RES加密解密以及簽名驗簽
128位加密 Base64是jdk8自帶的 分段式加密解密,滿足超長字元串加密
代碼較長請耐心
import java.io.ByteArrayOutputStream;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;
public class TestRSA {
/**
* RSA最大加密明文大小
*/
private static final int MAX_ENCRYPT_BLOCK = 117;
/**
* RSA最大解密密文大小 可以是 128 256
*/
private static final int MAX_DECRYPT_BLOCK = 128;
/**
* 可以是 1024 2048
*/
private final static int KEY_SIZE = 1024;
/**
* 用于封裝随機産生的公鑰與私鑰
*/
private static Map<Integer, String> keyMap = new HashMap<Integer, String>();
/**
* 随機生成密鑰對
*/
public static void genKeyPair() throws Exception {
// KeyPairGenerator類用于生成公鑰和私鑰對,基于RSA算法生成對象
KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA");
// 初始化密鑰對生成器
keyPairGen.initialize(KEY_SIZE, new SecureRandom());
// 生成一個密鑰對,儲存在keyPair中
KeyPair keyPair = keyPairGen.generateKeyPair();
// 得到私鑰
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
// 得到公鑰
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
String publicKeyString = Base64.getEncoder().encodeToString(publicKey.getEncoded());
// 得到私鑰字元串
String privateKeyString = Base64.getEncoder().encodeToString(privateKey.getEncoded());
// 将公鑰和私鑰儲存到Map
//0表示公鑰
keyMap.put(0, publicKeyString);
//1表示私鑰
keyMap.put(1, privateKeyString);
}
/**
* RSA加密
*
* @param data 待加密資料
* @param publicKey 公鑰
* @return
*/
public static String encrypt(String data, String publicKey) throws Exception {
byte[] decoded = Base64.getDecoder().decode(publicKey);
RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(decoded));
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, pubKey);
int inputLen = data.getBytes().length;
ByteArrayOutputStream out = new ByteArrayOutputStream();
int offset = 0;
byte[] cache;
int i = 0;
// 對資料分段加密
while (inputLen - offset > 0) {
if (inputLen - offset > MAX_ENCRYPT_BLOCK) {
cache = cipher.doFinal(data.getBytes(), offset, MAX_ENCRYPT_BLOCK);
} else {
cache = cipher.doFinal(data.getBytes(), offset, inputLen - offset);
}
out.write(cache, 0, cache.length);
i++;
offset = i * MAX_ENCRYPT_BLOCK;
}
byte[] encryptedData = out.toByteArray();
out.close();
// 擷取加密内容使用base64進行編碼,并以UTF-8為标準轉化成字元串
// 加密後的字元串
String outStr = Base64.getEncoder().encodeToString(out.toByteArray());
return outStr;
}
/**
* RSA解密
*
* @param data 待解密資料
* @param privateKey 私鑰
* @return
*/
public static String decrypt(String data, String privateKey) throws Exception {
byte[] decoded = Base64.getDecoder().decode(privateKey);
RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decoded));
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE, priKey);
byte[] dataBytes = Base64.getDecoder().decode(data);
int inputLen = dataBytes.length;
ByteArrayOutputStream out = new ByteArrayOutputStream();
int offset = 0;
byte[] cache;
int i = 0;
// 對資料分段解密
while (inputLen - offset > 0) {
if (inputLen - offset > MAX_DECRYPT_BLOCK) {
cache = cipher.doFinal(dataBytes, offset, MAX_DECRYPT_BLOCK);
} else {
cache = cipher.doFinal(dataBytes, offset, inputLen - offset);
}
out.write(cache, 0, cache.length);
i++;
offset = i * MAX_DECRYPT_BLOCK;
}
byte[] decryptedData = out.toByteArray();
out.close();
// 解密後的内容
return new String(decryptedData, "UTF-8");
}
/**
* 簽名
*
* @param data 待簽名資料
* @param privateKey 私鑰
* @return 簽名
*/
public static String sign(String data, String privateKey) throws Exception {
byte[] decoded = Base64.getDecoder().decode(privateKey);
RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decoded));
byte[] keyBytes = priKey.getEncoded();
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PrivateKey key = keyFactory.generatePrivate(keySpec);
Signature signature = Signature.getInstance("MD5withRSA");
signature.initSign(key);
signature.update(data.getBytes());
// return new String(Base64.encodeBase64(signature.sign()));
byte[] signed = signature.sign();
String sign = new String(Base64.getEncoder().encodeToString(signed));
return sign;
}
/**
* 驗簽
*
* @param srcData 原始字元串
* @param publicKey 公鑰
* @param sign 簽名
* @return 是否驗簽通過
*/
public static boolean verify(String srcData, String publicKey, String sign) throws Exception {
byte[] decoded = Base64.getDecoder().decode(publicKey);
RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(decoded));
byte[] keyBytes = pubKey.getEncoded();
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PublicKey key = keyFactory.generatePublic(keySpec);
Signature signature = Signature.getInstance("MD5withRSA");
signature.initVerify(key);
signature.update(srcData.getBytes());
return signature.verify(Base64.getDecoder().decode(sign.getBytes()));
}
public static void main(String[] args) {
try {
long temp = System.currentTimeMillis();
// 生成密鑰對
genKeyPair();
System.out.println("公鑰:" + keyMap.get(0));
System.out.println("私鑰:" + keyMap.get(1));
System.out.println("生成密鑰消耗時間:" + (System.currentTimeMillis() - temp) / 1000.0 + "秒");
// RSA加密
String data = "#%第三sdfdsa*、?";
String encryptData = encrypt(data, keyMap.get(0));
System.out.println("加密後内容:" + encryptData);
System.out.println("加密消耗時間:" + (System.currentTimeMillis() - temp) / 1000.0 + "秒");
// RSA解密
String decryptData = decrypt(encryptData, keyMap.get(1));
System.out.println("解密後内容:" + decryptData);
System.out.println("解密消耗時間:" + (System.currentTimeMillis() - temp) / 1000.0 + "秒");
// RSA簽名
String sign = sign(data, keyMap.get(1));
System.out.println("簽名消耗時間:" + (System.currentTimeMillis() - temp) / 1000.0 + "秒");
// RSA驗簽
boolean result = verify(data, keyMap.get(0), sign);
System.out.println("驗簽結果:" + result);
System.out.println("驗簽消耗時間:" + (System.currentTimeMillis() - temp) / 1000.0 + "秒");
} catch (Exception e) {
e.printStackTrace();
System.out.print("加解密異常");
}
}
}