1 非對(duì)稱加密算法

1.1 概述

　　1976年，美國(guó)學(xué)者Dime和Henman為解決信息公開(kāi)傳送和密鑰管理問(wèn)題，提出一種新的密鑰交換協(xié)議，允許在不安全的媒體上的通訊雙方交換信息，安全地達(dá)成一致的密鑰，這就是“公開(kāi)密鑰系統(tǒng)”。

與對(duì)稱加密算法不同，非對(duì)稱加密算法需要兩個(gè)密鑰：公開(kāi)密鑰（publickey）和私有密鑰（privatekey）。公開(kāi)密鑰與私有密鑰是一對(duì)，如果用公開(kāi)密鑰對(duì)數(shù)據(jù)進(jìn)行加密，只有用對(duì)應(yīng)的私有密鑰才能解密；如果用私有密鑰對(duì)數(shù)據(jù)進(jìn)行加密，那么只有用對(duì)應(yīng)的公開(kāi)密鑰才能解密。因?yàn)榧用芎徒饷苁褂玫氖莾蓚€(gè)不同的密鑰，所以這種算法叫作非對(duì)稱加密算法。

1.2 加密流程

如下圖所示，甲乙之間使用非對(duì)稱加密的方式完成了重要信息的安全傳輸。 　　非對(duì)稱加密工作過(guò)程簡(jiǎn)要示意圖 1、乙方生成一對(duì)密鑰（公鑰和私鑰）并將公鑰向其它方公開(kāi)。 2、得到該公鑰的甲方使用該密鑰對(duì)機(jī)密信息進(jìn)行加密后再發(fā)送給乙方。 3、乙方再用自己保存的另一把專用密鑰（私鑰）對(duì)加密后的信息進(jìn)行解密。乙方只能用其專用密鑰（私鑰）解密由對(duì)應(yīng)的公鑰加密后的信息。 在傳輸過(guò)程中，即使攻擊者截獲了傳輸?shù)拿芪?#xff0c;并得到了乙的公鑰，也無(wú)法破解密文，因?yàn)橹挥幸业乃借€才能解密密文。 同樣，如果乙要回復(fù)加密信息給甲，那么需要甲先公布甲的公鑰給乙用于加密，甲自己保存甲的私鑰用于解密。

2 RSA加密算法

2.1 概述

　　RSA是目前最有影響力和最常用的公鑰加密算法，它能夠抵抗到目前為止已知的絕大多數(shù)密碼攻擊，已被ISO推薦為公鑰數(shù)據(jù)加密標(biāo)準(zhǔn)。

RSA公開(kāi)密鑰密碼體制。所謂的公開(kāi)密鑰密碼體制就是使用不同的加密密鑰與解密密鑰，是一種“由已知加密密鑰推導(dǎo)出解密密鑰在計(jì)算上是不可行的”密碼體制。 在公開(kāi)密鑰密碼體制中，加密密鑰（即公開(kāi)密鑰）PK是公開(kāi)信息，而解密密鑰（即秘密密鑰）SK是需要保密的。加密算法E和解密算法D也都是公開(kāi)的。雖然解密密鑰SK是由公開(kāi)密鑰PK決定的，但卻不能根據(jù)PK計(jì)算出SK。 正是基于這種理論，1978年出現(xiàn)了著名的RSA算法，它通常是先生成一對(duì)RSA 密鑰，其中之一是保密密鑰，由用戶保存；另一個(gè)為公開(kāi)密鑰，可對(duì)外公開(kāi)，甚至可在網(wǎng)絡(luò)服務(wù)器中注冊(cè)。為提高保密強(qiáng)度，RSA密鑰至少為500位長(zhǎng)，一般推薦使用1024位。這就使加密的計(jì)算量很大。為減少計(jì)算量，在傳送信息時(shí)，常采用傳統(tǒng)加密方法與公開(kāi)密鑰加密方法相結(jié)合的方式，即信息采用改進(jìn)的DES或IDEA對(duì)話密鑰加密，然后使用RSA密鑰加密對(duì)話密鑰和信息摘要。對(duì)方收到信息后，用不同的密鑰解密并可核對(duì)信息摘要。 RSA算法是第一個(gè)能同時(shí)用于加密和數(shù)字簽名的算法，也易于理解和操作。RSA是被研究得最廣泛的公鑰算法，從提出到現(xiàn)今的三十多年里，經(jīng)歷了各種攻擊的考驗(yàn)，逐漸為人們接受，普遍認(rèn)為是目前最優(yōu)秀的公鑰方案之一。

2.2??算法實(shí)現(xiàn)過(guò)程

1. 隨意選擇兩個(gè)大的質(zhì)數(shù)p和q，p不等于q，計(jì)算N=pq。 2. 根據(jù)歐拉函數(shù)，不大于N且與N互質(zhì)的整數(shù)個(gè)數(shù)為(p-1)(q-1)。 3. 選擇一個(gè)整數(shù)e與(p-1)(q-1)互質(zhì)，并且e小于(p-1)(q-1)。 4. 用以下這個(gè)公式計(jì)算d：d× e ≡ 1 (mod (p-1)(q-1))。 5. 將p和q的記錄銷(xiāo)毀。 以上內(nèi)容中，(N,e)是公鑰，(N,d)是私鑰。

?2.3 算法缺點(diǎn)

　　1）產(chǎn)生密鑰很麻煩，受到素?cái)?shù)產(chǎn)生技術(shù)的限制，因而難以做到一次一密。

　　2）安全性，RSA的安全性依賴于大數(shù)的因子分解，但并沒(méi)有從理論上證明破譯RSA的難度與大數(shù)分解難度等價(jià)，而且密碼學(xué)界多數(shù)人士?jī)A向于因子分解不是NP問(wèn)題。

　　3）速度太慢，由于RSA 的分組長(zhǎng)度太大，為保證安全性，n 至少也要 600 bits以上，使運(yùn)算代價(jià)很高，尤其是速度較慢，較對(duì)稱密碼算法慢幾個(gè)數(shù)量級(jí)；且隨著大數(shù)分解技術(shù)的發(fā)展，這個(gè)長(zhǎng)度還在增加，不利于數(shù)據(jù)格式的標(biāo)準(zhǔn)化。

2.4 java代碼實(shí)現(xiàn)加解密

1 package xin.dreaming.rsa; 2 3 import java.io.ByteArrayOutputStream; 4 import java.io.UnsupportedEncodingException; 5 import java.security.Key; 6 import java.security.KeyFactory; 7 import java.security.KeyPair; 8 import java.security.KeyPairGenerator; 9 import java.security.NoSuchAlgorithmException; 10 import java.security.interfaces.RSAPrivateKey; 11 import java.security.interfaces.RSAPublicKey; 12 import java.security.spec.PKCS8EncodedKeySpec; 13 import java.security.spec.X509EncodedKeySpec; 14 import java.util.HashMap; 15 import java.util.Map; 16 17 import javax.crypto.Cipher; 18 19 import org.bouncycastle.util.encoders.Base64; 20 21 /** 22 * Rsa工具類(lèi) 23 * 24 * @author DREAMING.XIN 25 * 26 */ 27 public abstract class RsaUtils { 28 /** 29 * 生成公鑰私鑰對(duì)，使用默認(rèn)模長(zhǎng)1024。 30 * 31 * @return Object[] : 0:公鑰( RSAPublicKey )，1:私鑰( RSAPrivateKey ) 32 */ 33 34 private static final int DEFAULT_KEY_LEN = 2048; 35 36 public static Map<String, String> genKeyPair() { 37 return genKeyPair(DEFAULT_KEY_LEN); 38 39 } 40 41 /** 42 * 指定模長(zhǎng)生成公私鑰對(duì) 43 * 44 * @param modulus 45 * @return 46 */ 47 public static Map<String, String> genKeyPair(int modulus) { 48 KeyPairGenerator keyPairGen; 49 try { 50 keyPairGen = KeyPairGenerator.getInstance("RSA"); 51 keyPairGen.initialize(modulus); 52 KeyPair keyPair = keyPairGen.generateKeyPair(); 53 54 Map<String, String> keyMaps = new HashMap<String, String>(); 55 RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); 56 keyMaps.put("publicKey", new String(Base64.encode(publicKey.getEncoded()))); 57 RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate(); 58 keyMaps.put("privateKey", new String(Base64.encode(privateKey.getEncoded()))); 59 60 return keyMaps; 61 } catch (NoSuchAlgorithmException e) { 62 throw new RuntimeException(e); 63 } 64 } 65 66 /** 67 * 公鑰加密 68 * 69 * @param publicKeyBytes 70 * @param data 71 * @param modulus 72 * 公鑰模長(zhǎng)，范圍512-2048。 73 * @return 74 */ 75 public static byte[] encryptByPublicKey(byte[] publicKeyBytes, byte[] data, int modulus) { 76 try { 77 // RSA最大加密明文大小 78 int maxEncryptBlock = modulus / 8 - 11; 79 80 X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(publicKeyBytes); 81 KeyFactory keyFactory = KeyFactory.getInstance("RSA"); 82 Key publicK = keyFactory.generatePublic(x509KeySpec); 83 Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); 84 cipher.init(Cipher.ENCRYPT_MODE, publicK); 85 int inputLen = data.length; 86 ByteArrayOutputStream out = new ByteArrayOutputStream(); 87 int offSet = 0; 88 byte[] cache; 89 int i = 0; 90 while (inputLen - offSet > 0) { 91 if (inputLen - offSet > maxEncryptBlock) { 92 cache = cipher.doFinal(data, offSet, maxEncryptBlock); 93 } else { 94 cache = cipher.doFinal(data, offSet, inputLen - offSet); 95 } 96 out.write(cache, 0, cache.length); 97 i++; 98 offSet = i * maxEncryptBlock; 99 } 100 byte[] encryptedData = out.toByteArray(); 101 out.close(); 102 return encryptedData; 103 } catch (Exception e) { 104 throw new RuntimeException(e); 105 } 106 107 } 108 109 /** 110 * 公鑰加密，密鑰模長(zhǎng)使用默認(rèn)長(zhǎng)度1024。 111 * 112 * @param publicKeyBytes 113 * 公鑰RSAPublicKey getEncoded() 114 * @param data 115 * 要加密的字節(jié)數(shù)組 116 */ 117 public static byte[] encryptByPublicKey(byte[] publicKeyBytes, byte[] data) { 118 return encryptByPublicKey(publicKeyBytes, data, DEFAULT_KEY_LEN); 119 } 120 121 /** 122 * 公鑰解密 123 * 124 * @param publicKeyBytes 125 * 公鑰RSAPublicKey getEncoded() 126 * @param encryptedData 127 * 被(私鑰)加密過(guò)的字節(jié)數(shù)組 128 * @param modulus 129 * 模長(zhǎng)，范圍512-2048 130 * @return 131 */ 132 public static byte[] decryptByPublicKey(byte[] publicKeyBytes, byte[] encryptedData, int modulus) { 133 // RSA最大解密密文大小 134 int maxDecryptBlock = modulus / 8; 135 try { 136 X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(publicKeyBytes); 137 KeyFactory keyFactory = KeyFactory.getInstance("RSA"); 138 Key publicK = keyFactory.generatePublic(x509KeySpec); 139 Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); 140 cipher.init(Cipher.DECRYPT_MODE, publicK); 141 int inputLen = encryptedData.length; 142 ByteArrayOutputStream out = new ByteArrayOutputStream(); 143 int offSet = 0; 144 byte[] cache; 145 int i = 0; 146 // 對(duì)數(shù)據(jù)分段解密 147 while (inputLen - offSet > 0) { 148 if (inputLen - offSet > maxDecryptBlock) { 149 cache = cipher.doFinal(encryptedData, offSet, maxDecryptBlock); 150 } else { 151 cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet); 152 } 153 out.write(cache, 0, cache.length); 154 i++; 155 offSet = i * maxDecryptBlock; 156 } 157 byte[] decryptedData = out.toByteArray(); 158 out.close(); 159 return decryptedData; 160 } catch (Exception e) { 161 throw new RuntimeException(e); 162 } 163 } 164 165 /** 166 * 公鑰解密，默認(rèn)模長(zhǎng)1024 167 * 168 * @param publicKeyBytes 169 * 公鑰RSAPublicKey getEncoded() 170 * @param encryptedData 171 * 被(私鑰)加密過(guò)的字節(jié)數(shù)組 172 */ 173 public static byte[] decryptByPublicKey(byte[] publicKeyBytes, byte[] encryptedData) { 174 return decryptByPublicKey(publicKeyBytes, encryptedData, DEFAULT_KEY_LEN); 175 } 176 177 /** 178 * 私鑰加密 179 * 180 * @param privateKeyBytes 181 * 私鑰RSAPrivateKey getEncoded() 182 * @param data 183 * 要加密的字節(jié)數(shù)組 184 * @param modulus 185 * 模長(zhǎng)，范圍512-2048。 186 */ 187 public static byte[] encryptByPrivateKey(byte[] privateKeyBytes, byte[] data, int modulus) { 188 try { 189 // RSA最大加密明文大小 190 int maxEncryptBlock = modulus / 8 - 11; 191 192 PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(privateKeyBytes); 193 KeyFactory keyFactory = KeyFactory.getInstance("RSA"); 194 Key privateK = keyFactory.generatePrivate(pkcs8KeySpec); 195 Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); 196 cipher.init(Cipher.ENCRYPT_MODE, privateK); 197 int inputLen = data.length; 198 ByteArrayOutputStream out = new ByteArrayOutputStream(); 199 int offSet = 0; 200 byte[] cache; 201 int i = 0; 202 while (inputLen - offSet > 0) { 203 if (inputLen - offSet > maxEncryptBlock) { 204 cache = cipher.doFinal(data, offSet, maxEncryptBlock); 205 } else { 206 cache = cipher.doFinal(data, offSet, inputLen - offSet); 207 } 208 out.write(cache, 0, cache.length); 209 i++; 210 offSet = i * maxEncryptBlock; 211 } 212 byte[] encryptedData = out.toByteArray(); 213 out.close(); 214 return encryptedData; 215 } catch (Exception e) { 216 throw new RuntimeException(e); 217 } 218 } 219 220 /** 221 * 私鑰加密，默認(rèn)模長(zhǎng)1024。 222 * 223 * @param privateKeyBytes 224 * 私鑰RSAPrivateKey getEncoded() 225 * @param data 226 * 要加密的字節(jié)數(shù)組 227 */ 228 public static byte[] encryptByPrivateKey(byte[] privateKeyBytes, byte[] data) { 229 return encryptByPrivateKey(privateKeyBytes, data, DEFAULT_KEY_LEN); 230 } 231 232 /** 233 * 私鑰解密 234 * 235 * @param privateKeyBytes 236 * 私鑰RSAPrivateKey getEncoded() 237 * @param encryptedData 238 * 被(公鑰)加密過(guò)的字節(jié)數(shù)組 239 * @param modulus 240 * 模長(zhǎng)，范圍512-2048 241 */ 242 public static byte[] decryptByPrivateKey(byte[] privateKeyBytes, byte[] encryptedData, int modulus) { 243 try { 244 // RSA最大解密密文大小 245 int maxDecryptBlock = modulus / 8; 246 247 PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(privateKeyBytes); 248 KeyFactory keyFactory = KeyFactory.getInstance("RSA"); 249 Key privateK = keyFactory.generatePrivate(pkcs8KeySpec); 250 Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); 251 cipher.init(Cipher.DECRYPT_MODE, privateK); 252 int inputLen = encryptedData.length; 253 ByteArrayOutputStream out = new ByteArrayOutputStream(); 254 int offSet = 0; 255 byte[] cache; 256 int i = 0; 257 while (inputLen - offSet > 0) { 258 if (inputLen - offSet > maxDecryptBlock) { 259 cache = cipher.doFinal(encryptedData, offSet, maxDecryptBlock); 260 } else { 261 cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet); 262 } 263 out.write(cache, 0, cache.length); 264 i++; 265 offSet = i * maxDecryptBlock; 266 } 267 byte[] decryptedData = out.toByteArray(); 268 out.close(); 269 return decryptedData; 270 } catch (Exception e) { 271 throw new RuntimeException(e); 272 } 273 } 274 275 /** 276 * 私鑰解密，默認(rèn)模長(zhǎng)1024。 277 * 278 * @param privateKeyBytes 279 * 私鑰RSAPrivateKey getEncoded() 280 * @param encryptedData 281 * 被(公鑰)加密過(guò)的字節(jié)數(shù)組 282 */ 283 public static byte[] decryptByPrivateKey(byte[] privateKeyBytes, byte[] encryptedData) { 284 return decryptByPrivateKey(privateKeyBytes, encryptedData, DEFAULT_KEY_LEN); 285 } 286 287 public static void main(String[] args) throws UnsupportedEncodingException { 288 // 加密原串 289 String value = "DREAMING.XIN"; 290 System.out.println("加密原串 ： "); 291 System.out.println(value); 292 System.out.println("------------------------------------------------------------------------------------------"); 293 // 生成公私鑰對(duì) 294 Map<String, String> genKeyPair = genKeyPair(); 295 296 System.out.println("自行生成公私鑰對(duì)： "); 297 System.out.println(genKeyPair); 298 System.out.println("------------------------------------------------------------------------------------------"); 299 byte[] encryptByPublicKey = encryptByPublicKey(Base64.decode(genKeyPair.get("publicKey").getBytes("utf-8")), 300 value.getBytes()); 301 302 // 3、Base64編碼 303 byte[] encode = Base64.encode(encryptByPublicKey); 304 305 System.out.println("最終加密結(jié)果： "); 306 String sign = new String(encode, "utf-8"); 307 System.out.println(new String(encode, "utf-8")); 308 System.out.println("------------------------------------------------------------------------------------------"); 309 310 // 1、簽名密文->Base64解碼->RSA解密 311 byte[] signCipherArr = decryptByPrivateKey(Base64.decode(genKeyPair.get("privateKey").getBytes("utf-8")), 312 Base64.decode(sign.getBytes("utf-8"))); 313 System.out.println("解密結(jié)果： "); 314 System.out.println(new String (signCipherArr)); 315 System.out.println("------------------------------------------------------------------------------------------"); 316 317 } 318 }

輸出結(jié)果：

加密原串 ： DREAMING.XIN ------------------------------------------------------------------------------------------ 自行生成公私鑰對(duì)： {publicKey=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmRw1oug/LBmpkRsubsKoeEBQvGeRfUTMX8fTEuLJqKuWfHkB6HJ/08xf/BYhbL+GrUFk5DR/lbJdnD9SEx0ZDZHecrjj262T67izwf7d+rB3o7z5w/3Pk3p3Ye6Ns7SdGM6D8O6InUK4mQFSBKQhw25BqPzUQKb4DY/S+I2OAx1/qVB56Na+if5H9ttP8nhVVnQZXheTPh5Say0+ySFEBb1i2sxJQuwFLbtA9RkKNFSSB2+4sBrn5fRmemu6OGToR/WQ8KFa96+u9X2t41HPxa7dTF+g9btkEMWwbiXkPatjD9JaNXKKrueIQoDt/FKonUZQ0AafSs8r/xsrb4pfwIDAQAB, privateKey=MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCSZHDWi6D8sGamRGy5uwqh4QFC8Z5F9RMxfx9MS4smoq5Z8eQHocn/TzF/8FiFsv4atQWTkNH+Vsl2cP1ITHRkNkd5yuOPbrZPruLPB/t36sHejvPnD/c+Tendh7o2ztJ0YzoPw7oidQriZAVIEpCHDbkGo/NRApvgNj9L4jY4DHX+pUHno1r6J/kf220/yeFVWdBleF5M+HlJrLT7JIUQFvWLazElC7AUtu0D1GQo0VJIHb7iwGufl9GZ6a7o4ZOhH9ZDwoVr3r671fa3jUc/Frt1MX6D1u2QQxbBuJeQ9q2MP0lo1coqu54hCgO38UqidRlDQBp9Kzyv/Gytvil/AgMBAAECggEAWWoJ1bExIkYoXHO8qPDKfLduytHDZ11aXMgVeMdHddC1h3CMY/D47P0U8dz+ZKNAO1XH0ysIaD3gDXzT5z3zdWYF4CkBNxFbP25FUEjC2qrDwUk1RjNlQ2PZbRrCrUlEGBynUQuue+9bN435/9x+9E54bcrkCd37EUZxAMtpbG+bZ8/sizBsIQYfiKlGV3FJ68OTnkCzvjltYmzWn4q1a6CDqN40G6IfBJD1g1ENkkKJvi4hu6U7LhkpI3oil4+zZuxdGNphICz6L5CQVn01MahnfJlNszQD1H0sq/G9ymHtzYyvq6Fu8URjksw4doaqYVRuGuZL58qP33BNSzilwQKBgQDHZDC5YgViTmqAC9/GGnm1Cwhi8SkbsG0j6jCRx4e6nYgux4TOg9V6MdzXrm/w6X5ZtTTDPoB4vn+l2pX8SGyO1c2JfaL3w+iMahSAee6CFDbBzmiF5b+PiiKmYKzrNTtjPNkcDsrwErIhiyplgkj/+gsiVAepliJRUVTVeApvHwKBgQC79EUDck2kwSMsw3kXb/ZUIG6BPH0j/A0xn7SqcsVc/Rt3WFzfUJV9qCsN9TwGm3lk8fIsdXYoLrm96MlNOU3uNUzwwYwqespkdJ5R6iniWA+LAVuGgHhDYk84VFDxcldMLlG16O7uuIoUSeXdVwCChx1OllKFxsEj1z6X4mPZoQKBgQCy883zI/FXGK/m+kE9aFehUCSXwH+3lTFvEWnD/MNpjqdB7NnaC2JWiFf/z1QycS1wT/zp2retJrQj47nHMi0USPluk67nFhIpq69423ZfksrOSHVw7xFtP3n3vz6S3zTMzTjCQNiMfQsYpfFIJ5VjAERr6+TwpIlqWEd+S3152wKBgH+t6FP3ChepvCNkhpYNUODFR0wzsy8Gwk+7lhdT8A7DQi1IsY5iR6sc2mKY/TXf2A9i7IiXIrUZSMRhpp33F6GCQ8opMPaKg4LKVeJ/mARSnfxn56zvCMN9vSMe4/2hFvyBWrCgk+9HHUW7DZPWzlndP2NrapPF+N5IEhVLjVkBAoGABqIvu4Vpgg3viiE6PRmlA0iAnAz2ZnaqPS7Xk8+Ua44rCxTE62Vhm5ZbfQQzxlqFL/32NnJ3+zG/ONnWqdkGkvE5N/7NZg5CNzTPVqn/PbUAQ1L01yzcAETqr1dMLhGqlMMLkdbLO8VzoagVRuE+jSOwl3a+5Yq/cu0TMKLhrAE=} ------------------------------------------------------------------------------------------ 最終加密結(jié)果： YmGXP+nSAY23ENUryid4zdE6KRAfFGhQWPJ4NAM1odZIEZCh5BbOtw437E85TdzABNE+NTDVogq+AI8WfAiD0yUpDukdRrZMb/IwG5k7xCgsVo0Tgt2SiH9bZFkvMaIIWH6d90muVtA/dyGHPSk/WmdgSl3QCcsZ3JAzMeadZwtL685eBhJD6hwXwKLfQj1OQBlLH3R9D5gBNGf36RHyi20LteTOKIR9lvMQPGbsnvspqi7t3xo5ajLpeuCr9azEovP0UFiiaxrkGLYMG2YM91r7JXUCn2gtVuDnXPFVVfOj84mN51229UJwQWBZe0BGPLSpROmOUZeWj2gjvuyqGg== ------------------------------------------------------------------------------------------ 解密結(jié)果： DREAMING.XIN ------------------------------------------------------------------------------------------

2.5 java代碼實(shí)現(xiàn)加簽驗(yàn)簽

1 package xin.dreaming.rsa; 2 3 import org.apache.commons.codec.binary.Base64; 4 5 import javax.crypto.Cipher; 6 import java.io.ByteArrayInputStream; 7 import java.security.KeyFactory; 8 import java.security.PrivateKey; 9 import java.security.PublicKey; 10 import java.security.Signature; 11 import java.security.cert.Certificate; 12 import java.security.cert.CertificateFactory; 13 import java.security.spec.PKCS8EncodedKeySpec; 14 15 /** 16 * 17 * @author DREAMING.XIN 18 * 19 */ 20 public class RSAUtil { 21 22 private static final String CHARSET = "UTF-8"; 23 24 private static final String algorithm = "SHA256withRSA"; 25 26 /** 27 * 網(wǎng)聯(lián)請(qǐng)求報(bào)文簽名 28 * 29 * @param privateKey 30 * 機(jī)構(gòu)私鑰字符串 31 * @param content 32 * 簽名原文 33 * @return 簽名密文 34 * @throws Exception 35 */ 36 public static String sign(String privateKey, String content) throws Exception { 37 Signature signature = Signature.getInstance(algorithm); 38 signature.initSign(convertPrivateKey(privateKey)); 39 signature.update(content.getBytes(CHARSET)); 40 return Base64.encodeBase64String(signature.sign()); 41 } 42 43 /** 44 * 網(wǎng)聯(lián)返回報(bào)文驗(yàn)簽 45 * 46 * @param publicKey 47 * 網(wǎng)聯(lián)公鑰字符串 48 * @param content 49 * 驗(yàn)簽原文報(bào)文 50 * @param signStr 51 * 網(wǎng)聯(lián)返回簽名字符串 52 * @return 驗(yàn)簽結(jié)果 53 * @throws Exception 54 */ 55 public static boolean vertify(String publicKey, String content, String signStr) throws Exception { 56 Signature signature = Signature.getInstance(algorithm); 57 signature.initVerify(convertPublicKey(publicKey)); 58 signature.update(content.getBytes(CHARSET)); 59 return signature.verify(Base64.decodeBase64(signStr.getBytes(CHARSET))); 60 } 61 62 /** 63 * 對(duì)稱密鑰公鑰加密 64 * 65 * @param publicKey 66 * 網(wǎng)聯(lián)公鑰字符串 67 * @param content 68 * 密鑰原文 69 * @return 加密密文 70 * @throws Exception 71 */ 72 public static String encryptByPublicKey(String publicKey, String content) throws Exception { 73 String result = null; 74 try { 75 Cipher cipher = cipher = Cipher.getInstance("RSA"); 76 cipher.init(Cipher.ENCRYPT_MODE, convertPublicKey(publicKey)); 77 byte[] encoded = cipher.doFinal(content.getBytes(CHARSET)); 78 result = Base64.encodeBase64String(encoded); 79 } catch (Exception e) { 80 81 } 82 return result; 83 } 84 85 /** 86 * 對(duì)稱密鑰密文解密 87 * 88 * @param privateKey 89 * 機(jī)構(gòu)私鑰字符串 90 * @param content 91 * 網(wǎng)聯(lián)對(duì)稱密鑰密文 92 * @return 對(duì)稱密鑰明文 93 * @throws Exception 94 */ 95 public static String decryptByPrivateKey(String privateKey, String content) throws Exception { 96 String result = null; 97 try { 98 Cipher cipher = cipher = Cipher.getInstance("RSA"); 99 cipher.init(Cipher.DECRYPT_MODE, convertPrivateKey(privateKey)); 100 byte[] encoded = cipher.doFinal(Base64.decodeBase64(content.getBytes(CHARSET))); 101 result = new String(encoded, CHARSET); 102 } catch (Exception e) { 103 } 104 return result; 105 } 106 107 public static PrivateKey convertPrivateKey(String keyStr) throws Exception { 108 PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(keyStr.getBytes(CHARSET))); 109 KeyFactory keyFactory = KeyFactory.getInstance("RSA"); 110 return keyFactory.generatePrivate(keySpec); 111 } 112 113 public static PublicKey convertPublicKey(String keyStr) throws Exception { 114 CertificateFactory certificateFactory = CertificateFactory.getInstance("X509"); 115 Certificate certificate = certificateFactory 116 .generateCertificate(new ByteArrayInputStream(Base64.decodeBase64(keyStr.getBytes(CHARSET)))); 117 return certificate.getPublicKey(); 118 } 119 120 public static void main(String[] args) throws Exception { 121 // 獲取私鑰 122 String privatekey = CertConfig.PrivateKey; 123 String publicKey = CertConfig.PublicKeyZ; 124 125 String sign = sign(privatekey, "DREAMING.XIN"); 126 127 System.out.println("加簽結(jié)果："+sign); 128 129 boolean vertify = vertify(publicKey,"DREAMING.XIN",sign); 130 131 System.out.println("驗(yàn)簽結(jié)果： "+vertify); 132 } 133 134 }

密鑰java類(lèi)：

1 package xin.dreaming.rsa; 2 3 public class CertConfig { 4 5 public static final String PrivateKey ="MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDtO4yND2EGec6InFURBZtE6TV5RB/GXmkrSADSor/zPEQsYT3TxD/d3snwOStAfyKbUEIdNHfOKYGLcnEUX7mokQoXn7/0Vtp6XV2+VuL/s8+Dx79iPQ1vpCqn8TN+VlL9bmL5gdd0jenmEJJRmWHV4DTypzXyLSRjMzZsOjcJMeXQDPGDxE5J8JIsz9mh9fggQjDnpPzjcF6X3qFBwq/w/LwZ/g8s2CdLQeql3TJ0hUFhrCt/Ii5bFaYQ/KbUbCXylQHpQ86tRicpSmMLVqNZuH0MnDAdhWVq3qMbYqsb8IkrlPKXh1VrZRI+lc0EvLyT8lvb6DISFbx7drJg4Y+3AgMBAAECggEAT1xwdHAEoUn2UbUasAsUGkV54gtsJcxHmncH728Kj7BFjiMpr8IjK3HwVDCLy5O8XADJXUPEIG+6KpAqTAqJ7V435hdG+9JiXDUHuzkNz0Sz0v3rhE2wRPzCWFRUSZtPQADBk35gOVmQOaqpiCqrlAThMZvGbDG1zom/Vw1Sg/xMY/Mloj/ycfGtNkVB05es5mcwWFJC+Mvj/qHJGc7PM5rw98+nFWZanzwvhrdQdSsA18FalCmeF3+n1bcOt+gCnZuq7/ZFpEuqK6dsj6mIZ5fnAB3P7S63foSQkqSYS8tFH+o8CU898wdJ1Ba26XnQ2ghX5X9zWP+oTYzuVPV1gQKBgQD5VzSr6fsj3CrjLuwQ7LqDemXC8n7AUDDQ5Z87yxpZZtPxu9CYdxxfBKfWjYskSTLm6DPyNQ8eqmpARBLGxRIKzXQF+5wLGqxr0FwSoBUM47uR68ChY4v4T84dxQ9RpNvbn8C+lPru+F2hrCWLwBnY1IGFxPWrro8qVUJCrvd+RwKBgQDzkY7ggsmf68kmVAj2JMwZ01o5vsCQbMZu+v79o5cvUxEmcQo2hb+0l/qizA/Vse/fOs9l7GDZN4nSwFzE141cVC7BmIqZpYxYSksGTlH7JcnuWdSZA4G1cK1rbJdR/M6zTPgTFkRjD1egFIK3P02fXu44toFkJb6CrNicssHrEQKBgC9Ma6Fw8UMMMNaHwCA1x+vI/CTO+1xf2eLGrD4beRQcfXgNuLQzZB5iM7RvhUWM3SsQQUpg5k1a5mzqfOVX3ORPtQKtiBxTIwIQtGaUF2oqiRpVLmVvDM491UuwZgeGzm4LD/UXLcLHOnvAvB6WglCvfyJxCmlW47GUGs2rgydhAoGBAJJ2t/T3kKjSz1118QGatQTenAXXV9JBJr37vrPk2HfDuq9kECEjIllFfpjAntEAs96Hbcm7b62PARizRdW0TLP1hzwxLz8fVpqM6jp7hD7CxX/HktkES85AWHgdj4zkuaMGKLLJlAwBYM7JJqVsso+gNR3zWTFQpRPNPmBT+doRAoGBANhtqTKRAcn4lBam2cOOMCLIrU+UEDDWfzgUUeBHFYTwwPLgRXCRyvgP9B+1r9IR3v18Rb0IJo2p0oDe7l/QM7iR53Vg2HVQ5vlgyvWrLODZQMss52vgvZJhetzFNxkT0UmGyug5Uy1Wf+BUH4lHgCnBOOUxgZoZdVJtgCyLr549"; 6 //簽名私鑰 7 //public static final String PrivateKey ="MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6WywVY3QjRicJyIWB4Huw3aEkUH4oOZQVpAPo1KL2yxx11A2l6WmdbsngxqI/fJIe69RyGbmzZr9vRD4VOlinRCbRJ4WXH061COG6lFBUi/K6hVX4HBgwE8svbNNnFuwLQBeds5XXWSKMSLTf9XTz+uiJLJA+pYaVMmrNzsEgN8nZTPjZrCWyzaAo1Wz7NOH1gLxRDpPYvIzufDxLKby0l5huqszQSsiEzV8eff/axskBLuOkCGd4LznwPvnzMU40JVMt1Bsh5XWpqY+A+woyslhPzax62u5af2dZ7cs8loL9WbA7Ia3ZuhfPwKF3MpUEKW+wyVyfIQc/uhaOea5zAgMBAAECggEAc11bpgYCcI/OPP04wRUyHWSmjC+UWdyDMv5tOSbhl7xXaw4SQOKFcmOScCcna/v3DVNbGiOY1VnHKt9pO4T6Otoy2YoI5mwIMoREEVgdfqmAYz2F4emqg6DNSReqq4gCKljMBeGV4lGY1JVx+68dbqimabz/sviPny8t9SiIYCN5/FcQtsH93EZPQSsWe047Fc5UgVmXdV3x+Bc+cCdso/P0yoCx18VL6krxF3LhOcQs53765rA6yWYFLActV65x32rn9P6+FGLg9nFyERaKujyRujZtSlBzfYi/L+/38wdddt2N+/R0JdooLvHgmlWlRndQcs81Ah/SM81k2r/V2QKBgQDsL0MgE2MQ4OcO8rBC0K+DTioOTNkrAiwxAiPlKW0n9jp5tr4KLRPcRU5gg34nskPfgxOU6gDK7HGvochPuAwv+3LP2lNGdpLsUtx00co0rmwHSiu3fr3iEnHG3pKCJvHW+KfZpqsgLksiXKCWH7AsSEVLwFgiLE8ibg995IuDjwKBgQDJ/bOSITae8uaGqiNs5bti9PEWhgDRR8FPMiTmBH2yllEzwLr94oPMdHTIXOW0U4+8ZcuV3et1vf5tjUbSHfGp1fRmHKJPjEPlLy9VfU6UiDxFdRChQPTWB1//l+bWJjYMrbsthwoEBeP+vL4hNfBkwgvCza7fAmDK60zDe2ck3QKBgDeGOOKejCiYptlFxpg+lTRqOMrZ2CgbP6ZZ2XRzU70UTtT0WCLuS//5rx5Ta2ILr5cpKn5UsNED2wouH3hWTU8ubuRccD1dfNbf+AHinAXch3sDPdnKivtN2L+m7Yx5eVtPY65wV0SefX1bh0kjs/gFGX1gf5exEP2IIE45X28TAoGBALfuEj9FiTRR4QLNGLcHtouUmZg167amTWutMJZXjpI5eLXUkTGwuu1JOjJdDToYQTF/zFOqocc0e+MMG2onpDBPyF3XQyGGiyi9v69sDEsKhz+EKuF7gbcHPi5DBwsH/n2rEV+SsNca+hKzkboyILXPUOBRZSRjSPpeKydyTmjtAoGAeEp+MatIX+SohXJe4uYak3zuoOCze4XqS9rH4wecSHn2J7jfOoZg2UzvOpEeKpfVngC6qfet8F2liWQ4UMcFC+ydnWfmVOF0KjkdV5gU8rlcF+mTs0cEOTF+3xf+nDMFkjC8XrQ5ZOqdSvDGkVfvFyzUkZ9DmqHbR3LQlf6OTFk="; 8 //驗(yàn)簽公鑰 9 public static final String PublicKey ="MIIESDCCAzCgAwIBAgIFQAAGiCkwDQYJKoZIhvcNAQELBQAwXTELMAkGA1UEBhMCQ04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEcMBoGA1UEAwwTQ0ZDQSBBQ1MgVEVTVCBPQ0EzMTAeFw0xNzAyMDkwMjI5NDdaFw0yMjAyMDkwMjI5NDdaMGkxCzAJBgNVBAYTAkNOMREwDwYDVQQKDAhPQ0EzMVJTQTENMAsGA1UECwwERVBDQzEZMBcGA1UECwwQT3JnYW5pemF0aW9uYWwtMTEdMBsGA1UEAwwURVBDQ0B3YW5nbGlhbkBaMTIzQDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZEowS2/FFgW/MNp1k+NUROPfQ1HHwN7N3dM6Q70T6hSOVYEpTVWTjrWYkcuZIItf4K1MGgzDuvJRJBefP1T4MpW1sfBzxJ+IJP5GGEFLNMXOR5+9f315eebULdfFfVH7qmrFuEsmpnu+t93AeZx2f4xQEtYEAU9j3+dUzx0qVNaVDa0oeUMlt209THbamgltQNhMRZpEQnKdLrPcS9lJ9vWwU9Ro3VSxsbCXSWnTs3tG2JUdsov22I6MV+vTassz5Da/uhhFCh7T6vGkplHnEcrtDb1hDvn0uyCHr+kONV1BEkYha0/TDU7Py8mC2I8tuZVERMxSlRr5mj2QAJDWNAgMBAAGjggEBMIH+MEYGCCsGAQUFBwEBBDowODA2BggrBgEFBQcwAYYqaHR0cDovLzIxMC43NC40Mi4xMTo4MDg1L29jc3Bfc2VydmVyL29jc3AvMB8GA1UdIwQYMBaAFJo9tK5lWPvOWgV4JqBtKwSGusbsMAwGA1UdEwEB/wQCMAAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovLzIxMC43NC40Mi4zL09DQTMxL1JTQS9jcmw4OS5jcmwwDgYDVR0PAQH/BAQDAgbAMB0GA1UdDgQWBBSAsKx7L3tslIlUn7nm21OT5uzXfDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggEBAIpP7adHCgrPoTGYLpZ4ENZO7t24G29ksaBd/BjmjEAAU1vqJkWPrrkgbr/llfpYJpMY/lYWUJFctNKp3TwU3ZMIKQ9fQAdi2mAPqWU8GBw/8C5FetBIBxB3g13C76KASgYCMTMTgPbdrRmFSyE0mOubcMwPC1g/S07TKsmGKMs5QaTZ36VAJU21fXXa/sqGeUSKzdmChoNkug8At+shnEU10ogSXfSv55lPGMISYeg7h3Hk2lwbOX0t6ugXgn6RjMDHqB5ZVDF0Kvrzmt++xFhTI5uyNk3t1Wr2Uz3MsDI4SNLcMu7EaTf8rrNPlu3/qsNCXufoIso3UVe56KRfqws="; 10 //驗(yàn)簽公鑰 11 public static final String PublicKeyZ ="MIIEWzCCA0OgAwIBAgIFQAJQhUAwDQYJKoZIhvcNAQELBQAwXTELMAkGA1UEBhMCQ04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEcMBoGA1UEAwwTQ0ZDQSBBQ1MgVEVTVCBPQ0EzMTAeFw0xNzA5MjcwODQwMzRaFw0yMDA5MjcwODQwMzRaMIGBMQswCQYDVQQGEwJDTjEXMBUGA1UECgwOQ0ZDQSBSU0EgT0NBMzExETAPBgNVBAsMCExvY2FsIFJBMRkwFwYDVQQLDBBPcmdhbml6YXRpb25hbC0xMSswKQYDVQQDDCIwNTFAVGVzdDE1MDY1MDE2MzQ2MDJAWkgxMjM0NTY3OEAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7TuMjQ9hBnnOiJxVEQWbROk1eUQfxl5pK0gA0qK/8zxELGE908Q/3d7J8DkrQH8im1BCHTR3zimBi3JxFF+5qJEKF5+/9Fbael1dvlbi/7PPg8e/Yj0Nb6Qqp/EzflZS/W5i+YHXdI3p5hCSUZlh1eA08qc18i0kYzM2bDo3CTHl0Azxg8ROSfCSLM/ZofX4IEIw56T843Bel96hQcKv8Py8Gf4PLNgnS0Hqpd0ydIVBYawrfyIuWxWmEPym1Gwl8pUB6UPOrUYnKUpjC1ajWbh9DJwwHYVlat6jG2KrG/CJK5Tyl4dVa2USPpXNBLy8k/Jb2+gyEhW8e3ayYOGPtwIDAQABo4H8MIH5MD8GCCsGAQUFBwEBBDMwMTAvBggrBgEFBQcwAYYjaHR0cDovL29jc3B0ZXN0LmNmY2EuY29tLmNuOjgwL29jc3AwHwYDVR0jBBgwFoAUmj20rmVY+85aBXgmoG0rBIa6xuwwDAYDVR0TAQH/BAIwADA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vMjEwLjc0LjQyLjMvT0NBMzEvUlNBL2NybDQ4NDYuY3JsMA4GA1UdDwEB/wQEAwIGwDAdBgNVHQ4EFgQU5afVQ1AjMzdZ5o/OVDBU5zw+ZgswHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBCwUAA4IBAQAszGTg4RRzqrJrf598sou0WKLjFUoK2hcnHaUJv9A3Zkbu5XCy5SrBrYOibw0Uw5zwM6cKz0s7YkKusrwDUKg+QRodQvFvMqVI0BsJguc3cqOCy0dvibWseKFlEc+C1ffx1yVK/2ElrLW6TUPixKSzyEo6h852z2w575+/S1S9XZbdtS7OXozA4zfxy5D32QToNCqPFundhB7HYPMbQaZr+sjsZ7sBqKaPq6TRVUcdVQ1OXatK2O4mRwQDHQFqkBLnrijiht6+p2YUpKACbJREqylN+ToJMYcdIlRpQ3DlWZPSuzbWgtw5tqH4bLFaOG07wl7Q1fOOFaVScPzqFRRB"; 12 13 //銘感信息加密 14 public static final String MGJMKEY = "MIIESDCCAzCgAwIBAgIFQAAGiCkwDQYJKoZIhvcNAQELBQAwXTELMAkGA1UEBhMCQ04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEcMBoGA1UEAwwTQ0ZDQSBBQ1MgVEVTVCBPQ0EzMTAeFw0xNzAyMDkwMjI5NDdaFw0yMjAyMDkwMjI5NDdaMGkxCzAJBgNVBAYTAkNOMREwDwYDVQQKDAhPQ0EzMVJTQTENMAsGA1UECwwERVBDQzEZMBcGA1UECwwQT3JnYW5pemF0aW9uYWwtMTEdMBsGA1UEAwwURVBDQ0B3YW5nbGlhbkBaMTIzQDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZEowS2/FFgW/MNp1k+NUROPfQ1HHwN7N3dM6Q70T6hSOVYEpTVWTjrWYkcuZIItf4K1MGgzDuvJRJBefP1T4MpW1sfBzxJ+IJP5GGEFLNMXOR5+9f315eebULdfFfVH7qmrFuEsmpnu+t93AeZx2f4xQEtYEAU9j3+dUzx0qVNaVDa0oeUMlt209THbamgltQNhMRZpEQnKdLrPcS9lJ9vWwU9Ro3VSxsbCXSWnTs3tG2JUdsov22I6MV+vTassz5Da/uhhFCh7T6vGkplHnEcrtDb1hDvn0uyCHr+kONV1BEkYha0/TDU7Py8mC2I8tuZVERMxSlRr5mj2QAJDWNAgMBAAGjggEBMIH+MEYGCCsGAQUFBwEBBDowODA2BggrBgEFBQcwAYYqaHR0cDovLzIxMC43NC40Mi4xMTo4MDg1L29jc3Bfc2VydmVyL29jc3AvMB8GA1UdIwQYMBaAFJo9tK5lWPvOWgV4JqBtKwSGusbsMAwGA1UdEwEB/wQCMAAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovLzIxMC43NC40Mi4zL09DQTMxL1JTQS9jcmw4OS5jcmwwDgYDVR0PAQH/BAQDAgbAMB0GA1UdDgQWBBSAsKx7L3tslIlUn7nm21OT5uzXfDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggEBAIpP7adHCgrPoTGYLpZ4ENZO7t24G29ksaBd/BjmjEAAU1vqJkWPrrkgbr/llfpYJpMY/lYWUJFctNKp3TwU3ZMIKQ9fQAdi2mAPqWU8GBw/8C5FetBIBxB3g13C76KASgYCMTMTgPbdrRmFSyE0mOubcMwPC1g/S07TKsmGKMs5QaTZ36VAJU21fXXa/sqGeUSKzdmChoNkug8At+shnEU10ogSXfSv55lPGMISYeg7h3Hk2lwbOX0t6ugXgn6RjMDHqB5ZVDF0Kvrzmt++xFhTI5uyNk3t1Wr2Uz3MsDI4SNLcMu7EaTf8rrNPlu3/qsNCXufoIso3UVe56KRfqws="; 15 }

輸出結(jié)果：

加簽結(jié)果：fbolWDixTffN2oeMSpAUkbDvQ3ZXNeEUPgGOgQ3boCTIft34kIA8LtSwRMD+uAbKSk6vZffDb2Zro7IDGhS8lv35Bz23zs9j04GMB4d55EnjqjyRQAQer8fTujKMPHa2JUPjlUau6wjJaK50A8+TysC7Qq4uz69T0iXtTJPvFxwjCeXL0fShIuD4UQwJkQk7Mqqvzdy71dPs94EobMVEX84lSkfTwZKCwAR58NbYdgWWGKcwbU/N+riU6NyiCVr1rj+j9LqUrgW0HHDfp8hNcRm1lluGgk7BrjD7ZBpdYwuhbA1v2IGEsdhYVyMHdFpg6Ta3uoHoCJRJhtMp1Hw0qw== 驗(yàn)簽結(jié)果： true

說(shuō)明：

　　一般rsa加密解密，加簽驗(yàn)簽都會(huì)與BASE64編碼或url編碼結(jié)合使用。

參考：

　　1、https://baike.baidu.com/item/RSA%E7%AE%97%E6%B3%95/263310?fr=aladdin

?

轉(zhuǎn)載于:https://www.cnblogs.com/xq1314/p/7895471.html

總結(jié)

以上是生活随笔為你收集整理的RSA非对称加密简析-java的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。