Java如何使用rsa非对称加密法进行加密

猿友 2021-06-23 17:36:04 浏览数 (2798)
反馈

公钥与私钥是成对的,一般的,我们认为的是公钥加密、私钥解密、私钥签名、公钥验证,有人说成私钥加密,公钥解密时不对的。

公钥与私钥的生成有多种方式,可以通过程序生成(下文具体实现),可以通过openssl工具:  

  1.     # 生成一个私钥,推荐使用1024位的秘钥,秘钥以pem格式保存到-out参数指定的文件中,采用PKCS1格式
  2.     openssl genrsa -out rsa.pem 1024
  3.     # 生成与私钥对应的公钥,生成的是Subject Public Key,一般配合PKCS8格式私钥使用
  4.     openssl rsa -in rsa.pem -pubout -out rsa.pub

RSA生成公钥与私钥一般有两种格式:PKCS1和PKCS8,上面的命令生成的秘钥是PKCS1格式的,而公钥是Subject Public Key,一般配合PKCS8格式私钥使用,所以就可能会涉及到PKCS1和PKCS8之间的转换:

  1.     # PKCS1格式私钥转换为PKCS8格式私钥,私钥直接输出到-out参数指定的文件中
  2.     openssl pkcs8 -topk8 -inform PEM -in rsa.pem -outform pem -nocrypt -out rsa_pkcs8.pem
  3.     # PKCS8格式私钥转换为PKCS1格式私钥,私钥直接输出到-out参数指定的文件中
  4.     openssl rsa -in rsa_pkcs8.pem -out rsa_pkcs1.pem
  5.  
  6.     # PKCS1格式公钥转换为PKCS8格式公钥,转换后的内容直接输出
  7.     openssl rsa -pubin -in rsa.pub -RSAPublicKey_out
  8.     # PKCS8格式公钥转换为PKCS1格式公钥,转换后的内容直接输出
  9.     openssl rsa -RSAPublicKey_in -pubout -in rsa.pub

现实中,我们往往从pem、crt、pfx文件获取公私和私钥,crt、pfx的制作可以参考:简单的制作ssl证书,并在nginx和IIS中使用。

Java实现

为简化说明介绍,这里我直接封装了一个工具类,因为要从pem、crt、pfx文件获取公私和私钥,因此引用了一个第三方包:BouncyCastle,可以直接在pom.xml中添加依赖:  

  1.     <dependency>
  2.         <groupId>org.bouncycastle</groupId>
  3.         <artifactId>bcprov-jdk15on</artifactId>
  4.         <version>1.68</version>
  5.     </dependency>

简单封装的RsaUtil.java:  

  1. import java.io.FileInputStream;
  2. import java.io.FileReader;
  3. import java.io.FileWriter;
  4. import java.math.BigInteger;
  5. import java.security.KeyFactory;
  6. import java.security.KeyPair;
  7. import java.security.KeyPairGenerator;
  8. import java.security.KeyStore;
  9. import java.security.PrivateKey;
  10. import java.security.PublicKey;
  11. import java.security.SecureRandom;
  12. import java.security.Security;
  13. import java.security.Signature;
  14. import java.security.cert.Certificate;
  15. import java.security.cert.CertificateFactory;
  16. import java.security.cert.X509Certificate;
  17. import java.security.interfaces.RSAPrivateKey;
  18. import java.security.interfaces.RSAPublicKey;
  19. import java.security.spec.KeySpec;
  20. import java.security.spec.PKCS8EncodedKeySpec;
  21. import java.security.spec.RSAPrivateCrtKeySpec;
  22. import java.security.spec.RSAPublicKeySpec;
  23. import java.security.spec.X509EncodedKeySpec;
  24. import java.util.Enumeration;
  25.  
  26. import javax.crypto.Cipher;
  27.  
  28. import org.bouncycastle.asn1.ASN1Integer;
  29. import org.bouncycastle.asn1.ASN1Primitive;
  30. import org.bouncycastle.asn1.DLSequence;
  31. import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
  32. import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
  33. import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
  34. import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
  35. import org.bouncycastle.jce.provider.BouncyCastleProvider;
  36. import org.bouncycastle.util.io.pem.PemObject;
  37. import org.bouncycastle.util.io.pem.PemReader;
  38. import org.bouncycastle.util.io.pem.PemWriter;
  39.  
  40. public class RsaUtil {
  41.  
  42.     static {
  43.         Security.addProvider(new BouncyCastleProvider());
  44.     }
  45.  
  46.     /**
  47.      * 随机生成密钥对
  48.      *
  49.      * @param usePKCS8
  50.      *            是否采用PKCS8填充模式
  51.      */
  52.     public static Object[] generateRsaKey(boolean usePKCS8) throws Exception {
  53.         KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME);
  54.         // 初始化
  55.         keyPairGen.initialize(1024, new SecureRandom());
  56.         // 生成一个密钥对,保存在keyPair中
  57.         KeyPair keyPair = keyPairGen.generateKeyPair();
  58.         RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate(); // 得到私钥
  59.         RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); // 得到公钥
  60.  
  61.         // 这两个公私钥是PKCS8格式的
  62.         byte[] publicKeyBytes = publicKey.getEncoded();
  63.         byte[] privateKeyBytes = privateKey.getEncoded();
  64.  
  65.         if (!usePKCS8) {
  66.             // 将PSCK8格式公私钥转换为PKCS1格式
  67.             publicKeyBytes = pkcs8ToPkcs1(false, publicKeyBytes);
  68.             privateKeyBytes = pkcs8ToPkcs1(true, privateKeyBytes);
  69.         }
  70.  
  71.         return new Object[] { publicKeyBytes, privateKeyBytes };
  72.     }
  73.  
  74.     /**
  75.      * 从Pem文件读取密钥对
  76.      *
  77.      * @param reader
  78.      *            输入流
  79.      * @param pemFileName
  80.      *            pem文件
  81.      */
  82.     public static byte[] readFromPem(String pemFileName) throws Exception {
  83.         PemReader pemReader = new PemReader(new FileReader(pemFileName));
  84.         PemObject pemObject = pemReader.readPemObject();
  85.         byte[] publicKey = pemObject.getContent();
  86.         pemReader.close();
  87.         return publicKey;
  88.     }
  89.  
  90.     /**
  91.      * 从Pem文件读取密钥
  92.      *
  93.      * @param isPrivateKey
  94.      *            是否是私钥
  95.      * @param buffer
  96.      *            字节
  97.      * @param pemFileName
  98.      *            pem文件
  99.      */
  100.     public static void writeToPem(byte[] buffer, boolean isPrivateKey, String pemFileName) throws Exception {
  101.  
  102.         PemObject pemObject = new PemObject(isPrivateKey ? "RSA PRIVATE KEY" : "RSA PUBLIC KEY", buffer);
  103.         FileWriter fileWriter = new FileWriter(pemFileName);
  104.         PemWriter pemWriter = new PemWriter(fileWriter);
  105.         pemWriter.writeObject(pemObject);
  106.         pemWriter.close();
  107.     }
  108.  
  109.     /**
  110.      * 从crt文件读取公钥(pkcs8)
  111.      *
  112.      * @param crtFileName
  113.      *            crt文件
  114.      * @return 公钥
  115.      */
  116.     public static byte[] readPublicKeyFromCrt(String crtFileName) throws Exception {
  117.         CertificateFactory cf = CertificateFactory.getInstance("X.509");
  118.         X509Certificate cert = (X509Certificate) cf.generateCertificate(new FileInputStream(crtFileName));
  119.  
  120.         PublicKey publicKey = cert.getPublicKey();
  121.         return publicKey.getEncoded();
  122.     }
  123.  
  124.     /**
  125.      * 从pfx文件读取秘钥对(pkcs8)
  126.      *
  127.      * @param pfxFileName
  128.      *            pfx文件
  129.      * @return 秘钥对
  130.      */
  131.     public static Object[] readFromPfx(String pfxFileName, String password) throws Exception {
  132.         KeyStore keystore = KeyStore.getInstance("PKCS12");
  133.         char[] passwordChars = null;
  134.         if (password == null || password.equals("")) {
  135.             passwordChars = null;
  136.         } else {
  137.             passwordChars = password.toCharArray();
  138.         }
  139.         keystore.load(new FileInputStream(pfxFileName), passwordChars);
  140.         Enumeration<String> enums = keystore.aliases();
  141.  
  142.         PrivateKey privateKey = null;
  143.         Certificate certificate = null;
  144.         while (enums.hasMoreElements()) {
  145.             String alias = enums.nextElement();
  146.             System.out.println(alias);
  147.             if (keystore.isKeyEntry(alias)) {
  148.                 privateKey = (PrivateKey) keystore.getKey(alias, passwordChars);
  149.                 certificate = keystore.getCertificate(alias);
  150.             }
  151.             if (privateKey != null && certificate != null)
  152.                 break;
  153.         }
  154.         if (privateKey == null || certificate == null) {
  155.             throw new Exception("fail to read key from pfx");
  156.         }
  157.  
  158.         PublicKey publicKey = certificate.getPublicKey();
  159.         return new Object[] { publicKey.getEncoded(), privateKey.getEncoded() };
  160.     }
  161.  
  162.     /**
  163.      * Pkcs8转Pkcs1
  164.      *
  165.      * @param isPrivateKey
  166.      *            是否是私钥转换
  167.      * @param buffer
  168.      *            Pkcs1秘钥
  169.      * @return Pkcs8秘钥
  170.      * @throws Exception
  171.      *             加密过程中的异常信息
  172.      */
  173.     public static byte[] pkcs8ToPkcs1(boolean isPrivateKey, byte[] buffer) throws Exception {
  174.         if (isPrivateKey) {
  175.             PrivateKeyInfo privateKeyInfo = PrivateKeyInfo.getInstance(buffer);
  176.             return privateKeyInfo.parsePrivateKey().toASN1Primitive().getEncoded();
  177.         } else {
  178.             SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(buffer);
  179.             return subjectPublicKeyInfo.parsePublicKey().toASN1Primitive().getEncoded();
  180.         }
  181.     }
  182.  
  183.     /**
  184.      * Pkcs1转Pkcs8
  185.      *
  186.      * @param isPrivateKey
  187.      *            是否是私钥转换
  188.      * @param buffer
  189.      *            Pkcs1秘钥
  190.      * @return Pkcs8秘钥
  191.      * @throws Exception
  192.      *             加密过程中的异常信息
  193.      */
  194.     public static byte[] pkcs1ToPkcs8(boolean isPrivateKey, byte[] buffer) throws Exception {
  195.         AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption);
  196.         ASN1Primitive asn1Primitive = ASN1Primitive.fromByteArray(buffer);
  197.         if (isPrivateKey) {
  198.             PrivateKeyInfo privateKeyInfo = new PrivateKeyInfo(algorithmIdentifier, asn1Primitive);
  199.             return privateKeyInfo.getEncoded();
  200.         } else {
  201.             SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(algorithmIdentifier, asn1Primitive);
  202.             return subjectPublicKeyInfo.getEncoded();
  203.         }
  204.     }
  205.  
  206.     /**
  207.      * RSA公钥
  208.      *
  209.      * @param usePKCS8
  210.      *            是否采用PKCS8填充模式
  211.      * @param publicKey
  212.      *            公钥
  213.      * @return 公钥
  214.      * @throws Exception
  215.      *             加密过程中的异常信息
  216.      */
  217.     public static RSAPublicKey generatePublicKey(boolean usePKCS8, byte[] publicKey) throws Exception {
  218.         KeySpec keySpec;
  219.         if (usePKCS8) {
  220.             // PKCS8填充
  221.             keySpec = new X509EncodedKeySpec(publicKey);
  222.         } else {
  223.             // PKCS1填充
  224.             DLSequence sequence = (DLSequence) ASN1Primitive.fromByteArray(publicKey);
  225.             BigInteger v1 = ((ASN1Integer) sequence.getObjectAt(0)).getValue();
  226.             BigInteger v2 = ((ASN1Integer) sequence.getObjectAt(1)).getValue();
  227.             keySpec = new RSAPublicKeySpec(v1, v2);
  228.         }
  229.  
  230.         RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME).generatePublic(keySpec);
  231.         return pubKey;
  232.     }
  233.  
  234.     /**
  235.      * RSA私钥
  236.      *
  237.      * @param usePKCS8
  238.      *            是否采用PKCS8填充模式
  239.      * @param privateKey
  240.      *            私钥
  241.      * @return 私钥
  242.      * @throws Exception
  243.      *             解密过程中的异常信息
  244.      */
  245.     public static RSAPrivateKey generatePrivateKey(boolean usePKCS8, byte[] privateKey) throws Exception {
  246.         KeySpec keySpec;
  247.         if (usePKCS8) {
  248.             // PKCS8填充
  249.             keySpec = new PKCS8EncodedKeySpec(privateKey);
  250.         } else {
  251.             // PKCS1填充
  252.             DLSequence sequence = (DLSequence) ASN1Primitive.fromByteArray(privateKey);
  253.             // BigInteger v1= ((ASN1Integer)sequence.getObjectAt(0)).getValue();
  254.             BigInteger v2 = ((ASN1Integer) sequence.getObjectAt(1)).getValue();
  255.             BigInteger v3 = ((ASN1Integer) sequence.getObjectAt(2)).getValue();
  256.             BigInteger v4 = ((ASN1Integer) sequence.getObjectAt(3)).getValue();
  257.             BigInteger v5 = ((ASN1Integer) sequence.getObjectAt(4)).getValue();
  258.             BigInteger v6 = ((ASN1Integer) sequence.getObjectAt(5)).getValue();
  259.             BigInteger v7 = ((ASN1Integer) sequence.getObjectAt(6)).getValue();
  260.             BigInteger v8 = ((ASN1Integer) sequence.getObjectAt(7)).getValue();
  261.             BigInteger v9 = ((ASN1Integer) sequence.getObjectAt(8)).getValue();
  262.             keySpec = new RSAPrivateCrtKeySpec(v2, v3, v4, v5, v6, v7, v8, v9);
  263.         }
  264.  
  265.         RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME).generatePrivate(keySpec);
  266.         return priKey;
  267.     }
  268.  
  269.     /**
  270.      * RSA公钥加密
  271.      *
  272.      * @param value
  273.      *            加密字符串
  274.      * @param publicKey
  275.      *            公钥
  276.      * @return 密文
  277.      * @throws Exception
  278.      *             加密过程中的异常信息
  279.      */
  280.     public static String rsaEncrypt(String value, RSAPublicKey publicKey) throws Exception {
  281.         if (value == null || value.length() == 0)
  282.             return "";
  283.  
  284.         // RSA加密
  285.         Cipher cipher = Cipher.getInstance("RSA");
  286.         cipher.init(Cipher.ENCRYPT_MODE, publicKey);
  287.         byte[] buffer = cipher.doFinal(value.getBytes("utf-8"));
  288.  
  289.         // 使用hex格式输出公钥
  290.         StringBuffer result = new StringBuffer();
  291.         for (int i = 0; i < buffer.length; i++) {
  292.             result.append(String.format("%02x", buffer[i]));
  293.         }
  294.         return result.toString();
  295.     }
  296.  
  297.     /**
  298.      * RSA私钥解密
  299.      *
  300.      * @param value
  301.      *            加密字符串
  302.      * @param privateKey
  303.      *            私钥
  304.      * @return 明文
  305.      * @throws Exception
  306.      *             解密过程中的异常信息
  307.      */
  308.     public static String rsaDecrypt(String value, RSAPrivateKey privateKey) throws Exception {
  309.         if (value == null || value.length() == 0)
  310.             return "";
  311.  
  312.         byte[] buffer = new byte[value.length() / 2];
  313.         for (int i = 0; i < buffer.length; i++) {
  314.             buffer[i] = (byte) Integer.parseInt(value.substring(i * 2, i * 2 + 2), 16);
  315.         }
  316.  
  317.         // RSA解密
  318.         Cipher cipher = Cipher.getInstance("RSA");
  319.         cipher.init(Cipher.DECRYPT_MODE, privateKey);
  320.         buffer = cipher.doFinal(buffer);
  321.         return new String(buffer, "utf-8");
  322.     }
  323.  
  324.     /**
  325.      * RSA签名
  326.      *
  327.      * @param value
  328.      *            加密字符串
  329.      * @param privateKey
  330.      *            私钥
  331.      * @param halg
  332.      *            加密算法,如MD5, SHA1, SHA256, SHA384, SHA512等
  333.      * @return 签名
  334.      * @throws Exception
  335.      *             签名过程中的异常信息
  336.      */
  337.     public static String sign(String value, RSAPrivateKey privateKey, String halg) throws Exception {
  338.  
  339.         Signature s = Signature.getInstance(halg.toUpperCase().endsWith("WithRSA") ? halg : (halg + "WithRSA"));
  340.  
  341.         s.initSign(privateKey);
  342.         s.update(value.getBytes("utf-8"));
  343.  
  344.         byte[] buffer = s.sign();
  345.  
  346.         // 使用hex格式输出公钥
  347.         StringBuffer result = new StringBuffer();
  348.         for (int i = 0; i < buffer.length; i++) {
  349.             result.append(String.format("%02x", buffer[i]));
  350.         }
  351.         return result.toString();
  352.     }
  353.  
  354.     /**
  355.      * RSA签名验证
  356.      *
  357.      * @param value
  358.      *            加密字符串
  359.      * @param publicKey
  360.      *            公钥
  361.      * @param halg
  362.      *            加密算法,如MD5, SHA1, SHA256, SHA384, SHA512等
  363.      * @return 签名合法则返回true,否则返回false
  364.      * @throws Exception
  365.      *             验证过程中的异常信息
  366.      */
  367.     public static boolean verify(String value, RSAPublicKey publicKey, String signature, String halg) throws Exception {
  368.         Signature s = Signature.getInstance(halg.toUpperCase().endsWith("WithRSA") ? halg : (halg + "WithRSA"));
  369.         s.initVerify(publicKey);
  370.         s.update(value.getBytes("utf-8"));
  371.  
  372.         byte[] buffer = new byte[signature.length() / 2];
  373.         for (int i = 0; i < buffer.length; i++) {
  374.             buffer[i] = (byte) Integer.parseInt(signature.substring(i * 2, i * 2 + 2), 16);
  375.         }
  376.  
  377.         return s.verify(buffer);
  378.     }
  379.  
  380. }

生成公钥和私钥:  

  1.     // 生成公私钥
  2.     Object[] rsaKey = RsaUtil.generateRsaKey(usePKCS8); //usePKCS8=true表示是否成PKCS8格式的公私秘钥,否则乘车PKCS1格式的公私秘钥
  3.     byte[] publicKey = (byte[]) rsaKey[0];
  4.     byte[] privateKey = (byte[]) rsaKey[1];

生成秘钥后,需要保存,一般保存到pem文件中: 

  1.     // 保存到pem文件,filePath是保存目录
  2.     RsaUtil.writeToPem(publicKey, false, filePath + "rsa.pub");
  3.     RsaUtil.writeToPem(privateKey, true, filePath + "rsa.pem");

可以保存到pem文件中,当然也可以从pem文件中读取了:  

  1.     // 从Pem文件读取公私钥,filePath是文件目录
  2.     byte[] publicKey = RsaUtil.readFromPem(filePath + "rsa.pub");
  3.     byte[] privateKey = RsaUtil.readFromPem(filePath + "rsa.pem");

还可以从crt证书中读取公钥,而crt文件不包含私钥,因此需要单独获取私钥: 

  1.     // 从crt文件读取公钥(crt文件中不包含私钥),filePath是文件目录
  2.     byte[] publicKey = RsaUtil.readPublicKeyFromCrt(filePath + "demo.crt");
  3.     byte[] privateKey = RsaUtil.readFromPem(filePath + "demo.key");

pfx文件中包含了公钥和私钥,可以很方便就读取到:  

  1.     // 从pfx文件读取公私钥,filePath是文件目录
  2.     Object[] rsaKey = RsaUtil.readFromPfx(filePath + "demo.pfx", "123456");
  3.     byte[] publicKey = (byte[]) rsaKey[0];
  4.     byte[] privateKey = (byte[]) rsaKey[1];

有时候我们还可能需要进行秘钥的转换:  

  1.     // Pkcs8格式公钥转换为Pkcs1格式公钥
  2.     publicKey = RsaUtil.pkcs8ToPkcs1(false, publicKey);
  3.     // Pkcs8格式私钥转换为Pkcs1格式私钥
  4.     privateKey = RsaUtil.pkcs8ToPkcs1(true, privateKey);
  5.     // Pkcs1格式公钥转换为Pkcs8格式公钥
  6.     publicKey = RsaUtil.pkcs1ToPkcs8(false, publicKey);
  7.     // Pkcs1格式私钥转换为Pkcs8格式私钥
  8.     privateKey = RsaUtil.pkcs1ToPkcs8(true, privateKey);

有了公钥和私钥,接下就就能实现加密、解密、签名、验证签名等操作了:  

  1.     RSAPublicKey rsaPublicKey = RsaUtil.generatePublicKey(usePKCS8, publicKey);
  2.     RSAPrivateKey rsaPrivateKey = RsaUtil.generatePrivateKey(usePKCS8, privateKey);
  3.  
  4.     String encryptText = RsaUtil.rsaEncrypt(text, rsaPublicKey);
  5.     System.out.printf("【%s】经过【RSA】加密后:%s\n", text, encryptText);
  6.  
  7.     String decryptText = RsaUtil.rsaDecrypt(encryptText, rsaPrivateKey);
  8.     System.out.printf("【%s】经过【RSA】解密后:%s\n", encryptText, decryptText);
  9.  
  10.     String signature = RsaUtil.sign(text, rsaPrivateKey, "MD5");
  11.     System.out.printf("【%s】经过【RSA】签名后:%s\n", text, signature);
  12.  
  13.     boolean result = RsaUtil.verify(text, rsaPublicKey, signature, "MD5");
  14.     System.out.printf("【%s】的签名【%s】经过【RSA】验证后结果是:" + result, text, signature);

这里完整的demo代码:

  1.     import java.security.interfaces.RSAPrivateKey;
  2.     import java.security.interfaces.RSAPublicKey;
  3.  
  4.     public class RsaMain {
  5.  
  6.         public static void main(String[] args) {
  7.             try {
  8.                 String text = "上山打老虎";
  9.                 boolean usePKCS8 = true; // usePKCS8=true表示是否成PKCS8格式的公私秘钥,否则乘车PKCS1格式的公私秘钥
  10.                 String filePath = RsaUtil.class.getClassLoader().getResource("").getPath();
  11.                 System.out.printf("文件路径:%s\n", filePath);// 存放pem,crt,pfx等文件的目录
  12.                 byte[] publicKey, privateKey;// 公钥和私钥
  13.  
  14.                 // 生成公私钥
  15.                 Object[] rsaKey = RsaUtil.generateRsaKey(usePKCS8); // usePKCS8=true表示是否成PKCS8格式的公私秘钥,否则乘车PKCS1格式的公私秘钥
  16.                 publicKey = (byte[]) rsaKey[0];
  17.                 privateKey = (byte[]) rsaKey[1];
  18.                 // 从Pem文件读取公私钥,filePath是文件目录
  19.                 // publicKey = RsaUtil.readFromPem(filePath + "rsa.pub");
  20.                 // privateKey = RsaUtil.readFromPem(filePath + "rsa.pem");
  21.                 // 从pfx文件读取公私钥,filePath是文件目录
  22.                 // Object[] rsaKey = RsaUtil.readFromPfx(filePath + "demo.pfx",
  23.                 // "123456");
  24.                 // publicKey = (byte[]) rsaKey[0];
  25.                 // privateKey = (byte[]) rsaKey[1];
  26.                 // 从crt文件读取公钥(crt文件中不包含私钥),filePath是文件目录
  27.                 // publicKey = RsaUtil.readPublicKeyFromCrt(filePath + "demo.crt");
  28.                 // privateKey = RsaUtil.readFromPem(filePath + "demo.key");
  29.  
  30.                 // 保存到pem文件,filePath是保存目录
  31.                 RsaUtil.writeToPem(publicKey, false, filePath + "rsa.pub");
  32.                 RsaUtil.writeToPem(privateKey, true, filePath + "rsa.pem");
  33.  
  34.                 // Pkcs8格式公钥转换为Pkcs1格式公钥
  35.                 publicKey = RsaUtil.pkcs8ToPkcs1(false, publicKey);
  36.                 // Pkcs8格式私钥转换为Pkcs1格式私钥
  37.                 privateKey = RsaUtil.pkcs8ToPkcs1(true, privateKey);
  38.                 // Pkcs1格式公钥转换为Pkcs8格式公钥
  39.                 publicKey = RsaUtil.pkcs1ToPkcs8(false, publicKey);
  40.                 // Pkcs1格式私钥转换为Pkcs8格式私钥
  41.                 privateKey = RsaUtil.pkcs1ToPkcs8(true, privateKey);
  42.  
  43.                 RSAPublicKey rsaPublicKey = RsaUtil.generatePublicKey(usePKCS8, publicKey);
  44.                 RSAPrivateKey rsaPrivateKey = RsaUtil.generatePrivateKey(usePKCS8, privateKey);
  45.  
  46.                 String encryptText = RsaUtil.rsaEncrypt(text, rsaPublicKey);
  47.                 System.out.printf("【%s】经过【RSA】加密后:%s\n", text, encryptText);
  48.  
  49.                 String decryptText = RsaUtil.rsaDecrypt(encryptText, rsaPrivateKey);
  50.                 System.out.printf("【%s】经过【RSA】解密后:%s\n", encryptText, decryptText);
  51.  
  52.                 String signature = RsaUtil.sign(text, rsaPrivateKey, "MD5");
  53.                 System.out.printf("【%s】经过【RSA】签名后:%s\n", text, signature);
  54.  
  55.                 boolean result = RsaUtil.verify(text, rsaPublicKey, signature, "MD5");
  56.                 System.out.printf("【%s】的签名【%s】经过【RSA】验证后结果是:" + result, text, signature);
  57.  
  58.             } catch (Exception e) {
  59.                 // TODO Auto-generated catch block
  60.                 e.printStackTrace();
  61.             }
  62.         }
  63.     }

以上就是Java 实现RSA非对称加密算法的详细内容。

Java

0 人点赞

©w3cschool编程狮闽ICP备15016281号-3

违法和不良信息举报电话:173-0602-2364|举报邮箱:jubao@eeedong.com