码迷,mamicode.com
首页 > 编程语言 > 详细

JAVA_RSA_的加解密

时间:2019-04-25 01:21:19      阅读:188      评论:0      收藏:0      [点我收藏+]

标签:row   tsig   分组   oid   top   ini   字符   actor   str   

RSA为非对称加密算法。

数字签名的过程:1、对明文数据进行HASH加密,不可逆;2、对加密后的数据再用RSA的私钥进行二次加密。

数字签名的验证过程:1、对明文数据进行HASH加密,不可逆;2、用RSA的公钥对数字签名后的数据进行解密;3、把1的结果和2的结果进行比较是否相等。

RSA加密的过程和解密的过程都需要三步:加/解密、分组、填充。这三部分每一步都可以选择各自的算法。例如:RSA/ECB/PKCS1Padding。

在这里RSA的公钥是用X509编码的。

在这里RSA的私钥使用PKCS8编码的。

import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;

import javax.crypto.Cipher;

public class Secret {

    public static final String KEY_ALGORITHM = "RSA";
    public static final String SIGNATURE_ALGORITHM = "SHA256withRSA";
    private static final String PUBLIC_KEY = "PublicKey";
    private static final String PRIVATE_KEY = "PrivateKey";
 
    public static void main(String[] args) {
        // TODO Auto-generated method stub

    }
    //生成密匙对
    public    static Map<String,Key> initKeyPair() throws Exception{
        KeyPairGenerator kpg = KeyPairGenerator.getInstance(KEY_ALGORITHM); 
        kpg.initialize(1024);
        KeyPair keyPair = kpg.generateKeyPair();
        PublicKey publicKey = keyPair.getPublic();
        PrivateKey privateKey = keyPair.getPrivate();
        Map<String,Key> keyMap = new HashMap<>();
        keyMap.put(PUBLIC_KEY, publicKey);
        keyMap.put(PRIVATE_KEY, privateKey);
        return keyMap;
    }
    //字节数组到公钥
    public static PrivateKey strToPrivateKey(String str) throws Exception{
        PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(decryptBASE64(str));
        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
        PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
        return privateKey;
    }
    //字节数组到私钥
    public static PublicKey strToPublicKey(String str) throws Exception{
        X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(decryptBASE64(str));
        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
        PublicKey publicKey = keyFactory.generatePublic(x509KeySpec);
        return publicKey;
    }
    //字节数组到文件字符串
    public static String encryptBASE64(byte[] bytes) {
        return Base64.getEncoder().encodeToString(bytes);
    }
    //文件字符串到字节数组
    public static byte[] decryptBASE64(String str) {
        return Base64.getDecoder().decode(str);
    }
    //用公钥加密
    public static byte[] encryptByPublicKey(byte[] data, String key) throws Exception{
        PublicKey publicKey = strToPublicKey(key);
        Cipher cipher = Cipher.getInstance(KEY_ALGORITHM);
        //Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        //加解密算法/分組算法/填充算法
        cipher.init(Cipher.ENCRYPT_MODE, publicKey);
        return cipher.doFinal(data);
    }
    //用私钥加密
    public static byte[] encryptByPrivateKey(byte[] data, String key) throws Exception{
        PrivateKey privateKey = strToPrivateKey(key);
        Cipher cipher = Cipher.getInstance(KEY_ALGORITHM);
        //Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        //加解密算法/分組算法/填充算法
        cipher.init(Cipher.ENCRYPT_MODE, privateKey);
        return cipher.doFinal(data);
    }
    //用公钥解密
    public static byte[] decryptByPublicKey(byte[] data, String key) throws Exception {
        PublicKey publicKey = strToPublicKey(key);
        Cipher cipher = Cipher.getInstance(KEY_ALGORITHM);
        //Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        //加解密算法/分組算法/填充算法
        cipher.init(Cipher.DECRYPT_MODE, publicKey);
        return cipher.doFinal(data);
    }
    //用私钥解密
    public static byte[] decryptByPrivateKey(byte[] data, String key) throws Exception {
        PrivateKey privateKey = strToPrivateKey(key);
        Cipher cipher = Cipher.getInstance(KEY_ALGORITHM);
        //Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        //加解密算法/分組算法/填充算法
        cipher.init(Cipher.DECRYPT_MODE, privateKey);
        return cipher.doFinal(data);
    }
    //对字符串进行数字签名
    public static byte[] sign(byte[] data, String privateKey) throws Exception {
        PrivateKey priKey = strToPrivateKey(privateKey);
        Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
        signature.initSign(priKey);
        signature.update(data);
        return signature.sign();
    }
    //对数字签名进行验证
    public static boolean verify(byte[] data, String publicKey, byte[] sign) throws Exception {
        PublicKey pubKey = strToPublicKey(publicKey);
        Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
        signature.initVerify(pubKey);
        signature.update(data);
        return signature.verify(sign);
    }
}

 

JAVA_RSA_的加解密

标签:row   tsig   分组   oid   top   ini   字符   actor   str   

原文地址:https://www.cnblogs.com/erdanyang/p/10765880.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!