RSA非对称加密简析-java
2024-05-11 09:03:53
1 非对称加密算法
1.1 概述
1976年,美国学者Dime和Henman为解决信息公开传送和密钥管理问题,提出一种新的密钥交换协议,允许在不安全的媒体上的通讯双方交换信息,安全地达成一致的密钥,这就是“公开密钥系统”。
与对称加密算法不同,非对称加密算法需要两个密钥:公开密钥(publickey)和私有密钥(privatekey)。公开密钥与私有密钥是一对,如果用公开密钥对数据进行加密,只有用对应的私有密钥才能解密;如果用私有密钥对数据进行加密,那么只有用对应的公开密钥才能解密。因为加密和解密使用的是两个不同的密钥,所以这种算法叫作非对称加密算法。
1.2 加密流程
如下图所示,甲乙之间使用非对称加密的方式完成了重要信息的安全传输。
非对称加密工作过程简要示意图
1、乙方生成一对密钥(公钥和私钥)并将公钥向其它方公开。
2、得到该公钥的甲方使用该密钥对机密信息进行加密后再发送给乙方。
3、乙方再用自己保存的另一把专用密钥(私钥)对加密后的信息进行解密。乙方只能用其专用密钥(私钥)解密由对应的公钥加密后的信息。
在传输过程中,即使攻击者截获了传输的密文,并得到了乙的公钥,也无法破解密文,因为只有乙的私钥才能解密密文。
同样,如果乙要回复加密信息给甲,那么需要甲先公布甲的公钥给乙用于加密,甲自己保存甲的私钥用于解密。
2 RSA加密算法
2.1 概述
RSA是目前最有影响力和最常用的公钥加密算法,它能够抵抗到目前为止已知的绝大多数密码攻击,已被ISO推荐为公钥数据加密标准。
RSA公开密钥密码体制。所谓的公开密钥密码体制就是使用不同的加密密钥与解密密钥,是一种“由已知加密密钥推导出解密密钥在计算上是不可行的”密码体制。
在公开密钥密码体制中,加密密钥(即公开密钥)PK是公开信息,而解密密钥(即秘密密钥)SK是需要保密的。加密算法E和解密算法D也都是公开的。虽然解密密钥SK是由公开密钥PK决定的,但却不能根据PK计算出SK。
正是基于这种理论,1978年出现了著名的RSA算法,它通常是先生成一对RSA 密钥,其中之一是保密密钥,由用户保存;另一个为公开密钥,可对外公开,甚至可在网络服务器中注册。为提高保密强度,RSA密钥至少为500位长,一般推荐使用1024位。这就使加密的计算量很大。为减少计算量,在传送信息时,常采用传统加密方法与公开密钥加密方法相结合的方式,即信息采用改进的DES或IDEA对话密钥加密,然后使用RSA密钥加密对话密钥和信息摘要。对方收到信息后,用不同的密钥解密并可核对信息摘要。
RSA算法是第一个能同时用于加密和数字签名的算法,也易于理解和操作。RSA是被研究得最广泛的公钥算法,从提出到现今的三十多年里,经历了各种攻击的考验,逐渐为人们接受,普遍认为是目前最优秀的公钥方案之一。
2.2 算法实现过程
1. 随意选择两个大的质数p和q,p不等于q,计算N=pq。
2. 根据欧拉函数,不大于N且与N互质的整数個数為(p-1)(q-1)。
3. 选择一个整数e与(p-1)(q-1)互质,并且e小于(p-1)(q-1)。
4. 用以下这个公式计算d:d× e ≡ 1 (mod (p-1)(q-1))。
5. 将p和q的记录销毁。
以上内容中,(N,e)是公钥,(N,d)是私钥。
2.3 算法缺点
1)产生密钥很麻烦,受到素数产生技术的限制,因而难以做到一次一密。
2)安全性,RSA的安全性依赖于大数的因子分解,但并没有从理论上证明破译RSA的难度与大数分解难度等价,而且密码学界多数人士倾向于因子分解不是NP问题。
3)速度太慢,由于RSA 的分组长度太大,为保证安全性,n 至少也要 600 bits以上,使运算代价很高,尤其是速度较慢,较对称密码算法慢几个数量级;且随着大数分解技术的发展,这个长度还在增加,不利于数据格式的标准化。
2.4 java代码实现加解密
1 package xin.dreaming.rsa;
2
3 import java.io.ByteArrayOutputStream;
4 import java.io.UnsupportedEncodingException;
5 import java.security.Key;
6 import java.security.KeyFactory;
7 import java.security.KeyPair;
8 import java.security.KeyPairGenerator;
9 import java.security.NoSuchAlgorithmException;
10 import java.security.interfaces.RSAPrivateKey;
11 import java.security.interfaces.RSAPublicKey;
12 import java.security.spec.PKCS8EncodedKeySpec;
13 import java.security.spec.X509EncodedKeySpec;
14 import java.util.HashMap;
15 import java.util.Map;
16
17 import javax.crypto.Cipher;
18
19 import org.bouncycastle.util.encoders.Base64;
20
21 /**
22 * Rsa工具类
23 *
24 * @author DREAMING.XIN
25 *
26 */
27 public abstract class RsaUtils {
28 /**
29 * 生成公钥私钥对,使用默认模长1024。
30 *
31 * @return Object[] : 0:公钥( RSAPublicKey ),1:私钥( RSAPrivateKey )
32 */
33
34 private static final int DEFAULT_KEY_LEN = 2048;
35
36 public static Map<String, String> genKeyPair() {
37 return genKeyPair(DEFAULT_KEY_LEN);
38
39 }
40
41 /**
42 * 指定模长生成公私钥对
43 *
44 * @param modulus
45 * @return
46 */
47 public static Map<String, String> genKeyPair(int modulus) {
48 KeyPairGenerator keyPairGen;
49 try {
50 keyPairGen = KeyPairGenerator.getInstance("RSA");
51 keyPairGen.initialize(modulus);
52 KeyPair keyPair = keyPairGen.generateKeyPair();
53
54 Map<String, String> keyMaps = new HashMap<String, String>();
55 RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
56 keyMaps.put("publicKey", new String(Base64.encode(publicKey.getEncoded())));
57 RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
58 keyMaps.put("privateKey", new String(Base64.encode(privateKey.getEncoded())));
59
60 return keyMaps;
61 } catch (NoSuchAlgorithmException e) {
62 throw new RuntimeException(e);
63 }
64 }
65
66 /**
67 * 公钥加密
68 *
69 * @param publicKeyBytes
70 * @param data
71 * @param modulus
72 * 公钥模长,范围512-2048。
73 * @return
74 */
75 public static byte[] encryptByPublicKey(byte[] publicKeyBytes, byte[] data, int modulus) {
76 try {
77 // RSA最大加密明文大小
78 int maxEncryptBlock = modulus / 8 - 11;
79
80 X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(publicKeyBytes);
81 KeyFactory keyFactory = KeyFactory.getInstance("RSA");
82 Key publicK = keyFactory.generatePublic(x509KeySpec);
83 Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
84 cipher.init(Cipher.ENCRYPT_MODE, publicK);
85 int inputLen = data.length;
86 ByteArrayOutputStream out = new ByteArrayOutputStream();
87 int offSet = 0;
88 byte[] cache;
89 int i = 0;
90 while (inputLen - offSet > 0) {
91 if (inputLen - offSet > maxEncryptBlock) {
92 cache = cipher.doFinal(data, offSet, maxEncryptBlock);
93 } else {
94 cache = cipher.doFinal(data, offSet, inputLen - offSet);
95 }
96 out.write(cache, 0, cache.length);
97 i++;
98 offSet = i * maxEncryptBlock;
99 }
100 byte[] encryptedData = out.toByteArray();
101 out.close();
102 return encryptedData;
103 } catch (Exception e) {
104 throw new RuntimeException(e);
105 }
106
107 }
108
109 /**
110 * 公钥加密,密钥模长使用默认长度1024。
111 *
112 * @param publicKeyBytes
113 * 公钥RSAPublicKey getEncoded()
114 * @param data
115 * 要加密的字节数组
116 */
117 public static byte[] encryptByPublicKey(byte[] publicKeyBytes, byte[] data) {
118 return encryptByPublicKey(publicKeyBytes, data, DEFAULT_KEY_LEN);
119 }
120
121 /**
122 * 公钥解密
123 *
124 * @param publicKeyBytes
125 * 公钥RSAPublicKey getEncoded()
126 * @param encryptedData
127 * 被(私钥)加密过的字节数组
128 * @param modulus
129 * 模长,范围512-2048
130 * @return
131 */
132 public static byte[] decryptByPublicKey(byte[] publicKeyBytes, byte[] encryptedData, int modulus) {
133 // RSA最大解密密文大小
134 int maxDecryptBlock = modulus / 8;
135 try {
136 X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(publicKeyBytes);
137 KeyFactory keyFactory = KeyFactory.getInstance("RSA");
138 Key publicK = keyFactory.generatePublic(x509KeySpec);
139 Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
140 cipher.init(Cipher.DECRYPT_MODE, publicK);
141 int inputLen = encryptedData.length;
142 ByteArrayOutputStream out = new ByteArrayOutputStream();
143 int offSet = 0;
144 byte[] cache;
145 int i = 0;
146 // 对数据分段解密
147 while (inputLen - offSet > 0) {
148 if (inputLen - offSet > maxDecryptBlock) {
149 cache = cipher.doFinal(encryptedData, offSet, maxDecryptBlock);
150 } else {
151 cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet);
152 }
153 out.write(cache, 0, cache.length);
154 i++;
155 offSet = i * maxDecryptBlock;
156 }
157 byte[] decryptedData = out.toByteArray();
158 out.close();
159 return decryptedData;
160 } catch (Exception e) {
161 throw new RuntimeException(e);
162 }
163 }
164
165 /**
166 * 公钥解密,默认模长1024
167 *
168 * @param publicKeyBytes
169 * 公钥RSAPublicKey getEncoded()
170 * @param encryptedData
171 * 被(私钥)加密过的字节数组
172 */
173 public static byte[] decryptByPublicKey(byte[] publicKeyBytes, byte[] encryptedData) {
174 return decryptByPublicKey(publicKeyBytes, encryptedData, DEFAULT_KEY_LEN);
175 }
176
177 /**
178 * 私钥加密
179 *
180 * @param privateKeyBytes
181 * 私钥RSAPrivateKey getEncoded()
182 * @param data
183 * 要加密的字节数组
184 * @param modulus
185 * 模长,范围512-2048。
186 */
187 public static byte[] encryptByPrivateKey(byte[] privateKeyBytes, byte[] data, int modulus) {
188 try {
189 // RSA最大加密明文大小
190 int maxEncryptBlock = modulus / 8 - 11;
191
192 PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(privateKeyBytes);
193 KeyFactory keyFactory = KeyFactory.getInstance("RSA");
194 Key privateK = keyFactory.generatePrivate(pkcs8KeySpec);
195 Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
196 cipher.init(Cipher.ENCRYPT_MODE, privateK);
197 int inputLen = data.length;
198 ByteArrayOutputStream out = new ByteArrayOutputStream();
199 int offSet = 0;
200 byte[] cache;
201 int i = 0;
202 while (inputLen - offSet > 0) {
203 if (inputLen - offSet > maxEncryptBlock) {
204 cache = cipher.doFinal(data, offSet, maxEncryptBlock);
205 } else {
206 cache = cipher.doFinal(data, offSet, inputLen - offSet);
207 }
208 out.write(cache, 0, cache.length);
209 i++;
210 offSet = i * maxEncryptBlock;
211 }
212 byte[] encryptedData = out.toByteArray();
213 out.close();
214 return encryptedData;
215 } catch (Exception e) {
216 throw new RuntimeException(e);
217 }
218 }
219
220 /**
221 * 私钥加密,默认模长1024。
222 *
223 * @param privateKeyBytes
224 * 私钥RSAPrivateKey getEncoded()
225 * @param data
226 * 要加密的字节数组
227 */
228 public static byte[] encryptByPrivateKey(byte[] privateKeyBytes, byte[] data) {
229 return encryptByPrivateKey(privateKeyBytes, data, DEFAULT_KEY_LEN);
230 }
231
232 /**
233 * 私钥解密
234 *
235 * @param privateKeyBytes
236 * 私钥RSAPrivateKey getEncoded()
237 * @param encryptedData
238 * 被(公钥)加密过的字节数组
239 * @param modulus
240 * 模长,范围512-2048
241 */
242 public static byte[] decryptByPrivateKey(byte[] privateKeyBytes, byte[] encryptedData, int modulus) {
243 try {
244 // RSA最大解密密文大小
245 int maxDecryptBlock = modulus / 8;
246
247 PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(privateKeyBytes);
248 KeyFactory keyFactory = KeyFactory.getInstance("RSA");
249 Key privateK = keyFactory.generatePrivate(pkcs8KeySpec);
250 Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
251 cipher.init(Cipher.DECRYPT_MODE, privateK);
252 int inputLen = encryptedData.length;
253 ByteArrayOutputStream out = new ByteArrayOutputStream();
254 int offSet = 0;
255 byte[] cache;
256 int i = 0;
257 while (inputLen - offSet > 0) {
258 if (inputLen - offSet > maxDecryptBlock) {
259 cache = cipher.doFinal(encryptedData, offSet, maxDecryptBlock);
260 } else {
261 cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet);
262 }
263 out.write(cache, 0, cache.length);
264 i++;
265 offSet = i * maxDecryptBlock;
266 }
267 byte[] decryptedData = out.toByteArray();
268 out.close();
269 return decryptedData;
270 } catch (Exception e) {
271 throw new RuntimeException(e);
272 }
273 }
274
275 /**
276 * 私钥解密,默认模长1024。
277 *
278 * @param privateKeyBytes
279 * 私钥RSAPrivateKey getEncoded()
280 * @param encryptedData
281 * 被(公钥)加密过的字节数组
282 */
283 public static byte[] decryptByPrivateKey(byte[] privateKeyBytes, byte[] encryptedData) {
284 return decryptByPrivateKey(privateKeyBytes, encryptedData, DEFAULT_KEY_LEN);
285 }
286
287 public static void main(String[] args) throws UnsupportedEncodingException {
288 // 加密原串
289 String value = "DREAMING.XIN";
290 System.out.println("加密原串 : ");
291 System.out.println(value);
292 System.out.println("------------------------------------------------------------------------------------------");
293 // 生成公私钥对
294 Map<String, String> genKeyPair = genKeyPair();
295
296 System.out.println("自行生成公私钥对: ");
297 System.out.println(genKeyPair);
298 System.out.println("------------------------------------------------------------------------------------------");
299 byte[] encryptByPublicKey = encryptByPublicKey(Base64.decode(genKeyPair.get("publicKey").getBytes("utf-8")),
300 value.getBytes());
301
302 // 3、Base64编码
303 byte[] encode = Base64.encode(encryptByPublicKey);
304
305 System.out.println("最终加密结果: ");
306 String sign = new String(encode, "utf-8");
307 System.out.println(new String(encode, "utf-8"));
308 System.out.println("------------------------------------------------------------------------------------------");
309
310 // 1、签名密文->Base64解码->RSA解密
311 byte[] signCipherArr = decryptByPrivateKey(Base64.decode(genKeyPair.get("privateKey").getBytes("utf-8")),
312 Base64.decode(sign.getBytes("utf-8")));
313 System.out.println("解密结果: ");
314 System.out.println(new String (signCipherArr));
315 System.out.println("------------------------------------------------------------------------------------------");
316
317 }
318 }输出结果:
加密原串 :
DREAMING.XIN
------------------------------------------------------------------------------------------
自行生成公私钥对:
{publicKey=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmRw1oug/LBmpkRsubsKoeEBQvGeRfUTMX8fTEuLJqKuWfHkB6HJ/08xf/BYhbL+GrUFk5DR/lbJdnD9SEx0ZDZHecrjj262T67izwf7d+rB3o7z5w/3Pk3p3Ye6Ns7SdGM6D8O6InUK4mQFSBKQhw25BqPzUQKb4DY/S+I2OAx1/qVB56Na+if5H9ttP8nhVVnQZXheTPh5Say0+ySFEBb1i2sxJQuwFLbtA9RkKNFSSB2+4sBrn5fRmemu6OGToR/WQ8KFa96+u9X2t41HPxa7dTF+g9btkEMWwbiXkPatjD9JaNXKKrueIQoDt/FKonUZQ0AafSs8r/xsrb4pfwIDAQAB, privateKey=MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCSZHDWi6D8sGamRGy5uwqh4QFC8Z5F9RMxfx9MS4smoq5Z8eQHocn/TzF/8FiFsv4atQWTkNH+Vsl2cP1ITHRkNkd5yuOPbrZPruLPB/t36sHejvPnD/c+Tendh7o2ztJ0YzoPw7oidQriZAVIEpCHDbkGo/NRApvgNj9L4jY4DHX+pUHno1r6J/kf220/yeFVWdBleF5M+HlJrLT7JIUQFvWLazElC7AUtu0D1GQo0VJIHb7iwGufl9GZ6a7o4ZOhH9ZDwoVr3r671fa3jUc/Frt1MX6D1u2QQxbBuJeQ9q2MP0lo1coqu54hCgO38UqidRlDQBp9Kzyv/Gytvil/AgMBAAECggEAWWoJ1bExIkYoXHO8qPDKfLduytHDZ11aXMgVeMdHddC1h3CMY/D47P0U8dz+ZKNAO1XH0ysIaD3gDXzT5z3zdWYF4CkBNxFbP25FUEjC2qrDwUk1RjNlQ2PZbRrCrUlEGBynUQuue+9bN435/9x+9E54bcrkCd37EUZxAMtpbG+bZ8/sizBsIQYfiKlGV3FJ68OTnkCzvjltYmzWn4q1a6CDqN40G6IfBJD1g1ENkkKJvi4hu6U7LhkpI3oil4+zZuxdGNphICz6L5CQVn01MahnfJlNszQD1H0sq/G9ymHtzYyvq6Fu8URjksw4doaqYVRuGuZL58qP33BNSzilwQKBgQDHZDC5YgViTmqAC9/GGnm1Cwhi8SkbsG0j6jCRx4e6nYgux4TOg9V6MdzXrm/w6X5ZtTTDPoB4vn+l2pX8SGyO1c2JfaL3w+iMahSAee6CFDbBzmiF5b+PiiKmYKzrNTtjPNkcDsrwErIhiyplgkj/+gsiVAepliJRUVTVeApvHwKBgQC79EUDck2kwSMsw3kXb/ZUIG6BPH0j/A0xn7SqcsVc/Rt3WFzfUJV9qCsN9TwGm3lk8fIsdXYoLrm96MlNOU3uNUzwwYwqespkdJ5R6iniWA+LAVuGgHhDYk84VFDxcldMLlG16O7uuIoUSeXdVwCChx1OllKFxsEj1z6X4mPZoQKBgQCy883zI/FXGK/m+kE9aFehUCSXwH+3lTFvEWnD/MNpjqdB7NnaC2JWiFf/z1QycS1wT/zp2retJrQj47nHMi0USPluk67nFhIpq69423ZfksrOSHVw7xFtP3n3vz6S3zTMzTjCQNiMfQsYpfFIJ5VjAERr6+TwpIlqWEd+S3152wKBgH+t6FP3ChepvCNkhpYNUODFR0wzsy8Gwk+7lhdT8A7DQi1IsY5iR6sc2mKY/TXf2A9i7IiXIrUZSMRhpp33F6GCQ8opMPaKg4LKVeJ/mARSnfxn56zvCMN9vSMe4/2hFvyBWrCgk+9HHUW7DZPWzlndP2NrapPF+N5IEhVLjVkBAoGABqIvu4Vpgg3viiE6PRmlA0iAnAz2ZnaqPS7Xk8+Ua44rCxTE62Vhm5ZbfQQzxlqFL/32NnJ3+zG/ONnWqdkGkvE5N/7NZg5CNzTPVqn/PbUAQ1L01yzcAETqr1dMLhGqlMMLkdbLO8VzoagVRuE+jSOwl3a+5Yq/cu0TMKLhrAE=}
------------------------------------------------------------------------------------------
最终加密结果:
YmGXP+nSAY23ENUryid4zdE6KRAfFGhQWPJ4NAM1odZIEZCh5BbOtw437E85TdzABNE+NTDVogq+AI8WfAiD0yUpDukdRrZMb/IwG5k7xCgsVo0Tgt2SiH9bZFkvMaIIWH6d90muVtA/dyGHPSk/WmdgSl3QCcsZ3JAzMeadZwtL685eBhJD6hwXwKLfQj1OQBlLH3R9D5gBNGf36RHyi20LteTOKIR9lvMQPGbsnvspqi7t3xo5ajLpeuCr9azEovP0UFiiaxrkGLYMG2YM91r7JXUCn2gtVuDnXPFVVfOj84mN51229UJwQWBZe0BGPLSpROmOUZeWj2gjvuyqGg==
------------------------------------------------------------------------------------------
解密结果:
DREAMING.XIN
------------------------------------------------------------------------------------------2.5 java代码实现加签验签
1 package xin.dreaming.rsa;
2
3 import org.apache.commons.codec.binary.Base64;
4
5 import javax.crypto.Cipher;
6 import java.io.ByteArrayInputStream;
7 import java.security.KeyFactory;
8 import java.security.PrivateKey;
9 import java.security.PublicKey;
10 import java.security.Signature;
11 import java.security.cert.Certificate;
12 import java.security.cert.CertificateFactory;
13 import java.security.spec.PKCS8EncodedKeySpec;
14
15 /**
16 *
17 * @author DREAMING.XIN
18 *
19 */
20 public class RSAUtil {
21
22 private static final String CHARSET = "UTF-8";
23
24 private static final String algorithm = "SHA256withRSA";
25
26 /**
27 * 网联请求报文签名
28 *
29 * @param privateKey
30 * 机构私钥字符串
31 * @param content
32 * 签名原文
33 * @return 签名密文
34 * @throws Exception
35 */
36 public static String sign(String privateKey, String content) throws Exception {
37 Signature signature = Signature.getInstance(algorithm);
38 signature.initSign(convertPrivateKey(privateKey));
39 signature.update(content.getBytes(CHARSET));
40 return Base64.encodeBase64String(signature.sign());
41 }
42
43 /**
44 * 网联返回报文验签
45 *
46 * @param publicKey
47 * 网联公钥字符串
48 * @param content
49 * 验签原文报文
50 * @param signStr
51 * 网联返回签名字符串
52 * @return 验签结果
53 * @throws Exception
54 */
55 public static boolean vertify(String publicKey, String content, String signStr) throws Exception {
56 Signature signature = Signature.getInstance(algorithm);
57 signature.initVerify(convertPublicKey(publicKey));
58 signature.update(content.getBytes(CHARSET));
59 return signature.verify(Base64.decodeBase64(signStr.getBytes(CHARSET)));
60 }
61
62 /**
63 * 对称密钥公钥加密
64 *
65 * @param publicKey
66 * 网联公钥字符串
67 * @param content
68 * 密钥原文
69 * @return 加密密文
70 * @throws Exception
71 */
72 public static String encryptByPublicKey(String publicKey, String content) throws Exception {
73 String result = null;
74 try {
75 Cipher cipher = cipher = Cipher.getInstance("RSA");
76 cipher.init(Cipher.ENCRYPT_MODE, convertPublicKey(publicKey));
77 byte[] encoded = cipher.doFinal(content.getBytes(CHARSET));
78 result = Base64.encodeBase64String(encoded);
79 } catch (Exception e) {
80
81 }
82 return result;
83 }
84
85 /**
86 * 对称密钥密文解密
87 *
88 * @param privateKey
89 * 机构私钥字符串
90 * @param content
91 * 网联对称密钥密文
92 * @return 对称密钥明文
93 * @throws Exception
94 */
95 public static String decryptByPrivateKey(String privateKey, String content) throws Exception {
96 String result = null;
97 try {
98 Cipher cipher = cipher = Cipher.getInstance("RSA");
99 cipher.init(Cipher.DECRYPT_MODE, convertPrivateKey(privateKey));
100 byte[] encoded = cipher.doFinal(Base64.decodeBase64(content.getBytes(CHARSET)));
101 result = new String(encoded, CHARSET);
102 } catch (Exception e) {
103 }
104 return result;
105 }
106
107 public static PrivateKey convertPrivateKey(String keyStr) throws Exception {
108 PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(keyStr.getBytes(CHARSET)));
109 KeyFactory keyFactory = KeyFactory.getInstance("RSA");
110 return keyFactory.generatePrivate(keySpec);
111 }
112
113 public static PublicKey convertPublicKey(String keyStr) throws Exception {
114 CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
115 Certificate certificate = certificateFactory
116 .generateCertificate(new ByteArrayInputStream(Base64.decodeBase64(keyStr.getBytes(CHARSET))));
117 return certificate.getPublicKey();
118 }
119
120 public static void main(String[] args) throws Exception {
121 // 获取私钥
122 String privatekey = CertConfig.PrivateKey;
123 String publicKey = CertConfig.PublicKeyZ;
124
125 String sign = sign(privatekey, "DREAMING.XIN");
126
127 System.out.println("加签结果:"+sign);
128
129 boolean vertify = vertify(publicKey,"DREAMING.XIN",sign);
130
131 System.out.println("验签结果: "+vertify);
132 }
133
134 }密钥java类:
1 package xin.dreaming.rsa;
2
3 public class CertConfig {
4
5 public static final String PrivateKey ="MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDtO4yND2EGec6InFURBZtE6TV5RB/GXmkrSADSor/zPEQsYT3TxD/d3snwOStAfyKbUEIdNHfOKYGLcnEUX7mokQoXn7/0Vtp6XV2+VuL/s8+Dx79iPQ1vpCqn8TN+VlL9bmL5gdd0jenmEJJRmWHV4DTypzXyLSRjMzZsOjcJMeXQDPGDxE5J8JIsz9mh9fggQjDnpPzjcF6X3qFBwq/w/LwZ/g8s2CdLQeql3TJ0hUFhrCt/Ii5bFaYQ/KbUbCXylQHpQ86tRicpSmMLVqNZuH0MnDAdhWVq3qMbYqsb8IkrlPKXh1VrZRI+lc0EvLyT8lvb6DISFbx7drJg4Y+3AgMBAAECggEAT1xwdHAEoUn2UbUasAsUGkV54gtsJcxHmncH728Kj7BFjiMpr8IjK3HwVDCLy5O8XADJXUPEIG+6KpAqTAqJ7V435hdG+9JiXDUHuzkNz0Sz0v3rhE2wRPzCWFRUSZtPQADBk35gOVmQOaqpiCqrlAThMZvGbDG1zom/Vw1Sg/xMY/Mloj/ycfGtNkVB05es5mcwWFJC+Mvj/qHJGc7PM5rw98+nFWZanzwvhrdQdSsA18FalCmeF3+n1bcOt+gCnZuq7/ZFpEuqK6dsj6mIZ5fnAB3P7S63foSQkqSYS8tFH+o8CU898wdJ1Ba26XnQ2ghX5X9zWP+oTYzuVPV1gQKBgQD5VzSr6fsj3CrjLuwQ7LqDemXC8n7AUDDQ5Z87yxpZZtPxu9CYdxxfBKfWjYskSTLm6DPyNQ8eqmpARBLGxRIKzXQF+5wLGqxr0FwSoBUM47uR68ChY4v4T84dxQ9RpNvbn8C+lPru+F2hrCWLwBnY1IGFxPWrro8qVUJCrvd+RwKBgQDzkY7ggsmf68kmVAj2JMwZ01o5vsCQbMZu+v79o5cvUxEmcQo2hb+0l/qizA/Vse/fOs9l7GDZN4nSwFzE141cVC7BmIqZpYxYSksGTlH7JcnuWdSZA4G1cK1rbJdR/M6zTPgTFkRjD1egFIK3P02fXu44toFkJb6CrNicssHrEQKBgC9Ma6Fw8UMMMNaHwCA1x+vI/CTO+1xf2eLGrD4beRQcfXgNuLQzZB5iM7RvhUWM3SsQQUpg5k1a5mzqfOVX3ORPtQKtiBxTIwIQtGaUF2oqiRpVLmVvDM491UuwZgeGzm4LD/UXLcLHOnvAvB6WglCvfyJxCmlW47GUGs2rgydhAoGBAJJ2t/T3kKjSz1118QGatQTenAXXV9JBJr37vrPk2HfDuq9kECEjIllFfpjAntEAs96Hbcm7b62PARizRdW0TLP1hzwxLz8fVpqM6jp7hD7CxX/HktkES85AWHgdj4zkuaMGKLLJlAwBYM7JJqVsso+gNR3zWTFQpRPNPmBT+doRAoGBANhtqTKRAcn4lBam2cOOMCLIrU+UEDDWfzgUUeBHFYTwwPLgRXCRyvgP9B+1r9IR3v18Rb0IJo2p0oDe7l/QM7iR53Vg2HVQ5vlgyvWrLODZQMss52vgvZJhetzFNxkT0UmGyug5Uy1Wf+BUH4lHgCnBOOUxgZoZdVJtgCyLr549";
6 //签名私钥
7 //public static final String PrivateKey ="MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6WywVY3QjRicJyIWB4Huw3aEkUH4oOZQVpAPo1KL2yxx11A2l6WmdbsngxqI/fJIe69RyGbmzZr9vRD4VOlinRCbRJ4WXH061COG6lFBUi/K6hVX4HBgwE8svbNNnFuwLQBeds5XXWSKMSLTf9XTz+uiJLJA+pYaVMmrNzsEgN8nZTPjZrCWyzaAo1Wz7NOH1gLxRDpPYvIzufDxLKby0l5huqszQSsiEzV8eff/axskBLuOkCGd4LznwPvnzMU40JVMt1Bsh5XWpqY+A+woyslhPzax62u5af2dZ7cs8loL9WbA7Ia3ZuhfPwKF3MpUEKW+wyVyfIQc/uhaOea5zAgMBAAECggEAc11bpgYCcI/OPP04wRUyHWSmjC+UWdyDMv5tOSbhl7xXaw4SQOKFcmOScCcna/v3DVNbGiOY1VnHKt9pO4T6Otoy2YoI5mwIMoREEVgdfqmAYz2F4emqg6DNSReqq4gCKljMBeGV4lGY1JVx+68dbqimabz/sviPny8t9SiIYCN5/FcQtsH93EZPQSsWe047Fc5UgVmXdV3x+Bc+cCdso/P0yoCx18VL6krxF3LhOcQs53765rA6yWYFLActV65x32rn9P6+FGLg9nFyERaKujyRujZtSlBzfYi/L+/38wdddt2N+/R0JdooLvHgmlWlRndQcs81Ah/SM81k2r/V2QKBgQDsL0MgE2MQ4OcO8rBC0K+DTioOTNkrAiwxAiPlKW0n9jp5tr4KLRPcRU5gg34nskPfgxOU6gDK7HGvochPuAwv+3LP2lNGdpLsUtx00co0rmwHSiu3fr3iEnHG3pKCJvHW+KfZpqsgLksiXKCWH7AsSEVLwFgiLE8ibg995IuDjwKBgQDJ/bOSITae8uaGqiNs5bti9PEWhgDRR8FPMiTmBH2yllEzwLr94oPMdHTIXOW0U4+8ZcuV3et1vf5tjUbSHfGp1fRmHKJPjEPlLy9VfU6UiDxFdRChQPTWB1//l+bWJjYMrbsthwoEBeP+vL4hNfBkwgvCza7fAmDK60zDe2ck3QKBgDeGOOKejCiYptlFxpg+lTRqOMrZ2CgbP6ZZ2XRzU70UTtT0WCLuS//5rx5Ta2ILr5cpKn5UsNED2wouH3hWTU8ubuRccD1dfNbf+AHinAXch3sDPdnKivtN2L+m7Yx5eVtPY65wV0SefX1bh0kjs/gFGX1gf5exEP2IIE45X28TAoGBALfuEj9FiTRR4QLNGLcHtouUmZg167amTWutMJZXjpI5eLXUkTGwuu1JOjJdDToYQTF/zFOqocc0e+MMG2onpDBPyF3XQyGGiyi9v69sDEsKhz+EKuF7gbcHPi5DBwsH/n2rEV+SsNca+hKzkboyILXPUOBRZSRjSPpeKydyTmjtAoGAeEp+MatIX+SohXJe4uYak3zuoOCze4XqS9rH4wecSHn2J7jfOoZg2UzvOpEeKpfVngC6qfet8F2liWQ4UMcFC+ydnWfmVOF0KjkdV5gU8rlcF+mTs0cEOTF+3xf+nDMFkjC8XrQ5ZOqdSvDGkVfvFyzUkZ9DmqHbR3LQlf6OTFk=";
8 //验签公钥
9 public static final String PublicKey ="MIIESDCCAzCgAwIBAgIFQAAGiCkwDQYJKoZIhvcNAQELBQAwXTELMAkGA1UEBhMCQ04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEcMBoGA1UEAwwTQ0ZDQSBBQ1MgVEVTVCBPQ0EzMTAeFw0xNzAyMDkwMjI5NDdaFw0yMjAyMDkwMjI5NDdaMGkxCzAJBgNVBAYTAkNOMREwDwYDVQQKDAhPQ0EzMVJTQTENMAsGA1UECwwERVBDQzEZMBcGA1UECwwQT3JnYW5pemF0aW9uYWwtMTEdMBsGA1UEAwwURVBDQ0B3YW5nbGlhbkBaMTIzQDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZEowS2/FFgW/MNp1k+NUROPfQ1HHwN7N3dM6Q70T6hSOVYEpTVWTjrWYkcuZIItf4K1MGgzDuvJRJBefP1T4MpW1sfBzxJ+IJP5GGEFLNMXOR5+9f315eebULdfFfVH7qmrFuEsmpnu+t93AeZx2f4xQEtYEAU9j3+dUzx0qVNaVDa0oeUMlt209THbamgltQNhMRZpEQnKdLrPcS9lJ9vWwU9Ro3VSxsbCXSWnTs3tG2JUdsov22I6MV+vTassz5Da/uhhFCh7T6vGkplHnEcrtDb1hDvn0uyCHr+kONV1BEkYha0/TDU7Py8mC2I8tuZVERMxSlRr5mj2QAJDWNAgMBAAGjggEBMIH+MEYGCCsGAQUFBwEBBDowODA2BggrBgEFBQcwAYYqaHR0cDovLzIxMC43NC40Mi4xMTo4MDg1L29jc3Bfc2VydmVyL29jc3AvMB8GA1UdIwQYMBaAFJo9tK5lWPvOWgV4JqBtKwSGusbsMAwGA1UdEwEB/wQCMAAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovLzIxMC43NC40Mi4zL09DQTMxL1JTQS9jcmw4OS5jcmwwDgYDVR0PAQH/BAQDAgbAMB0GA1UdDgQWBBSAsKx7L3tslIlUn7nm21OT5uzXfDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggEBAIpP7adHCgrPoTGYLpZ4ENZO7t24G29ksaBd/BjmjEAAU1vqJkWPrrkgbr/llfpYJpMY/lYWUJFctNKp3TwU3ZMIKQ9fQAdi2mAPqWU8GBw/8C5FetBIBxB3g13C76KASgYCMTMTgPbdrRmFSyE0mOubcMwPC1g/S07TKsmGKMs5QaTZ36VAJU21fXXa/sqGeUSKzdmChoNkug8At+shnEU10ogSXfSv55lPGMISYeg7h3Hk2lwbOX0t6ugXgn6RjMDHqB5ZVDF0Kvrzmt++xFhTI5uyNk3t1Wr2Uz3MsDI4SNLcMu7EaTf8rrNPlu3/qsNCXufoIso3UVe56KRfqws=";
10 //验签公钥
11 public static final String PublicKeyZ ="MIIEWzCCA0OgAwIBAgIFQAJQhUAwDQYJKoZIhvcNAQELBQAwXTELMAkGA1UEBhMCQ04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEcMBoGA1UEAwwTQ0ZDQSBBQ1MgVEVTVCBPQ0EzMTAeFw0xNzA5MjcwODQwMzRaFw0yMDA5MjcwODQwMzRaMIGBMQswCQYDVQQGEwJDTjEXMBUGA1UECgwOQ0ZDQSBSU0EgT0NBMzExETAPBgNVBAsMCExvY2FsIFJBMRkwFwYDVQQLDBBPcmdhbml6YXRpb25hbC0xMSswKQYDVQQDDCIwNTFAVGVzdDE1MDY1MDE2MzQ2MDJAWkgxMjM0NTY3OEAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7TuMjQ9hBnnOiJxVEQWbROk1eUQfxl5pK0gA0qK/8zxELGE908Q/3d7J8DkrQH8im1BCHTR3zimBi3JxFF+5qJEKF5+/9Fbael1dvlbi/7PPg8e/Yj0Nb6Qqp/EzflZS/W5i+YHXdI3p5hCSUZlh1eA08qc18i0kYzM2bDo3CTHl0Azxg8ROSfCSLM/ZofX4IEIw56T843Bel96hQcKv8Py8Gf4PLNgnS0Hqpd0ydIVBYawrfyIuWxWmEPym1Gwl8pUB6UPOrUYnKUpjC1ajWbh9DJwwHYVlat6jG2KrG/CJK5Tyl4dVa2USPpXNBLy8k/Jb2+gyEhW8e3ayYOGPtwIDAQABo4H8MIH5MD8GCCsGAQUFBwEBBDMwMTAvBggrBgEFBQcwAYYjaHR0cDovL29jc3B0ZXN0LmNmY2EuY29tLmNuOjgwL29jc3AwHwYDVR0jBBgwFoAUmj20rmVY+85aBXgmoG0rBIa6xuwwDAYDVR0TAQH/BAIwADA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vMjEwLjc0LjQyLjMvT0NBMzEvUlNBL2NybDQ4NDYuY3JsMA4GA1UdDwEB/wQEAwIGwDAdBgNVHQ4EFgQU5afVQ1AjMzdZ5o/OVDBU5zw+ZgswHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBCwUAA4IBAQAszGTg4RRzqrJrf598sou0WKLjFUoK2hcnHaUJv9A3Zkbu5XCy5SrBrYOibw0Uw5zwM6cKz0s7YkKusrwDUKg+QRodQvFvMqVI0BsJguc3cqOCy0dvibWseKFlEc+C1ffx1yVK/2ElrLW6TUPixKSzyEo6h852z2w575+/S1S9XZbdtS7OXozA4zfxy5D32QToNCqPFundhB7HYPMbQaZr+sjsZ7sBqKaPq6TRVUcdVQ1OXatK2O4mRwQDHQFqkBLnrijiht6+p2YUpKACbJREqylN+ToJMYcdIlRpQ3DlWZPSuzbWgtw5tqH4bLFaOG07wl7Q1fOOFaVScPzqFRRB";
12
13 //铭感信息加密
14 public static final String MGJMKEY = "MIIESDCCAzCgAwIBAgIFQAAGiCkwDQYJKoZIhvcNAQELBQAwXTELMAkGA1UEBhMCQ04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEcMBoGA1UEAwwTQ0ZDQSBBQ1MgVEVTVCBPQ0EzMTAeFw0xNzAyMDkwMjI5NDdaFw0yMjAyMDkwMjI5NDdaMGkxCzAJBgNVBAYTAkNOMREwDwYDVQQKDAhPQ0EzMVJTQTENMAsGA1UECwwERVBDQzEZMBcGA1UECwwQT3JnYW5pemF0aW9uYWwtMTEdMBsGA1UEAwwURVBDQ0B3YW5nbGlhbkBaMTIzQDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZEowS2/FFgW/MNp1k+NUROPfQ1HHwN7N3dM6Q70T6hSOVYEpTVWTjrWYkcuZIItf4K1MGgzDuvJRJBefP1T4MpW1sfBzxJ+IJP5GGEFLNMXOR5+9f315eebULdfFfVH7qmrFuEsmpnu+t93AeZx2f4xQEtYEAU9j3+dUzx0qVNaVDa0oeUMlt209THbamgltQNhMRZpEQnKdLrPcS9lJ9vWwU9Ro3VSxsbCXSWnTs3tG2JUdsov22I6MV+vTassz5Da/uhhFCh7T6vGkplHnEcrtDb1hDvn0uyCHr+kONV1BEkYha0/TDU7Py8mC2I8tuZVERMxSlRr5mj2QAJDWNAgMBAAGjggEBMIH+MEYGCCsGAQUFBwEBBDowODA2BggrBgEFBQcwAYYqaHR0cDovLzIxMC43NC40Mi4xMTo4MDg1L29jc3Bfc2VydmVyL29jc3AvMB8GA1UdIwQYMBaAFJo9tK5lWPvOWgV4JqBtKwSGusbsMAwGA1UdEwEB/wQCMAAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovLzIxMC43NC40Mi4zL09DQTMxL1JTQS9jcmw4OS5jcmwwDgYDVR0PAQH/BAQDAgbAMB0GA1UdDgQWBBSAsKx7L3tslIlUn7nm21OT5uzXfDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggEBAIpP7adHCgrPoTGYLpZ4ENZO7t24G29ksaBd/BjmjEAAU1vqJkWPrrkgbr/llfpYJpMY/lYWUJFctNKp3TwU3ZMIKQ9fQAdi2mAPqWU8GBw/8C5FetBIBxB3g13C76KASgYCMTMTgPbdrRmFSyE0mOubcMwPC1g/S07TKsmGKMs5QaTZ36VAJU21fXXa/sqGeUSKzdmChoNkug8At+shnEU10ogSXfSv55lPGMISYeg7h3Hk2lwbOX0t6ugXgn6RjMDHqB5ZVDF0Kvrzmt++xFhTI5uyNk3t1Wr2Uz3MsDI4SNLcMu7EaTf8rrNPlu3/qsNCXufoIso3UVe56KRfqws=";
15 }输出结果:
加签结果:fbolWDixTffN2oeMSpAUkbDvQ3ZXNeEUPgGOgQ3boCTIft34kIA8LtSwRMD+uAbKSk6vZffDb2Zro7IDGhS8lv35Bz23zs9j04GMB4d55EnjqjyRQAQer8fTujKMPHa2JUPjlUau6wjJaK50A8+TysC7Qq4uz69T0iXtTJPvFxwjCeXL0fShIuD4UQwJkQk7Mqqvzdy71dPs94EobMVEX84lSkfTwZKCwAR58NbYdgWWGKcwbU/N+riU6NyiCVr1rj+j9LqUrgW0HHDfp8hNcRm1lluGgk7BrjD7ZBpdYwuhbA1v2IGEsdhYVyMHdFpg6Ta3uoHoCJRJhtMp1Hw0qw== 验签结果: true
说明:
一般rsa加密解密,加签验签都会与BASE64编码或url编码结合使用。
参考:
1、https://baike.baidu.com/item/RSA%E7%AE%97%E6%B3%95/263310?fr=aladdin
转载于:https://www.cnblogs.com/xq1314/p/7895471.html
RSA非对称加密简析-java相关推荐
- java rsa 117_java实现RSA非对称加密解密
之前写过一篇java实现AES对称加密解密 在对密码加密传输的场景下 RSA非对称加密解密可能会更加适合. 原理就是后台生成一对公钥和私钥,公钥给前端用来加密,后台用私钥去解密,保证了传输过程中就算被 ...
- java RSA非对称加密详解
简介 RSA公钥加密算法是1977年由罗纳德·李维斯特(Ron Rivest).阿迪·萨莫尔(Adi Shamir)和伦纳德·阿德曼(Leonard Adleman)一起提出的.1987年首次公布,当 ...
- java集成RSA非对称加密数据传输
使用场景: 前端请求后端接口时如:登录接口,这时候需要传账号密码到后端接口请求这样就会暴露请求的数据.RSA非对称加密分公钥和私钥,公钥将数据进行加密,私钥对加密的数据进行解密 (当然前端最好是封装一 ...
- JSON 接口如何实现 RSA 非对称加密与签名
代码地址如下: http://www.demodashi.com/demo/14000.html 一.概述 1. 数字签名的作用:保证数据完整性,机密性和发送方角色的不可抵赖性,加密与签字结合时,两套 ...
- 前后端数据加密传输 RSA非对称加密
任务需求:要求登陆时将密码加密之后再进行传输到后端. 经过半天查询摸索折腾,于是有了如下成果: 加密方式:RSA非对称加密. 实现方式:公钥加密,私钥解密. 研究进度:javascript与java端 ...
- Springboot+RSA非对称加密
这是百度百科对(对称加密丶非对称加密)的解释: (1)对称加密算法在加密和解密时使用的是同一个秘钥. (2)非对称加密算法需要两个密钥来进行加密和解密,这两个秘钥是公开密钥(public key,简称 ...
- 微信小程序RSA非对称加密。
因公司做的产品为金融项目,所以对数据安全性有很高要求,因为项目中的数据都会通过3DES 对称加密,和RSA非对称加密进行数据传输. 在这里先简单介绍一下什么是对称加密和非对称加密 对称加密:对称加密采 ...
- 数据加密 RSA非对称加密篇
先把代码贴上来,理论后续补充,暂时可先参考数据加密 总篇 package com.jlpay.partner.utils;import android.util.Base64;import java. ...
- RSA非对称加密和解密(同时生成密钥)
RSA非对称加密和解密(同时生成密钥) 准备jar包 bcprov-jdk16-1.46.jar commons-codec-1.15.jar 获取jar地址:https://mvnrepositor ...
最新文章
- HTML之垂直居中问题
- 深入理解JVM(5)——虚拟机类加载机制
- JavaIO4--ObjectInputStream和ObjectOutputStream
- 错误代码1500什么意思_啊早安打工人是什么梗???
- 网站能拿到其他网站的cookie_在网站推广中企业网站能发挥哪些作用?(一)
- 推荐系统--矩阵分解(5)
- java开发微信提现_java 微信提现至零钱
- 笨方法教你学python_笨方法学Python(1)
- jquery easyui-----------tree
- abaqus2018安装教程win10_win10系统安装Abaqus2016全攻略
- 1994年联想大调整,杨元庆上位,能赚钱的“书呆子”倪光南却走了
- 【ARC112F】Die Siedler(根号分治)(bfs)
- matlab冒号,括号的用法
- 维吉尼亚密码原理详解及算法实现
- 为什么Windows的文件名不能超过255个英文字符,求解答
- 按分数段统计学生人数python_用Excel统计各分数段学生数
- lw计算机组成,计算机组成习题答案(清华大学出版社)
- 国外问卷调查一个月能有多大的收益呢?20w+吗?
- uvm基础(2)TLM通信,看这一篇就够了
- 程序员是吃青春饭的?