packagecom.my;importorg.apache.commons.codec.binary.Base64;importorg.apache.commons.io.IOUtils;importjavax.crypto.Cipher;importjava.io.ByteArrayOutputStream;import java.security.*;importjava.security.interfaces.RSAPrivateKey;importjava.security.interfaces.RSAPublicKey;importjava.security.spec.InvalidKeySpecException;importjava.security.spec.PKCS8EncodedKeySpec;importjava.security.spec.X509EncodedKeySpec;importjava.util.HashMap;importjava.util.Map;public classRSAUtils {public static final String CHARSET = "UTF-8";public static final String RSA_ALGORITHM = "RSA"; //ALGORITHM ['ælgərɪð(ə)m] 算法的意思
public static Map createKeys(intkeySize) {//为RSA算法创建一个KeyPairGenerator对象
KeyPairGenerator kpg;try{
kpg=KeyPairGenerator.getInstance(RSA_ALGORITHM);
}catch(NoSuchAlgorithmException e) {throw new IllegalArgumentException("No such algorithm-->[" + RSA_ALGORITHM + "]");
}//初始化KeyPairGenerator对象,密钥长度
kpg.initialize(keySize);//生成密匙对
KeyPair keyPair =kpg.generateKeyPair();//得到公钥
Key publicKey =keyPair.getPublic();
String publicKeyStr=Base64.encodeBase64URLSafeString(publicKey.getEncoded());//得到私钥
Key privateKey =keyPair.getPrivate();
String privateKeyStr=Base64.encodeBase64URLSafeString(privateKey.getEncoded());//map装载公钥和私钥
Map keyPairMap = new HashMap();
keyPairMap.put("publicKey", publicKeyStr);
keyPairMap.put("privateKey", privateKeyStr);//返回map
returnkeyPairMap;
}/*** 得到公钥
*@parampublicKey 密钥字符串(经过base64编码)
*@throwsException*/
public static RSAPublicKey getPublicKey(String publicKey) throwsNoSuchAlgorithmException, InvalidKeySpecException {//通过X509编码的Key指令获得公钥对象
KeyFactory keyFactory =KeyFactory.getInstance(RSA_ALGORITHM);
X509EncodedKeySpec x509KeySpec= newX509EncodedKeySpec(Base64.decodeBase64(publicKey));
RSAPublicKey key=(RSAPublicKey) keyFactory.generatePublic(x509KeySpec);returnkey;
}/*** 得到私钥
*@paramprivateKey 密钥字符串(经过base64编码)
*@throwsException*/
public static RSAPrivateKey getPrivateKey(String privateKey) throwsNoSuchAlgorithmException, InvalidKeySpecException {//通过PKCS#8编码的Key指令获得私钥对象
KeyFactory keyFactory =KeyFactory.getInstance(RSA_ALGORITHM);
PKCS8EncodedKeySpec pkcs8KeySpec= newPKCS8EncodedKeySpec(Base64.decodeBase64(privateKey));
RSAPrivateKey key=(RSAPrivateKey) keyFactory.generatePrivate(pkcs8KeySpec);returnkey;
}/*** 公钥加密
*@paramdata
*@parampublicKey
*@return
*/
public staticString publicEncrypt(String data, RSAPublicKey publicKey) {try{
Cipher cipher=Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, publicKey);returnBase64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, data.getBytes(CHARSET), publicKey.getModulus().bitLength()));
}catch(Exception e) {throw new RuntimeException("加密字符串[" + data + "]时遇到异常", e);
}
}/*** 私钥解密
*@paramdata
*@paramprivateKey
*@return
*/
public staticString privateDecrypt(String data, RSAPrivateKey privateKey) {try{
Cipher cipher=Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, privateKey);return newString(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(data), privateKey.getModulus().bitLength()), CHARSET);
}catch(Exception e) {throw new RuntimeException("解密字符串[" + data + "]时遇到异常", e);
}
}/*** 私钥加密
*@paramdata
*@paramprivateKey
*@return
*/
public staticString privateEncrypt(String data, RSAPrivateKey privateKey) {try{
Cipher cipher=Cipher.getInstance(RSA_ALGORITHM);//每个Cipher初始化方法使用一个模式参数opmod,并用此模式初始化Cipher对象。此外还有其他参数,包括密钥key、包含密钥的证书certificate、算法参数params和随机源random。
cipher.init(Cipher.ENCRYPT_MODE, privateKey);returnBase64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, data.getBytes(CHARSET), privateKey.getModulus().bitLength()));
}catch(Exception e) {throw new RuntimeException("加密字符串[" + data + "]时遇到异常", e);
}
}/*** 公钥解密
*@paramdata
*@parampublicKey
*@return
*/
public staticString publicDecrypt(String data, RSAPublicKey publicKey) {try{
Cipher cipher=Cipher.getInstance(RSA_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, publicKey);return newString(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(data), publicKey.getModulus().bitLength()), CHARSET);
}catch(Exception e) {throw new RuntimeException("解密字符串[" + data + "]时遇到异常", e);
}
}//rsa切割解码 , ENCRYPT_MODE,加密数据 ,DECRYPT_MODE,解密数据
private static byte[] rsaSplitCodec(Cipher cipher, int opmode, byte[] datas, intkeySize) {int maxBlock = 0; //最大块
if (opmode ==Cipher.DECRYPT_MODE) {
maxBlock= keySize / 8;
}else{
maxBlock= keySize / 8 - 11;
}
ByteArrayOutputStream out= newByteArrayOutputStream();int offSet = 0;byte[] buff;int i = 0;try{while (datas.length >offSet) {if (datas.length - offSet >maxBlock) {//可以调用以下的doFinal()方法完成加密或解密数据:
buff =cipher.doFinal(datas, offSet, maxBlock);
}else{
buff= cipher.doFinal(datas, offSet, datas.length -offSet);
}
out.write(buff,0, buff.length);
i++;
offSet= i *maxBlock;
}
}catch(Exception e) {throw new RuntimeException("加解密阀值为[" + maxBlock + "]的数据时发生异常", e);
}byte[] resultDatas =out.toByteArray();
IOUtils.closeQuietly(out);returnresultDatas;
}//简单测试____________
public static void main(String[] args) throwsException {
Map keyMap = RSAUtils.createKeys(1024);
String publicKey= keyMap.get("publicKey");
String privateKey= keyMap.get("privateKey");
System.out.println("公钥: \n\r" +publicKey);
System.out.println("私钥: \n\r" +privateKey);
System.out.println("公钥加密——私钥解密");
String str= "站在大明门前守卫的禁卫军,事先没有接到\n" + "有关的命令,但看到大批盛装的官员来临,也就\n" + "以为确系举行大典,因而未加询问。进大明门即\n" + "为皇城。文武百官看到端门午门之前气氛平静,\n" + "城楼上下也无朝会的迹象,既无几案,站队点名\n" + "的御史和御前侍卫“大汉将军”也不见踪影,不免\n"
+ "心中揣测,互相询问:所谓午朝是否讹传?";
System.out.println("\r明文:\r\n" +str);
System.out.println("\r明文大小:\r\n" +str.getBytes().length);
String encodedData= RSAUtils.publicEncrypt(str, RSAUtils.getPublicKey(publicKey)); //传入明文和公钥加密,得到密文
System.out.println("密文:\r\n" +encodedData);
String decodedData= RSAUtils.privateDecrypt(encodedData, RSAUtils.getPrivateKey(privateKey)); //传入密文和私钥,得到明文
System.out.println("解密后文字: \r\n" +decodedData);
}
}