非对称加密算法和对称加密算法的主要差别在于非对称加密算法用于加密和解密的密匙不同,一个公开称为公钥,一个保密称为私钥;这个算法解决了对称加密的算法的密匙分配的问题,提高了算法的安全性。
常见的非对称加密算法:RSA算法
1.RSA消息传递模型
2 RSA算法实现
3.使用Java提供的API实现
如下测试了用私钥加密,公钥解密的过程。反之也可以测试。
import javax.crypto.Cipher;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
public class RSATest {
private static final String KEY_ALGORITHM="RSA";
private static final String PUBLIC_KEY="RSAPublicKey";
private static final String PRIVATE_KEY="RSAPrivateKey";
/**
* RSA密匙长度,默认是1024位,密匙长度必须是在64的倍数
* 范围是512--65536之间
*
*/
private static final int KEY_SIZE = 512;
public static void main(String[] args) throws Exception {
String str ="hello vison";
Map<String, Object> map = initKey();
byte[] pulicKey = getPulicKey(map);
byte[] privateKey = getPrivateKey(map);
byte[] dataAfterEncrypt = encryptByPrivateKey(str.getBytes(), privateKey);
System.out.println("encrypt by privateKey: " + Base64.encodeMD5Hex(new String(dataAfterEncrypt)));
byte[] dataAfterDecrpty = decryptByPublicKey(dataAfterEncrypt, pulicKey);
System.out.println("decrpt by publicKey :" + new String(dataAfterDecrpty));
}
/**
* 公钥解密
* @param data
* @param key
* @return
* @throws Exception
*/
public static byte[] decryptByPublicKey(byte[] data,byte[] key)throws Exception{
//获取公钥
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(key);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
//对数据解密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE,publicKey);
return cipher.doFinal(data);
}
/**
* 公钥加密
* @param data
* @param key
* @return
* @throws Exception
*/
public static byte[] encryptByPublicKey(byte[] data,byte[] key)throws Exception{
//获取公钥
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(key);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
//对数据加密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE,publicKey);
return cipher.doFinal(data);
}
/**
* 私钥解密
* @param data
* @param key 私钥
* @return byte[] 返回解密后的数据
* @throws Exception
*/
public static byte[] decryptByPrivateKey(byte[] data,byte[] key)throws Exception{
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(key);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE,privateKey);
return cipher.doFinal(data);
}
/**
* 私钥加密
* @param data 待加密数据
* @param key 私钥
* @return byte[] 加密数据
* @throws Exception
*/
public static byte[] encryptByPrivateKey(byte[] data,byte[] key) throws Exception {
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(key);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE,privateKey);
return cipher.doFinal(data);
}
/**
* 获取私钥
* @param keyMap
* @return
*/
public static byte[] getPrivateKey(Map<String,Object> keyMap){
Key key = (Key) keyMap.get(PRIVATE_KEY);
return key.getEncoded();
}
/**
* 获取公钥
* @param keyMap
* @return
*/
public static byte[] getPulicKey(Map<String,Object> keyMap){
Key key = (Key) keyMap.get(PUBLIC_KEY);
return key.getEncoded();
}
/**
* 初始化密匙对
* @return Map 密钥map
* @throws Exception
*/
public static Map<String,Object> initKey() throws Exception {
//实例化密钥对生成器
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_ALGORITHM);
//初始化
keyPairGenerator.initialize(KEY_SIZE);
//生成密匙对
KeyPair keyPair = keyPairGenerator.genKeyPair();
//私钥
RSAPrivateKey privateKey = (RSAPrivateKey)keyPair.getPrivate();
//公钥
RSAPublicKey publicKey = (RSAPublicKey)keyPair.getPublic();
//封装密钥
HashMap<String, Object> map = new HashMap<>();
map.put(PUBLIC_KEY,publicKey);
map.put(PRIVATE_KEY,privateKey);
return map;
}
}