package com.alex.examples.utils.rsa;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.IOUtils;
import javax.crypto.Cipher;
import java.io.ByteArrayOutputStream;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
/**
* RSA非对称秘钥
*/
public class RSAUtilTest {
public static final String CHARSET = "UTF-8";
public static final String RSA_ALGORITHM = "RSA";
/**
* 生成公钥和私钥
*
* @param keySize
* @return
*/
public static Map<String, String> createKeys(int keySize) {
//为RSA算法创建一个KeyPairGenerator对象(KeyPairGenerator,密钥对生成器,用于生成公钥和私钥对)
KeyPairGenerator kpg = null;
try {
kpg = KeyPairGenerator.getInstance(RSA_ALGORITHM);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
//指定秘钥长度
kpg.initialize(keySize); //秘钥长度最少要512
//生成秘钥对
KeyPair keyPair = kpg.generateKeyPair();
//得到公钥
PublicKey publicKey = keyPair.getPublic();
//返回一个publicKey经过二次加密后的字符串
//encodeBase64URLSafeString:使用Base64算法的URL安全变体对二进制数据进行编码,但不对输出进行分块。
String publicKeyStr = Base64.encodeBase64URLSafeString(publicKey.getEncoded());
//得到私钥
//返回一个privateKey经过二次加密后的字符串
//encodeBase64URLSafeString:使用Base64算法的URL安全变体对二进制数据进行编码,但不对输出进行分块。
PrivateKey privateKey = keyPair.getPrivate();
String privateKeyStr = Base64.encodeBase64URLSafeString(privateKey.getEncoded());
//封装结果集
Map<String, String> keyPairMap = new HashMap<>();
keyPairMap.put("publicKey", publicKeyStr);
keyPairMap.put("privateKey", privateKeyStr);
return keyPairMap;
}
/**
* 得到公钥
*
* @param publicKey 密钥字符串(经过base64编码)
* @return
*/
public static RSAPublicKey getPublicKey(String publicKey) {
//通过X509编码的key指令获得公钥对象
try {
//KeyFactory:密钥工厂用于将密钥(key类型的不透明密钥)转换成密钥规范(底层密钥材料的透明表示),
// 反之亦然,密钥工厂是双向的,对于同一个密钥可以存在多个兼容的密钥规范,
// 一般通过静态方法getInstance()获得
KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM);
//根据给定的编码密钥创建一个新的 X509EncodedKeySpec
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(Base64.decodeBase64(publicKey));
RSAPublicKey key = (RSAPublicKey) keyFactory.generatePublic(x509EncodedKeySpec);
return key;
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
System.out.println("base64编码=" + publicKey + "转RSA公钥失败");
}
return null;
}
/**
* 得到私钥
*
* @param privateKey 密钥字符串(经过base64编码)
* @return
*/
public static RSAPrivateKey getPrivateKey(String privateKey) {
//通过PKCS#8编码的Key指令获得私钥对象
try {
KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM);
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKey));
RSAPrivateKey key = (RSAPrivateKey) keyFactory.generatePrivate(pkcs8KeySpec);
return key;
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
System.out.println("base64编码=" + privateKey + "转RSA私钥失败");
}
return null;
}
/**
* 公钥加密
*
* @param data
* @param publicKey
* @return
*/
public static String publicEncrypt(String data, RSAPublicKey publicKey) {
try {
//创建Cipher对象,调用Cipher的getInstance方法并将所请求转换的名称传递给它
Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
//初始化("加密模式或者解密模式","密匙")
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
//encodeBase64URLSafeString:使用Base64算法的URL安全变体对二进制数据进行编码,但不对输出进行分块。
String publicEncrypt = Base64.encodeBase64URLSafeString(
rsaSplitCodec(cipher
, Cipher.ENCRYPT_MODE //加密模式
, data.getBytes(CHARSET)
, publicKey.getModulus().bitLength())
);
return publicEncrypt;
} catch (Exception e) {
throw new RuntimeException("加密字符串[" + data + "]时遇到异常", e);
}
}
/**
* 私钥解密
*
* @param data
* @param privateKey
* @return
*/
public static String privateDecrypt(String data, RSAPrivateKey privateKey) {
try {
//创建Cipher对象,调用Cipher的getInstance方法并将所请求转换的名称传递给它
Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
//初始化("加密模式或者解密模式","密匙")
cipher.init(Cipher.DECRYPT_MODE, privateKey);
String privateDecrypt = new String(
rsaSplitCodec(cipher
, Cipher.DECRYPT_MODE //解密模式
, Base64.decodeBase64(data)
, privateKey.getModulus().bitLength())
, CHARSET);
return privateDecrypt;
} catch (Exception e) {
throw new RuntimeException("解密字符串[" + data + "]时遇到异常", e);
}
}
/**
* 私钥加密
*
* @param data
* @param privateKey
* @return
*/
public static String privateEncrypt(String data, RSAPrivateKey privateKey) {
try {
Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, data.getBytes(CHARSET), privateKey.getModulus().bitLength()));
} catch (Exception e) {
throw new RuntimeException("加密字符串[" + data + "]时遇到异常", e);
}
}
/**
* 公钥解密
*
* @param data
* @param publicKey
* @return
*/
public static String publicDecrypt(String data, RSAPublicKey publicKey) {
try {
Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, publicKey);
return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(data), publicKey.getModulus().bitLength()), CHARSET);
} catch (Exception e) {
throw new RuntimeException("解密字符串[" + data + "]时遇到异常", e);
}
}
private static byte[] rsaSplitCodec(Cipher cipher, int opmode, byte[] datas, int keySize) {
int maxBlock;
if (opmode == Cipher.DECRYPT_MODE) {
maxBlock = keySize / 8;
} else {
maxBlock = keySize / 8 - 11;
}
ByteArrayOutputStream out = new ByteArrayOutputStream();
int offSet = 0;
byte[] buff;
int i = 0;
try {
while (datas.length > offSet) {
if (datas.length - offSet > maxBlock) {
buff = cipher.doFinal(datas, offSet, maxBlock);
} else {
buff = cipher.doFinal(datas, offSet, datas.length - offSet);
}
out.write(buff, 0, buff.length);
i++;
offSet = i * maxBlock;
}
} catch (Exception e) {
throw new RuntimeException("加解密阀值为[" + maxBlock + "]的数据时发生异常", e);
}
byte[] resultDatas = out.toByteArray();
IOUtils.closeQuietly(out);
return resultDatas;
}
public static void main(String[] args) {
Map<String, String> keyMap = createKeys(1024);
String publicKey = keyMap.get("publicKey");
String privateKey = keyMap.get("privateKey");
System.out.println("公钥:" + publicKey);
System.out.println("私钥:" + privateKey);
System.out.println("----------------------------------------------------------------------------");
String str = "中国万岁";
System.out.println("明文:" + str);
System.out.println("明文大小:" + str.getBytes().length);
// TODO: 2022/10/17 公钥加密——私钥解密
System.out.println("----------------------------------------------------------------------------");
String encodedData = RSAUtilTest.publicEncrypt(str, RSAUtilTest.getPublicKey(publicKey));
System.out.println("公钥加密:" + encodedData);
String decodedData = RSAUtilTest.privateDecrypt(encodedData, RSAUtilTest.getPrivateKey(privateKey));
System.out.println("私钥解密:" + decodedData);
System.out.println("----------------------------------------------------------------------------");
// TODO: 2022/10/17 私钥加密——公钥解密
String a = RSAUtilTest.privateEncrypt(str, RSAUtilTest.getPrivateKey(privateKey));
System.out.println("私钥加密:" + a);
String b = RSAUtilTest.publicDecrypt(a, RSAUtilTest.getPublicKey(publicKey));
System.out.println("公钥解密:" + b);
System.out.println("----------------------------------------------------------------------------");
}
}
扫一扫
2886
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
