RSA加密、解密、加签、验签以及生成公私钥
2018-02-24 16:52
501 查看
RSA加解密、加验签、生成公私钥代码如下:
运行结果如下:
写一个Socket通信测试加签、加密传输:
先启动Server端,再启动Client端,传输过程中使用密文传输,加签防止内容被篡改,运行结果如下:
package util; import java.io.BufferedReader; import java.io.BufferedWriter; import java.io.File; import java.io.FileReader; import java.io.FileWriter; import java.io.IOException; import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; import java.security.PublicKey; import java.security.SecureRandom; import java.security.Signature; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; import java.security.spec.InvalidKeySpecException; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import javax.crypto.Cipher; /** * RSA使用X509EncodedKeySpec、PKCS8EncodedKeySpec生成公钥和私钥 * 加密数据大小不能超过127 bytes * @Description:加签、验签、加密、解密、生成公钥、私钥 * @date:2018年2月24日 */ public class RSAUtil { public static void main(String[] args) throws Exception { //生成公私钥文件 //RSAUtil.getKeyPair("E:/"); String publicKey = RSAUtil.readKeyFromFile("E:/publicKey.keystore"); String privateKey = RSAUtil.readKeyFromFile("E:/privateKey.keystore"); System.out.println("publicKey:"+publicKey); System.out.println("privateKey:"+privateKey); System.out.println("---------------------------------------------"); String sign = RSAUtil.signByPrivateKey("测试加签", privateKey); System.out.println("sign:"+sign); System.out.println("验签:"+RSAUtil.verifySignByPublicKey("测试加签", publicKey, sign)); System.out.println("---------------------------------------------"); String cipherText = RSAUtil.encryptByPublicKey("测试加密明文数据", RSAUtil.readPublicKeyFromString(publicKey)); System.out.println("cipherText:"+cipherText); String plainText = RSAUtil.decryptByPrivateKey(cipherText, RSAUtil.readPrivateKeyFromString(privateKey)); System.out.println("plainText:"+plainText); } /** * 生成公私钥对 * @param filePath 生成文件路径 */ @SuppressWarnings("static-access") public static void getKeyPair(String filePath) { KeyPairGenerator keyPairGenerator = null; try { keyPairGenerator = keyPairGenerator.getInstance("RSA"); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } keyPairGenerator.initialize(1024, new SecureRandom()); KeyPair keyPair = keyPairGenerator.generateKeyPair(); RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate(); String publicKeyString = Base64.encode(publicKey.getEncoded()); String privateKeyString = Base64.encode(privateKey.getEncoded()); try { BufferedWriter publicbw = new BufferedWriter(new FileWriter(new File(filePath+"/publicKey.keystore"))); BufferedWriter privatebw = new BufferedWriter(new FileWriter(new File(filePath+"/privateKey.keystore"))); publicbw.write(publicKeyString); privatebw.write(privateKeyString); publicbw.flush(); publicbw.close(); privatebw.flush(); privatebw.close(); } catch (IOException e) { e.printStackTrace(); } } /** * 从文件中读取公钥或私钥 * @param filePath 文件路径 * @return 公钥或私钥 */ public static String readKeyFromFile(String filePath) { try { BufferedReader br = new BufferedReader(new FileReader(new File(filePath))); String readLine = null; StringBuilder sb = new StringBuilder(); while((readLine = br.readLine()) != null) { sb.append(readLine); } br.close(); return sb.toString(); } catch (IOException e) { e.printStackTrace(); } return null; } /** * 从字符串中加载公钥 * @return 公钥 */ public static RSAPublicKey readPublicKeyFromString(String publicKeyStr) { try { byte[] bt = Base64.decode(publicKeyStr); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(bt); ret 4000 urn (RSAPublicKey) keyFactory.generatePublic(x509EncodedKeySpec); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (InvalidKeySpecException e) { e.printStackTrace(); } return null; } /** * 从字符串中加载私钥 * @return 私钥 */ public static RSAPrivateKey readPrivateKeyFromString(String privateKeyStr) { try { PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(Base64.decode(privateKeyStr)); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); return (RSAPrivateKey) keyFactory.generatePrivate(pkcs8EncodedKeySpec); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (InvalidKeySpecException e) { e.printStackTrace(); } return null; } /** * 私钥加签 * @param content 报文 * @param privateKey 私钥 * @return 签名值 */ public static String signByPrivateKey(String content,String privateKey) { try { PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(Base64.decode(privateKey)); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); PrivateKey priKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec); Signature signature = Signature.getInstance("SHA256withRSA");//MD5withRSA signature.initSign(priKey); signature.update(content.getBytes()); byte[] sign = signature.sign(); return Base64.encode(sign); } catch (Exception e) { e.printStackTrace(); } return null; } /** * 公钥验签 * @param content 报文 * @param publicKey 公钥 * @param sign 签名值 * @return 验签是否通过 */ public static boolean verifySignByPublicKey(String content,String publicKey,String sign) { try { X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(Base64.decode(publicKey)); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); PublicKey pubKey = keyFactory.generatePublic(x509EncodedKeySpec); Signature signature = Signature.getInstance("SHA256withRSA");//MD5withRSA signature.initVerify(pubKey); signature.update(content.getBytes()); return signature.verify(Base64.decode(sign)); } catch (Exception e) { e.printStackTrace(); } return false; } /** * 公钥加密 * @param plainText 明文 * @param publicKey 公钥 * @return 密文 * @throws Exception */ public static String encryptByPublicKey(String plainText,RSAPublicKey publicKey) throws Exception { if(publicKey == null) { throw new Exception("公钥为空!"); } Cipher cipher = null; try { cipher = Cipher.getInstance("RSA"); cipher.init(Cipher.ENCRYPT_MODE, publicKey); byte[] output = cipher.doFinal(plainText.getBytes()); return Base64.encode(output); } catch(Exception e) { e.printStackTrace(); } return null; } /** * 私钥解密 * @param cipherText 密文 * @param privateKey 私钥 * @return 明文 * @throws Exception */ public static String decryptByPrivateKey(String cipherText,RSAPrivateKey privateKey) throws Exception { if(privateKey == null) { throw new Exception("私钥为空!"); } Cipher cipher = null; try { cipher = Cipher.getInstance("RSA"); cipher.init(Cipher.DECRYPT_MODE, privateKey); byte[] output = cipher.doFinal(Base64.decode(cipherText)); return new String(output); } catch (Exception e) { e.printStackTrace(); } return null; } }
package util; public final class Base64 { static private final int BASELENGTH = 128; static private final int LOOKUPLENGTH = 64; static private final int TWENTYFOURBITGROUP = 24; static private final int EIGHTBIT = 8; static private final int SIXTEENBIT = 16; static private final int FOURBYTE = 4; static private final int SIGN = -128; static private final char PAD = '='; static private final boolean fDebug = false; static final private byte[] base64Alphabet = new byte[BASELENGTH]; static final private char[] lookUpBase64Alphabet = new char[LOOKUPLENGTH]; static { for (int i = 0; i < BASELENGTH; ++i) { base64Alphabet[i] = -1; } for (int i = 'Z'; i >= 'A'; i--) { base64Alphabet[i] = (byte) (i - 'A'); } for (int i = 'z'; i >= 'a'; i--) { base64Alphabet[i] = (byte) (i - 'a' + 26); } for (int i = '9'; i >= '0'; i--) { base64Alphabet[i] = (byte) (i - '0' + 52); } base64Alphabet['+'] = 62; base64Alphabet['/'] = 63; for (int i = 0; i <= 25; i++) { lookUpBase64Alphabet[i] = (char) ('A' + i); } for (int i = 26, j = 0; i <= 51; i++, j++) { lookUpBase64Alphabet[i] = (char) ('a' + j); } for (int i = 52, j = 0; i <= 61; i++, j++) { lookUpBase64Alphabet[i] = (char) ('0' + j); } lookUpBase64Alphabet[62] = (char) '+'; lookUpBase64Alphabet[63] = (char) '/'; } private static boolean isWhiteSpace(char octect) { return (octect == 0x20 || octect == 0xd || octect == 0xa || octect == 0x9); } private static boolean isPad(char octect) { return (octect == PAD); } private static boolean isData(char octect) { return (octect < BASELENGTH && base64Alphabet[octect] != -1); } /** * Encodes hex octects into Base64 * * @param binaryData * Array containing binaryData * @return Encoded Base64 array */ public static String encode(byte[] binaryData) { if (binaryData == null) { return null; } int lengthDataBits = binaryData.length * EIGHTBIT; if (lengthDataBits == 0) { return ""; } int fewerThan24bits = lengthDataBits % TWENTYFOURBITGROUP; int numberTriplets = lengthDataBits / TWENTYFOURBITGROUP; int numberQuartet = fewerThan24bits != 0 ? numberTriplets + 1 : numberTriplets; char encodedData[] = null; encodedData = new char[numberQuartet * 4]; byte k = 0, l = 0, b1 = 0, b2 = 0, b3 = 0; int encodedIndex = 0; int dataIndex = 0; if (fDebug) { System.out.println("number of triplets = " + numberTriplets); } for (int i = 0; i < numberTriplets; i++) { b1 = binaryData[dataIndex++]; b2 = binaryData[dataIndex++]; b3 = binaryData[dataIndex++]; if (fDebug) { System.out.println("b1= " + b1 + ", b2= " + b2 + ", b3= " + b3); } l = (byte) (b2 & 0x0f); k = (byte) (b1 & 0x03); byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0); byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4) : (byte) ((b2) >> 4 ^ 0xf0); byte val3 = ((b3 & SIGN) == 0) ? (byte) (b3 >> 6) : (byte) ((b3) >> 6 ^ 0xfc); if (fDebug) { System.out.println("val2 = " + val2); System.out.println("k4 = " + (k << 4)); System.out.println("vak = " + (val2 | (k << 4))); } encodedData[encodedIndex++] = lookUpBase64Alphabet[val1]; encodedData[encodedIndex++] = lookUpBase64Alphabet[val2 | (k << 4)]; encodedData[encodedIndex++] = lookUpBase64Alphabet[(l << 2) | val3]; encodedData[encodedIndex++] = lookUpBase64Alphabet[b3 & 0x3f]; } // form integral number of 6-bit groups if (fewerThan24bits == EIGHTBIT) { b1 = binaryData[dataIndex]; k = (byte) (b1 & 0x03); if (fDebug) { System.out.println("b1=" + b1); System.out.println("b1<<2 = " + (b1 >> 2)); } byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0); encodedData[encodedIndex++] = lookUpBase64Alphabet[val1]; encodedData[encodedIndex++] = lookUpBase64Alphabet[k << 4]; encodedData[encodedIndex++] = PAD; encodedData[encodedIndex++] = PAD; } else if (fewerThan24bits == SIXTEENBIT) { b1 = binaryData[dataIndex]; b2 = binaryData[dataIndex + 1]; l = (byte) (b2 & 0x0f); k = (byte) (b1 & 0x03); byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0); byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4) : (byte) ((b2) >> 4 ^ 0xf0); encodedData[encodedIndex++] = lookUpBase64Alphabet[val1]; encodedData[encodedIndex++] = lookUpBase64Alphabet[val2 | (k << 4)]; encodedData[encodedIndex++] = lookUpBase64Alphabet[l << 2]; encodedData[encodedIndex++] = PAD; } return new String(encodedData); } /** * Decodes Base64 data into octects * * @param encoded * string containing Base64 data * @return Array containind decoded data. */ public static byte[] decode(String encoded) { if (encoded == null) { return null; } char[] base64Data = encoded.toCharArray(); // remove white spaces int len = removeWhiteSpace(base64Data); if (len % FOURBYTE != 0) { return null;// should be divisible by four } int numberQuadruple = (len / FOURBYTE); if (numberQuadruple == 0) { return new byte[0]; } byte decodedData[] = null; byte b1 = 0, b2 = 0, b3 = 0, b4 = 0; char d1 = 0, d2 = 0, d3 = 0, d4 = 0; int i = 0; int encodedIndex = 0; int dataIndex = 0; decodedData = new byte[(numberQuadruple) * 3]; for (; i < numberQuadruple - 1; i++) { if (!isData((d1 = base64Data[dataIndex++])) || !isData((d2 = base64Data[dataIndex++])) || !isData((d3 = base64Data[dataIndex++])) || !isData((d4 = base64Data[dataIndex++]))) { return null; }// if found "no data" just return null b1 = base64Alphabet[d1]; b2 = base64Alphabet[d2]; b3 = base64Alphabet[d3]; b4 = base64Alphabet[d4]; decodedData[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4); decodedData[encodedIndex++] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf)); decodedData[encodedIndex++] = (byte) (b3 << 6 | b4); } if (!isData((d1 = base64Data[dataIndex++])) || !isData((d2 = base64Data[dataIndex++]))) { return null;// if found "no data" just return null } b1 = base64Alphabet[d1]; b2 = base64Alphabet[d2]; d3 = base64Data[dataIndex++]; d4 = base64Data[dataIndex++]; if (!isData((d3)) || !isData((d4))) { // Check if they are PAD characters if (isPad(d3) && isPad(d4)) { if ((b2 & 0xf) != 0)// last 4 bits should be zero { return null; } byte[] tmp = new byte[i * 3 + 1]; System.arraycopy(decodedData, 0, tmp, 0, i * 3); tmp[encodedIndex] = (byte) (b1 << 2 | b2 >> 4); return tmp; } else if (!isPad(d3) && isPad(d4)) { b3 = base64Alphabet[d3]; if ((b3 & 0x3) != 0)// last 2 bits should be zero { return null; } byte[] tmp = new byte[i * 3 + 2]; System.arraycopy(decodedData, 0, tmp, 0, i * 3); tmp[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4); tmp[encodedIndex] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf)); return tmp; } else { return null; } } else { // No PAD e.g 3cQl b3 = base64Alphabet[d3]; b4 = base64Alphabet[d4]; decodedData[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4); decodedData[encodedIndex++] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf)); decodedData[encodedIndex++] = (byte) (b3 << 6 | b4); } return decodedData; } /** * remove WhiteSpace from MIME containing encoded Base64 data. * * @param data * the byte array of base64 data (with WS) * @return the new length */ private static int removeWhiteSpace(char[] data) { if (data == null) { return 0; } // count characters that's not whitespace int newSize = 0; int len = data.length; for (int i = 0; i < len; i++) { if (!isWhiteSpace(data[i])) { data[newSize++] = data[i]; } } return newSize; } }
运行结果如下:
publicKey:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCMLDV2a6Ci7hC9MTARF6S4MWyktZmqGcOFuW53pf3YZW1C7PmCIlesIrsloRRzs9eqh17/oCBNacnuXwlpukVG+tUJUU3T5uVI3+kQvP8p9fM+0kW+IOyOWOoIincVaFzDpBUOIuEnuKeaDB2COToQfSrz+U+g2/CQ2N/yJD+BDwIDAQAB privateKey:MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAIwsNXZroKLuEL0xMBEXpLgxbKS1maoZw4W5bnel/dhlbULs+YIiV6wiuyWhFHOz16qHXv+gIE1pye5fCWm6RUb61QlRTdPm5Ujf6RC8/yn18z7SRb4g7I5Y6giKdxVoXMOkFQ4i4Se4p5oMHYI5OhB9KvP5T6Db8JDY3/IkP4EPAgMBAAECgYArLcMaQ3UsO2F0ph5EZaAcDT2GT1qSh3UvUDuzJ7LWYggSQaVqbOHM6LX1lXUTXybkJOcin1TUA+5sO2JO605DYmxjlWq91Gva95diiDofW+V0/uC4Z/DWLlGtGKOaaBecC9FkW3gM7wMQym9QMhugiBGSCQvACm8Ke0DxiGCCQQJBAPYv46JbCgs1yJ0Qie+Dq2lZvneWYk04iA75tJT3u91rh4Ku03/bxJiSJwnxKoivX5/2/P/QwAOSPdosZcMw62kCQQCRwoqMh1DK3/MOA1xaLiWOHGgas4bu7QKyvBcpyMIjSgypKsd79YF4PZ/hJq3MsgTDnKF5CrVZA56YGHpBE1G3AkEAvcHt8M/BbyCWsFH2MBLKhdqx0BWvUZw4a2qXgZduS949RkKhLVVlNMC6rJQiV9btmyxSmI/74QTQ/iDok0pauQJAdyM62Zg0qk4YPSj0EGXNnnWLhd+dd6bT4MGqcSW9wNhittbXjHNjqqM8Dezue/Q5vqVEuknNZn913r2LF6uxywJBAKYzODskLij8M9aAOKhjgRuEun0r328WXTveIwXFYRyUlu9oUumgb35+hCjtpblg3oi6EW8BZ9I14ZGERda978Y= --------------------------------------------- sign:VOyW13g3yg/mu+v2hvYI4ri7oewZamp6jiXt0y0PW1PREhWxTbgCcF6TMBFtKxayPt1QcwTpSUPSR0lpAkXoQPms+WMtZQvSfNPBvz+aNrTq9LtDWvCBAdMZA/7ZlnzwcvRRkFfcSya1jjPwY/7Qx3tbJ5PWgUKKLYV93zA6PaA= 验签:true --------------------------------------------- cipherText:TCYWTSqJyetaS/g67CN9Ik8qBrADAXMGt0cSB2lJ3yHIQrE7LVDwkYZ+XHTr2EYufPPRONvSwcNc/hcNaOhgKruWVKUaOn2qGrLLsmTU8xDDGJf/zsQKrcKPVYfruHdmfXdIhwhWh+bNYVrcr5bGvDjtgJYjzYL485PKJUcPD88= plainText:测试加密明文数据
写一个Socket通信测试加签、加密传输:
package util; import java.io.IOException; import java.io.OutputStream; import java.net.Socket; import java.net.UnknownHostException; import java.util.HashMap; import java.util.Map; import com.alibaba.fastjson.JSONObject; public class TCPClient { private static String url = "21.131.4.33"; private static int port = 10000; private static String publicKey = RSAUtil.readKeyFromFile("E:/publicKey.keystore"); private static String privateKey = RSAUtil.readKeyFromFile("E:/privateKey.keystore"); public static void main(String[] args) throws Exception { Map<String, Object> map = new HashMap<String, Object>(); map.put("name", "张三"); map.put("age", "23"); map.put("address", "北京市"); map.put("message", "测试数据"); String data = JSONObject.toJSONString(map); //加签 String sign = RSAUtil.signByPrivateKey(data, privateKey); //加密 String cipherText = RSAUtil.encryptByPublicKey(data, RSAUtil.readPublicKeyFromString(publicKey)); TCPClient tcpClient = new TCPClient(); tcpClient.sendMessage(url, port, sign+","+cipherText); } public void sendMessage(String url,int port,String message) throws UnknownHostException, IOException { Socket socket = new Socket(url,port); OutputStream outputStream = socket.getOutputStream(); outputStream.write(message.getBytes()); socket.close(); outputStream.close(); } }
package util; import java.io.IOException; import java.io.InputStream; import java.net.ServerSocket; import java.net.Socket; public class TCPServer { private static int port = 10000; private static String publicKey = RSAUtil.readKeyFromFile("E:/publicKey.keystore"); private static String privateKey = RSAUtil.readKeyFromFile("E:/privateKey.keystore"); public static void main(String[] args) throws Exception { TCPServer tcpServer = new TCPServer(); String message = tcpServer.getMessage(port); //message = sign+cipherText //System.out.println("message:"+message); String sign = message.split(",")[0]; String cipherText = message.split(",")[1]; String plainText = RSAUtil.decryptByPrivateKey(cipherText, RSAUtil.readPrivateKeyFromString(privateKey)); if(RSAUtil.verifySignByPublicKey(plainText, publicKey, sign)) { System.out.println("验签成功!"); System.out.println(plainText); } else { System.out.println("验签失败!"); } } public String getMessage(int port) throws IOException { String message = ""; ServerSocket serverSocket = new ServerSocket(port); Socket socket = serverSocket.accept(); InputStream inputStream = socket.getInputStream(); byte[] bs = new byte[1024]; int len = inputStream.read(bs); message = new String(bs, 0, len); socket.close(); serverSocket.close(); return message; } }
先启动Server端,再启动Client端,传输过程中使用密文传输,加签防止内容被篡改,运行结果如下:
验签成功! {"message":"测试数据","address":"北京市","age":"23","name":"张三"}
相关文章推荐
- MAC OS下OpenSSL生成私钥和公钥以及RSA加密
- java 实现RSA实现数据的私钥加密以及公钥解密
- MAC OS下OpenSSL生成私钥和公钥以及RSA加密
- .NET生成RSA公钥和私钥-加密解密示例
- OpenSSL生成私钥和公钥以及RSA加密
- NetCore 生成RSA公私钥对,公钥加密私钥解密,私钥加密公钥解密
- MAC OS下OpenSSL生成私钥和公钥以及RSA加密
- MAC OS下OpenSSL生成私钥和公钥以及RSA加密
- Go语言rsa使用生成公钥私钥,GO使用rsa加密解密
- PHP通过OpenSSL生成证书、密钥并且加密解密数据,以及公钥,私钥和数字签名的理解
- JAVA生成RSA非对称型加密的公钥和私钥(利用JAVA API)
- 一看就懂的RSA公钥私钥加密解密,BASE64编码,针对于没了解过RSA的同学,很有帮助。
- openssl rsa 私钥加密,公钥解密测试
- RSA crt 签名与验签 systemverilog DPI 制作以及openssl genrsa生成RSA私钥与签名验证指令dgst使用
- RSA加密解密和签名验证机制以及其区别和联系
- Java中使用OpenSSL生成的RSA公私钥进行数据加解密
- 关于JAVA中RSA加签解签,私钥加密公钥解密和公钥加密私钥解密代码步骤
- Druid生成的公钥私钥来对密码进行加密解密
- RSA不对称加密,公钥加密私钥解密,私钥加密公钥解密
- windows 下 openssl 生成RSA私钥公钥以及PKCS8