摘要:非對(duì)稱(chēng)密碼概念發(fā)送者使用接收者的公鑰加密,接收者使用自己的私鑰解密�����。
非對(duì)稱(chēng)密碼概念
發(fā)送者使用接收者的公鑰加密��,接收者使用自己的私鑰解密。
需要兩個(gè)密鑰進(jìn)行加密或解密����,分為公鑰和私鑰
特點(diǎn):安全性高���,速度慢
常用算法
DH密鑰交換算法
RSA算法
ElGamal算法那
用途
密鑰交換(DH)
雙方在沒(méi)有確定共同密鑰的情況下�����,生成密鑰�����,不提供加密工作�,加解密還需要其他對(duì)稱(chēng)加密算法實(shí)現(xiàn)
加密/解密(RSA)
數(shù)字簽名(RSA)
DH算法示例
import javax.crypto.KeyAgreement;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import java.security.*;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
//1 生成源密鑰
//2 把源公鑰交給目標(biāo)����,目標(biāo)通過(guò)源公鑰,生成目標(biāo)公鑰和私鑰
//3 把目標(biāo)公鑰交給源
//4 雙方使用對(duì)方的公鑰和和自己的私鑰�����,生成本地密鑰
//5 如果雙方生成本地密鑰相同則完成密鑰交換
public class DHUtil {
public static final String PUBLIC_KEY = "DH_Public_Key";
public static final String PRIVATE_KEY = "DH_Private_key";
/**
* 生成源密鑰對(duì)
* @return
* @throws Exception
*/
public static Map initSourceKey() throws Exception{
//創(chuàng)建KeyPairGenerator的實(shí)例�����,選用DH算法
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DH");
//初始化密鑰長(zhǎng)度,默認(rèn)1024�����,可選范圍512-65536 & 64的倍數(shù)
keyPairGenerator.initialize(1024);
//生成密鑰對(duì)
KeyPair keyPair = keyPairGenerator.generateKeyPair();
DHPublicKey dhPublicKey = (DHPublicKey) keyPair.getPublic();
DHPrivateKey dhPrivateKey = (DHPrivateKey) keyPair.getPrivate();
//將密鑰對(duì)放入Map
Map keyMap = new HashMap();
keyMap.put(PUBLIC_KEY, dhPublicKey);
keyMap.put(PRIVATE_KEY, dhPrivateKey);
return keyMap;
}
/**
* 通過(guò)源公鑰 生成 目標(biāo)密鑰對(duì)
* @param sourcePublicKey
* @return
* @throws Exception
*/
public static Map initTargetKey(byte[] sourcePublicKey) throws Exception {
KeyFactory keyFactory = KeyFactory.getInstance("DH");
//通過(guò)源公鑰����,生成keySpec,使用KeyFactory生成源PublicKey相關(guān)信息
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(sourcePublicKey);
DHPublicKey sourcePublic = (DHPublicKey) keyFactory.generatePublic(keySpec);
DHParameterSpec dhPublicKeyParams = sourcePublic.getParams();
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DH");
keyPairGenerator.initialize(dhPublicKeyParams);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
DHPublicKey dhPublicKey = (DHPublicKey) keyPair.getPublic();
DHPrivateKey dhPrivateKey = (DHPrivateKey) keyPair.getPrivate();
//將密鑰對(duì)放入Map
Map keyMap = new HashMap();
keyMap.put(PUBLIC_KEY, dhPublicKey);
keyMap.put(PRIVATE_KEY, dhPrivateKey);
return keyMap;
}
/**
* 使用一方的公鑰和另一方的私鑰���,生成本地密鑰
* @return
*/
public static byte[] generateLocalSecretKey(byte[] aPublicKey, byte[] bPrivateKey) throws Exception{
KeyFactory keyFactory = KeyFactory.getInstance("DH");
//通過(guò)A公鑰���,生成keySpec,使用KeyFactory生成A PublicKey相關(guān)信息
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(aPublicKey);
PublicKey publicKey = keyFactory.generatePublic(keySpec);
//通過(guò)B私鑰�,生成B PrivateKey相關(guān)信息
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(bPrivateKey);
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
//通過(guò)KeyAgreement對(duì)A的PublicKey和B的PrivateKey進(jìn)行加密
KeyAgreement keyAgreement = KeyAgreement.getInstance("DH");
keyAgreement.init(privateKey);
keyAgreement.doPhase(publicKey,true);
return keyAgreement.generateSecret("AES").getEncoded();//算法使用對(duì)稱(chēng)加密算法(DES,DESede�,AES)
//return keyAgreement.generateSecret(); // 也可以不選擇算法,使用默認(rèn)方法計(jì)算
}
//獲取公鑰字節(jié)數(shù)組
public static byte[] getPublicKey(Map map){
return ((DHPublicKey) map.get(PUBLIC_KEY)).getEncoded();
}
//獲取私鑰字節(jié)數(shù)組
public static byte[] getPrivateKey(Map map){
return ((DHPrivateKey) map.get(PRIVATE_KEY)).getEncoded();
}
public static void main(String[] args) throws Exception {
byte[] source_public_key;
byte[] source_private_key;
byte[] source_local_key;
byte[] target_public_key;
byte[] target_private_key;
byte[] target_local_key;
Map sourceKey = initSourceKey();
source_public_key = getPublicKey(sourceKey);
source_private_key = getPrivateKey(sourceKey);
System.out.println("源公鑰:"+BytesToHex.fromBytesToHex(source_public_key));
System.out.println("源私鑰:"+BytesToHex.fromBytesToHex(source_private_key));
Map targetKey = initTargetKey(getPublicKey(sourceKey));
target_public_key = getPublicKey(targetKey);
target_private_key = getPrivateKey(targetKey);
System.out.println("目標(biāo)公鑰:"+BytesToHex.fromBytesToHex(target_public_key));
System.out.println("目標(biāo)私鑰:"+BytesToHex.fromBytesToHex(target_private_key));
source_local_key = generateLocalSecretKey(target_public_key, source_private_key);
target_local_key = generateLocalSecretKey(source_public_key, target_private_key);
System.out.println("源本地密鑰:"+BytesToHex.fromBytesToHex(source_local_key));
System.out.println("目標(biāo)本地密鑰:"+BytesToHex.fromBytesToHex(target_local_key));
}
}
RSA 加密/解密 示例
公鑰加密���,私鑰解密
import javax.crypto.Cipher;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.HashMap;
import java.util.Map;
/**
* RSA加密工具
*/
public class RSAUtil {
public static final String PUBLIC_KEY = "RSA_Public_Key";
public static final String PRIVATE_KEY = "RSA_Private_Key";
/**
* 初始化密鑰
* @return
* @throws Exception
*/
public static Map initKey() throws Exception{
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(1024);//512-65536 & 64的倍數(shù)
KeyPair keyPair = keyPairGenerator.generateKeyPair();
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
Map keyMap = new HashMap();
keyMap.put(PUBLIC_KEY, publicKey);
keyMap.put(PRIVATE_KEY, privateKey);
return keyMap;
}
public static RSAPublicKey getPublicKey(Map keyMap) {
return (RSAPublicKey) keyMap.get(PUBLIC_KEY);
}
public static RSAPrivateKey getPrivateKey(Map keyMap){
return (RSAPrivateKey) keyMap.get(PRIVATE_KEY);
}
/**
* 使用公鑰對(duì)數(shù)據(jù)進(jìn)行加密
* @param data
* @param publicKey
* @return
* @throws Exception
*/
public static byte[] encrypt(byte[] data, RSAPublicKey publicKey) throws Exception{
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE,publicKey);
return cipher.doFinal(data);
}
/**
* 使用私鑰解密
* @param data
* @param privateKey
* @return
* @throws Exception
*/
public static byte[] decrypt(byte[] data, RSAPrivateKey privateKey) throws Exception{
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE,privateKey);
return cipher.doFinal(data);
}
public static void main(String[] args) throws Exception {
String data = "周杰倫-東風(fēng)破";
Map keyMap = initKey();
byte[] miwen = encrypt(data.getBytes(),getPublicKey(keyMap));
System.out.println("加密后的內(nèi)容:"+BytesToHex.fromBytesToHex(miwen));
byte[] plain = decrypt(miwen, getPrivateKey(keyMap));
System.out.println("解密后的內(nèi)容:"+new String(plain));
}
}
文章版權(quán)歸作者所有���,未經(jīng)允許請(qǐng)勿轉(zhuǎn)載,若此文章存在違規(guī)行為,您可以聯(lián)系管理員刪除。
轉(zhuǎn)載請(qǐng)注明本文地址:http://www.ezyhdfw.cn/yun/66233.html
