首页 > 代码库 > php RSA 加密 与java加密互交,java解密
php RSA 加密 与java加密互交,java解密
<?php
class encrypt{
var $pub_key;
function redPukey()
{
$pubKey = "MIIDhzCCAm+gAwIBAgIGASYISh96MA0GCSqGSIb3DQEBBQUAMF8xCzAJBgNVBAYTAkNOMSkwJwYDVQQKDCBBbGxpbnBheSBOZXR3b3JrIFNlcnZpY2VzIENvLkx0ZDElMCMGA1UECwwcQWxsaW5wYXkgUHJpbWFyeSBDZXJ0aWZpY2F0ZTAeFw0xMDAxMDcxMDE3NDBaFw0zMDAxMDIxMDE3NDBaMGQxCzAJBgNVBAYTAkNOMSkwJwYDVQQKDCBBbGxpbnBheSBOZXR3b3JrIFNlcnZpY2VzIENvLkx0ZDEqMCgGA1UECwwhQWxsaW5wYXkgRGlnaXRhbCBTaWduIENlcnRpZmljYXRlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEv2q2/xN5PF0dLn1vhIaVlyWsvJFVFxWgH7sQBObzYbZXOOVzoQpmXuSFOrF0/ol4Okd/2OGfdXUUFSUZfzAQOT1Wmjupec7z2V6l4/PT7aOg6t/MJwU9aW9Iw+AFzM1vnLOXdTlWVLZbtB7IiJ/HhfwBDkyvhp1zNYoAPrwC5QIDAQABo4HHMIHEMB0GA1UdDgQWBBQlWQA//YbuEdfE1yP+PpnokDO8WDCBjgYDVR0jBIGGMIGDgBSBWR3Bvx8To7TrecKhCM4smeabN6FjpGEwXzELMAkGA1UEBhMCQ04xKTAnBgNVBAoMIEFsbGlucGF5IE5ldHdvcmsgU2VydmljZXMgQ28uTHRkMSUwIwYDVQQLDBxBbGxpbnBheSBQcmltYXJ5IENlcnRpZmljYXRlggYBJghKHowwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkqhkiG9w0BAQUFAAOCAQEATzT9GuAmAXLSWpoGc0F7Km7DPMWvSAkq8ckJLftF0/lB3JTR6QT5rsTnQHCdRU7SJX+eLNwhJQdRg34dPJAI2z/HpgGu7tW7pdsHjCjlVae3I64h2OzYBGXdtdRyPmyXfBOgXUfqtH0Fg+1QqsRmcRugywjZH8ZQAVYm0TkVJmdBknPp60bJ2gE/nj0w6VaSL6HMAQ+A7AVne3NDreBXepMHgiFqiqMHrZFBQCgTSR1UwZoT8hwXaaUgwf2h9l/D2QOGCD8G3sRKfMsH3clkehXbprWPNk3uww7dCT0pGz845AyKzCmRK60Z/NOgMG5X+f+JmugsS/bKYwjetXHg9Q==";
$pem = chunk_split($pubKey,64,"\n");//转换为pem格式的公钥
$pem = "-----BEGIN CERTIFICATE-----\n".$pem."-----END CERTIFICATE-----\n";
$publicKey = openssl_pkey_get_public($pem);
//$certificateCAcerContent = file_get_contents("../cer/cert_usercenter/TLCert4Sign_test.cer");
//$pub_key = openssl_get_publickey($certificateCAcerContent);
//return $pub_key;
return $publicKey;
}
/*
签名数据:
data:utf-8编码的订单原文,
privatekeyFile:私钥路径
passphrase:私钥密码
返回:base64转码的签名数据
*/
function sign($data)
{
//证书路径
$privatekeyFile="../cer/testMemberKey.pfx";
//证书私钥
$passphrase="testMemberKey";
$signature = '';
$privateKey;
$signedMsg;
$pkcs12 = file_get_contents($privatekeyFile);
if (openssl_pkcs12_read($pkcs12, $certs, "testMemberKey")) {
$privateKey = $certs['pkey'];
}
if (openssl_sign($data, $signedMsg, $privateKey,OPENSSL_ALGO_SHA1)) {
$signedMsg= strtoupper(bin2hex($signedMsg));//这个看情况。有些不需要转换成16进制,有些需要base64编码。看各个接口
return $signedMsg;
}
// $privatekey = openssl_pkey_get_private(file_get_contents($privatekeyFile),$passphrase);
// $res=openssl_get_privatekey($privatekey);
//openssl_sign($data, $signature, $res);
// openssl_free_key($res);
// return base64_encode($signature);
return $privateKey;
}
function pubkeyEncrypt($data,$panText,$pubkey){
openssl_public_encrypt($data,$panText,$pubkey,OPENSSL_PKCS1_PADDING);
return strtoupper(bin2hex($panText));
}
function getBytes($string) {
$bytes = array();
for($i = 0; $i < strlen($string); $i++){
$bytes[] = ord($string[$i]);
}
return $bytes;
}
}
?><?php
require_once("encrypt.php");
$dateEncrypt=new encrypt();
$pukey=$dateEncrypt->redPukey();
//公钥加密
$userName= $dateEncrypt->pubkeyEncrypt("测试数据",$userName,$pukey);
echo $userName;
//私钥加密
$signBytes=$dateEncrypt->sign($signSrc);
echo $signBytes;
?>参考php 手册—>函数拓展—>加密拓展
php RSA 加密 加密结果每次都会不一样,这是正确的。 跟java 有区别。java 结果不会变,但是java 能解出来。
证书都需要转换下 pem 格式才能使用。
java 部分
package com.allinpay.common.util;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
public class CertSignUtil {
/**
* 测试方法 从keystore中获得公私钥对
*
* @param filePath
* keystore文件路径
* @param keyStorePassword
* keystore 密码
* @param masterPassword
* 私钥主密码,可以和keystore密码相同也可不同
* @param alias
* 密钥对别名
*/
public static KeyPair getKeyFromKeyStore(String filePath,
String keyStorePassword, String masterPassword, String alias) {
KeyPair keyPair = null;
try {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(new FileInputStream(filePath),
keyStorePassword.toCharArray());
Key key = keyStore.getKey(alias, masterPassword.toCharArray());
// 也可以从keyStore中直接读公钥证书,无须通过私钥转换
// Certificate cert = keyStore.getCertificate(alias);
// PublicKey pubKey = cert.getPublicKey();
if (key instanceof PrivateKey) {
Certificate cert = keyStore.getCertificate(alias);
keyPair = new KeyPair(cert.getPublicKey(), (PrivateKey) key);
}
PrivateKey privateKey = keyPair.getPrivate();
PublicKey publicKey = keyPair.getPublic();
} catch (KeyStoreException e) {
e.printStackTrace();
} catch (CertificateException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
} catch (UnrecoverableKeyException e) {
e.printStackTrace();
}
return keyPair;
}
/**
* 使用私钥证书签名
*
* @param priKey
* 私钥对象
* @param plainText
* 明文文本的字节数组
* @param encAlg
* 加密算法
* @param signAlg
* 签名算法
* @return 加密后的密文串
*
* @see verifyByPubKey
*/
public static byte[] signByPriKey(Key priKey, byte[] srcBytes,
String signAlg) {
// 签名
byte[] signBytes = null;
try {
Signature sign = Signature.getInstance(signAlg,
new BouncyCastleProvider());
sign.initSign((PrivateKey) priKey);
sign.update(srcBytes);
signBytes = sign.sign();
} catch (NoSuchAlgorithmException e) {
// LoggerUtil.error("私钥签名 - 无效算法:");
} catch (InvalidKeyException e) {
// LoggerUtil.error("私钥签名 - 无效的密钥:");
} catch (SignatureException e) {
// LoggerUtil.error("私钥签名 - 签名异常:");
}
return signBytes;
}
/**
* Byte数组转十六进制字符串,字节间不用空格分隔
*
* @param b
* @return
*/
public static String bytes2HexString(byte[] b) {
String ret = "";
for (int i = 0; i < b.length; i++) {
String hex = Integer.toHexString(b[i] & 0xFF);
if (hex.length() == 1) {
hex = '0' + hex;
}
ret += hex.toUpperCase();
}
return ret;
}
/**
* 将指定字符串src,以每两个字符分割转换为16进制形式 如:"2B44EFD9" --> byte[]{0x2B, 0x44, 0xEF,
* 0xD9}
*
* @param src
* String格式字符串
* @return byte[]
*/
public static byte[] hexString2Bytes(String src) {
if (src.length() % 2 != 0) {
src = http://www.mamicode.com/src + "0";>
package com.allinpay.user;
import java.security.Key;
import java.security.KeyPair;
import com.allinpay.common.util.CertSignUtil;
import com.allinpay.common.util.Constants;
public class test {
public static void main(String[] args) {
KeyPair kp = CertSignUtil
.getKeyFromKeyStore("testMemberKey.keystore", "testMemberKey", "testMemberKey", "testMemberKey");
Key pubKey = CertSignUtil.getPubKeyFromCertFile("TLCert4Sign_test.cer");
System.out.println(pubKey);
byte[] encBytes = CertSignUtil.encByPubKey(pubKey, "测试数据".getBytes(), "RSA");
// System.out.println("aaaaaa" + new String(encBytes));
byte[] aaa = CertSignUtil.signByPriKey(kp.getPrivate(), "测试数据".getBytes(), Constants.SHA1_WITH_RSA);
System.out.println(aaa);
String signMsg = CertSignUtil.bytes2HexString(aaa);
System.out.println(signMsg);
byte[] encByte = CertSignUtil.encByPubKey(pubKey, "测试数据".getBytes(), "RSA");
String signMsg1 = CertSignUtil.bytes2HexString(encByte);
System.out.println(signMsg1);
}
}
java RSA 默认的补码方式是 OPENSSL_PKCS1_PADDING 所以需要跟上面 php 代码部分一致。
php RSA 加密 与java加密互交,java解密
声明:以上内容来自用户投稿及互联网公开渠道收集整理发布,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任,若内容有误或涉及侵权可进行投诉: 投诉/举报 工作人员会在5个工作日内联系你,一经查实,本站将立刻删除涉嫌侵权内容。