在上一篇《
Java&keytool生成RSA密钥》中,我们用keytool先生成密钥库和公钥证书,然后通过代码方式获得文件和BASE64串形式的公私密钥对,而其实根本无这么复杂,可直接通过JAVA代码获得公私密钥对。代码如下:
- package com.bijian.test;
- import java.io.FileOutputStream;
- import java.io.ObjectOutputStream;
- import java.security.Key;
- import java.security.KeyPair;
- import java.security.KeyPairGenerator;
- import java.security.NoSuchAlgorithmException;
- import java.security.SecureRandom;
- import sun.misc.BASE64Encoder;
- public class KeyPairGenUtil {
- /** 指定加密算法为RSA */
- private static final String ALGORITHM = "RSA";
- /** 密钥长度,用来初始化 */
- private static final int KEYSIZE = 1024;
- /** 指定公钥存放文件 */
- private static String PUBLIC_KEY_FILE = "PublicKey";
- /** 指定私钥存放文件 */
- private static String PRIVATE_KEY_FILE = "PrivateKey";
- public static void main(String[] args) throws Exception {
- generateKeyPair();
- genKeyPair();
- }
- /**
- * 生成密钥对
- * @throws Exception
- */
- private static void generateKeyPair() throws Exception {
- // /** RSA算法要求有一个可信任的随机数源 */
- // SecureRandom secureRandom = new SecureRandom();
- /** 为RSA算法创建一个KeyPairGenerator对象 */
- KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ALGORITHM);
- /** 利用上面的随机数据源初始化这个KeyPairGenerator对象 */
- // keyPairGenerator.initialize(KEYSIZE, secureRandom);
- keyPairGenerator.initialize(KEYSIZE);
- /** 生成密匙对 */
- KeyPair keyPair = keyPairGenerator.generateKeyPair();
- /** 得到公钥 */
- Key publicKey = keyPair.getPublic();
- /** 得到私钥 */
- Key privateKey = keyPair.getPrivate();
- ObjectOutputStream oos1 = null;
- ObjectOutputStream oos2 = null;
- try {
- /** 用对象流将生成的密钥写入文件 */
- oos1 = new ObjectOutputStream(new FileOutputStream(PUBLIC_KEY_FILE));
- oos2 = new ObjectOutputStream(new FileOutputStream(PRIVATE_KEY_FILE));
- oos1.writeObject(publicKey);
- oos2.writeObject(privateKey);
- } catch (Exception e) {
- throw e;
- } finally {
- /** 清空缓存,关闭文件输出流 */
- oos1.close();
- oos2.close();
- }
- }
- private static void genKeyPair() throws NoSuchAlgorithmException {
- /** RSA算法要求有一个可信任的随机数源 */
- SecureRandom secureRandom = new SecureRandom();
- /** 为RSA算法创建一个KeyPairGenerator对象 */
- KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ALGORITHM);
- /** 利用上面的随机数据源初始化这个KeyPairGenerator对象 */
- keyPairGenerator.initialize(KEYSIZE, secureRandom);
- //keyPairGenerator.initialize(KEYSIZE);
- /** 生成密匙对 */
- KeyPair keyPair = keyPairGenerator.generateKeyPair();
- /** 得到公钥 */
- Key publicKey = keyPair.getPublic();
- /** 得到私钥 */
- Key privateKey = keyPair.getPrivate();
- byte[] publicKeyBytes = publicKey.getEncoded();
- byte[] privateKeyBytes = privateKey.getEncoded();
- String publicKeyBase64 = new BASE64Encoder().encode(publicKeyBytes);
- String privateKeyBase64 = new BASE64Encoder().encode(privateKeyBytes);
- System.out.println("publicKeyBase64.length():" + publicKeyBase64.length());
- System.out.println("publicKeyBase64:" + publicKeyBase64);
- System.out.println("privateKeyBase64.length():" + privateKeyBase64.length());
- System.out.println("privateKeyBase64:" + privateKeyBase64);
- }
- }
运行结果:
用上一篇验证公私钥对加签验签、加解密的代码验证,也都是OK的。附上加解密验证的代码如下。
- package com.bijian.test;
- import java.io.FileInputStream;
- import java.io.IOException;
- import java.io.ObjectInputStream;
- import java.security.Key;
- import javax.crypto.Cipher;
- import sun.misc.BASE64Decoder;
- import sun.misc.BASE64Encoder;
- public class RSAUtil {
- /** 指定加密算法为RSA */
- private static final String ALGORITHM = "RSA";
- /** 指定公钥存放文件 */
- private static String PUBLIC_KEY_FILE = "PublicKey";
- /** 指定私钥存放文件 */
- private static String PRIVATE_KEY_FILE = "PrivateKey";
- public static void main(String[] args) throws Exception {
- String source = "你好nihao";// 要加密的字符串
- System.out.println("准备用公钥加密的字符串为:" + source);
- String cryptograph = encrypt(source);// 生成的密文
- System.out.print("用公钥加密后的结果为:" + cryptograph);
- System.out.println();
- String target = decrypt(cryptograph);// 解密密文
- System.out.println("用私钥解密后的字符串为:" + target);
- System.out.println();
- }
- /**
- * 加密方法
- * @param source 源数据
- * @return
- * @throws Exception
- */
- public static String encrypt(String source) throws Exception {
- Key publicKey = getKey(PUBLIC_KEY_FILE);
- /** 得到Cipher对象来实现对源数据的RSA加密 */
- Cipher cipher = Cipher.getInstance(ALGORITHM);
- cipher.init(Cipher.ENCRYPT_MODE, publicKey);
- byte[] b = source.getBytes();
- /** 执行加密操作 */
- byte[] b1 = cipher.doFinal(b);
- BASE64Encoder encoder = new BASE64Encoder();
- return encoder.encode(b1);
- }
- /**
- * 解密算法
- * @param cryptograph 密文
- * @return
- * @throws Exception
- */
- public static String decrypt(String cryptograph) throws Exception {
- Key privateKey = getKey(PRIVATE_KEY_FILE);
- /** 得到Cipher对象对已用公钥加密的数据进行RSA解密 */
- Cipher cipher = Cipher.getInstance(ALGORITHM);
- cipher.init(Cipher.DECRYPT_MODE, privateKey);
- BASE64Decoder decoder = new BASE64Decoder();
- byte[] b1 = decoder.decodeBuffer(cryptograph);
- /** 执行解密操作 */
- byte[] b = cipher.doFinal(b1);
- return new String(b);
- }
- private static Key getKey(String fileName) throws Exception, IOException {
- Key key;
- ObjectInputStream ois = null;
- try {
- /** 将文件中的私钥对象读出 */
- ois = new ObjectInputStream(new FileInputStream(fileName));
- key = (Key) ois.readObject();
- } catch (Exception e) {
- throw e;
- } finally {
- ois.close();
- }
- return key;
- }
- }
运行结果: