package com.smt.cipher.unsymmetry; import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.IOUtils; import javax.crypto.Cipher;
import java.io.ByteArrayOutputStream;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map; public class RSAUtils { public static final String CHARSET = "UTF-8";
public static final String RSA_ALGORITHM = "RSA"; public static Map<String, String> createKeys(int keySize){
//为RSA算法创建一个KeyPairGenerator对象
KeyPairGenerator kpg;
try{
kpg = KeyPairGenerator.getInstance(RSA_ALGORITHM);
}catch(NoSuchAlgorithmException e){
throw new IllegalArgumentException("No such algorithm-->[" + RSA_ALGORITHM + "]");
} //初始化KeyPairGenerator对象,密钥长度
kpg.initialize(keySize);
//生成密匙对
KeyPair keyPair = kpg.generateKeyPair();
//得到公钥
Key publicKey = keyPair.getPublic();
String publicKeyStr = Base64.encodeBase64URLSafeString(publicKey.getEncoded());
//得到私钥
Key privateKey = keyPair.getPrivate();
String privateKeyStr = Base64.encodeBase64URLSafeString(privateKey.getEncoded());
Map<String, String> keyPairMap = new HashMap<String, String>();
keyPairMap.put("publicKey", publicKeyStr);
keyPairMap.put("privateKey", privateKeyStr); return keyPairMap;
} /**
* 得到公钥
* @param publicKey 密钥字符串(经过base64编码)
* @throws Exception
*/
public static RSAPublicKey getPublicKey(String publicKey) throws NoSuchAlgorithmException, InvalidKeySpecException {
//通过X509编码的Key指令获得公钥对象
KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM);
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(Base64.decodeBase64(publicKey));
RSAPublicKey key = (RSAPublicKey) keyFactory.generatePublic(x509KeySpec);
return key;
} /**
* 得到私钥
* @param privateKey 密钥字符串(经过base64编码)
* @throws Exception
*/
public static RSAPrivateKey getPrivateKey(String privateKey) throws NoSuchAlgorithmException, InvalidKeySpecException {
//通过PKCS#8编码的Key指令获得私钥对象
KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM);
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKey));
RSAPrivateKey key = (RSAPrivateKey) keyFactory.generatePrivate(pkcs8KeySpec);
return key;
} /**
* 公钥加密
* @param data
* @param publicKey
* @return
*/
public static String publicEncrypt(String data, RSAPublicKey publicKey){
try{
Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, data.getBytes(CHARSET), publicKey.getModulus().bitLength()));
}catch(Exception e){
throw new RuntimeException("加密字符串[" + data + "]时遇到异常", e);
}
} /**
* 私钥解密
* @param data
* @param privateKey
* @return
*/ public static String privateDecrypt(String data, RSAPrivateKey privateKey){
try{
Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, privateKey);
return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(data), privateKey.getModulus().bitLength()), CHARSET);
}catch(Exception e){
throw new RuntimeException("解密字符串[" + data + "]时遇到异常", e);
}
} /**
* 私钥加密
* @param data
* @param privateKey
* @return
*/ public static String privateEncrypt(String data, RSAPrivateKey privateKey){
try{
Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, data.getBytes(CHARSET), privateKey.getModulus().bitLength()));
}catch(Exception e){
throw new RuntimeException("加密字符串[" + data + "]时遇到异常", e);
}
} /**
* 公钥解密
* @param data
* @param publicKey
* @return
*/ public static String publicDecrypt(String data, RSAPublicKey publicKey){
try{
Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, publicKey);
return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(data), publicKey.getModulus().bitLength()), CHARSET);
}catch(Exception e){
throw new RuntimeException("解密字符串[" + data + "]时遇到异常", e);
}
} private static byte[] rsaSplitCodec(Cipher cipher, int opmode, byte[] datas, int keySize){
int maxBlock = 0;
if(opmode == Cipher.DECRYPT_MODE){
maxBlock = keySize / 8;
}else{
maxBlock = keySize / 8 - 11;
}
ByteArrayOutputStream out = new ByteArrayOutputStream();
int offSet = 0;
byte[] buff;
int i = 0;
try{
while(datas.length > offSet){
if(datas.length-offSet > maxBlock){
buff = cipher.doFinal(datas, offSet, maxBlock);
}else{
buff = cipher.doFinal(datas, offSet, datas.length-offSet);
}
out.write(buff, 0, buff.length);
i++;
offSet = i * maxBlock;
}
}catch(Exception e){
throw new RuntimeException("加解密阀值为["+maxBlock+"]的数据时发生异常", e);
}
byte[] resultDatas = out.toByteArray();
IOUtils.closeQuietly(out);
return resultDatas;
} }
为了方便使用 common-io 和 commons-codec
<dependencies>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.4</version>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.10</version>
</dependency>
</dependencies>
测试生成:
package com.smt.cipher; import java.security.NoSuchAlgorithmException;
import java.util.Map; import com.smt.cipher.unsymmetry.RSAUtils; public class MainRSA { public static void main(String[] args) throws NoSuchAlgorithmException {
Map<String,String> map = RSAUtils.createKeys(1024); String publicKey = map.get("publicKey");
String privateKey = map.get("privateKey"); System.out.println( publicKey );
System.out.println( privateKey );
} }
结果:
生成的私钥 和 公钥 存下来 测试后面的 加解密:
package com.smt.cipher; import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException; import com.smt.cipher.unsymmetry.RSAUtils; public class MainRSA2_use { static String publicKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnjjUJx1gMwqcwwRrMd4PjDOcuUE88QHlmr5zAEjSy8-4KY87A1XqpWNCMbfLOenPEFmfoc0HZdLxxlwHMpG1CAZPraUmKfDB4L3rI_qp67-R0n3KnnzPb2Hn0jFKlVbVJA7AHCgX2mXgz866VmSzHXX67gQkU29wmqOGCkajg8QIDAQAB";
static String privateKey = "MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAKeONQnHWAzCpzDBGsx3g-MM5y5QTzxAeWavnMASNLLz7gpjzsDVeqlY0Ixt8s56c8QWZ-hzQdl0vHGXAcykbUIBk-tpSYp8MHgvesj-qnrv5HSfcqefM9vYefSMUqVVtUkDsAcKBfaZeDPzrpWZLMddfruBCRTb3Cao4YKRqODxAgMBAAECgYBo46rsHjBOfKQw7xGZoc-cGP23jmqrqyjUUWbtDfiTdgQz2Nsa-Ai7bm_PGR0AiMNjoysU5uH4AQ3ehcuIkf4aZUBeJrbI05-nv5U1WBfWCtcgXJlt75TJ_Nm0gZ1OIGyXlPw152EgED4e7PR6Ql1C88lVOUGblR1mU5dDkGNcyQJBAP2lp2EgZWdTrlmSB-GxuQlF4nJO6W7qpa7-pKUSMAvW8M8B1m3qnypUrtxyY4gHTS0paag7apOCzN-o2BV0sP8CQQCpHButedrsZk7p1Wecm9GfDWwgeU09QrMjTlnhBocy6d0LXF29WMiUrVcrp-1I-NDnr6Fgp38Vz9Noqr_6S34PAkAHONI9N7jrajyKnFfRG0hTdUPvUUPgPpodE28IrC3mCGau3jSGyKljgSnBaRhgZSTTZlx1x8tPC-hdbedJJRttAkAo6Bi13O0dFB5wp-OZWYPacpe-Pzl04SaOGszZBwg7Q6Dpt50hSVGzzT5x2_wlE7MM6EokJEA0mYItJmir9gj3AkBks-kzn-DT3tKeTpFjJsCOmo1RrSzhFZV48aZqw6TSuRyuspJ0mMfwKY95MtdoD2RxGnW77uecLOjwO1HGh3Ly"; public static void main(String[] args) throws NoSuchAlgorithmException, InvalidKeySpecException { String ciphertext = RSAUtils.privateEncrypt("测试数RSA", RSAUtils.getPrivateKey(privateKey ) );
System.out.println( ciphertext );
System.out.println( RSAUtils.publicDecrypt(ciphertext, RSAUtils.getPublicKey(publicKey) ) ); } }
私钥加密公钥解密的的测试结果:
同理 公钥加密私钥解密的 结果类似。
备注:私钥只有自己持有,公钥交给需要公约的人,也就是说,私钥只有一个人持有,公钥是公开的可能有很多人都有。
并且私钥加密的数据,只能对应的公钥来揭开,公钥加密的数据只能对应的私钥来解密。
私钥加密,公钥解密的特点是 保证数据不被修改(因为只有私钥能加密,所以公钥正常解密得到的数据一定是私钥正常发出的,并且没有别篡改的,当然前提是 私钥没有被泄露,泄露了还叫个毛的私钥 )。
公钥加密私钥解密的特点是保证数据不被泄漏(因为公钥加密的数据,只能被私钥解密,所以 公钥加密的数据即便被别人获取了也不能解开,信息自然就不会被泄露 。
代码git 下载地址:https://github.com/hualiuwuxin/tools.git
