RSA加密解密

最新推荐文章于 2021-04-26 14:47:55 发布

码笼包

最新推荐文章于 2021-04-26 14:47:55 发布

阅读量361

点赞数

CC 4.0 BY-SA版权

分类专栏：安全文章标签： RSA

本文链接：https://blog.youkuaiyun.com/Abracadabra__/article/details/84974807

安全专栏收录该内容

2 篇文章

订阅专栏

1.RSA：非对称加密
1、每个用户拥用一对密钥加密：公钥和私钥。
2、公钥加密，私钥解密；私钥加密，公钥解密。
公钥加密实现：发送方用接收方的公钥加密自己的密钥，接收方用自己的私钥解密得到发送方的密钥，逆过来亦然，从而实现密钥交换。
通信过程

2. RSA编码实现
RsaUtil.java

package SINO.encrypt.ras;

import java.security.KeyPair;
import java.security.KeyPairGenerator;
import SINO.encrypt.base64.BASE64Tools;
import java.io.ByteArrayOutputStream;
import java.security.Key;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
 
import javax.crypto.Cipher;


public class RsaUtil {
	 /**
     * 加密算法RSA
     */
    public static final String KEY_ALGORITHM = "RSA";
    
    /** 
     * 签名算法
     */
    public static final String SIGNATURE_ALGORITHM = "MD5withRSA";
 
    /** 
     * 获取公钥的key
     */
    private static final String PUBLIC_KEY = "RSAPublicKey";
    
    /**
     * 获取私钥的key
     */
    private static final String PRIVATE_KEY = "RSAPrivateKey";
	
	/**
	 * RSA最大加密明文大小
	 */
	private static final int MAX_ENCRYPT_BLOCK = 117;

	/** 
	 * RSA最大解密密文大小
	 */
	private static final int MAX_DECRYPT_BLOCK = 128;


	/**
	 * 生成密钥对
	 * @return 长度为2的String数组，分别为BASE64编码的公钥和密钥
	 * @throws Exception
	 */
	public static String[] generateKeyPair(int KEY_SIZE) throws Exception {
		KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(KEY_ALGORITHM);
		keyPairGen.initialize(KEY_SIZE);

		KeyPair keyPair = keyPairGen.generateKeyPair();
		System.out.println("keyPair.getPublic():"+keyPair.getPublic());
		System.out.println("keyPair.getPrivate():"+keyPair.getPrivate());
		String publicKey = BASE64Tools.encrypt(keyPair.getPublic().getEncoded());
		String privateKey = BASE64Tools.encrypt(keyPair.getPrivate().getEncoded());
		return new String[] { publicKey, privateKey };
	}


	/**
	 * 生成密钥对(公钥和私钥)
	 * @return
	 * @throws Exception
	 */
	public static Map<String, Object> genKeyPair() throws Exception {
	    KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(KEY_ALGORITHM);
	    keyPairGen.initialize(1024);
	    KeyPair keyPair = keyPairGen.generateKeyPair();
	    RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
	    RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
	    Map<String, Object> keyMap = new HashMap<String, Object>(2);
	    keyMap.put(PUBLIC_KEY, publicKey);
	    keyMap.put(PRIVATE_KEY, privateKey);
	    return keyMap;
	}

	/**
	 * 用私钥对信息生成数字签名
	 * 
	 * @param data 已加密数据
	 * @param privateKey 私钥(BASE64编码)
	 * 
	 * @return
	 * @throws Exception
	 */
	public static String sign(byte[] data, String privateKey) throws Exception {
	    byte[] keyBytes = BASE64Tools.decrypt(privateKey);
	    PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
	    KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
	    PrivateKey privateK = keyFactory.generatePrivate(pkcs8KeySpec);
	    Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
	    signature.initSign(privateK);
	    signature.update(data);
	    return BASE64Tools.encrypt(signature.sign());
	}

	/**
	 * 校验数字签名
	 * @param data 已加密数据
	 * @param publicKey 公钥(BASE64编码)
	 * @param sign 数字签名
	 * 
	 * @return
	 * @throws Exception
	 * 
	 */
	public static boolean verify(byte[] data, String publicKey, String sign) throws Exception {
	    byte[] keyBytes = BASE64Tools.decrypt(publicKey);
	    X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
	    KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
	    PublicKey publicK = keyFactory.generatePublic(keySpec);
	    Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
	    signature.initVerify(publicK);
	    signature.update(data);
	    return signature.verify(BASE64Tools.decrypt(sign));
	}

	/**
	 * 私钥解密 
	 * @param encryptedData 已加密数据
	 * @param privateKey 私钥(BASE64编码)
	 * @return
	 * @throws Exception
	 */
	public static byte[] decryptByPrivateKey(byte[] encryptedData, String privateKey)
	        throws Exception {
	    byte[] keyBytes = BASE64Tools.decrypt(privateKey);
	    PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
	    KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
	    Key privateK = keyFactory.generatePrivate(pkcs8KeySpec);
	    Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
	    cipher.init(Cipher.DECRYPT_MODE, privateK);
	    int inputLen = encryptedData.length;
	    ByteArrayOutputStream out = new ByteArrayOutputStream();
	    int offSet = 0;
	    byte[] cache;
	    int i = 0;
	    // 对数据分段解密
	    while (inputLen - offSet > 0) {
	        if (inputLen - offSet > MAX_DECRYPT_BLOCK) {
	            cache = cipher.doFinal(encryptedData, offSet, MAX_DECRYPT_BLOCK);
	        } else {
	            cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet);
	        }
	        out.write(cache, 0, cache.length);
	        i++;
	        offSet = i * MAX_DECRYPT_BLOCK;
	    }
	    byte[] decryptedData = out.toByteArray();
	    out.close();
	    return decryptedData;
	}

	/**
	 * 公钥解密
	 * @param encryptedData 已加密数据
	 * @param publicKey 公钥(BASE64编码)
	 * @return
	 * @throws Exception
	 */
	public static byte[] decryptByPublicKey(byte[] encryptedData, String publicKey)
	        throws Exception {
	    byte[] keyBytes = BASE64Tools.decrypt(publicKey);
	    X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
	    KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
	    Key publicK = keyFactory.generatePublic(x509KeySpec);
	    Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
	    cipher.init(Cipher.DECRYPT_MODE, publicK);
	    int inputLen = encryptedData.length;
	    ByteArrayOutputStream out = new ByteArrayOutputStream();
	    int offSet = 0;
	    byte[] cache;
	    int i = 0;
	    // 对数据分段解密
	    while (inputLen - offSet > 0) {
	        if (inputLen - offSet > MAX_DECRYPT_BLOCK) {
	            cache = cipher.doFinal(encryptedData, offSet, MAX_DECRYPT_BLOCK);
	        } else {
	            cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet);
	        }
	        out.write(cache, 0, cache.length);
	        i++;
	        offSet = i * MAX_DECRYPT_BLOCK;
	    }
	    byte[] decryptedData = out.toByteArray();
	    out.close();
	    return decryptedData;
	}

	/**
	 * 公钥加密
	 * @param data 源数据
	 * @param publicKey 公钥(BASE64编码)
	 * @return
	 * @throws Exception
	 */
	public static byte[] encryptByPublicKey(byte[] data, String publicKey)
	        throws Exception {
	    byte[] keyBytes = BASE64Tools.decrypt(publicKey);
	    X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
	    KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
	    Key publicK = keyFactory.generatePublic(x509KeySpec);
	    // 对数据加密
	    Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
	    cipher.init(Cipher.ENCRYPT_MODE, publicK);
	    int inputLen = data.length;
	    ByteArrayOutputStream out = new ByteArrayOutputStream();
	    int offSet = 0;
	    byte[] cache;
	    int i = 0;
	    // 对数据分段加密
	    while (inputLen - offSet > 0) {
	        if (inputLen - offSet > MAX_ENCRYPT_BLOCK) {
	            cache = cipher.doFinal(data, offSet, MAX_ENCRYPT_BLOCK);
	        } else {
	            cache = cipher.doFinal(data, offSet, inputLen - offSet);
	        }
	        out.write(cache, 0, cache.length);
	        i++;
	        offSet = i * MAX_ENCRYPT_BLOCK;
	    }
	    byte[] encryptedData = out.toByteArray();
	    out.close();
	    return encryptedData;
	}

	/** 
	 * 私钥加密
	 * @param data 源数据
	 * @param privateKey 私钥(BASE64编码)
	 * @return
	 * @throws Exception
	 */
	public static byte[] encryptByPrivateKey(byte[] data, String privateKey)
	        throws Exception {
	    byte[] keyBytes = BASE64Tools.decrypt(privateKey);
	    PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
	    KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
	    Key privateK = keyFactory.generatePrivate(pkcs8KeySpec);
	    Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
	    cipher.init(Cipher.ENCRYPT_MODE, privateK);
	    int inputLen = data.length;
	    ByteArrayOutputStream out = new ByteArrayOutputStream();
	    int offSet = 0;
	    byte[] cache;
	    int i = 0;
	    // 对数据分段加密
	    while (inputLen - offSet > 0) {
	        if (inputLen - offSet > MAX_ENCRYPT_BLOCK) {
	            cache = cipher.doFinal(data, offSet, MAX_ENCRYPT_BLOCK);
	        } else {
	            cache = cipher.doFinal(data, offSet, inputLen - offSet);
	        }
	        out.write(cache, 0, cache.length);
	        i++;
	        offSet = i * MAX_ENCRYPT_BLOCK;
	    }
	    byte[] encryptedData = out.toByteArray();
	    out.close();
	    return encryptedData;
	}

	/**
	 * 获取私钥
	 * @param keyMap 密钥对
	 * @return
	 * @throws Exception
	 */
	public static String getPrivateKey(Map<String, Object> keyMap) throws Exception {
	    Key key = (Key) keyMap.get(PRIVATE_KEY);
	    return BASE64Tools.encrypt(key.getEncoded());
	}

	/**
	 * 获取公钥
	 * @param keyMap 密钥对
	 * @return
	 * @throws Exception
	 */
	public static String getPublicKey(Map<String, Object> keyMap) throws Exception {
	    Key key = (Key) keyMap.get(PUBLIC_KEY);
	    return BASE64Tools.encrypt(key.getEncoded());
	}

	public static void main(String[] args) throws Exception {
		Map<String, Object> keyPair = genKeyPair();
		System.out.println("公钥=" + keyPair.get(PUBLIC_KEY));
		System.out.println("私钥=" + keyPair.get(PRIVATE_KEY));
		
		System.out.println();
		String[] keyPairStr = generateKeyPair(1024);
		System.out.println("SINO公钥=" + keyPairStr[0]);
		System.out.println("SINO私钥=" + keyPairStr[1]);
		
		Map<String, Object> keyMap = RsaUtil.genKeyPair();
		String publicKey = RsaUtil.getPublicKey(keyMap);
		String privateKey = RsaUtil.getPrivateKey(keyMap);
		System.out.println("公钥=" + publicKey);
		System.out.println("私钥=" + privateKey);
		
	}
}

BASE64Tools.java

package SINO.encrypt.base64;

import java.io.File;
import java.io.ByteArrayOutputStream;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.OutputStream;

import com.thoughtworks.xstream.core.util.Base64Encoder;
/**
 * BASE64加密解密工具
 * @author huangpeijun
 */
public class BASE64Tools {
	/**
	 * 使用Cipher解密信息
	 * @param data 待解密的信息
	 * @return 解密后的信息
	 * @throws Exception
	 */
	public static byte[] decrypt(String data) throws Exception {
		return (new Base64Encoder()).decode(data);	
	}
	
	/**
	 * 使用BASE64加密信息
	 * @param data 待加密的信息
	 * @return 加密后的信息
	 * @throws Exception
	 */
	public static String encrypt(byte[] data) throws Exception { 
		return (new Base64Encoder()).encode(data);
	}
	

	public static void main(String[] args) throws Exception {
		byte[] a = "HelloWorld!".getBytes();
		String encode = encrypt(a);
		System.out.println("加密：" + encode);
		byte[] decode = decrypt(encode);
		System.out.println("解密：" + new String(decode));
	}
}

RSATester.java

package SINO.encrypt.ras;
import java.util.Map;

public class RSATester {
 
    static String publicKey;
    static String privateKey;
 
    static {
        try {
            Map<String, Object> keyMap = RsaUtil.genKeyPair();
            publicKey = RsaUtil.getPublicKey(keyMap);
            privateKey = RsaUtil.getPrivateKey(keyMap);
            System.err.println("公钥: \n\r" + publicKey);
            System.err.println("私钥： \n\r" + privateKey);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
    
    public static void main(String[] args) throws Exception {
        test();
        testSign();
    }
 
    static void test() throws Exception {
        System.err.println("公钥加密——私钥解密");
        String source = "HelloWord";
        System.out.println("\r加密前文字：\r\n" + source);
        
        System.out.println();
        byte[] data = source.getBytes();
        byte[] encodedData = RsaUtil.encryptByPublicKey(data, publicKey);
        System.out.println("公钥加密后文字：\r\n" + new String(encodedData));
        
        System.out.println();
        byte[] decodedData = RsaUtil.decryptByPrivateKey(encodedData, privateKey);
        String target = new String(decodedData);
        System.out.println("私钥解密后文字: \r\n" + target);
    }
 
    static void testSign() throws Exception {
    	System.out.println();
        System.err.println("私钥加密——公钥解密");
        String source = "BigWorld";
        System.out.println("原文字：\r\n" + source);
        
        System.out.println();
        byte[] data = source.getBytes();
        byte[] encodedData = RsaUtil.encryptByPrivateKey(data, privateKey);
        System.out.println("私钥加密后：\r\n" + new String(encodedData));
        
        System.out.println();
        byte[] decodedData = RsaUtil.decryptByPublicKey(encodedData, publicKey);
        String target = new String(decodedData);
        System.out.println("公钥解密后: \r\n" + target);
        
        System.out.println();
        System.err.println("私钥签名——公钥验证签名");
        String sign = RsaUtil.sign(encodedData, privateKey);
        System.err.println("签名:\r" + sign);
        boolean status = RsaUtil.verify(encodedData, publicKey, sign);
        System.err.println("验证结果:\r" + status);
    }
}