaces.RSAPrivateKey;
import java.util.Arrays;

import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMReader;
import org.bouncycastle.openssl.PasswordFinder;
import org.bouncycastle.util.encoders.Hex;

public class SignatureExample {

    public static void main(String [] args) throws Exception {
        Security.addProvider(new BouncyCastleProvider());

        String message = "hello world";
        File privateKey = new File("C:/Users/alexbi.WEBANK/Desktop/test/key");
        KeyPair keyPair = readKeyPair(privateKey, "12345678".toCharArray());

        Signature signature = Signature.getInstance("SHA256WithRSAEncryption");
        signature.initSign(keyPair.getPrivate());
        signature.update(message.getBytes());
        byte [] signatureBytes = signature.sign();
        System.out.println(new String(Hex.encode(signatureBytes)));

        Signature verifier = Signature.getInstance("SHA256WithRSAEncryption");
        verifier.initVerify(keyPair.getPublic());
        verifier.update(message.getBytes());
        if (verifier.verify(signatureBytes)) {
            System.out.println("Signature is valid");
        } else {
            System.out.println("Signature is invalid");
        }
    }

    private static KeyPair readKeyPair(File privateKey, char [] keyPassword) throws IOException {
        FileReader fileReader = new FileReader(privateKey);
        PEMReader r = new PEMReader(fileReader, new DefaultPasswordFinder(keyPassword));
        try {
            return (KeyPair) r.readObject();
        } catch (IOException ex) {
            throw new IOException("The private key could not be decrypted", ex);
        } finally {
            r.close();
            fileReader.close();
        }
    }

    private static class DefaultPasswordFinder implements PasswordFinder {

        private final char [] password;

        private DefaultPasswordFinder(char [] password) {
            this.password = password;
        }

        @Override
        public char[] getPassword() {
            return Arrays.copyOf(password, password.length);
        }
    } 
}

二.通过JSch上传文件到SFTP,并从SFTP服务器上下载

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.io.IOException;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.Security;
import java.util.Arrays;

import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMReader;
import org.bouncycastle.openssl.PasswordFinder;

import com.google.common.io.Closeables;
import com.jcraft.jsch.Channel;
import com.jcraft.jsch.ChannelSftp;
import com.jcraft.jsch.JSch;
import com.jcraft.jsch.Session;

public class SftpUtil {
    
    public static final String PASSPHRASE = "12345678";
    
    /**
     * 上传文件
     */
    public static void upload(String user, String ip, int port, String privateKeyPath, String remoteFileName,
            String remoteFilePath, String localFileName) throws Exception {
        ChannelSftp sftp = null;
        FileInputStream input = null;
        Session sshSession = null;
        try {
            Security.addProvider(new BouncyCastleProvider());
            
            JSch jsch = new JSch();
            sshSession = jsch.getSession(user, ip, port);
            // 判断鉴权方式
            jsch.addIdentity(privateKeyPath, PASSPHRASE);
            sshSession.setConfig("StrictHostKeyChecking", "no");
            sshSession.connect();
            Channel channel = sshSession.openChannel("sftp");
            channel.connect();
            sftp = (ChannelSftp) channel;
            if (sftp != null && sftp.isConnected()) {
                File file = new File(localFileName);
                input = new FileInputStream(file);
                if(StringUtils.isNotEmpty(remoteFilePath)) {
                    sftp.cd(remoteFilePath);
                }
                sftp.put(input, remoteFileName);
                sftp.quit();
            }
        } finally {
            if (input != null) {
                try {
                    Closeables.close(input, false);
                } finally {
                    input = null;
                }
            }
            if (sftp != null) {
                try {
                    sftp.disconnect();
                } finally {
                    sftp = null;
                }
            }
            if (sshSession != null) {
                try {
                    sshSession.disconnect();
                } finally {
                    sshSession = null;
                }
            }
        }
    }

    /**
     * 下载文件
     */
    public static void download(String user, String ip, int port, String privateKeyPath, String remoteFileName,
            String remoteFilePath, String localFileName) throws Exception {
        ChannelSftp sftp = null;
        OutputStream output = null;
        Session sshSession = null;
        try {
            Security.addProvider(new BouncyCastleProvider());
            
            JSch jsch = new JSch();
            sshSession = jsch.getSession(user, ip, port);
            // 判断鉴权方式
            jsch.addIdentity(privateKeyPath, PASSPHRASE);
            sshSession.setConfig("StrictHostKeyChecking", "no");
            sshSession.connect();
            Channel channel = sshSession.openChannel("sftp");
            channel.connect();
            sftp = (ChannelSftp) channel;
            if (sftp != null && sftp.isConnected()) {
                if(StringUtils.isNotEmpty(remoteFilePath)) {
                    sftp.cd(remoteFilePath);
                }
                output = new FileOutputStream(localFileName);
                sftp.get(remoteFileName, output);
                sftp.quit();
            }
        } finally {
            if (output != null) {
                try {
                    Closeables.close(output, false);
                } finally {
                    output = null;
                }
            }
            if (sftp != null) {
                try {
                    sftp.disconnect();
                } finally {
                    sftp = null;
                }
            }
            if (sshSession != null) {
                try {
                    sshSession.disconnect();
                } finally {
                    sshSession = null;
                }
            }
        }
    }
	
    public static void main(String[] args) throws Exception {
        
        //upload("sftpuser", "10.107.97.20", 57001, "C:/Users/bijian/Desktop/test/key", "a.txt", "", "C:/Users/bijian/Desktop/bijian.txt");
        download("sftpuser", "10.107.97.20", 57001, "C:/Users/bijian/Desktop/test/key", "alexbi.txt", "", "C:/Users/bijian/Desktop/bijian02.txt");
    }
}

参考文章:https://stackoverflow.com/questions/1580012/using-a-pem-encoded-encrypted-private-key-to-sign-a-message-natively

以上就介绍了 RSA公钥私钥在在实际应用的具体运用,包括了方面的内容,希望对Linux教程有兴趣的朋友有所帮助。

本文网址链接:http://www.codes51.com/article/detail_4526654.html

相关图片

相关文章