使用RSA进行非对称加解密示例:
</pre><pre code_snippet_id="1607340" snippet_file_name="blog_20160312_3_2391758" name="code" class="java">package date;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
/**
* 使用RSA非对称加解密 注意点:import sun.misc.BASE64Encoder; 有可能找不到这个包; 就要JRE System
* Library包删除重新add Library 进去
*/
public class EncrypRSA {
public static final String KEY_ALGORITHM = "RSA";
/**
* BASE64解密
*
* @param key
* @return
* @throws Exception
*/
public static byte[] decryptBASE64(String key) throws Exception {
return (new BASE64Decoder()).decodeBuffer(key);
}
/**
* BASE64加密
*
* @param key
* @return
* @throws Exception
*/
public static String encryptBASE64(byte[] key) throws Exception {
return (new BASE64Encoder()).encodeBuffer(key);
}
/**
* 加密
*
* @param publicKey
* 公钥
* @param srcBytes
* 加密数据数组
* @return
* @throws NoSuchAlgorithmException
* @throws NoSuchPaddingException
* @throws InvalidKeyException
* @throws IllegalBlockSizeException
* @throws BadPaddingException
*/
protected byte[] encrypt(RSAPublicKey publicKey, byte[] srcBytes)
throws NoSuchAlgorithmException, NoSuchPaddingException,
InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
if (publicKey != null) {
// Cipher负责完成加密或解密工作,基于RSA
Cipher cipher = Cipher.getInstance("RSA");
// 根据公钥,对Cipher对象进行初始化
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
byte[] resultBytes = cipher.doFinal(srcBytes);
return resultBytes;
}
return null;
}
/**
* 解密
*
* @param privateKey
* 私钥
* @param srcBytes
* 解密数据数组
* @return
* @throws NoSuchAlgorithmException
* @throws NoSuchPaddingException
* @throws InvalidKeyException
* @throws IllegalBlockSizeException
* @throws BadPaddingException
*/
protected byte[] decrypt(RSAPrivateKey privateKey, byte[] srcBytes)
throws NoSuchAlgorithmException, NoSuchPaddingException,
InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
if (privateKey != null) {
// Cipher负责完成加密或解密工作,基于RSA
Cipher cipher = Cipher.getInstance("RSA");
// 根据公钥,对Cipher对象进行初始化
cipher.init(Cipher.DECRYPT_MODE, privateKey);
byte[] resultBytes = cipher.doFinal(srcBytes);
return resultBytes;
}
return null;
}
/**
* @param args
* @throws NoSuchAlgorithmException
* @throws BadPaddingException
* @throws IllegalBlockSizeException
* @throws NoSuchPaddingException
* @throws InvalidKeyException
*/
public static void main(String[] args) throws NoSuchAlgorithmException,
InvalidKeyException, NoSuchPaddingException,
IllegalBlockSizeException, BadPaddingException, Exception {
EncrypRSA rsa = new EncrypRSA();
String msg = "测试加密数据:基于RSA算法生成对象";
// KeyPairGenerator类用于生成公钥和私钥对,基于RSA算法生成对象
KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA");
// 初始化密钥对生成器,密钥大小为1024位
keyPairGen.initialize(1024);
// 生成一个密钥对,保存在keyPair中:生成的密钥对必须是同一个KeyPair对象否则解密失败
KeyPair keyPair = keyPairGen.generateKeyPair();
// 得到公钥key
RSAPublicKey orapublicKey = (RSAPublicKey) keyPair.getPublic();
byte[] publicKeybyte = orapublicKey.getEncoded();
String publicKeyString = encryptBASE64(publicKeybyte);
System.out.println("得到公钥 : " + publicKeyString);
// 得到私钥key
RSAPrivateKey oraprivateKey = (RSAPrivateKey) keyPair.getPrivate();
byte[] privateKeybyte = oraprivateKey.getEncoded();
String privateKeyString = encryptBASE64(privateKeybyte);
System.out.println("得到私钥 : " + privateKeyString);
// 使用公私钥进行数字签名
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
// 解密由base64编码的私钥,并构造PKCS8EncodedKeySpec对象
PKCS8EncodedKeySpec privatekcs8KeySpec = new PKCS8EncodedKeySpec(
decryptBASE64(privateKeyString));
PrivateKey privateKey = keyFactory.generatePrivate(privatekcs8KeySpec);
// 解密由base64编码的公钥,并构造X509EncodedKeySpec对象
X509EncodedKeySpec publicpkcs8KeySpec = new X509EncodedKeySpec(
decryptBASE64(publicKeyString));
PublicKey publicKey = keyFactory.generatePublic(publicpkcs8KeySpec); // RSA对称加密算法
// 用公钥加密
byte[] srcBytes = msg.getBytes();
byte[] resultBytes = rsa.encrypt((RSAPublicKey) publicKey, srcBytes);
String base64Msg = encryptBASE64(resultBytes);
byte[] base64MsgD = decryptBASE64(base64Msg);
// 用私钥解密
byte[] decBytes = rsa.decrypt((RSAPrivateKey) privateKey, base64MsgD);
System.out.println("明文是:" + msg);
System.out.println("双重加密后是:" + base64Msg);
System.out.println("解密后是:" + new String(decBytes));
}
// 得到公钥 :
// MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOiO8iJS/QqfXVeDqd0/KDHWWpbOzy1Ztgw+uw
// uSwqQIpVSwIj4A1S9z8Dth13B2F6AFk9GO/T5xF37ml6qlS3FeOBOk/d74le2mDHcE/6zqJFEgnC
// kee7zVSXRuaAxX2ffmEhbbPRFAPT2wc0ZGhLtB/mbsvDUhUyd8PTaHpQWQIDAQAB
// 得到私钥 :
// MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAM6I7yIlL9Cp9dV4Op3T8oMdZals
// 7PLVm2DD67C5LCpAilVLAiPgDVL3PwO2HXcHYXoAWT0Y79PnEXfuaXqqVLcV44E6T93viV7aYMdw
// T/rOokUSCcKR57vNVJdG5oDFfZ9+YSFts9EUA9PbBzRkaEu0H+Zuy8NSFTJ3w9NoelBZAgMBAAEC
// gYBbB2WGgidZ658LUCtdpq3Ldih5jSW+PcF228NEp8i8cqfFwgKWd0jIGWsvopPIA3vF/uNWF2iU
// 19IOLwlUZEBjiqX0c3CtVHiz6EKoAntHtcu0eUS3otAzE3ejrrTczeiZbYh+nWkOn36bZRxQEJ1k
// tOE+UlHt6JHw2QQ9XRuZUQJBAO/OgN013K+Q1yB2IgjKGtnOsiOKestWwscdas1uGr1OjPw0v2vI
// kcANmQVo8L3rPR/CQJK8KImEHtaG681AhtUCQQDce0SBdtgSg3oK4apv7BiLUiGhdewTvpKOa6YM
// 5aLVE+n113Dsn+w3neVdYVBOlXiOw9eebWNVczSgTDUQRG11AkEAvgoIVUW5/efqk+8KSazgWntS
// 8JdteHbpJKJLYUFAL4VwdO3YRLJNzsT33zGqltc1OVXXlnFGLrRlO9zwQVhBgQJAHzJN4iensQ7r
// YMjHbeixHF11prvhuHV5lS9EIoUHgjC8JO3j64dBTClKP+k6DLR3h3PMeX0u1fNkGd5Oj8uu1QJB
// AMpuAZYVqTx1iVVSvicfjgNojSjVtCezj8ydK6nhkeai1uu/596Pp12VMmNdO/+crbAykokDtYD+
// jecuhNBVwjk=
}