Java加密技术 非对称加密算法RSA.docx
《Java加密技术 非对称加密算法RSA.docx》由会员分享,可在线阅读,更多相关《Java加密技术 非对称加密算法RSA.docx(34页珍藏版)》请在冰豆网上搜索。
Java加密技术非对称加密算法RSA
Java加密技术
接下来我们介绍典型的非对称加密算法——RSA
RSA
这种算法1978年就出现了,它是第一个既能用于数据加密也能用于数字签名的算法。
它易于理解和操作,也很流行。
算法的名字以发明者的名字命名:
Ron
Rivest,AdiShamir和LeonardAdleman。
这种加密算法的特点主要是密钥的变化,上文我们看到DES只有一个密钥。
相当于只有一把钥匙,如果这把钥匙丢了,数据也就不安全了。
RSA同时有两把钥匙,公钥与私钥。
同时支持数字签名。
数字签名的意义在于,对传输过来的数据进行校验。
确保数据在传输工程中不被修改。
流程分析:
甲方构建密钥对儿,将公钥公布给乙方,将私钥保留。
甲方使用私钥加密数据,然后用私钥对加密后的数据签名,发送给乙方签名以及加密后的数据;乙方使用公钥、签名来验证待解密数据是否有效,如果有效使用公钥对数据解密。
乙方使用公钥加密数据,向甲方发送经过加密后的数据;甲方获得加密数据,通过私钥解密。
按如上步骤给出序列图,如下:
按如上步骤给出序列图,如下:
1.
2.
3.
Java代码
importjava.security.Key;
importjava.security.KeyFactory;
importjava.security.KeyPair;
importjava.security.KeyPairGenerator;
importjava.security.PrivateKey;
importjava.security.PublicKey;
importjava.security.Signature;
importjava.security.interfaces.RSAPrivateKey;
importjava.security.interfaces.RSAPublicKey;
importjava.security.spec.PKCS8EncodedKeySpec;
importjava.security.spec.X509EncodedKeySpec;
importjava.util.HashMap;
importjava.util.Map;
importjavax.crypto.Cipher;
/**
*RSA安全编码组件
*
*@author梁栋
*@version1.0
*@since1.0
*/
publicabstractclassRSACoderextendsCoder{
publicstaticfinalStringKEY_ALGORITHM="RSA";
publicstaticfinalStringSIGNATURE_ALGORITHM="MD5withRSA";
privatestaticfinalStringPUBLIC_KEY="RSAPublicKey";
privatestaticfinalStringPRIVATE_KEY="RSAPrivateKey";
/**
*用私钥对信息生成数字签名
*
*@paramdata
*加密数据
*@paramprivateKey
*私钥
*
*@return
*@throwsException
*/
publicstaticStringsign(byte[]data,StringprivateKey)throwsException
{
//解密由base64编码的私钥
byte[]keyBytes=decryptBASE64(privateKey);
//构造PKCS8EncodedKeySpec对象
PKCS8EncodedKeySpecpkcs8KeySpec=newPKCS8EncodedKeySpec(keyBytes);
//KEY_ALGORITHM指定的加密算法
KeyFactorykeyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
//取私钥匙对象
PrivateKeypriKey=keyFactory.generatePrivate(pkcs8KeySpec);
//用私钥对信息生成数字签名
Signaturesignature=Signature.getInstance(SIGNATURE_ALGORITHM);
signature.initSign(priKey);
signature.update(data);
returnencryptBASE64(signature.sign());
}
/**
*校验数字签名
*
*@paramdata
*加密数据
*@parampublicKey
*公钥
*@paramsign
*数字签名
*
*@return校验成功返回true失败返回false
*@throwsException
*
*/
publicstaticbooleanverify(byte[]data,StringpublicKey,Stringsign)
throwsException{
//解密由base64编码的公钥
byte[]keyBytes=decryptBASE64(publicKey);
//构造X509EncodedKeySpec对象
X509EncodedKeySpeckeySpec=newX509EncodedKeySpec(keyBytes);
//KEY_ALGORITHM指定的加密算法
KeyFactorykeyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
//取公钥匙对象
PublicKeypubKey=keyFactory.generatePublic(keySpec);
Signaturesignature=Signature.getInstance(SIGNATURE_ALGORITHM);
signature.initVerify(pubKey);
signature.update(data);
//验证签名是否正常
returnsignature.verify(decryptBASE64(sign));
}
/**
*解密
*用私钥解密
*
*@paramdata
*@paramkey
*@return
*@throwsException
*/
publicstaticbyte[]decryptByPrivateKey(byte[]data,Stringkey)
throwsException{
//对密钥解密
byte[]keyBytes=decryptBASE64(key);
//取得私钥
PKCS8EncodedKeySpecpkcs8KeySpec=newPKCS8EncodedKeySpec(keyBytes);
KeyFactorykeyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
KeyprivateKey=keyFactory.generatePrivate(pkcs8KeySpec);
//对数据解密
Ciphercipher=Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE,privateKey);
returncipher.doFinal(data);
}
/**
*解密
*用私钥解密
*
*@paramdata
*@paramkey
*@return
*@throwsException
*/
publicstaticbyte[]decryptByPublicKey(byte[]data,Stringkey)
throwsException{
//对密钥解密
byte[]keyBytes=decryptBASE64(key);
//取得公钥
X509EncodedKeySpecx509KeySpec=newX509EncodedKeySpec(keyBytes);
KeyFactorykeyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
KeypublicKey=keyFactory.generatePublic(x509KeySpec);
//对数据解密
Ciphercipher=Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE,publicKey);
returncipher.doFinal(data);
}
/**
*加密
*用公钥加密
*
*@paramdata
*@paramkey
*@return
*@throwsException
*/
publicstaticbyte[]encryptByPublicKey(byte[]data,Stringkey)
throwsException{
//对公钥解密
byte[]keyBytes=decryptBASE64(key);
//取得公钥
X509EncodedKeySpecx509KeySpec=newX509EncodedKeySpec(keyBytes);
KeyFactorykeyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
KeypublicKey=keyFactory.generatePublic(x509KeySpec);
//对数据加密
Ciphercipher=Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE,publicKey);
returncipher.doFinal(data);
}
/**
*加密
*用私钥加密
*
*@paramdata
*@paramkey
*@return
*@throwsException
*/
publicstaticbyte[]encryptByPrivateKey(byte[]data,Stringkey)
throwsException{
//对密钥解密
byte[]keyBytes=decryptBASE64(key);
//取得私钥
PKCS8EncodedKeySpecpkcs8KeySpec=newPKCS8EncodedKeySpec(keyBytes);
KeyFactorykeyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
KeyprivateKey=keyFactory.generatePrivate(pkcs8KeySpec);
//对数据加密
Ciphercipher=Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE,privateKey);
returncipher.doFinal(data);
}
/**
*取得私钥
*
*@paramkeyMap
*@return
*@throwsException
*/
publicstaticStringgetPrivateKey(MapkeyMap)
throwsException{
Keykey=(Key)keyMap.get(PRIVATE_KEY);
returnencryptBASE64(key.getEncoded());
}
/**
*取得公钥
*
*@paramkeyMap
*@return
*@throwsException
*/
publicstaticStringgetPublicKey(MapkeyMap)
throwsException{
Keykey=(Key)keyMap.get(PUBLIC_KEY);
returnencryptBASE64(key.getEncoded());
}
/**
*初始化密钥
*
*@return
*@throwsException
*/
publicstaticMapinitKey()throwsException{
KeyPairGeneratorkeyPairGen=KeyPairGenerator
.getInstance(KEY_ALGORITHM);
keyPairGen.initialize(1024);
KeyPairkeyPair=keyPairGen.generateKeyPair();
//公钥
RSAPublicKeypublicKey=(RSAPublicKey)keyPair.getPublic();
//私钥
RSAPrivateKeyprivateKey=(RSAPrivateKey)keyPair.getPrivate();
MapkeyMap=newHashMap
(2);
keyMap.put(PUBLIC_KEY,publicKey);
keyMap.put(PRIVATE_KEY,privateKey);
returnkeyMap;
}
}
importjava.security.Key;
importjava.security.KeyFactory;
importjava.security.KeyPair;
importjava.security.KeyPairGenerator;
importjava.security.PrivateKey;
importjava.security.PublicKey;
importjava.security.Signature;
importjava.security.interfaces.RSAPrivateKey;
importjava.security.interfaces.RSAPublicKey;
importjava.security.spec.PKCS8EncodedKeySpec;
importjava.security.spec.X509EncodedKeySpec;
importjava.util.HashMap;
importjava.util.Map;
importjavax.crypto.Cipher;
/**
*RSA安全编码组件
*
*@author梁栋
*@version1.0
*@since1.0
*/
publicabstractclassRSACoderextendsCoder{
publicstaticfinalStringKEY_ALGORITHM="RSA";
publicstaticfinalStringSIGNATURE_ALGORITHM="MD5withRSA";
privatestaticfinalStringPUBLIC_KEY="RSAPublicKey";
privatestaticfinalStringPRIVATE_KEY="RSAPrivateKey";
/**
*用私钥对信息生成数字签名
*
*@paramdata
*加密数据
*@paramprivateKey
*私钥
*
*@return
*@throwsException
*/
publicstaticStringsign(byte[]data,StringprivateKey)throwsException{
//解密由base64编码的私钥
byte[]keyBytes=decryptBASE64(privateKey);
//构造PKCS8EncodedKeySpec对象
PKCS8EncodedKeySpecpkcs8KeySpec=newPKCS8EncodedKeySpec(keyBytes);
//KEY_ALGORITHM指定的加密算法
KeyFactorykeyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
//取私钥匙对象
PrivateKeypriKey=keyFactory.generatePrivate(pkcs8KeySpec);
//用私钥对信息生成数字签名
Signaturesignature=Signature.getInstance(SIGNATURE_ALGORITHM);
signature.initSign(priKey);
signature.update(data);
returnencryptBASE64(signature.sign());
}
/**
*校验数字签名
*
*@paramdata
*加密数据
*@parampublicKey
*公钥
*@paramsign
*数字签名
*
*@return校验成功返回true失败返回false
*@throwsException
*
*/
publicstaticbooleanverify(byte[]data,StringpublicKey,Stringsign)
throwsException{
//解密由base64编码的公钥
byte[]keyBytes=decryptBASE64(publicKey);
//构造X509EncodedKeySpec对象
X509EncodedKeySpeckeySpec=newX509EncodedKeySpec(keyBytes);
//KEY_ALGORITHM指定的加密算法
KeyFactorykeyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
//取公钥匙对象
PublicKeypubKey=keyFactory.generatePublic(keySpec);
Signaturesignature=Signature.getInstance(SIGNATURE_ALGORITHM);
signature.initVerify(pubKey);
signature.update(data);
//验证签名是否正常
returnsignature.verify(decryptBASE64(sign));
}
/**
*解密
*用私钥解密
*
*@paramdata
*@paramkey
*@return
*@throwsException
*/
publicstaticbyte[]decryptByPrivateKey(byte[]data,Stringkey)
throwsException{
//对密钥解密
byte[]keyBytes=decryptBASE64(key);
//取得私钥
PKCS8EncodedKeySpecpkcs8KeySpec=newPKCS8EncodedKeySpec(keyBytes);
KeyFactorykeyFactory=KeyFactory.getInstance(KEY_ALGORITHM);
KeyprivateKey=keyFactory.generatePrivate(pkcs8KeySpec);
//对数据解密
Ciphercipher=Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE,privateKey);
returncipher.doFinal(data);
}
/**
*解密
*用私钥解密
*
*@paramdata
*@paramkey
*@return
*@throwsException
*/
publicstaticbyte[]decryptByPublicKey(byte[]data,Stringkey)
throwsException{
//对密钥解密
升级会员 