参考:http://www.bkjia.com/Androidjc/868958.html
利用OpenSSL工具生成密钥对,参考以上文章时利用公钥加密后的,后台始终无法解密(不知道哪错了,还是不用自定义的Base64吧)。
最后使用以下方法加密成功:
RSAUtil.encryptByPublic(Context context, String content)
下面的"public_key.pem"即为公钥。
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
import android.content.Context;
import android.util.Base64;
/**
* RSA加密工具
*
* @author Administrator
*
*/
public class RSAUtil
{
public static final String RSA_PUBLIC = "";
/**
* 得到公钥
*
* @param algorithm
* @param bysKey
* @return
* @throws NoSuchAlgorithmException
* @throws Exception
*/
private static PublicKey getPublicKeyFromX509(String algorithm,
String bysKey) throws NoSuchAlgorithmException, Exception
{
byte[] decodeKey = Base64.decode(bysKey, Base64.DEFAULT);
X509EncodedKeySpec x509 = new X509EncodedKeySpec(decodeKey);
KeyFactory keyFactory = KeyFactory.getInstance(algorithm);
return keyFactory.generatePublic(x509);
}
/**
* 使用公钥加密
*
* @param content
* @return
*/
public static String encryptByPublic(Context context, String content)
{
try
{
String pubKey = getPublicKeyFromAssets(context);
PublicKey publicKey = getPublicKeyFromX509(ALGORITHM, pubKey);
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
byte[] plaintext = content.getBytes();
byte[] output = cipher.doFinal(plaintext);
String str = Base64.encodeToString(output, Base64.DEFAULT);
return str;
} catch (Exception e)
{
e.printStackTrace();
return null;
}
}
/**
* 获取公钥
*
* @param fileName
* @return
*/
private static String getPublicKeyFromAssets(Context context)
{
try
{
InputStreamReader inputReader = new InputStreamReader(context
.getResources().getAssets().open("public_key.pem"));
BufferedReader bufReader = new BufferedReader(inputReader);
String line = "";
String Result = "";
while ((line = bufReader.readLine()) != null)
{
if (line.charAt(0) == '-')
{
continue;
}
Result += line;
}
return Result;
} catch (Exception e)
{
e.printStackTrace();
return null;
}
}
}
android、ios客户端rsa加密秘钥生成 http://sparrow82.iteye.com/blog/1834859
1、openssl生成公司钥对
openssl req -x509 -out public_key.der -outform der -new -newkey rsa:1024 -keyout private_key.pem
生成私钥:private_key.pem
公钥:public_key.der
2、将private_key.pem转换成PKCS8Padding格式
openssl pkcs8 -topk8 -inform PEM -in private_key.pem -outform PEM -nocrypt
返回一串字符如:
-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKwerXN6yQc0hOyP
aqQkTA0kANym5cLgoTUvCk3b3DDn2fQvfXjLqPx/lzYDRIQljO9wqOEL8bpTas6C
ymN7Ioq/a0uNpYOimp7inlfYiwr/3ju1ZBtg7w9WDZUMivlPuEATbsj5Z0ZUMeyk
7Mi2vW2hGx0rROVbiXpx7u6bu54BAgMBAAECgYEApAB/KV+/mPv0BCwLYuerB4Jc
x+LHXs8HDFQML2/k+TySMtflaGo2VJGGlVK7wGa/SY9Be14UMIQ3axq4md3EZHuy
ibnFfPJHHfSubGxpg+IRUvtuUExTpZ9GT4y6depEWGllmR4CHZVt100tkOYAeDsl
suE3UmYHTHr20tqJ/BkCQQDdc1+qIV/VM+S49yYoFWvAt/bF80HyNMJJZLwcwzP2
NC/i8QS8AqtbkayLTsKGMc+Naw2UE7a7hOH4UwWmFb9rAkEAxvkOJsSuGv9FK7nV
k83NT5NURdAXTNlu4AYmTIdCA4XW8+I0BxoPmuNhqbZuus8i0D4LWREb4F2YNiqM
2onPQwJARO6U6LBa1FLC75B/IBsK34JkHloKPQqPL6lbpNheZFT6UvoTLzLlhCtk
OjjZ9Eus/6hDIcTBLL3AWTv+liRO4QJAMFlSo/8E45CGCWMFz/2hVyXQw4oWL1li
hNNZuRzg4KREIE0mIVem1RdNowSukXxF1F5POZxbrsBvfTIHug7kqwJABumKLTAs
tRKj4mXmH9tyUFCOrwRDqY/XIC9NLu+l7X1WfdgbSi++OQ0qa2LV6dHQhHNdEYmt
sh2JnjcySwHROg==
-----END PRIVATE KEY-----
取出-----BEGIN PRIVATE KEY-----和-----END PRIVATE KEY-----之间的字符保存,做为解密的私钥串。
3、将生成的公钥DER文件BASE64编码
openssl base64 -in public_key.der
生成的字符串做为IOS的公钥
4、从已有的私钥中,导出android使用的公钥
openssl rsa -in private_key.pem -pubout -out rsa_public_key.pem
openssl req -x509 -out public_key.der -outform der -new -newkey rsa:1024 -keyout private_key.pem
生成私钥:private_key.pem
公钥:public_key.der
2、将private_key.pem转换成PKCS8Padding格式
openssl pkcs8 -topk8 -inform PEM -in private_key.pem -outform PEM -nocrypt
返回一串字符如:
-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKwerXN6yQc0hOyP
aqQkTA0kANym5cLgoTUvCk3b3DDn2fQvfXjLqPx/lzYDRIQljO9wqOEL8bpTas6C
ymN7Ioq/a0uNpYOimp7inlfYiwr/3ju1ZBtg7w9WDZUMivlPuEATbsj5Z0ZUMeyk
7Mi2vW2hGx0rROVbiXpx7u6bu54BAgMBAAECgYEApAB/KV+/mPv0BCwLYuerB4Jc
x+LHXs8HDFQML2/k+TySMtflaGo2VJGGlVK7wGa/SY9Be14UMIQ3axq4md3EZHuy
ibnFfPJHHfSubGxpg+IRUvtuUExTpZ9GT4y6depEWGllmR4CHZVt100tkOYAeDsl
suE3UmYHTHr20tqJ/BkCQQDdc1+qIV/VM+S49yYoFWvAt/bF80HyNMJJZLwcwzP2
NC/i8QS8AqtbkayLTsKGMc+Naw2UE7a7hOH4UwWmFb9rAkEAxvkOJsSuGv9FK7nV
k83NT5NURdAXTNlu4AYmTIdCA4XW8+I0BxoPmuNhqbZuus8i0D4LWREb4F2YNiqM
2onPQwJARO6U6LBa1FLC75B/IBsK34JkHloKPQqPL6lbpNheZFT6UvoTLzLlhCtk
OjjZ9Eus/6hDIcTBLL3AWTv+liRO4QJAMFlSo/8E45CGCWMFz/2hVyXQw4oWL1li
hNNZuRzg4KREIE0mIVem1RdNowSukXxF1F5POZxbrsBvfTIHug7kqwJABumKLTAs
tRKj4mXmH9tyUFCOrwRDqY/XIC9NLu+l7X1WfdgbSi++OQ0qa2LV6dHQhHNdEYmt
sh2JnjcySwHROg==
-----END PRIVATE KEY-----
取出-----BEGIN PRIVATE KEY-----和-----END PRIVATE KEY-----之间的字符保存,做为解密的私钥串。
3、将生成的公钥DER文件BASE64编码
openssl base64 -in public_key.der
生成的字符串做为IOS的公钥
4、从已有的私钥中,导出android使用的公钥
openssl rsa -in private_key.pem -pubout -out rsa_public_key.pem