iOS和java之間的RSA加密解密、加簽認證對接
阿新 • • 發佈:2019-02-01
對接場景:
伺服器端使用java生成公鑰和私鑰,將公鑰傳遞給iOS加密 or 將私鑰傳遞給iOS端使用openssl進行簽名,然後在伺服器端進行驗證
java端:
1、使用常規的KeyPairGenerator類生成公鑰和私鑰
KeyPairGenerator gen = KeyPairGenerator.getInstance(RSA); gen.initialize(1024, new SecureRandom()); KeyPair keyPair = gen.generateKeyPair(); RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
2、常規生成的私鑰格式是DER的,而iOS端使用的是PEM格式的(對DER進行了Base64編碼+頭尾資訊),所以需要將生成的金鑰檔案做一個格式轉化
// PEM檔案起止字串 public final static String PUBLIC_KEY_BEGIN = "-----BEGIN PUBLIC KEY-----"; public final static String PUBLIC_KEY_END = "-----END PUBLIC KEY-----"; public final static String PRIVATE_KEY_BEGIN = "-----BEGIN RSA PRIVATE KEY-----"; public final static String PRIVATE_KEY_END = "-----END RSA PRIVATE KEY-----"; private static String replaceNewLine(String strText){ //相容linux環境和windows環境 strText = strText.replace("\n","\r\n"); String strResult = ""; int intStart = 0; int intLoc = strText.indexOf("\n", intStart); while(intLoc != -1){ strResult += strText.substring(intStart, intLoc - 1); intStart = intLoc + 1; intLoc = strText.indexOf("\n", intStart); } strResult += strText.substring(intStart,strText.length()); return strResult; } // 轉換為iOS端可使用的PEM祕鑰格式 public static void savePEMPublicKey(RSAPublicKey pubKey,String strPEMKeyFile) { String strKey = replaceNewLine(getPublicKeyString(pubKey)); try { FileWriter keyFile = new FileWriter(strPEMKeyFile); PrintWriter out = new PrintWriter(keyFile); out.println(PUBLIC_KEY_BEGIN); int keyLength = strKey.length(); int lines = keyLength / 64; for (int i = 0; i < lines; i++) { out.println(strKey.substring(i * PEM_LINE_LENGTH, i* PEM_LINE_LENGTH + PEM_LINE_LENGTH)); } out.println(strKey.substring(lines * PEM_LINE_LENGTH, keyLength)); out.println(PUBLIC_KEY_END); out.close(); } catch (IOException e) { e.printStackTrace(); } } public static void savePEMPrivateKey(RSAPrivateKey privateKey,String strPEMKeyFile) { String strKey = replaceNewLine(getPrivateKeyString(privateKey)); try { FileWriter keyFile = new FileWriter(strPEMKeyFile); PrintWriter out = new PrintWriter(keyFile); out.println(PRIVATE_KEY_BEGIN); int keyLength = strKey.length(); int lines = keyLength / PEM_LINE_LENGTH; for (int i = 0; i < lines; i++) { out.println(strKey.substring(i * PEM_LINE_LENGTH, i* PEM_LINE_LENGTH + PEM_LINE_LENGTH)); } out.println(strKey.substring(lines * PEM_LINE_LENGTH, keyLength)); out.println(PRIVATE_KEY_END); out.close();} catch (IOException e) { e.printStackTrace(); }}