package com.smt.cipher.unsymmetry;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.IOUtils;
import javax.crypto.Cipher;
import java.io.ByteArrayOutputStream;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
public class RSAUtils {
public static final String CHARSET = "UTF-8";
public static final String RSA_ALGORITHM = "RSA";
public static Map<String, String> createKeys(int keySize){
//爲RSA算法建立一個KeyPairGenerator對象
KeyPairGenerator kpg;
try{
kpg = KeyPairGenerator.getInstance(RSA_ALGORITHM);
}catch(NoSuchAlgorithmException e){
throw new IllegalArgumentException("No such algorithm-->[" + RSA_ALGORITHM + "]");
}
//初始化KeyPairGenerator對象,密鑰長度
kpg.initialize(keySize);
//生成密匙對
KeyPair keyPair = kpg.generateKeyPair();
//獲得公鑰
Key publicKey = keyPair.getPublic();
String publicKeyStr = Base64.encodeBase64URLSafeString(publicKey.getEncoded());
//獲得私鑰
Key privateKey = keyPair.getPrivate();
String privateKeyStr = Base64.encodeBase64URLSafeString(privateKey.getEncoded());
Map<String, String> keyPairMap = new HashMap<String, String>();
keyPairMap.put("publicKey", publicKeyStr);
keyPairMap.put("privateKey", privateKeyStr);
return keyPairMap;
}
/**
* 獲得公鑰
* @param publicKey 密鑰字符串(通過base64編碼)
* @throws Exception
*/
public static RSAPublicKey getPublicKey(String publicKey) throws NoSuchAlgorithmException, InvalidKeySpecException {
//經過X509編碼的Key指令得到公鑰對象
KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM);
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(Base64.decodeBase64(publicKey));
RSAPublicKey key = (RSAPublicKey) keyFactory.generatePublic(x509KeySpec);
return key;
}
/**
* 獲得私鑰
* @param privateKey 密鑰字符串(通過base64編碼)
* @throws Exception
*/
public static RSAPrivateKey getPrivateKey(String privateKey) throws NoSuchAlgorithmException, InvalidKeySpecException {
//經過PKCS#8編碼的Key指令得到私鑰對象
KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM);
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKey));
RSAPrivateKey key = (RSAPrivateKey) keyFactory.generatePrivate(pkcs8KeySpec);
return key;
}
/**
* 公鑰加密
* @param data
* @param publicKey
* @return
*/
public static String publicEncrypt(String data, RSAPublicKey publicKey){
try{
Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, data.getBytes(CHARSET), publicKey.getModulus().bitLength()));
}catch(Exception e){
throw new RuntimeException("加密字符串[" + data + "]時遇到異常", e);
}
}
/**
* 私鑰解密
* @param data
* @param privateKey
* @return
*/
public static String privateDecrypt(String data, RSAPrivateKey privateKey){
try{
Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, privateKey);
return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(data), privateKey.getModulus().bitLength()), CHARSET);
}catch(Exception e){
throw new RuntimeException("解密字符串[" + data + "]時遇到異常", e);
}
}
/**
* 私鑰加密
* @param data
* @param privateKey
* @return
*/
public static String privateEncrypt(String data, RSAPrivateKey privateKey){
try{
Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, data.getBytes(CHARSET), privateKey.getModulus().bitLength()));
}catch(Exception e){
throw new RuntimeException("加密字符串[" + data + "]時遇到異常", e);
}
}
/**
* 公鑰解密
* @param data
* @param publicKey
* @return
*/
public static String publicDecrypt(String data, RSAPublicKey publicKey){
try{
Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, publicKey);
return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(data), publicKey.getModulus().bitLength()), CHARSET);
}catch(Exception e){
throw new RuntimeException("解密字符串[" + data + "]時遇到異常", e);
}
}
private static byte[] rsaSplitCodec(Cipher cipher, int opmode, byte[] datas, int keySize){
int maxBlock = 0;
if(opmode == Cipher.DECRYPT_MODE){
maxBlock = keySize / 8;
}else{
maxBlock = keySize / 8 - 11;
}
ByteArrayOutputStream out = new ByteArrayOutputStream();
int offSet = 0;
byte[] buff;
int i = 0;
try{
while(datas.length > offSet){
if(datas.length-offSet > maxBlock){
buff = cipher.doFinal(datas, offSet, maxBlock);
}else{
buff = cipher.doFinal(datas, offSet, datas.length-offSet);
}
out.write(buff, 0, buff.length);
i++;
offSet = i * maxBlock;
}
}catch(Exception e){
throw new RuntimeException("加解密閥值爲["+maxBlock+"]的數據時發生異常", e);
}
byte[] resultDatas = out.toByteArray();
IOUtils.closeQuietly(out);
return resultDatas;
}
}
爲了方便使用 common-io 和 commons-codecjava
<dependencies>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.4</version>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.10</version>
</dependency>git
</dependencies>github
測試生成:算法
package com.smt.cipher;
import java.security.NoSuchAlgorithmException;
import java.util.Map;
import com.smt.cipher.unsymmetry.RSAUtils;
public class MainRSA {
public static void main(String[] args) throws NoSuchAlgorithmException {
Map<String,String> map = RSAUtils.createKeys(1024);
String publicKey = map.get("publicKey");
String privateKey = map.get("privateKey");
System.out.println( publicKey );
System.out.println( privateKey );
}
}
結果:
apache
生成的私鑰 和 公鑰 存下來 測試後面的 加解密:測試
package com.smt.cipher;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import com.smt.cipher.unsymmetry.RSAUtils;
public class MainRSA2_use {
static String publicKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnjjUJx1gMwqcwwRrMd4PjDOcuUE88QHlmr5zAEjSy8-4KY87A1XqpWNCMbfLOenPEFmfoc0HZdLxxlwHMpG1CAZPraUmKfDB4L3rI_qp67-R0n3KnnzPb2Hn0jFKlVbVJA7AHCgX2mXgz866VmSzHXX67gQkU29wmqOGCkajg8QIDAQAB";
static String privateKey = "MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAKeONQnHWAzCpzDBGsx3g-MM5y5QTzxAeWavnMASNLLz7gpjzsDVeqlY0Ixt8s56c8QWZ-hzQdl0vHGXAcykbUIBk-tpSYp8MHgvesj-qnrv5HSfcqefM9vYefSMUqVVtUkDsAcKBfaZeDPzrpWZLMddfruBCRTb3Cao4YKRqODxAgMBAAECgYBo46rsHjBOfKQw7xGZoc-cGP23jmqrqyjUUWbtDfiTdgQz2Nsa-Ai7bm_PGR0AiMNjoysU5uH4AQ3ehcuIkf4aZUBeJrbI05-nv5U1WBfWCtcgXJlt75TJ_Nm0gZ1OIGyXlPw152EgED4e7PR6Ql1C88lVOUGblR1mU5dDkGNcyQJBAP2lp2EgZWdTrlmSB-GxuQlF4nJO6W7qpa7-pKUSMAvW8M8B1m3qnypUrtxyY4gHTS0paag7apOCzN-o2BV0sP8CQQCpHButedrsZk7p1Wecm9GfDWwgeU09QrMjTlnhBocy6d0LXF29WMiUrVcrp-1I-NDnr6Fgp38Vz9Noqr_6S34PAkAHONI9N7jrajyKnFfRG0hTdUPvUUPgPpodE28IrC3mCGau3jSGyKljgSnBaRhgZSTTZlx1x8tPC-hdbedJJRttAkAo6Bi13O0dFB5wp-OZWYPacpe-Pzl04SaOGszZBwg7Q6Dpt50hSVGzzT5x2_wlE7MM6EokJEA0mYItJmir9gj3AkBks-kzn-DT3tKeTpFjJsCOmo1RrSzhFZV48aZqw6TSuRyuspJ0mMfwKY95MtdoD2RxGnW77uecLOjwO1HGh3Ly";
public static void main(String[] args) throws NoSuchAlgorithmException, InvalidKeySpecException {
String ciphertext = RSAUtils.privateEncrypt("測試數RSA", RSAUtils.getPrivateKey(privateKey ) );
System.out.println( ciphertext );
System.out.println( RSAUtils.publicDecrypt(ciphertext, RSAUtils.getPublicKey(publicKey) ) );
}
}
私鑰加密公鑰解密的的測試結果:ui
同理 公鑰加密私鑰解密的 結果相似。編碼
備註:私鑰只有本身持有,公鑰交給須要公約的人,也就是說,私鑰只有一我的持有,公鑰是公開的可能有不少人都有。加密
而且私鑰加密的數據,只能對應的公鑰來揭開,公鑰加密的數據只能對應的私鑰來解密。spa
私鑰加密,公鑰解密的特色是 保證數據不被修改(由於只有私鑰能加密,因此公鑰正常解密獲得的數據必定是私鑰正常發出的,而且沒有別篡改的,固然前提是 私鑰沒有被泄露,泄露了還叫個毛的私鑰 )。
公鑰加密私鑰解密的特色是保證數據不被泄漏(由於公鑰加密的數據,只能被私鑰解密,因此 公鑰加密的數據即使被別人獲取了也不能解開,信息天然就不會被泄露 。
代碼git 下載地址:https://github.com/hualiuwuxin/tools.git