java加密解密

来源：互联网发布：pr视频剪辑软件下载编辑：程序博客网时间：2024/04/26 07:25
package com.jetsum.util;import java.io.FileInputStream;import java.io.FileNotFoundException;import java.io.IOException;import java.security.InvalidAlgorithmParameterException;import java.security.InvalidKeyException;import java.security.Key;import java.security.KeyFactory;import java.security.KeyPair;import java.security.KeyPairGenerator;import java.security.KeyStore;import java.security.KeyStoreException;import java.security.MessageDigest;import java.security.NoSuchAlgorithmException;import java.security.PrivateKey;import java.security.PublicKey;import java.security.SecureRandom;import java.security.Signature;import java.security.SignatureException;import java.security.UnrecoverableKeyException;import java.security.cert.Certificate;import java.security.cert.CertificateException;import java.security.cert.CertificateFactory;import java.security.cert.X509Certificate;import java.security.interfaces.RSAPrivateKey;import java.security.interfaces.RSAPublicKey;import java.security.spec.AlgorithmParameterSpec;import java.security.spec.InvalidKeySpecException;import java.security.spec.PKCS8EncodedKeySpec;import java.security.spec.X509EncodedKeySpec;import java.util.Date;import java.util.HashMap;import java.util.Map;import java.util.Random;import javax.crypto.BadPaddingException;import javax.crypto.Cipher;import javax.crypto.IllegalBlockSizeException;import javax.crypto.KeyAgreement;import javax.crypto.KeyGenerator;import javax.crypto.Mac;import javax.crypto.NoSuchPaddingException;import javax.crypto.SecretKey;import javax.crypto.SecretKeyFactory;import javax.crypto.interfaces.DHPrivateKey;import javax.crypto.interfaces.DHPublicKey;import javax.crypto.spec.DHParameterSpec;import javax.crypto.spec.IvParameterSpec;import javax.crypto.spec.PBEKeySpec;import javax.crypto.spec.PBEParameterSpec;import javax.crypto.spec.SecretKeySpec;public class CipherUtil {    /**     * MD5算法     */    private static final String ALGORITHM_MD5 = "MD5";    /**     * SHA算法     */    private static final String ALGORITHM_SHA = "SHA";    /**     * HMAC算法     */    private static final String ALGORITHM_MAC = "HmacMD5";    /**     * DES算法     */    private static final String ALGORITHM_DES = "DES";    /**     * PBE算法     */    private static final String ALGORITHM_PBE = "PBEWITHMD5andDES";    /**     * AESkey     */    private static final String KEY_AES = "AES";    /**     * AES算法     */    private static final String ALGORITHM_AES = "AES/CBC/PKCS5Padding";    /**     * RSA算法     */    private static final String KEY_ALGORITHM = "RSA";    /**     * 数字签名     */    private static final String SIGNATURE_ALGORITHM = "MD5withRSA";    /**     * 公钥     */    private static final String RSAPUBLIC_KEY = "RSAPublicKey";    /**     * 私钥     */    private static final String RSAPRIVATE_KEY = "RSAPrivateKey";    /**     * D-H算法     */    private static final String ALGORITHM_DH = "DH";    /**     * 默认密钥字节数     *     * <pre>     * DH     * Default Keysize 1024     * Keysize must be a multiple of 64, ranging from 512 to 1024 (inclusive).     * </pre>     */    private static final int DH_KEY_SIZE = 1024;    /**     * DH加密下需要一种对称加密算法对数据加密，这里我们使用DES，也可以使用其他对称加密算法。     */    private static final String SECRET_ALGORITHM = "DES";    /**     * DH公钥     */    private static final String DHPUBLIC_KEY = "DHPublicKey";    /**     * DH私钥     */    private static final String DHPRIVATE_KEY = "DHPrivateKey";    /**     * Java密钥库(Java Key Store，JKS)KEY_STORE     */    private static final String KEY_STORE = "JKS";    private static final String X509 = "X.509";    /**     * 信息摘要算法     * @param algorithm 算法类型     * @param data 要加密的字符串     * @return 返回加密后的摘要信息     */    private static String encryptEncode(String algorithm, String data) {        try {            MessageDigest md = MessageDigest.getInstance(algorithm);            return TranscodeUtil.byteArrayToHexStr(md.digest(data.getBytes()));        } catch(NoSuchAlgorithmException ex) {            ex.printStackTrace();        }        return null;    }    /**     * 使用MD5加密     * @param data 要加密的字符串     * @return 返回加密后的信息     */    public static String MD5Encode(String data) {        return encryptEncode(ALGORITHM_MD5, data);    }    /**     * 使用SHA加密     * @param data 要加密的字符串     * @return 返回加密后的信息     */    public static String SHAEncode(String data) {        return encryptEncode(ALGORITHM_SHA, data);    }    /**     * 生成HMAC密钥     * @return 返回密钥信息     */    public static String generateMACKey() {        try {            KeyGenerator keyGenerator = KeyGenerator.getInstance(ALGORITHM_MAC);            SecretKey secretKey = keyGenerator.generateKey();            return TranscodeUtil.byteArrayToBase64Str(secretKey.getEncoded());        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        }        return null;    }    /**     * 使用HMAC加密     * @param data 要加密的字符串     * @param key 密钥     * @return 返回加密后的信息     */    public static String HMACEncode(String data, String key) {        Key k = toKey(key,ALGORITHM_MAC);        try {            Mac mac = Mac.getInstance(k.getAlgorithm());            mac.init(k);            return TranscodeUtil.byteArrayToBase64Str(mac.doFinal(data.getBytes()));        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (InvalidKeyException e) {            e.printStackTrace();        }        return null;    }    /**     * 将base64编码后的密钥字符串转换成密钥对象     * @param key 密钥字符串     * @param algorithm 加密算法     * @return 返回密钥对象     */    private static Key toKey(String key,String algorithm) {        SecretKey secretKey = new SecretKeySpec(TranscodeUtil.base64StrToByteArray(key), algorithm);        return secretKey;    }    /**     * 生成DES密钥     * @param seed 密钥种子     * @return 返回base64编码的密钥字符串     */    public static String generateDESKey(String seed) {        try {            KeyGenerator kg = KeyGenerator.getInstance(ALGORITHM_DES);            kg.init(new SecureRandom(seed.getBytes()));            SecretKey secretKey = kg.generateKey();            return TranscodeUtil.byteArrayToBase64Str(secretKey.getEncoded());        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        }        return null;    }    /**     * DES加密     * @param data 要加密的数据     * @param key 密钥     * @return 返回加密后的数据(经过base64编码)     */    public static String DESEncrypt(String data,String key) {        return DESCipher(data,key,Cipher.ENCRYPT_MODE);    }    /**     * DES解密     * @param data 要解密的数据     * @param key 密钥     * @return 返回解密后的数据     */    public static String DESDecrypt(String data, String key) {        return DESCipher(data,key,Cipher.DECRYPT_MODE);    }    /**     * DES的加密解密     * @param data 要加密或解密的数据     * @param key 密钥     * @param mode 加密或解密模式     * @return 返回加密或解密的数据     */    private static String DESCipher(String data, String key, int mode) {        try {            Key k = toKey(key,ALGORITHM_DES);            Cipher cipher = Cipher.getInstance(ALGORITHM_DES);            cipher.init(mode, k);            return mode == Cipher.DECRYPT_MODE?new String(cipher.doFinal(TranscodeUtil.base64StrToByteArray(data))):TranscodeUtil.byteArrayToBase64Str(cipher.doFinal(data.getBytes()));        } catch (Exception e) {            e.printStackTrace();        }        return null;    }    /**     * 生成盐     * @return 返回base64编码后的盐信息     */    public static String generatePBESalt() {        byte[] salt = new byte[8];        Random random = new Random();        random.nextBytes(salt);        return TranscodeUtil.byteArrayToBase64Str(salt);    }    /**     * PBE(Password-based encryption基于密码加密)加密     * @param data 要加密的数据     * @param password 密码     * @param salt 盐     * @return 返回加密后的数据(经过base64编码)     */    public static String PBEEncrypt(String data,String password,String salt) {        return PBECipher( data, password, salt, Cipher.ENCRYPT_MODE);    }    /**     * PBE(Password-based encryption基于密码加密)解密     * @param data 要解密的数据     * @param password 密码     * @param salt 盐     * @return 返回解密后的数据     */    public static String PBEDecrypt(String data,String password,String salt) {        return PBECipher( data, password, salt, Cipher.DECRYPT_MODE);    }    /**     * PBE加密解密     * @param data 要加密解密的信息     * @param password 密码     * @param salt 盐     * @param mode 加密或解密模式     * @return 返回加密解密后的数据     */    private static String PBECipher(String data,String password,String salt,int mode) {        try {            Key secretKey = toPBEKey(password);            PBEParameterSpec paramSpec = new PBEParameterSpec(TranscodeUtil.base64StrToByteArray(salt), 100);            Cipher cipher = Cipher.getInstance(ALGORITHM_PBE);            cipher.init(mode, secretKey, paramSpec);            return mode == Cipher.DECRYPT_MODE?new String(cipher.doFinal(TranscodeUtil.base64StrToByteArray(data))):TranscodeUtil.byteArrayToBase64Str(cipher.doFinal(data.getBytes()));        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (NoSuchPaddingException e) {            e.printStackTrace();        } catch (InvalidKeyException e) {            e.printStackTrace();        } catch (InvalidAlgorithmParameterException e) {            e.printStackTrace();        } catch (IllegalBlockSizeException e) {            e.printStackTrace();        } catch (BadPaddingException e) {            e.printStackTrace();        }        return null;    }    /**     * 生成PBEkey     * @param password 使用的密码     * @return 返回生成的PBEkey     */    private static Key toPBEKey(String password) {        PBEKeySpec keySpec = new PBEKeySpec(password.toCharArray());        try {            SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM_PBE);            SecretKey secretKey = keyFactory.generateSecret(keySpec);            return secretKey;        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (InvalidKeySpecException e) {            e.printStackTrace();        }        return null;    }    /**     * 生成AESkey     * @param keySize key的位数     * @param seed 随机种子     * @return 返回base64编码后的key信息     */    public static String generateAESKey(int keySize,String seed) {        try {            KeyGenerator kgen = KeyGenerator.getInstance(KEY_AES);            kgen.init(keySize,new SecureRandom(seed.getBytes()));            SecretKey key = kgen.generateKey();            return TranscodeUtil.byteArrayToBase64Str(key.getEncoded());        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        }        return null;    }    /**     * AES加密     * @param data 要加密的数据     * @param key 密钥     * @param algorithmParameter 算法参数     * @return 返回加密数据     */    public static String AESEncrypt(String data,String key,String algorithmParameter) {        return AESCipher(data, key, algorithmParameter,Cipher.ENCRYPT_MODE);    }    /**     * AES解密     * @param data 要解密的数据     * @param key 密钥     * @param algorithmParameter 算法参数     * @return 返回解密数据     */    public static String AESDecrypt(String data,String key,String algorithmParameter) {        return AESCipher(data, key, algorithmParameter,Cipher.DECRYPT_MODE);    }    /**     * 实现AES加密解密     * @param data 要加密或解密的数据     * @param key 密钥     * @param algorithmParameter 算法参数     * @param mode 加密或解密     * @return 返回加密或解密的数据     */    private static String AESCipher(String data, String key, String algorithmParameter,int mode) {        try {            Key k = toKey(key,KEY_AES);            AlgorithmParameterSpec paramSpec = new IvParameterSpec(algorithmParameter.getBytes());            Cipher ecipher = Cipher.getInstance(ALGORITHM_AES);            ecipher.init(mode, k, paramSpec);            return mode==Cipher.DECRYPT_MODE?new String(ecipher.doFinal(TranscodeUtil.base64StrToByteArray(data))):TranscodeUtil.byteArrayToBase64Str(ecipher.doFinal(data.getBytes()));        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (NoSuchPaddingException e) {            e.printStackTrace();        } catch (InvalidKeyException e) {            e.printStackTrace();        } catch (InvalidAlgorithmParameterException e) {            e.printStackTrace();        } catch (IllegalBlockSizeException e) {            e.printStackTrace();        } catch (BadPaddingException e) {            e.printStackTrace();        }        return null;    }    /**     * 数字签名     * @param data 要签名的密文     * @param privateKey 私钥     * @return 返回签名信息     */    public static String RSASign(String data, String privateKey) {        try {            // 解密由base64编码的私钥            byte[] keyBytes = TranscodeUtil.base64StrToByteArray(privateKey);            // 构造PKCS8EncodedKeySpec对象            PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);            // KEY_ALGORITHM 指定的加密算法            KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);            // 取私钥匙对象            PrivateKey priKey = keyFactory.generatePrivate(pkcs8KeySpec);            // 用私钥对信息生成数字签名            Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);            signature.initSign(priKey);            signature.update(TranscodeUtil.base64StrToByteArray(data));            return TranscodeUtil.byteArrayToBase64Str(signature.sign());        } catch(NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (InvalidKeySpecException e) {            e.printStackTrace();        } catch (InvalidKeyException e) {            e.printStackTrace();        } catch (SignatureException e) {            e.printStackTrace();        }        return null;    }    /**     * 验证签名     * @param data 要验证的密文     * @param publicKey 公钥     * @param sign 签名信息     * @return 返回验证成功状态     */    public static boolean RSAVerify(String data, String publicKey, String sign) {        try {            // 解密由base64编码的公钥            byte[] keyBytes = TranscodeUtil.base64StrToByteArray(publicKey);            // 构造X509EncodedKeySpec对象            X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);            // KEY_ALGORITHM 指定的加密算法            Signature signature;            KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);            // 取公钥匙对象            PublicKey pubKey = keyFactory.generatePublic(keySpec);            signature = Signature.getInstance(SIGNATURE_ALGORITHM);            signature.initVerify(pubKey);            signature.update(TranscodeUtil.base64StrToByteArray(data));            // 验证签名是否正常            return signature.verify(TranscodeUtil.base64StrToByteArray(sign));        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (InvalidKeySpecException e) {            e.printStackTrace();        } catch (InvalidKeyException e) {            e.printStackTrace();        } catch (SignatureException e) {            e.printStackTrace();        }        return false;    }    /**     * 私钥解密     * @param data 要解密的字符串     * @param key 私钥     * @return 返回解密后的字符串     */    public static String RSADecryptByPrivateKey(String data, String key) {        try {            // 对密钥解密            byte[] keyBytes = TranscodeUtil.base64StrToByteArray(key);            // 取得私钥            PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);            KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);            Key privateKey = keyFactory.generatePrivate(pkcs8KeySpec);            // 对数据解密            Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());            cipher.init(Cipher.DECRYPT_MODE, privateKey);            return new String(cipher.doFinal(TranscodeUtil.base64StrToByteArray(data)));        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (InvalidKeySpecException e) {            e.printStackTrace();        } catch (NoSuchPaddingException e) {            e.printStackTrace();        } catch (InvalidKeyException e) {            e.printStackTrace();        } catch (IllegalBlockSizeException e) {            e.printStackTrace();        } catch (BadPaddingException e) {            e.printStackTrace();        }        return null;    }    /**     * 公钥解密     * @param data 要解密的数据     * @param key 公钥     * @return 返回解密后的数据     */    public static String RSADecryptByPublicKey(String data, String key) {        try {            // 对密钥解密            byte[] keyBytes = TranscodeUtil.base64StrToByteArray(key);            // 取得公钥            X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);            KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);            Key publicKey = keyFactory.generatePublic(x509KeySpec);            // 对数据解密            Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());            cipher.init(Cipher.DECRYPT_MODE, publicKey);            return new String(cipher.doFinal(TranscodeUtil.base64StrToByteArray(data)));        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (IllegalBlockSizeException e) {            e.printStackTrace();        } catch (BadPaddingException e) {            e.printStackTrace();        } catch (InvalidKeySpecException e) {            e.printStackTrace();        } catch (InvalidKeyException e) {            e.printStackTrace();        } catch (NoSuchPaddingException e) {            e.printStackTrace();        }        return null;    }    /**     * 公钥加密     * @param data 要加密的数据     * @param key 公钥     * @return 返回加密的数据     */    public static String RSAEncryptByPublicKey(String data, String key) {        try {            // 对公钥解密            byte[] keyBytes = TranscodeUtil.base64StrToByteArray(key);            // 取得公钥            X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);            KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);            Key publicKey = keyFactory.generatePublic(x509KeySpec);            // 对数据加密            Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());            cipher.init(Cipher.ENCRYPT_MODE, publicKey);            return TranscodeUtil.byteArrayToBase64Str(cipher.doFinal(data.getBytes()));        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (InvalidKeySpecException e) {            e.printStackTrace();        } catch (NoSuchPaddingException e) {            e.printStackTrace();        } catch (InvalidKeyException e) {            e.printStackTrace();        } catch (IllegalBlockSizeException e) {            e.printStackTrace();        } catch (BadPaddingException e) {            e.printStackTrace();        }        return null;    }    /**     * 私钥加密     * @param data 要加密的数据     * @param key 私钥     * @return 返回加密后的数据     */    public static String RSAEncryptByPrivateKey(String data, String key) {        try {            // 对密钥解密            byte[] keyBytes = TranscodeUtil.base64StrToByteArray(key);            // 取得私钥            PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);            KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);            Key privateKey = keyFactory.generatePrivate(pkcs8KeySpec);            // 对数据加密            Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());            cipher.init(Cipher.ENCRYPT_MODE, privateKey);            return TranscodeUtil.byteArrayToBase64Str(cipher.doFinal(data.getBytes()));        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (InvalidKeyException e) {            e.printStackTrace();        } catch (InvalidKeySpecException e) {            e.printStackTrace();        } catch (NoSuchPaddingException e) {            e.printStackTrace();        } catch (IllegalBlockSizeException e) {            e.printStackTrace();        } catch (BadPaddingException e) {            e.printStackTrace();        }        return null;    }    /**     * 获得私钥     * @param keyMap 密钥对     * @return 返回经过base64编码的私钥     */    public static String getRSAPrivateKey(Map<String, Object> keyMap) {        Key key = (Key) keyMap.get(RSAPRIVATE_KEY);        return TranscodeUtil.byteArrayToBase64Str(key.getEncoded());    }    /**     * 获得公钥(base64编码)     * @param keyMap 密钥对     * @return 返回经过base64编码的公钥     */    public static String getRSAPublicKey(Map<String, Object> keyMap) {        Key key = (Key) keyMap.get(RSAPUBLIC_KEY);        return TranscodeUtil.byteArrayToBase64Str(key.getEncoded());    }    /**     * 初始化密钥对     * @return 返回密钥对     */    public static Map<String, Object> initRSAKey() {        Map<String, Object> keyMap = new HashMap<String, Object>(2);        try {            KeyPairGenerator keyPairGen = KeyPairGenerator                                          .getInstance(KEY_ALGORITHM);            keyPairGen.initialize(1024);            KeyPair keyPair = keyPairGen.generateKeyPair();            // 公钥            RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();            // 私钥            RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();            keyMap.put(RSAPUBLIC_KEY, publicKey);            keyMap.put(RSAPRIVATE_KEY, privateKey);        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        }        return keyMap;    }    /**     * 初始化甲方密钥对     * @return 返回甲方密钥对     */    public static Map<String, Object> initDHKey() {        try {            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ALGORITHM_DH);            keyPairGenerator.initialize(DH_KEY_SIZE);            KeyPair keyPair = keyPairGenerator.generateKeyPair();            // 甲方公钥            DHPublicKey publicKey = (DHPublicKey) keyPair.getPublic();            // 甲方私钥            DHPrivateKey privateKey = (DHPrivateKey) keyPair.getPrivate();            Map<String, Object> keyMap = new HashMap<String, Object>(2);            keyMap.put(DHPUBLIC_KEY, publicKey);            keyMap.put(DHPRIVATE_KEY, privateKey);            return keyMap;        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        }        return null;    }    /**     * 使用甲方公钥初始化乙方密钥对     * @param key 甲方公钥     * @return 返回乙方密钥对     */    public static Map<String, Object> initDHKey(String key) {        try {            // 解析甲方公钥            byte[] keyBytes = TranscodeUtil.base64StrToByteArray(key);            X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);            KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM_DH);            PublicKey pubKey = keyFactory.generatePublic(x509KeySpec);            // 由甲方公钥构建乙方密钥            DHParameterSpec dhParamSpec = ((DHPublicKey) pubKey).getParams();            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(keyFactory.getAlgorithm());            keyPairGenerator.initialize(dhParamSpec);            KeyPair keyPair = keyPairGenerator.generateKeyPair();            // 乙方公钥            DHPublicKey publicKey = (DHPublicKey) keyPair.getPublic();            // 乙方私钥            DHPrivateKey privateKey = (DHPrivateKey) keyPair.getPrivate();            Map<String, Object> keyMap = new HashMap<String, Object>(2);            keyMap.put(DHPUBLIC_KEY, publicKey);            keyMap.put(DHPRIVATE_KEY, privateKey);            return keyMap;        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (InvalidKeySpecException e) {            e.printStackTrace();        } catch (InvalidAlgorithmParameterException e) {            e.printStackTrace();        }        return null;    }    /**     * DH加密     * @param data 要加密的数据     * @param publicKey 甲方或乙方公钥     * @param privateKey 甲方或乙方私钥     * @return 加密结果     */    public static String DHEncrypt(String data, String publicKey,String privateKey) {        try {            // 生成本地密钥            SecretKey secretKey = getDHSecretKey(publicKey, privateKey);            // 数据加密            Cipher cipher = Cipher.getInstance(secretKey.getAlgorithm());            cipher.init(Cipher.ENCRYPT_MODE, secretKey);            return TranscodeUtil.byteArrayToBase64Str(cipher.doFinal(data.getBytes()));        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (NoSuchPaddingException e) {            e.printStackTrace();        } catch (InvalidKeyException e) {            e.printStackTrace();        } catch (IllegalBlockSizeException e) {            e.printStackTrace();        } catch (BadPaddingException e) {            e.printStackTrace();        }        return null;    }    /**     * DH解密     * @param data 要解密的数据     * @param publicKey 公钥     * @param privateKey 私钥     * @return 返回解密结果     */    public static String DHDecrypt(String data, String publicKey,String privateKey) {        try {            // 生成本地密钥            SecretKey secretKey = getDHSecretKey(publicKey, privateKey);            // 数据解密            Cipher cipher = Cipher.getInstance(secretKey.getAlgorithm());            cipher.init(Cipher.DECRYPT_MODE, secretKey);            return new String(cipher.doFinal(TranscodeUtil.base64StrToByteArray(data)));        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (NoSuchPaddingException e) {            e.printStackTrace();        } catch (InvalidKeyException e) {            e.printStackTrace();        } catch (IllegalBlockSizeException e) {            e.printStackTrace();        } catch (BadPaddingException e) {            e.printStackTrace();        }        return null;    }    /**     * 生成本地密钥     * @param publicKey 公钥     * @param privateKey 私钥     * @return 返回本地密钥     */    private static SecretKey getDHSecretKey(String publicKey, String privateKey) {        try {            // 初始化公钥            byte[] pubKeyBytes = TranscodeUtil.base64StrToByteArray(publicKey);            KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM_DH);            X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(pubKeyBytes);            PublicKey pubKey = keyFactory.generatePublic(x509KeySpec);            // 初始化私钥            byte[] priKeyBytes = TranscodeUtil.base64StrToByteArray(privateKey);            PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(priKeyBytes);            Key priKey = keyFactory.generatePrivate(pkcs8KeySpec);            KeyAgreement keyAgree = KeyAgreement.getInstance(keyFactory.getAlgorithm());            keyAgree.init(priKey);            keyAgree.doPhase(pubKey, true);            // 生成本地密钥            SecretKey secretKey = keyAgree.generateSecret(SECRET_ALGORITHM);            return secretKey;        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (InvalidKeySpecException e) {            e.printStackTrace();        } catch (InvalidKeyException e) {            e.printStackTrace();        }        return null;    }    /**     * 获取私钥     * @param keyMap 密钥对     * @return 返回base64编码的私钥     */    public static String getDHPrivateKey(Map<String, Object> keyMap) {        Key key = (Key) keyMap.get(DHPRIVATE_KEY);        return TranscodeUtil.byteArrayToBase64Str(key.getEncoded());    }    /**     * 获取公钥     * @param keyMap 密钥对     * @return 返回base64编码的公钥     */    public static String getDHPublicKey(Map<String, Object> keyMap) {        Key key = (Key) keyMap.get(DHPUBLIC_KEY);        return TranscodeUtil.byteArrayToBase64Str(key.getEncoded());    }    /**     * 获取私钥     * @param keyStorePath keystore文件路径     * @param alias 别名     * @param password 密码     * @return 返回私钥     */    private static PrivateKey getKeyStorePrivateKey(String keyStorePath, String alias,String password) {        try {            KeyStore ks = getKeyStore(keyStorePath, password);            PrivateKey key = (PrivateKey) ks.getKey(alias, password.toCharArray());            return key;        } catch (UnrecoverableKeyException e) {            e.printStackTrace();        } catch (KeyStoreException e) {            e.printStackTrace();        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        }        return null;    }    /**     * 获取公钥     * @param certificatePath 证书文件路径     * @return 返回公钥     */    private static PublicKey getCertificatePublicKey(String certificatePath) {        try {            Certificate certificate = getCertificate(certificatePath);            PublicKey key = certificate.getPublicKey();            return key;        } catch (Exception e) {            e.printStackTrace();        }        return null;    }    /**     * 加载证书文件     * @param certificatePath 证书文件路径     * @return 返回证书     */    private static Certificate getCertificate(String certificatePath) {        try {            CertificateFactory certificateFactory = CertificateFactory.getInstance(X509);            FileInputStream in = new FileInputStream(certificatePath);            Certificate certificate = certificateFactory.generateCertificate(in);            in.close();            return certificate;        } catch (CertificateException e) {            e.printStackTrace();        } catch (FileNotFoundException e) {            e.printStackTrace();        } catch (IOException e) {            e.printStackTrace();        }        return null;    }    /**     * 获取证书     * @param keyStorePath keystore文件路径     * @param alias 别名     * @param password 密码     * @return 返回证书     */    private static Certificate getCertificate(String keyStorePath,String alias, String password) {        try {            KeyStore ks = getKeyStore(keyStorePath, password);            Certificate certificate = ks.getCertificate(alias);            return certificate;        } catch (KeyStoreException e) {            e.printStackTrace();        }        return null;    }    /**     * 加载KeyStore文件     * @param keyStorePath keystore文件地址     * @param password keystore密码     * @return 返回KeyStore     */    private static KeyStore getKeyStore(String keyStorePath, String password) {        try {            FileInputStream is = new FileInputStream(keyStorePath);            KeyStore ks = KeyStore.getInstance(KEY_STORE);            ks.load(is, password.toCharArray());            is.close();            return ks;        } catch (FileNotFoundException e) {            e.printStackTrace();        } catch (KeyStoreException e) {            e.printStackTrace();        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (CertificateException e) {            e.printStackTrace();        } catch (IOException e) {            e.printStackTrace();        }        return null;    }    /**     * 加密数据     * @param data 要加密的数据     * @param keyStorePath keystore路径     * @param alias 别名     * @param password 密码     * @return 返回加密后的数据     */    public static String encryptByPrivateKey(String data, String keyStorePath,            String alias, String password) {        try {            // 取得私钥            PrivateKey privateKey = getKeyStorePrivateKey(keyStorePath, alias, password);            // 对数据加密            Cipher cipher = Cipher.getInstance(privateKey.getAlgorithm());            cipher.init(Cipher.ENCRYPT_MODE, privateKey);            return TranscodeUtil.byteArrayToBase64Str(cipher.doFinal(data.getBytes()));        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (NoSuchPaddingException e) {            e.printStackTrace();        } catch (InvalidKeyException e) {            e.printStackTrace();        } catch (IllegalBlockSizeException e) {            e.printStackTrace();        } catch (BadPaddingException e) {            e.printStackTrace();        }        return null;    }    /**     * 私钥解密     * @param data 要解密的数据     * @param keyStorePath keystore路径     * @param alias 别名     * @param password 密码     * @return 返回解密后的数据     */    public static String decryptByPrivateKey(String data, String keyStorePath,String alias, String password) {        try {            // 取得私钥            PrivateKey privateKey = getKeyStorePrivateKey(keyStorePath, alias, password);            // 对数据加密            Cipher cipher = Cipher.getInstance(privateKey.getAlgorithm());            cipher.init(Cipher.DECRYPT_MODE, privateKey);            return new String(cipher.doFinal(TranscodeUtil.base64StrToByteArray(data)));        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (NoSuchPaddingException e) {            e.printStackTrace();        } catch (InvalidKeyException e) {            e.printStackTrace();        } catch (IllegalBlockSizeException e) {            e.printStackTrace();        } catch (BadPaddingException e) {            e.printStackTrace();        }        return null;    }    /**     * 私钥加密     * @param data 要加密的数据     * @param certificatePath 证书路径     * @return 返回加密后的信息     */    public static String encryptByPublicKey(String data, String certificatePath) {        try {            // 取得公钥            PublicKey publicKey = getCertificatePublicKey(certificatePath);            // 对数据加密            Cipher cipher = Cipher.getInstance(publicKey.getAlgorithm());            cipher.init(Cipher.ENCRYPT_MODE, publicKey);            return TranscodeUtil.byteArrayToBase64Str(cipher.doFinal(data.getBytes()));        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (NoSuchPaddingException e) {            e.printStackTrace();        } catch (InvalidKeyException e) {            e.printStackTrace();        } catch (IllegalBlockSizeException e) {            e.printStackTrace();        } catch (BadPaddingException e) {            e.printStackTrace();        }        return null;    }    /**     * 公钥解密     * @param data 要解密的数据     * @param certificatePath 证书路径     * @return 返回解密信息     */    public static String decryptByPublicKey(String data, String certificatePath) {        try {            // 取得公钥            PublicKey publicKey = getCertificatePublicKey(certificatePath);            // 对数据加密            Cipher cipher = Cipher.getInstance(publicKey.getAlgorithm());            cipher.init(Cipher.DECRYPT_MODE, publicKey);            return new String(cipher.doFinal(TranscodeUtil.base64StrToByteArray(data)));        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (NoSuchPaddingException e) {            e.printStackTrace();        } catch (InvalidKeyException e) {            e.printStackTrace();        } catch (IllegalBlockSizeException e) {            e.printStackTrace();        } catch (BadPaddingException e) {            e.printStackTrace();        }        return null;    }    /**     * 验证证书是否过期     * @param certificatePath 证书路径     * @return 返回验证结果     */    public static boolean verifyCertificate(String certificatePath) {        return verifyCertificate(new Date(), certificatePath);    }    /**     * 验证证书是否过期     * @param date 日期     * @param certificatePath 证书路径     * @return 返回验证结果     */    public static boolean verifyCertificate(Date date, String certificatePath) {        boolean status = true;        try {            // 取得证书            Certificate certificate = getCertificate(certificatePath);            // 验证证书是否过期或无效            status = verifyCertificate(date, certificate);        } catch (Exception e) {            status = false;        }        return status;    }    /**     * 验证证书是否过期     * @param date 日期     * @param certificate 证书     * @return 返回验证结果     */    private static boolean verifyCertificate(Date date, Certificate certificate) {        boolean status = true;        try {            X509Certificate x509Certificate = (X509Certificate) certificate;            x509Certificate.checkValidity(date);        } catch (Exception e) {            status = false;        }        return status;    }    /**     * 对于数据进行签名     * @param sign 要签名的信息     * @param keyStorePath keystore文件位置     * @param alias 别名     * @param password 密码     * @return 返回签名信息     */    public static String sign(String sign, String keyStorePath, String alias,String password) {        try {            // 获得证书            X509Certificate x509Certificate = (X509Certificate) getCertificate(                                                  keyStorePath, alias, password);            // 获取私钥            KeyStore ks = getKeyStore(keyStorePath, password);            // 取得私钥            PrivateKey privateKey = (PrivateKey) ks.getKey(alias, password                                    .toCharArray());            // 构建签名            Signature signature = Signature.getInstance(x509Certificate                                  .getSigAlgName());            signature.initSign(privateKey);            signature.update(TranscodeUtil.base64StrToByteArray(sign));            return TranscodeUtil.byteArrayToBase64Str(signature.sign());        } catch (UnrecoverableKeyException e) {            e.printStackTrace();        } catch (KeyStoreException e) {            e.printStackTrace();        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (InvalidKeyException e) {            e.printStackTrace();        } catch (SignatureException e) {            e.printStackTrace();        }        return null;    }    /**     * 验证签名信息     * @param data 要验证的信息     * @param sign 签名信息     * @param certificatePath 证书路径     * @return 返回验证结果     */    public static boolean verify(String data, String sign,String certificatePath) {        try {            // 获得证书            X509Certificate x509Certificate = (X509Certificate) getCertificate(certificatePath);            // 获得公钥            PublicKey publicKey = x509Certificate.getPublicKey();            // 构建签名            Signature signature = Signature.getInstance(x509Certificate                                  .getSigAlgName());            signature.initVerify(publicKey);            signature.update(TranscodeUtil.base64StrToByteArray(data));            return signature.verify(TranscodeUtil.base64StrToByteArray(sign));        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (InvalidKeyException e) {            e.printStackTrace();        } catch (SignatureException e) {            e.printStackTrace();        }        return false;    }    /**     * 验证证书     * @param date 日期     * @param keyStorePath keystore文件路径     * @param alias 别名     * @param password 密码     * @return 返回验证结果     */    public static boolean verifyCertificate(Date date, String keyStorePath,                                            String alias, String password) {        boolean status = true;        try {            Certificate certificate = getCertificate(keyStorePath, alias,                                      password);            status = verifyCertificate(date, certificate);        } catch (Exception e) {            status = false;        }        return status;    }    /**     * 验证证书     * @param keyStorePath keystore文件路径     * @param alias 别名     * @param password 密码     * @return 返回验证结果     */    public static boolean verifyCertificate(String keyStorePath, String alias,                                            String password) {        return verifyCertificate(new Date(), keyStorePath, alias, password);    }}