本篇文章给大家谈谈java对称非对称加密以及对应的知识点,希望对各位有所帮助。
非对称加密和对称加密在加密和解密过程、加密解密速度、传输的安全性上都有所不同,具体介绍如下:
1、加密和解密过程不同
对称加密过程和解密过程使用的同一个密钥,加密过程相当于用原文+密钥可以传输出密文,同时解密过程用密文-密钥可以推导出原文。但非对称加密采用了两个密钥,一般使用公钥进行加密,使用私钥进行解密。
2、加密解密速度不同
对称加密解密的速度比较快,适合数据比较长时的使用。非对称加密和解密花费的时间长、速度相对较慢,只适合对少量数据的使用。
3、传输的安全性不同
对称加密的过程中无法确保密钥被安全传递,密文在传输过程中是可能被第三方截获的,如果密码本也被第三方截获,则传输的密码信息将被第三方破获,安全性相对较低。
非对称加密算法中私钥是基于不同的算法生成不同的随机数,私钥通过一定的加密算法推导出公钥,但私钥到公钥的推导过程是单向的,也就是说公钥无法反推导出私钥。所以安全性较高。
参考资料来源:百度百科-对称加密
参考资料来源:百度百科-非对称加密
代码如下java对称非对称加密,需要依赖一个jar包commons-codec-1.9.jarjava对称非对称加密,用于Base64转换java对称非对称加密,请自行下载。
import org.apache.commons.codec.binary.Base64;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import java.io.ByteArrayOutputStream;
import java.io.UnsupportedEncodingException;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
public class RSAUtils {
// 加密方式
public static final String ALGORITHM = "RSA";
// 签名算法
private static final String SIGNATURE_ALGORITHM = "SHA1WithRSA";
// 创建密钥对初始长度
private static final int KEY_SIZE = 512;
// 字符编码格式
private static final String CHARSET = "UTF-8";
// RSA最大加密明文大小
private static final int MAX_ENCRYPT_BLOCK = 117;
// RSA最大解密密文大小
private static final int MAX_DECRYPT_BLOCK = 128;
private KeyFactory keyFactory;
public RSAUtils() throws NoSuchAlgorithmException {
keyFactory = KeyFactory.getInstance(ALGORITHM);
}
/**
* 私钥加密
*
* @param content 待加密字符串
* @param privateKey 私钥
* @return 加密后字符串(BASE64编码)
*/
public String encryptByPrivateKey(String content, String privateKey) throws Exception {
String result;
try (ByteArrayOutputStream out = new ByteArrayOutputStream()) {
byte[] keyBytes = new Base64().decode(privateKey);
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
PrivateKey pKey = keyFactory.generatePrivate(pkcs8KeySpec);
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, pKey);
byte[] data = content.getBytes(CHARSET);
write2Stream(cipher, data, out);
byte[] resultBytes = out.toByteArray();
result = Base64.encodeBase64String(resultBytes);
} catch (Exception e) {
throw new Exception(e);
}
return result;
}
/**
* 公钥解密
*
* @param content 已加密字符串(BASE64加密)
* @param publicKey 公钥
* @return
*/
public String decryptByPublicKey(String content, String publicKey) throws Exception {
String result = "";
try (ByteArrayOutputStream out = new ByteArrayOutputStream()) {
byte[] keyBytes = new Base64().decode(publicKey);
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
PublicKey pKey = keyFactory.generatePublic(x509KeySpec);
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, pKey);
byte[] data = Base64.decodeBase64(content);
write2Stream(cipher, data, out);
byte[] resultBytes = out.toByteArray();
result = new String(resultBytes);
} catch (Exception e) {
throw new Exception(e);
}
return result;
}
/**
* 公钥加密
*
* @param content 待加密字符串
* @param publicKey 公钥
* @return 加密后字符串(BASE64编码)
*/
public String encryptByPublicKey(String content, String publicKey) throws Exception {
String result = "";
try (ByteArrayOutputStream out = new ByteArrayOutputStream()) {
byte[] keyBytes = new Base64().decode(publicKey);
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
PublicKey pKey = keyFactory.generatePublic(x509KeySpec);
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, pKey);
byte[] data = content.getBytes(CHARSET);
write2Stream(cipher,
data, out);
byte[] resultBytes = out.toByteArray();
result = Base64.encodeBase64String(resultBytes);
} catch (Exception e) {
throw new Exception(e);
}
return result;
}
/**
* 私钥解密
*
* @param content 已加密字符串
* @param privateKey 私钥
* @return 解密后字符串
*/
public String decryptByPrivateKey(String content, String privateKey) throws Exception {
String result = "";
try (ByteArrayOutputStream out = new ByteArrayOutputStream()) {
byte[] keyBytes = new Base64().decode(privateKey);
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
PrivateKey pKey = keyFactory.generatePrivate(pkcs8KeySpec);
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, pKey);
byte[] data = Base64.decodeBase64(content);
write2Stream(cipher, data, out);
byte[] resultBytes = out.toByteArray();
result = new String(resultBytes);
} catch (Exception e) {
throw new Exception(e);
}
return result;
}
private static void write2Stream(Cipher cipher, byte[] data, ByteArrayOutputStream out) throws
BadPaddingException, IllegalBlockSizeException {
int dataLen = data.length;
int offSet = 0;
byte[] cache;
int i = 0;
// 对数据分段解密
while (dataLen - offSet 0) {
if (dataLen - offSet MAX_DECRYPT_BLOCK) {
cache = cipher.doFinal(data, offSet, MAX_DECRYPT_BLOCK);
} else {
cache = cipher.doFinal(data, offSet, dataLen - offSet);
}
out.write(cache, 0, cache.length);
i++;
offSet = i * MAX_DECRYPT_BLOCK;
}
}
/**
* 用私钥对信息生成数字签名
*
* @param data 已加密数据
* @param privateKey 私钥(BASE64编码)
* @return sign
*/
public String sign(String data, String privateKey) throws Exception {
String result = "";
try {
byte[] keyBytes = new Base64().decode(privateKey);
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
PrivateKey privateK = keyFactory.generatePrivate(pkcs8KeySpec);
Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
signature.initSign(privateK);
signature.update(parse2HexStr(data).getBytes(CHARSET));
result = new Base64().encodeToString(signature.sign());
} catch (Exception e) {
throw new Exception(e);
}
return result;
}
/**
* 校验数字签名
*
* @param data 已加密数据
* @param publicKey 公钥(BASE64编码)
* @param sign 数字签名
* @return
* @throws Exception
*/
public boolean verify(String data, String publicKey, String sign) throws Exception {
boolean result;
try {
byte[] keyBytes = new Base64().decode(publicKey);
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
PublicKey publicK = keyFactory.generatePublic(keySpec);
Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
signature.initVerify(publicK);
signature.update(parse2HexStr(data).getBytes(CHARSET));
result = signature.verify(new Base64().decode(sign));
} catch (Exception e) {
throw new Exception(e);
}
return result;
}
/**
* 将二进制转换成16进制
*
* @param data
* @return
*/
public static String parse2HexStr(String data) throws Exception {
String result = "";
try {
byte[] buf = data.getBytes(CHARSET);
StringBuffer sb = new StringBuffer();
for (int i = 0; i buf.length; i++) {
String hex = Integer.toHexString(buf[i] 0xFF);
if (hex.length() == 1) {
hex = '0' + hex;
}
sb.append(hex.toUpperCase());
}
result = sb.toString();
} catch (UnsupportedEncodingException e) {
throw new Exception(e);
}
return result;
}
/**
* 生成公钥与私钥
*/
public static void createKey() throws Exception {
try {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ALGORITHM);
keyPairGenerator.initialize(KEY_SIZE);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
RSAPublicKey rsaPublicKey = (RSAPublicKey) keyPair.getPublic();
RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) keyPair.getPrivate();
String publicKey = Base64.encodeBase64String(rsaPublicKey.getEncoded());
String privateKey = Base64.encodeBase64String(rsaPrivateKey.getEncoded());
System.out.println("publicKey=" + publicKey + "\nprivateKey=" + privateKey);
} catch (NoSuchAlgorithmException e) {
throw new Exception(e);
}
}
public static void main(String[] args) throws Exception {
String PRIVATE_KEY = "MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAKeYGXH6Vz+m+KuL11RDRaNdHB4YQeZgqpJGPRSwBelgvEoHu2/fNs1bmgfJhI8lhr/o/Hy8EFB/I/DDyLcCcU4bCLtxpki8edC+KJR2WvyYfnVmWEe/3q2jSVKRf81868q9Cd3MMfrQPMsY4x0TQ0GtOf/nMSMbAltV2W8J86IfAgMBAAECgYEApYu4lr2SMW3ddJZNvQ42W4g9nfyYG9igpJx8+VJmhIDpfLbmjzsOBwvUupx0NHH9CNQ7k3qxItJzzf+W5C+lesEOAqdO5nahRZsL8BIDoxTEn2j+1GXkzQw3vqPY50xqRnZsoP5TyNNsOM7KYaOoz4VFMdVIFwoT3OKM5z7mxgECQQD51r17WZDSa/kucaH7gCOePxJPS6Ust0eVd5tBOMpFzD/VtziogSIWyhGKkLH0SyTJEe91CCpdpxufLSZgIiN5AkEAq7ojtvU4twak1N1/1qX+t8f5wD8i/8GU702PeCwkGI5ymrARq+W2yCuvU1bouXBhjKHV4KhafKYixdHUMg00VwJAYVUjpLaUESY3gbyLWqvlNHVl8LaLtwwAO17JgXNaei7Ef8JNtHf6i95VTyJn8cCEqEDwhSuVNb8wp6azWKh0IQJBAJHrcT2d0bt0IcvfCynRk0eG3WnGPG8mhu9w8GAk4ecb47YdtmZio5YjyK8AQnCQVdOyEJL9eyY/5XxCeBSvs7ECQQCKQ2f5HLDkkHvc6rlaHCJmqNRCS+CxhoaiaSPYLAac7WXmb614ACLECc86C/nkefTq0SNpUDVbGxVpJi9/FOUf";
String PUBLIC_KEY = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnmBlx+lc/pviri9dUQ0WjXRweGEHmYKqSRj0UsAXpYLxKB7tv3zbNW5oHyYSPJYa/6Px8vBBQfyPww8i3AnFOGwi7caZIvHnQviiUdlr8mH51ZlhHv96to0lSkX/NfOvKvQndzDH60DzLGOMdE0NBrTn/5zEjGwJbVdlvCfOiHwIDAQAB";
RSAUtils rsaUtil = new RSAUtils();
String encryptByPublicKey = rsaUtil.encryptByPublicKey("你好!", PUBLIC_KEY);
System.out.println(encryptByPublicKey);
String decryptByPrivateKey = rsaUtil.decryptByPrivateKey(encryptByPublicKey, PRIVATE_KEY);
System.out.println(decryptByPrivateKey);
String encryptByPrivateKey = rsaUtil.encryptByPrivateKey("你好!", PRIVATE_KEY);
System.out.println(encryptByPrivateKey);
String decryptByPublicKey = rsaUtil.decryptByPublicKey(encryptByPrivateKey, PUBLIC_KEY);
System.out.println(decryptByPublicKey);
String sign = rsaUtil.sign("1234", PRIVATE_KEY);
System.out.println("sign:" + sign);
System.out.println(rsaUtil.verify("1234", PUBLIC_KEY, sign));
}
}
1、初始化密钥 构建密钥对,生成公钥、私钥保存到keymap中
KeyPairGenerator --- KeyPair -- RSAPublicKey、RSAPrivateKey
2、甲方使用私钥加密, 加密后在用私钥对加密数据进行数据签名,然后发送给乙方
RSACoder.encryptByPrivateKey(data, privateKey);
RSACoder.sign(encodedData, privateKey);
3、乙方则通过公钥验证签名的加密数据,如果验证正确则在通过公钥对加密数据进行解密
RSACoder.verify(encodedData, publicKey, sign);
RSACoder.decryptByPublicKey(encodedData, publicKey);
4、乙方在通过公钥加密发送给甲方
RSACoder.encryptByPublicKey(decodedData, publicKey);
5、甲方通过私钥解密该数据
RSACoder.decryptPrivateKey(encodedData, privateKey);
java对称非对称加密你好java对称非对称加密,加密java对称非对称加密的方式有很多中,如传统加密,后期的分组加密,序列流加密,这些是对称加密,现在有著名的非对称加密。
java的扩展包很好的实现了java对称非对称加密你需要的功能。这个包在java.security.*;当然了还有很多好的加密方法,在sun的第三方jar包中有。目前密码加密使用用的是MD5加密,这个是单向加密,不可以解密。要想实现加密和解密,那么就需要学习密码学的知识。
希望对你有所帮助。
基本的单向加密算法:
BASE64 严格地说,属于编码格式,而非加密算法
MD5(Message Digest algorithm 5,信息摘要算法)
SHA(Secure Hash Algorithm,安全散列算法)
HMAC(Hash Message Authentication Code,散列消息鉴别码)
复杂的对称加密(DES、PBE)、非对称加密算法:
DES(Data Encryption Standard,数据加密算法)
PBE(Password-based encryption,基于密码验证)
RSA(算法的名字以发明者的名字命名:Ron Rivest, AdiShamir 和Leonard Adleman)
DH(Diffie-Hellman算法,密钥一致协议)
DSA(Digital Signature Algorithm,数字签名)
ECC(Elliptic Curves Cryptography,椭圆曲线密码编码学)
代码参考:
/**
* BASE64加密
*
* @param key
* @return
* @throws Exception
*/
public static String encryptBASE64(byte[] key) throws Exception {
return (new BASE64Encoder()).encodeBuffer(key);
}
/**
* MD5加密
*
* @param data
* @return
* @throws Exception
*/
public static byte[] encryptMD5(byte[] data) throws Exception {
MessageDigest md5 = MessageDigest.getInstance(KEY_MD5);
md5.update(data);
return md5.digest();
}
/**
* SHA加密
*
* @param data
* @return
* @throws Exception
*/
public static byte[] encryptSHA(byte[] data) throws Exception {
MessageDigest sha = MessageDigest.getInstance(KEY_SHA);
sha.update(data);
return sha.digest();
}
}
/**
* 初始化HMAC密钥
*
* @return
* @throws Exception
*/
public static String initMacKey() throws Exception {
KeyGenerator keyGenerator = KeyGenerator.getInstance(KEY_MAC);
SecretKey secretKey = keyGenerator.generateKey();
return encryptBASE64(secretKey.getEncoded());
}
/**
* HMAC加密
*
* @param data
* @param key
* @return
* @throws Exception
*/
public static byte[] encryptHMAC(byte[] data, String key) throws Exception {
SecretKey secretKey = new SecretKeySpec(decryptBASE64(key), KEY_MAC);
Mac mac = Mac.getInstance(secretKey.getAlgorithm());
mac.init(secretKey);
return mac.doFinal(data);
}
一、数字摘要二、对称加密三、非对称加密四、数字签名五、数字证书
java对称非对称加密的介绍就聊到这里吧,感谢你花时间阅读本站内容。
本文标签:java对称非对称加密
