非對稱加密
阿新 • • 發佈:2017-06-04
數據加密 bytes codebase 私鑰 .get comm x509 公鑰 except
非對稱加密為數據的加密與解密提供了一個非常安全的方法,它使用了一對密鑰,公鑰(public key)和私鑰(private key)。私鑰只能由一方安全保管,不能外泄,而公鑰則可以發給任何請求它的人。非對稱加密使用這對密鑰中的一個進行加密,而解密則需要另一個密鑰。比如,你向銀行請求公鑰,銀行將公鑰發給你,你使用公鑰對消息加密,那麽只有私鑰的持有人--銀行才能對你的消息解密。與對稱加密不同的是,銀行不需要將私鑰通過網絡發送出去,因此安全性大大提高。
目前最常用的非對稱加密算法是RSA算法,是Rivest, Shamir, 和Adleman於1978年發明,他們那時都是在MIT。
以下是RSA運行實例:
package Utils; import java.io.UnsupportedEncodingException; import java.security.InvalidKeyException; import java.security.Key; import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; import java.security.PublicKey; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import javax.crypto.Cipher; import javax.crypto.NoSuchPaddingException; import org.apache.commons.codec.binary.Base64; public class RSAUtils { /** * 生成非對稱密鑰對 * @return * @throws Exception */ public static KeyPair genKeyPair() throws Exception{ KeyPairGenerator keyp = KeyPairGenerator.getInstance("RSA"); keyp.initialize(1024); return keyp.generateKeyPair(); } public static String getPublicKey() throws Exception{ Key key = genKeyPair().getPublic(); byte[] bytekey = key.getEncoded(); byte[] byte64 = Base64.encodeBase64(bytekey);//將字符編碼為base64編碼 String keystr = new String(byte64,"UTF-8"); return keystr; } public static String getPrivateKey() throws Exception{ Key key = genKeyPair().getPrivate(); byte[] bytekey = key.getEncoded(); byte[] byte64 = Base64.encodeBase64(bytekey);//將字符編碼為base64編碼 String keystr = new String(byte64,"UTF-8"); return keystr; } /** * 加密 * @param src * @param key * @return * @throws Exception */ public static byte[] encrypt(byte[] src,String key) throws Exception{ // byte[] bytekey = key.getBytes("UTF-8"); // byte[] byte64 = Base64.decodeBase64(bytekey); byte[] byte64 = Base64.decodeBase64(key); X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(byte64); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); Key publicKey = keyFactory.generatePublic(x509KeySpec); // 對數據加密 Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); cipher.init(Cipher.ENCRYPT_MODE, publicKey); return cipher.doFinal(src); } /** * 解密 * @param src * @param key * @return * @throws Exception */ public static byte[] decrypt(byte[] src,String key) throws Exception{ // byte[] bytekey = key.getBytes("UTF-8"); // byte[] byte64 = Base64.decodeBase64(bytekey); byte[] byte64 = Base64.decodeBase64(key); // 取得私鑰 PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(byte64); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); Key privateKey = keyFactory.generatePrivate(pkcs8KeySpec); // 對數據解密 Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); cipher.init(Cipher.DECRYPT_MODE, privateKey); return cipher.doFinal(src); } public static void main(String[] arg) throws Exception{ String name = "2"; byte[] bytes= name.getBytes("UTF-8"); String pubKey = getPublicKey(); String priKey = getPrivateKey(); byte[] bytes1 = encrypt(bytes,pubKey); byte[] byte64 = Base64.encodeBase64(bytes1); String name1 = new String(byte64,"UTF-8"); System.out.println(name1); System.out.println("==========="); byte[] bytes2 = name1.getBytes("UTF-8"); byte[] bytes3 = decrypt(bytes2,priKey); byte[] byte641 = Base64.encodeBase64(bytes1); String name2 = new String(byte641,"UTF-8"); System.out.println(name2); } }
非對稱加密