RSA加密的java实现---亲测

摘自:https://www.cnblogs.com/leeego-123/p/10450339.html

首先科普一波:

RSA的1024位是指公钥及私钥分别是1024bit,也就是1024/8=128 Bytes

RSA算法密钥长度的选择是安全性和程序性能平衡的结果,密钥长度越长,安全性越好,加密解密所需时间越长。

1. 非对称加密算法中1024 bit密钥的强度相当于对称加密算法80bit密钥的强度。有资料上说以当前的软硬件水平,破解1024bit的RSA加密密文,需要一套10亿美金的系 统使用若干       十年的时间,所以2015年前,1024bit的还无需太担心暴力破解的危险。

2. 密钥长度增长一倍,公钥操作所需时间增加约4倍,私钥操作所需时间增加约8倍,公私钥生成时间约增长16倍。

3. 一次能加密的密文长度与密钥长度成正比, len_in_byte(raw_data) = len_in_bit(key)/8 -11,如1024bit的密钥,一次能加密的内容长度为 1024/8 -11 = 117 byte。所以非对称加密       一般都用于加密对称加密算法的密钥,而不是直接加密内容。

4. 加密后密文的长度为密钥的长度,如密钥长度为1024b(128Byte),最后生成的密文固定为 1024b(128Byte
    RSA的1024位是指公钥及私钥分别是1024bit,也就是1024/8=128 Bytes
 

 

package com.handsight.platform.fras.util;

import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.IOUtils;

import javax.crypto.Cipher;
import java.io.ByteArrayOutputStream;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;

public class RSAUtils {

    public static final String CHARSET = "UTF-8";
    public static final String RSA_ALGORITHM = "RSA";


    public static Map<String, String> createKeys(int keySize){
        //为RSA算法创建一个KeyPairGenerator对象
        KeyPairGenerator kpg;
        try{
            kpg = KeyPairGenerator.getInstance(RSA_ALGORITHM);
        }catch(NoSuchAlgorithmException e){
            throw new IllegalArgumentException("No such algorithm-->[" + RSA_ALGORITHM + "]");
        }

        //初始化KeyPairGenerator对象,密钥长度
        kpg.initialize(keySize);                //keySize 可以为1024
        //生成密匙对
        KeyPair keyPair = kpg.generateKeyPair();
        //得到公钥
        Key publicKey = keyPair.getPublic();
        String publicKeyStr = Base64.encodeBase64URLSafeString(publicKey.getEncoded());
        //得到私钥
        Key privateKey = keyPair.getPrivate();
        String privateKeyStr = Base64.encodeBase64URLSafeString(privateKey.getEncoded());
        Map<String, String> keyPairMap = new HashMap<String, String>();
        keyPairMap.put("publicKey", publicKeyStr);
        keyPairMap.put("privateKey", privateKeyStr);

        return keyPairMap;
    }

    /**
     * 得到公钥
     * @param publicKey 密钥字符串(经过base64编码)
     * @throws Exception
     */
    public static RSAPublicKey getPublicKey(String publicKey) throws NoSuchAlgorithmException, InvalidKeySpecException {
        //通过X509编码的Key指令获得公钥对象
        KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM);
        X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(Base64.decodeBase64(publicKey));
        RSAPublicKey key = (RSAPublicKey) keyFactory.generatePublic(x509KeySpec);
        return key;
    }

    /**
     * 得到私钥
     * @param privateKey 密钥字符串(经过base64编码)
     * @throws Exception
     */
    public static RSAPrivateKey getPrivateKey(String privateKey) throws NoSuchAlgorithmException, InvalidKeySpecException {
        //通过PKCS#8编码的Key指令获得私钥对象
        KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM);
        PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKey));
        RSAPrivateKey key = (RSAPrivateKey) keyFactory.generatePrivate(pkcs8KeySpec);
        return key;
    }

    /**
     * 公钥加密
     * @param data
     * @param publicKey
     * @return
     */
    public static String publicEncrypt(String data, RSAPublicKey publicKey){
        try{
            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
            cipher.init(Cipher.ENCRYPT_MODE, publicKey);
            return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, data.getBytes(CHARSET), publicKey.getModulus().bitLength()));
        }catch(Exception e){
            throw new RuntimeException("加密字符串[" + data + "]时遇到异常", e);
        }
    }

    /**
     * 私钥解密
     * @param data
     * @param privateKey
     * @return
     */

    public static String privateDecrypt(String data, RSAPrivateKey privateKey){
        try{
            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
            cipher.init(Cipher.DECRYPT_MODE, privateKey);
            return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(data), privateKey.getModulus().bitLength()), CHARSET);
        }catch(Exception e){
            throw new RuntimeException("解密字符串[" + data + "]时遇到异常", e);
        }
    }

    /**
     * 私钥加密
     * @param data
     * @param privateKey
     * @return
     */

    public static String privateEncrypt(String data, RSAPrivateKey privateKey){
        try{
            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
            cipher.init(Cipher.ENCRYPT_MODE, privateKey);
            return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, data.getBytes(CHARSET), privateKey.getModulus().bitLength()));
        }catch(Exception e){
            throw new RuntimeException("加密字符串[" + data + "]时遇到异常", e);
        }
    }

    /**
     * 公钥解密
     * @param data
     * @param publicKey
     * @return
     */

    public static String publicDecrypt(String data, RSAPublicKey publicKey){
        try{
            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
            cipher.init(Cipher.DECRYPT_MODE, publicKey);
            return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(data), publicKey.getModulus().bitLength()), CHARSET);
        }catch(Exception e){
            throw new RuntimeException("解密字符串[" + data + "]时遇到异常", e);
        }
    }

    private static byte[] rsaSplitCodec(Cipher cipher, int opmode, byte[] datas, int keySize){
        int maxBlock = 0;
        if(opmode == Cipher.DECRYPT_MODE){
            maxBlock = keySize / 8;
        }else{
            maxBlock = keySize / 8 - 11;
        }
        ByteArrayOutputStream out = new ByteArrayOutputStream();
        int offSet = 0;
        byte[] buff;
        int i = 0;
        try{
            while(datas.length > offSet){
                if(datas.length-offSet > maxBlock){
                    buff = cipher.doFinal(datas, offSet, maxBlock);
                }else{
                    buff = cipher.doFinal(datas, offSet, datas.length-offSet);
                }
                out.write(buff, 0, buff.length);
                i++;
                offSet = i * maxBlock;
            }
        }catch(Exception e){
            throw new RuntimeException("加解密阀值为["+maxBlock+"]的数据时发生异常", e);
        }
        byte[] resultDatas = out.toByteArray();
        IOUtils.closeQuietly(out);
        return resultDatas;
    }

}

 

测试:

公钥加密-----------私钥解密

package com.handsight.platform.fras.aapp;

import com.handsight.platform.fras.util.RSAUtils;

import java.util.Map;

public class TestRsa {
    public static void main (String[] args) throws Exception {
        Map<String, String> keyMap = RSAUtils.createKeys(1024);
        String  publicKey = keyMap.get("publicKey");
        String  privateKey = keyMap.get("privateKey");
        System.out.println("公钥: \n\r" + publicKey);
        System.out.println("私钥: \n\r" + privateKey);

        System.out.println("公钥加密——私钥解密");
        String str = "站在大明门前守卫的禁卫军,事先没有接到\n" +
                "有关的命令,但看到大批盛装的官员来临,也就\n" +
                "以为确系举行大典,因而未加询问。进大明门即\n" +
                "为皇城。文武百官看到端门午门之前气氛平静,\n" +
                "城楼上下也无朝会的迹象,既无几案,站队点名\n" +
                "的御史和御前侍卫“大汉将军”也不见踪影,不免\n" +
                "心中揣测,互相询问:所谓午朝是否讹传?";
        System.out.println("\r明文:\r\n" + str);
        System.out.println("\r明文大小:\r\n" + str.getBytes().length);
        //公钥加密
        String encodedData = RSAUtils.publicEncrypt(str, RSAUtils.getPublicKey(publicKey));

        System.out.println("密文:\r\n" + encodedData);
        //私钥解密
        String decodedData = RSAUtils.privateDecrypt(encodedData, RSAUtils.getPrivateKey(privateKey));

        System.out.println("解密后文字: \r\n" + decodedData);


    }
}

 

    // 单元测试 - 私钥加密 --- 公钥解密
    @Test
    public void test2() throws NoSuchAlgorithmException, InvalidKeySpecException {

        Map<String, String> keyMap = RSA1024Util.createKeys(1024);
        String  publicKey = keyMap.get("publicKey");
        String  privateKey = keyMap.get("privateKey");
        System.out.println("公钥:("+ Base64.decodeBase64(publicKey).length +"个字节)\n" + publicKey);
        System.out.println("私钥:("+ Base64.decodeBase64(privateKey).length +"个字节)\n" + privateKey);

        System.out.println("私钥加密 --- 公钥解密");
        String str = "china";
        System.out.println("明文:" + str);
        System.out.println("明文大小:" + str.getBytes().length);
        //私钥加密
        String encodedData = RSA1024Util.privateEncrypt(str, RSA1024Util.getPrivateKey(privateKey));

        System.out.println("密文("+ Base64.decodeBase64(encodedData).length +"个字节)\n" + encodedData);
        //公钥解密
        String decodedData = RSA1024Util.publicDecrypt(encodedData, RSA1024Util.getPublicKey(publicKey));

        System.out.println("解密后文字:" + decodedData);
    }

 

公钥:(162个字节)
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCD1q0F_6K3HV7ZREy9Ab6lroYC6JYP4MMMurdkx-Gra5CbE2Vxb54IDD8IlAgC1YxrnRrqhScEtDh8YIUjBCqli0k3ub92yrdFuyZWl04rineRoC94XjdweWipzAIRtlJSP7_tIcdn2DTZtAsoI2MnXhQqGcjj0YxyOlXmMNA3BwIDAQAB
私钥:(633个字节)
MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAIPWrQX_orcdXtlETL0BvqWuhgLolg_gwwy6t2TH4atrkJsTZXFvnggMPwiUCALVjGudGuqFJwS0OHxghSMEKqWLSTe5v3bKt0W7JlaXTiuKd5GgL3heN3B5aKnMAhG2UlI_v-0hx2fYNNm0CygjYydeFCoZyOPRjHI6VeYw0DcHAgMBAAECgYBG8YRV0AP9SX66p3gr1P6EJW_TrNjjXm1XMjpxruWO2ukLqdpSul9tsTlSImZVMBjJ59aOEGy4qUokE8RQ3XMcsCCq7AyUvykWjHxs5u7pf9coXSIZ5i4nnZBsqiJjhPS9Ff1nFWizIvdm_W2qEmmQENRPhxkiOY_DQVEELnovIQJBALsYa0lTQMhVvOCvpeZWf1M_IWdtfsDwKStScFoP2DRZGjRmomzhlRHhTiSjNwL_Zh6ZfRpp90pfvsB2h9Qa7jkCQQC0ZJPXhTDqT5tPI7zKJLg7OQSCQple9z2yLNtOCPK8b8KOuIJVqOLoKhiOI2A754TVslYJoWD5RgPTn02kDE8_AkAakGADPC_RgeLcX_QFHTjcv_TlM3WwvSiLPxw2nVNMM252DDB5lxnMPRoUN5xC77I3HAHYMz1qMOfreajVY7F5AkAhGhuu_rfdJ0J-oTYxec98vpe_N21hackeevC7PxUb0v5GpkD0awtIQwFCg-dS1scfV5xGJCDhXSGyoZbjtYaNAkBD0eWTmKRkBMzSAaD4M7n7MdDbfB0olDlFLVo7A6Q9fqejFe83wl5rbJVJOo_YLux-RnrCpxmiosLFTwrQJmgf
私钥加密 --- 公钥解密
明文:china
明文大小:5
密文(128个字节)
KdeTut-HqwPKjg85a5T5YstlGdrcR05MnfFoILZh4ngrZ6QEiWWuZHpJymxIaFBeqsRGf7HS4mSnuHsgLFsHr6DKDQ89RuLdLdNds8wVhD14ThOciTlKwO4-FiOc9ScklMsdFJNI1hPnT1c7ViPrvSxGNLFD3jZu2e9DZ7a30E0
解密后文字:china
公钥:(162个字节)
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4PiKoYTUY36hb4zzyoPVM4zSFbFJituXzven8j7THzAkybgZLriGwsABPY03gzjmp0ZZRUDUyxtVdfJPyBPjL1JTuBYD6ismtj-3e-NvYGxaV2f4nCCqZ8wGL0YcaIRXmyJvyMcAeSQUuzd7PtqlaoPd2yxliUbg6rvwQjjNflwIDAQAB
私钥:(637个字节)
MIICeQIBADANBgkqhkiG9w0BAQEFAASCAmMwggJfAgEAAoGBALg-IqhhNRjfqFvjPPKg9UzjNIVsUmK25fO96fyPtMfMCTJuBkuuIbCwAE9jTeDOOanRllFQNTLG1V18k_IE-MvUlO4FgPqKya2P7d7429gbFpXZ_icIKpnzAYvRhxohFebIm_IxwB5JBS7N3s-2qVqg93bLGWJRuDqu_BCOM1-XAgMBAAECgYEAm4Lu0_sAy1b1D2I1roIHqvdX_Ipa27GPVPXnC2Ps7nudA7D0pWp8S1uzV071jBvldh5O56Fw1cQYkkk1wyFJMawWhnPOeRUQpN6lVulNQjE3438Z0mSVJicpVBydq9_mjLEJHVwlsCK2hXRmeQYhBjxUQcQzzUzsygc6TzPwcpkCQQDgDD71xLq9NqFAUMiqWVwcHoU0xrYrFWv47NTuvUlU4fMLav8fa4pRriJPZFGdf9UIxMNUJqJjVluWO0d__DCdAkEA0oSlVQdg7UWfxH1T_kVX34ud5bfnWDIMqyxoaB0cRDAUmU2OouVH7tl3UdCy2A_LOB8DfNidIq51Vfpuytg4wwJBANEF279CmM1qKCpus6dp0utQ9gl00gOD6sXDfix1X_LXEf63Bel0VQk7IjtbZmFAH6ocl_bsTFfM-4k_KMeYqmkCQQCUexphrqKet8zIOd1UKnSgJ0lnDR8PBb4JvXimdmHJdmARALLqEe16ece-3QRHgFxFaRp8pAuwunvn-IrMZ1UhAkEAivAbSAkTp6xucwk7Dkezd8fhLGfcCzd7OWJEfAAJLOgpFqHX-tu0m-OjjC0qhVJ67U6VNC5fszrxKgNj-teiMQ
私钥加密 --- 公钥解密
明文:china
明文大小:5
密文(128个字节)
QFs_7an9gg6IDbzyvMI--UHHBaLztcFFi39OLDtDK8IQMoO6Ts1nG4MAA98hN7F0YvJS9RiU-rlZwYJPAKNomOcCIB6mY4FtoKupiPYDB-7PaXmPv0K65NxKojSy-LYliu0pO8WxeIHBjqvBK7l-5-_hadmsQsxQkENuX4Gw2ZU
解密后文字:china

 

posted @ 2020-03-17 20:34  LiuYanYGZ  阅读(1228)  评论(0编辑  收藏  举报