非对称性密钥加密 java 实例_JAVA实现非对称加密
高級加密算法
雙保險
公鑰、私鑰
DH(Diffie-Hellman)密鑰交換算法
RSA - 基于因子分解
ElGamal - 基于離散對數
ECC(Elliptical Curve Cryptography)- 橢圓曲線加密
非對稱加密算法 - DH(密鑰交換)
對稱加密帶來的困擾
數據安全
密鑰管理復雜
密鑰傳遞過程復雜
構建本地密鑰
對稱
密鑰長度
默認
工作模式
填充方式
實現方
512~1024(64倍數)
1024
無
無
JDK
初始化發送方密鑰
KeyPairGenerator:得到 KeyPair 對象
KeyPair:密鑰載體(密鑰對),包括兩個信息:公鑰、私鑰。
PublicKey:公鑰
初始化接收方密鑰
KeyFactory:密鑰工廠(既可生成公鑰,也可生成私鑰),通過某種密鑰規范還原密鑰
X509EncodedKeySpec:根據 ASN.1 標準進行密鑰編碼;返回的是按照X.509規范進行編碼的密鑰字節
DHPublicKey:PublicKey的具體形式
DHParameterSpec:隨同DH算法的參數集合
KeyPairGenerator
PrivateKey:私鑰
密鑰構建
KeyAgreement:提供密鑰一致性(或密鑰交換)協議的功能。
SecretKey:秘密密鑰(對稱密鑰),生成一個分組的秘密密鑰,也提供一些類型安全的操作
KeyFactory
X509EncodedKeySpec
PrivateKey
加密、解密
Cipher:為加密和解密提供密碼功能的類;它是GCE框架的核心內容。
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import org.apache.commons.codec.binary.Base64;
import com.sun.org.apache.xalan.internal.utils.Objects;
public class DHTest{
public static final String src = "dh test";
public static void main(String[] args) {
jdkDH();
}
// jdk實現:
public static void jdkDH(){
try {
// 1.初始化發送方密鑰
KeyPairGenerator senderKeyPairGenerator = KeyPairGenerator.getInstance("DH");
senderKeyPairGenerator.initialize(512);
KeyPair senderKeyPair = senderKeyPairGenerator.generateKeyPair();
// 發送方公鑰,發送給接收方(網絡、文件。。。)
byte[] senderPublicKeyEnc = senderKeyPair.getPublic().getEncoded();
// 2.初始化接收方密鑰
KeyFactory receiverKeyFactory = KeyFactory.getInstance("DH");
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(senderPublicKeyEnc);
PublicKey receiverPublicKey = receiverKeyFactory.generatePublic(x509EncodedKeySpec);
DHParameterSpec dhParameterSpec = ((DHPublicKey) receiverPublicKey).getParams();
KeyPairGenerator receiverKeyPairGenerator = KeyPairGenerator.getInstance("DH");
receiverKeyPairGenerator.initialize(dhParameterSpec);
KeyPair receiverKeypair = receiverKeyPairGenerator.generateKeyPair();
PrivateKey receiverPrivateKey = receiverKeypair.getPrivate();
byte[] receiverPublicKeyEnc = receiverKeypair.getPublic().getEncoded();
// 3.密鑰構建
KeyAgreement receiverKeyAgreement = KeyAgreement.getInstance("DH");
receiverKeyAgreement.init(receiverPrivateKey);
receiverKeyAgreement.doPhase(receiverPublicKey, true);
SecretKey receiverDesKey = receiverKeyAgreement.generateSecret("DES");
KeyFactory senderKeyFactory = KeyFactory.getInstance("DH");
x509EncodedKeySpec = new X509EncodedKeySpec(receiverPublicKeyEnc);
PublicKey senderPublicKey = senderKeyFactory.generatePublic(x509EncodedKeySpec);
KeyAgreement senderKeyAgreement = KeyAgreement.getInstance("DH");
senderKeyAgreement.init(senderKeyPair.getPrivate());
senderKeyAgreement.doPhase(senderPublicKey, true);
SecretKey senderDesKey = senderKeyAgreement.generateSecret("DES");
if(Objects.equals(receiverDesKey, senderDesKey))
{
System.out.println("雙方密鑰相同。");
}
// 4.加密
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.ENCRYPT_MODE, senderDesKey);
byte[] result = cipher.doFinal(src.getBytes());
System.out.println("bc dh encrypt:" + Base64.encodeBase64String(result));
// 5.解密
cipher.init(Cipher.DECRYPT_MODE, receiverDesKey);
result = cipher.doFinal(result);
System.out.println("bc dh decrypt:" + new String(result));
} catch (Exception e) {
e.printStackTrace();
}
}
}
非對稱加密算法-DH
非對稱加密算法-RSA
唯一廣泛接受并實現
數據加密&數字簽名
公鑰加密、私鑰解密
私鑰加密、公鑰解密
RSA相對比較慢
基于“大數因子分解”非對稱加密算法的實現方式
密鑰長度
默認
工作模式
填充方式
實現方
512~65536(64整數倍)
1024
ECB
NoPadding、PKCS1Padding、OAEPWITHMD5AndMGF1Pading、OAEPWITHSHA1AndMGF1Pading、OAEPWITHSHA256AndMGF1Pading、OAEPWITHSHA384AndMGF1Pading、OAEPWITHSHA512AndMGF1Pading
JDK
2048
NONE
NoPadding、PKCS1Padding、OAEPWITHMD5AndMGF1Pading、OAEPWITHSHA1AndMGF1Pading、OAEPWITHSHA224AndMGF1Pading、OAEPWITHSHA256AndMGF1Pading、OAEPWITHSHA384AndMGF1Pading、OAEPWITHSHA512AndMGF1Pading、ISO9796-1Padding
BC
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import org.apache.commons.codec.binary.Base64;
import com.sun.org.apache.xalan.internal.utils.Objects;
public class RSATest {
public static final String src = "rsa test";
public static void main(String[] args) {
jdkRSA();
}
// jdk實現:
public static void jdkRSA(){
try {
// 1.初始化發送方密鑰
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(512);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
RSAPublicKey rsaPublicKey = (RSAPublicKey) keyPair.getPublic();
RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) keyPair.getPrivate();
System.out.println("Public Key:" + Base64.encodeBase64String(rsaPublicKey.getEncoded()));
System.out.println("Private Key:" + Base64.encodeBase64String(rsaPrivateKey.getEncoded()));
// 2.私鑰加密、公鑰解密 ---- 加密
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(rsaPrivateKey.getEncoded());
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
byte[] result = cipher.doFinal(src.getBytes());
System.out.println("私鑰加密、公鑰解密 ---- 加密:" + Base64.encodeBase64String(result));
// 3.私鑰加密、公鑰解密 ---- 解密
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(rsaPublicKey.getEncoded());
keyFactory = KeyFactory.getInstance("RSA");
PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE, publicKey);
result = cipher.doFinal(result);
System.out.println("私鑰加密、公鑰解密 ---- 解密:" + new String(result));
// 4.公鑰加密、私鑰解密 ---- 加密
X509EncodedKeySpec x509EncodedKeySpec2 = new X509EncodedKeySpec(rsaPublicKey.getEncoded());
KeyFactory keyFactory2 = KeyFactory.getInstance("RSA");
PublicKey publicKey2 = keyFactory2.generatePublic(x509EncodedKeySpec2);
Cipher cipher2 = Cipher.getInstance("RSA");
cipher2.init(Cipher.ENCRYPT_MODE, publicKey2);
byte[] result2 = cipher2.doFinal(src.getBytes());
System.out.println("公鑰加密、私鑰解密 ---- 加密:" + Base64.encodeBase64String(result2));
// 5.私鑰解密、公鑰加密 ---- 解密
PKCS8EncodedKeySpec pkcs8EncodedKeySpec5 = new PKCS8EncodedKeySpec(rsaPrivateKey.getEncoded());
KeyFactory keyFactory5 = KeyFactory.getInstance("RSA");
PrivateKey privateKey5 = keyFactory5.generatePrivate(pkcs8EncodedKeySpec5);
Cipher cipher5 = Cipher.getInstance("RSA");
cipher5.init(Cipher.DECRYPT_MODE, privateKey5);
byte[] result5 = cipher5.doFinal(result2);
System.out.println("公鑰加密、私鑰解密 ---- 解密:" + new String(result5));
} catch (Exception e) {
e.printStackTrace();
}
}
}
非對稱加密算法-RSA
非對稱加密算法-ElGamal
只提供公鑰加密算法
JDK并未提供實現,Bouncy Castle
密鑰長度
默認
工作模式
填充方式
實現方
160~16384(8整數倍)
1024
ECB、NONE
NoPadding、PKCS1Padding、OAEPWITHMD5AndMGF1Pading、OAEPWITHSHA1AndMGF1Pading、OAEPWITHSHA224AndMGF1Pading、OAEPWITHSHA256AndMGF1Pading、OAEPWITHSHA384AndMGF1Pading、OAEPWITHSHA512AndMGF1Pading、ISO9796-1Padding
BC
import java.security.AlgorithmParameterGenerator;
import java.security.AlgorithmParameters;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
import javax.crypto.spec.DHParameterSpec;
import org.apache.commons.codec.binary.Base64;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
public class ElGamalTest {
public static final String src = "Elgamal test";
public static void main(String[] args) {
jdkElgamal();
}
/**
*
* 對于:“Illegal key size or default parameters”異常,是因為美國的出口限制,Sun通過權限文件(local_policy.jar、US_export_policy.jar)做了相應限制。因此存在一些問題:
* Java 6 無政策限制文件:http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html
* Java 7 無政策限制文件:http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html
* 我的時java7,自己安裝的。
* /Library/Java/JavaVirtualMachines/jdk1.7.0_71.jdk/Contents/Home/jre/lib/security目錄下,對應覆蓋local_policy.jar和US_export_policy.jar兩個文件。
*
* 切換到%JDK_Home%\jre\lib\security目錄下,對應覆蓋local_policy.jar和US_export_policy.jar兩個文件。同時,你可能有必要在%JRE_Home%\lib\security目錄下,也需要對應覆蓋這兩個文件。
*/
// jdk實現:“私鑰解密、公鑰加密” , 對于:“私鑰加密、公鑰解密”有問題,因為Elgamal不支持
public static void jdkElgamal(){
try {
// 加入對BouncyCastle支持
Security.addProvider(new BouncyCastleProvider());
// 1.初始化發送方密鑰
AlgorithmParameterGenerator algorithmParameterGenerator = AlgorithmParameterGenerator.getInstance("Elgamal");
// 初始化參數生成器
algorithmParameterGenerator.init(256);
// 生成算法參數
AlgorithmParameters algorithmParameters = algorithmParameterGenerator.generateParameters();
// 構建參數材料
DHParameterSpec dhParameterSpec = (DHParameterSpec)algorithmParameters.getParameterSpec(DHParameterSpec.class);
// 實例化密鑰生成器
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("Elgamal");
// 初始化密鑰對生成器
keyPairGenerator.initialize(dhParameterSpec, new SecureRandom());
KeyPair keyPair = keyPairGenerator.generateKeyPair();
// 公鑰
PublicKey elGamalPublicKey = keyPair.getPublic();
// 私鑰
PrivateKey elGamalPrivateKey = keyPair.getPrivate();
System.out.println("Public Key:" + Base64.encodeBase64String(elGamalPublicKey.getEncoded()));
System.out.println("Private Key:" + Base64.encodeBase64String(elGamalPrivateKey.getEncoded()));
// 2.私鑰解密、公鑰加密 ---- 加密
// 初始化公鑰
// 密鑰材料轉換
X509EncodedKeySpec x509EncodedKeySpec2 = new X509EncodedKeySpec(elGamalPublicKey.getEncoded());
// 實例化密鑰工廠
KeyFactory keyFactory2 = KeyFactory.getInstance("Elgamal");
// 產生公鑰
PublicKey publicKey2 = keyFactory2.generatePublic(x509EncodedKeySpec2);
// 數據加密
// Cipher cipher2 = Cipher.getInstance("Elgamal");
Cipher cipher2 = Cipher.getInstance(keyFactory2.getAlgorithm());
cipher2.init(Cipher.ENCRYPT_MODE, publicKey2);
byte[] result2 = cipher2.doFinal(src.getBytes());
System.out.println("私鑰加密、公鑰解密 ---- 加密:" + Base64.encodeBase64String(result2));
// 3.私鑰解密、公鑰加密 ---- 解密
PKCS8EncodedKeySpec pkcs8EncodedKeySpec5 = new PKCS8EncodedKeySpec(elGamalPrivateKey.getEncoded());
KeyFactory keyFactory5 = KeyFactory.getInstance("Elgamal");
PrivateKey privateKey5 = keyFactory5.generatePrivate(pkcs8EncodedKeySpec5);
// Cipher cipher5 = Cipher.getInstance("Elgamal");
Cipher cipher5 = Cipher.getInstance(keyFactory5.getAlgorithm());
cipher5.init(Cipher.DECRYPT_MODE, privateKey5);
byte[] result5 = cipher5.doFinal(result2);
System.out.println("Elgamal 私鑰加密、公鑰解密 ---- 解密:" + new String(result5));
/*
// 私鑰加密、公鑰解密: 有問題
// 4.私鑰加密、公鑰解密 ---- 加密
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(elGamalPrivateKey.getEncoded());
KeyFactory keyFactory = KeyFactory.getInstance("Elgamal");
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
Cipher cipher = Cipher.getInstance("Elgamal");
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
byte[] result = cipher.doFinal(src.getBytes());
System.out.println("私鑰加密、公鑰解密 ---- 加密:" + Base64.encodeBase64String(result));
// 5.私鑰加密、公鑰解密 ---- 解密
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(elGamalPublicKey.getEncoded());
keyFactory = KeyFactory.getInstance("Elgamal");
PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
cipher = Cipher.getInstance("Elgamal");
cipher.init(Cipher.DECRYPT_MODE, publicKey);
result = cipher.doFinal(result);
System.out.println("Elgamal 私鑰加密、公鑰解密 ---- 解密:" + new String(result));
*/
} catch (Exception e) {
e.printStackTrace();
}
}
}
非對稱加密算法-ElGamal
總結
以上是生活随笔為你收集整理的非对称性密钥加密 java 实例_JAVA实现非对称加密的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 鲅鱼的功效与作用、禁忌和食用方法
- 下一篇: 煅浮石的功效与作用、禁忌和食用方法