非對稱加密
阿新 • • 發佈:2017-06-04
數據加密 bytes codebase 私鑰 .get comm x509 公鑰 except
非對稱加密為數據的加密與解密提供了一個非常安全的方法,它使用了一對密鑰,公鑰(public key)和私鑰(private key)。私鑰只能由一方安全保管,不能外泄,而公鑰則可以發給任何請求它的人。非對稱加密使用這對密鑰中的一個進行加密,而解密則需要另一個密鑰。比如,你向銀行請求公鑰,銀行將公鑰發給你,你使用公鑰對消息加密,那麽只有私鑰的持有人--銀行才能對你的消息解密。與對稱加密不同的是,銀行不需要將私鑰通過網絡發送出去,因此安全性大大提高。
目前最常用的非對稱加密算法是RSA算法,是Rivest, Shamir, 和Adleman於1978年發明,他們那時都是在MIT。
以下是RSA運行實例:
package Utils;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import org.apache.commons.codec.binary.Base64;
public class RSAUtils {
/**
* 生成非對稱密鑰對
* @return
* @throws Exception
*/
public static KeyPair genKeyPair() throws Exception{
KeyPairGenerator keyp = KeyPairGenerator.getInstance("RSA");
keyp.initialize(1024);
return keyp.generateKeyPair();
}
public static String getPublicKey() throws Exception{
Key key = genKeyPair().getPublic();
byte[] bytekey = key.getEncoded();
byte[] byte64 = Base64.encodeBase64(bytekey);//將字符編碼為base64編碼
String keystr = new String(byte64,"UTF-8");
return keystr;
}
public static String getPrivateKey() throws Exception{
Key key = genKeyPair().getPrivate();
byte[] bytekey = key.getEncoded();
byte[] byte64 = Base64.encodeBase64(bytekey);//將字符編碼為base64編碼
String keystr = new String(byte64,"UTF-8");
return keystr;
}
/**
* 加密
* @param src
* @param key
* @return
* @throws Exception
*/
public static byte[] encrypt(byte[] src,String key) throws Exception{
// byte[] bytekey = key.getBytes("UTF-8");
// byte[] byte64 = Base64.decodeBase64(bytekey);
byte[] byte64 = Base64.decodeBase64(key);
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(byte64);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
Key publicKey = keyFactory.generatePublic(x509KeySpec);
// 對數據加密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
return cipher.doFinal(src);
}
/**
* 解密
* @param src
* @param key
* @return
* @throws Exception
*/
public static byte[] decrypt(byte[] src,String key) throws Exception{
// byte[] bytekey = key.getBytes("UTF-8");
// byte[] byte64 = Base64.decodeBase64(bytekey);
byte[] byte64 = Base64.decodeBase64(key);
// 取得私鑰
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(byte64);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
Key privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
// 對數據解密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, privateKey);
return cipher.doFinal(src);
}
public static void main(String[] arg) throws Exception{
String name = "2";
byte[] bytes= name.getBytes("UTF-8");
String pubKey = getPublicKey();
String priKey = getPrivateKey();
byte[] bytes1 = encrypt(bytes,pubKey);
byte[] byte64 = Base64.encodeBase64(bytes1);
String name1 = new String(byte64,"UTF-8");
System.out.println(name1);
System.out.println("===========");
byte[] bytes2 = name1.getBytes("UTF-8");
byte[] bytes3 = decrypt(bytes2,priKey);
byte[] byte641 = Base64.encodeBase64(bytes1);
String name2 = new String(byte641,"UTF-8");
System.out.println(name2);
}
}
非對稱加密