本篇文章给大家谈谈java中非对称加密以及对应的知识点,希望对各位有所帮助。
基本的单向加密算法:
BASE64 严格地说,属于编码格式,而非加密算法
MD5(Message Digest algorithm 5,信息摘要算法)
SHA(Secure Hash Algorithm,安全散列算法)
HMAC(Hash Message Authentication Code,散列消息鉴别码)
复杂的对称加密(DES、PBE)、非对称加密算法:
DES(Data Encryption Standard,数据加密算法)
PBE(Password-based encryption,基于密码验证)
RSA(算法的名字以发明者的名字命名:Ron Rivest, AdiShamir 和Leonard Adleman)
DH(Diffie-Hellman算法,密钥一致协议)
DSA(Digital Signature Algorithm,数字签名)
ECC(Elliptic Curves Cryptography,椭圆曲线密码编码学)
代码参考:
/**
* BASE64加密
*
* @param key
* @return
* @throws Exception
*/
public static String encryptBASE64(byte[] key) throws Exception {
return (new BASE64Encoder()).encodeBuffer(key);
}
/**
* MD5加密
*
* @param data
* @return
* @throws Exception
*/
public static byte[] encryptMD5(byte[] data) throws Exception {
MessageDigest md5 = MessageDigest.getInstance(KEY_MD5);
md5.update(data);
return md5.digest();
}
/**
* SHA加密
*
* @param data
* @return
* @throws Exception
*/
public static byte[] encryptSHA(byte[] data) throws Exception {
MessageDigest sha = MessageDigest.getInstance(KEY_SHA);
sha.update(data);
return sha.digest();
}
}
/**
* 初始化HMAC密钥
*
* @return
* @throws Exception
*/
public static String initMacKey() throws Exception {
KeyGenerator keyGenerator = KeyGenerator.getInstance(KEY_MAC);
SecretKey secretKey = keyGenerator.generateKey();
return encryptBASE64(secretKey.getEncoded());
}
/**
* HMAC加密
*
* @param data
* @param key
* @return
* @throws Exception
*/
public static byte[] encryptHMAC(byte[] data, String key) throws Exception {
SecretKey secretKey = new SecretKeySpec(decryptBASE64(key), KEY_MAC);
Mac mac = Mac.getInstance(secretKey.getAlgorithm());
mac.init(secretKey);
return mac.doFinal(data);
}
加密解密并非java才有的,所有编程语言都有加密和解密。
目前的加密解密主要可分为以下2大类:
对称秘钥加密:如DES算法,3DES算法,TDEA算法,Blowfish算法,RC5算法,IDEA算法等。其主要特点是加密方和解密方都有同一个密码,加密方和解密方可以使用秘钥任意加密解密。
非对称密码加密:这种加密方式加密方仅有加密秘钥,对加密后的密文无法反向解密,解密方仅有解密秘钥,无法对明文进行加密。
另外还有一些摘要算法,比如MD5和HASH此类算法不可逆,但经常用来作为确认字段或者对一些重要匹配信息签名防止明文内容被修改。
代码如下,需要依赖一个jar包commons-codec-1.9.jar,用于Base64转换,请自行下载。
import org.apache.commons.codec.binary.Base64;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import java.io.ByteArrayOutputStream;
import java.io.UnsupportedEncodingException;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
public class RSAUtils {
// 加密方式
public static final String ALGORITHM = "RSA";
// 签名算法
private static final String SIGNATURE_ALGORITHM = "SHA1WithRSA";
// 创建密钥对初始长度
private static final int KEY_SIZE = 512;
// 字符编码格式
private static final String CHARSET = "UTF-8";
// RSA最大加密明文大小
private static final int MAX_ENCRYPT_BLOCK = 117;
// RSA最大解密密文大小
private static final int MAX_DECRYPT_BLOCK = 128;
private KeyFactory keyFactory;
public RSAUtils() throws NoSuchAlgorithmException {
keyFactory = KeyFactory.getInstance(ALGORITHM);
}
/**
* 私钥加密
*
* @param content 待加密字符串
* @param privateKey 私钥
* @return 加密后字符串(BASE64编码)
*/
public String encryptByPrivateKey(String content, String privateKey) throws Exception {
String result;
try (ByteArrayOutputStream out = new ByteArrayOutputStream()) {
byte[] keyBytes = new Base64().decode(privateKey);
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
PrivateKey pKey = keyFactory.generatePrivate(pkcs8KeySpec);
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, pKey);
byte[] data = content.getBytes(CHARSET);
write2Stream(cipher, data, out);
byte[] resultBytes = out.toByteArray();
result = Base64.encodeBase64String(resultBytes);
} catch (Exception e) {
throw new Exception(e);
}
return result;
}
/**
* 公钥解密
*
* @param content 已加密字符串(BASE64加密)
* @param publicKey 公钥
* @return
*/
public String decryptByPublicKey(String content, String publicKey) throws Exception {
String result = "";
try (ByteArrayOutputStream out = new ByteArrayOutputStream()) {
byte[] keyBytes = new Base64().decode(publicKey);
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
PublicKey pKey = keyFactory.generatePublic(x509KeySpec);
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, pKey);
byte[] data = Base64.decodeBase64(content);
write2Stream(cipher, data, out);
byte[] resultBytes = out.toByteArray();
result = new String(resultBytes);
} catch (Exception e) {
throw new Exception(e);
}
return result;
}
/**
* 公钥加密
*
* @param content 待加密字符串
* @param publicKey 公钥
* @return 加密后字符串(BASE64编码)
*/
public String encryptByPublicKey(String content, String publicKey) throws Exception {
String result = "";
try (ByteArrayOutputStream out = new ByteArrayOutputStream()) {
byte[] keyBytes = new Base64().decode(publicKey);
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
PublicKey pKey = keyFactory.generatePublic(x509KeySpec);
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, pKey);
byte[] data = content.getBytes(CHARSET);
write2Stream(cipher,
data, out);
byte[] resultBytes = out.toByteArray();
result = Base64.encodeBase64String(resultBytes);
} catch (Exception e) {
throw new Exception(e);
}
return result;
}
/**
* 私钥解密
*
* @param content 已加密字符串
* @param privateKey 私钥
* @return 解密后字符串
*/
public String decryptByPrivateKey(String content, String privateKey) throws Exception {
String result = "";
try (ByteArrayOutputStream out = new ByteArrayOutputStream()) {
byte[] keyBytes = new Base64().decode(privateKey);
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
PrivateKey pKey = keyFactory.generatePrivate(pkcs8KeySpec);
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, pKey);
byte[] data = Base64.decodeBase64(content);
write2Stream(cipher, data, out);
byte[] resultBytes = out.toByteArray();
result = new String(resultBytes);
} catch (Exception e) {
throw new Exception(e);
}
return result;
}
private static void write2Stream(Cipher cipher, byte[] data, ByteArrayOutputStream out) throws
BadPaddingException, IllegalBlockSizeException {
int dataLen = data.length;
int offSet = 0;
byte[] cache;
int i = 0;
// 对数据分段解密
while (dataLen - offSet 0) {
if (dataLen - offSet MAX_DECRYPT_BLOCK) {
cache = cipher.doFinal(data, offSet, MAX_DECRYPT_BLOCK);
} else {
cache = cipher.doFinal(data, offSet, dataLen - offSet);
}
out.write(cache, 0, cache.length);
i++;
offSet = i * MAX_DECRYPT_BLOCK;
}
}
/**
* 用私钥对信息生成数字签名
*
* @param data 已加密数据
* @param privateKey 私钥(BASE64编码)
* @return sign
*/
public String sign(String data, String privateKey) throws Exception {
String result = "";
try {
byte[] keyBytes = new Base64().decode(privateKey);
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes);
PrivateKey privateK = keyFactory.generatePrivate(pkcs8KeySpec);
Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
signature.initSign(privateK);
signature.update(parse2HexStr(data).getBytes(CHARSET));
result = new Base64().encodeToString(signature.sign());
} catch (Exception e) {
throw new Exception(e);
}
return result;
}
/**
* 校验数字签名
*
* @param data 已加密数据
* @param publicKey 公钥(BASE64编码)
* @param sign 数字签名
* @return
* @throws Exception
*/
public boolean verify(String data, String publicKey, String sign) throws Exception {
boolean result;
try {
byte[] keyBytes = new Base64().decode(publicKey);
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
PublicKey publicK = keyFactory.generatePublic(keySpec);
Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
signature.initVerify(publicK);
signature.update(parse2HexStr(data).getBytes(CHARSET));
result = signature.verify(new Base64().decode(sign));
} catch (Exception e) {
throw new Exception(e);
}
return result;
}
/**
* 将二进制转换成16进制
*
* @param data
* @return
*/
public static String parse2HexStr(String data) throws Exception {
String result = "";
try {
byte[] buf = data.getBytes(CHARSET);
StringBuffer sb = new StringBuffer();
for (int i = 0; i buf.length; i++) {
String hex = Integer.toHexString(buf[i] 0xFF);
if (hex.length() == 1) {
hex = '0' + hex;
}
sb.append(hex.toUpperCase());
}
result = sb.toString();
} catch (UnsupportedEncodingException e) {
throw new Exception(e);
}
return result;
}
/**
* 生成公钥与私钥
*/
public static void createKey() throws Exception {
try {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ALGORITHM);
keyPairGenerator.initialize(KEY_SIZE);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
RSAPublicKey rsaPublicKey = (RSAPublicKey) keyPair.getPublic();
RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) keyPair.getPrivate();
String publicKey = Base64.encodeBase64String(rsaPublicKey.getEncoded());
String privateKey = Base64.encodeBase64String(rsaPrivateKey.getEncoded());
System.out.println("publicKey=" + publicKey + "\nprivateKey=" + privateKey);
} catch (NoSuchAlgorithmException e) {
throw new Exception(e);
}
}
public static void main(String[] args) throws Exception {
String PRIVATE_KEY = "MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAKeYGXH6Vz+m+KuL11RDRaNdHB4YQeZgqpJGPRSwBelgvEoHu2/fNs1bmgfJhI8lhr/o/Hy8EFB/I/DDyLcCcU4bCLtxpki8edC+KJR2WvyYfnVmWEe/3q2jSVKRf81868q9Cd3MMfrQPMsY4x0TQ0GtOf/nMSMbAltV2W8J86IfAgMBAAECgYEApYu4lr2SMW3ddJZNvQ42W4g9nfyYG9igpJx8+VJmhIDpfLbmjzsOBwvUupx0NHH9CNQ7k3qxItJzzf+W5C+lesEOAqdO5nahRZsL8BIDoxTEn2j+1GXkzQw3vqPY50xqRnZsoP5TyNNsOM7KYaOoz4VFMdVIFwoT3OKM5z7mxgECQQD51r17WZDSa/kucaH7gCOePxJPS6Ust0eVd5tBOMpFzD/VtziogSIWyhGKkLH0SyTJEe91CCpdpxufLSZgIiN5AkEAq7ojtvU4twak1N1/1qX+t8f5wD8i/8GU702PeCwkGI5ymrARq+W2yCuvU1bouXBhjKHV4KhafKYixdHUMg00VwJAYVUjpLaUESY3gbyLWqvlNHVl8LaLtwwAO17JgXNaei7Ef8JNtHf6i95VTyJn8cCEqEDwhSuVNb8wp6azWKh0IQJBAJHrcT2d0bt0IcvfCynRk0eG3WnGPG8mhu9w8GAk4ecb47YdtmZio5YjyK8AQnCQVdOyEJL9eyY/5XxCeBSvs7ECQQCKQ2f5HLDkkHvc6rlaHCJmqNRCS+CxhoaiaSPYLAac7WXmb614ACLECc86C/nkefTq0SNpUDVbGxVpJi9/FOUf";
String PUBLIC_KEY = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnmBlx+lc/pviri9dUQ0WjXRweGEHmYKqSRj0UsAXpYLxKB7tv3zbNW5oHyYSPJYa/6Px8vBBQfyPww8i3AnFOGwi7caZIvHnQviiUdlr8mH51ZlhHv96to0lSkX/NfOvKvQndzDH60DzLGOMdE0NBrTn/5zEjGwJbVdlvCfOiHwIDAQAB";
RSAUtils rsaUtil = new RSAUtils();
String encryptByPublicKey = rsaUtil.encryptByPublicKey("你好!", PUBLIC_KEY);
System.out.println(encryptByPublicKey);
String decryptByPrivateKey = rsaUtil.decryptByPrivateKey(encryptByPublicKey, PRIVATE_KEY);
System.out.println(decryptByPrivateKey);
String encryptByPrivateKey = rsaUtil.encryptByPrivateKey("你好!", PRIVATE_KEY);
System.out.println(encryptByPrivateKey);
String decryptByPublicKey = rsaUtil.decryptByPublicKey(encryptByPrivateKey, PUBLIC_KEY);
System.out.println(decryptByPublicKey);
String sign = rsaUtil.sign("1234", PRIVATE_KEY);
System.out.println("sign:" + sign);
System.out.println(rsaUtil.verify("1234", PUBLIC_KEY, sign));
}
}
1、初始化密钥 构建密钥对,生成公钥、私钥保存到keymap中
KeyPairGenerator --- KeyPair -- RSAPublicKey、RSAPrivateKey
2、甲方使用私钥加密, 加密后在用私钥对加密数据进行数据签名,然后发送给乙方
RSACoder.encryptByPrivateKey(data, privateKey);
RSACoder.sign(encodedData, privateKey);
3、乙方则通过公钥验证签名的加密数据,如果验证正确则在通过公钥对加密数据进行解密
RSACoder.verify(encodedData, publicKey, sign);
RSACoder.decryptByPublicKey(encodedData, publicKey);
4、乙方在通过公钥加密发送给甲方
RSACoder.encryptByPublicKey(decodedData, publicKey);
5、甲方通过私钥解密该数据
RSACoder.decryptPrivateKey(encodedData, privateKey);
随着社会的发展,产品的更新速度也是越来越快,算法是方案的核心,保护开发者和消费者的权益刻不容缓,那么加密芯片在其中就扮演了重要的角色,如何选择加密芯片呢?
1.市面上加密芯片种类繁多,算法多种,加密芯片强度参差不齐,加密性能与算法、秘钥密切相关。常见的加密算法有对称算法,非对称算法,国密算法,大部分都是基于I2C、SPI或1-wire协议进行通信。加密芯片还是需要项目实际需求选择,比如对称加密算法的特点是计算量小、加密速度快、加密效率高等。
2.因为单片机软加密性能较弱且非常容易被复制,所以有了加密芯片的产生,大大增加了破解难度和生产成本。目前加密芯片广泛应用于车载电子、消费电子、美容医疗、工业控制、AI智能等行业。
3.韩国KEROS加密芯片专注加密领域十多年,高安全性、低成本,在加密保护领域受到了众多客户的高度赞扬及认可。KEROS采用先进的内置AES256安全引擎和加密功能,通过真动态数据交互并为系统中敏感信息的存储提供了安全的场所,有了它的保护电路,即使受到攻击,这些信息也可以保持安全。其封装SOP8,SOT23-6,TDFN-6集成I2C与1-wire协议满足不同应用需求。CK02AT、CK22AT、CK02AP、CK22AP支持1.8V-3.6V,256bit位秘钥长度,5bytes SN序列号,支持定制化免烧录,加密行业首选。关于java中非对称加密的介绍到此就结束了,感谢大家耐心阅读。
本文标签:java中非对称加密