kl个人博客 首页>>java>>AES,RSA公私钥加解密

AES,RSA公私钥加解密

AES,RSA公私钥加解密

前言

密钥是成对存在的,加密和解密是采用不同的密钥(公开密钥),也就是非对称密钥密码系统,每个通信方均需要两个密钥,即公钥和私钥,使用公钥进行加密操作,使用私钥进行解密操作。公钥是公开的,不需要保密,而私钥是由个人自己持有,并且必须妥善保管和注意保密。密码学里面博大精深,下面的实例仅供参考

百科的诠释如下:

公钥(Public Key)与私钥(Private Key)是通过一种算法得到的一个密钥对(即一个公钥和一个私钥),公钥是密钥对中公开的部分,私钥则是非公开的部分。公钥通常用于加密会话密钥、验证数字签名,或加密可以用相应的私钥解密的数据。通过这种算法得到的密钥对能保证在世界范围内是唯一的。使用这个密钥对的时候,如果用其中一个密钥加密一段数据,必须用另一个密钥解密。比如用公钥加密数据就必须用私钥解密,如果用私钥加密也必须用公钥解密,否则解密将不会成功。

下面是java使用公私钥加解密的实例,仅供参考

    /**
     * 数据加密 plainTextData要加密的字符串
     * @param plainTextData
     * @return
     * @throws Exception
     */
    public static Map encrypt(String plainTextData)
            throws Exception {
        HashMap result = new HashMap();
        // keySpec 生成对称密钥
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(128);
        SecretKey secretKey = keyGenerator.generateKey();
        SecretKeySpec keySpec = new SecretKeySpec(secretKey.getEncoded(), "AES");

        // RSA 用对方公钥对‘对称密钥’进行加密
        Cipher cipher = Cipher.getInstance("RSA");
        String keyFilePathName = pertery.getProperty("bsbank_Key_path")+"PublicKey.keystore";

        cipher.init(Cipher.WRAP_MODE,
                loadPublicKeyByStr(loadKeyByFile(keyFilePathName)));
        byte[] wrappedKey = cipher.wrap(keySpec);

        result.put("wrappedKey", Base64.encodeBase64String(wrappedKey));
        // 加密数据
        cipher = Cipher.getInstance("AES");
        cipher.init(Cipher.ENCRYPT_MODE, keySpec);
        byte[] encryptedData = cipher.doFinal(plainTextData.getBytes("UTF-8"));
        result.put("encryptedData", Base64.encodeBase64String(encryptedData));

        return result;
    }

    /**
     * 数据解密 encryptedData
     * @param encryptedData
     * @return
     * @throws Exception
     */
    public static Map decrypt(Map encryptedData)
            throws Exception {
        // 获取密钥
        byte[] wrappedKey = Base64.decodeBase64(encryptedData.get("wrappedKey")
                .toString());
        HashMap result = new HashMap();

        // RSA解密密钥
        Cipher cipher = Cipher.getInstance("RSA");
        String keyFilePathName = pertery.getProperty("bsbank_Key_path")+"privateKey.keystore";//使用对方的私钥解密
        cipher.init(Cipher.UNWRAP_MODE,
                loadPrivateKeyByStr(loadKeyByFile(keyFilePathName)));
        Key key = cipher.unwrap(wrappedKey, "AES", Cipher.SECRET_KEY);

        // 解密数据
        cipher = Cipher.getInstance("AES");
        cipher.init(Cipher.DECRYPT_MODE, key);
        byte[] decryptedData = cipher.doFinal(Base64.decodeBase64(encryptedData
                .get("encryptedData").toString()));
        result.put("decryptedData", new String(decryptedData, "UTF-8"));
        result.put("wrappedKey", Base64.encodeBase64String(wrappedKey));

        return result;
    }
    private static String loadKeyByFile(String filePathName) throws Exception {
        BufferedReader br = null;
        StringBuilder sb = new StringBuilder();

        try {
            br = new BufferedReader(new FileReader(filePathName));
            String readLine = null;
            while ((readLine = br.readLine()) != null) {
                sb.append(readLine);
            }
        } catch (Exception e) {
            throw e;
        } finally {
            if (null != br) {
                br.close();
            }
        }

        return sb.toString();
    }

    private static RSAPublicKey loadPublicKeyByStr(String publicKeyStr)
            throws Exception {
        RSAPublicKey publicKey = null;
        try {
            byte[] buffer = Base64.decodeBase64(publicKeyStr);
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            X509EncodedKeySpec keySpec = new X509EncodedKeySpec(buffer);
            publicKey = (RSAPublicKey) keyFactory.generatePublic(keySpec);
        } catch (Exception e) {
            logger.error("failed to load pubKey", e);

            throw e;
        }
        return publicKey;
    }

    private static RSAPrivateKey loadPrivateKeyByStr(String privateKeyStr)
            throws Exception {
        RSAPrivateKey privateKey = null;
        try {
            byte[] buffer = Base64.decodeBase64(privateKeyStr);
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(buffer);
            privateKey = (RSAPrivateKey) keyFactory.generatePrivate(keySpec);
        } catch (Exception e) {
            logger.error("failed to loadPrivateKeyByStr", e);
            throw e;
        }
        return privateKey;
    }

    /**
     * 输出公私钥对
     * @param filePath
     * @throws Exception
     */
    private static void genKeyPair(String filePath) throws Exception {
        KeyPairGenerator keyPairGen = null;
        try {
            keyPairGen = KeyPairGenerator.getInstance("RSA");
        } catch (NoSuchAlgorithmException e) {
            logger.error("failed to do key gen", e);
            throw e;
        }

        keyPairGen.initialize(1024, new SecureRandom());
        KeyPair keyPair = keyPairGen.generateKeyPair();
        RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
        RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();

        try {
            String publicKeyString = Base64.encodeBase64String(publicKey
                    .getEncoded());
            String privateKeyString = Base64.encodeBase64String(privateKey
                    .getEncoded());

            FileWriter pubfw = new FileWriter(filePath + "/PublicKey.keystore");
            FileWriter prifw = new FileWriter(filePath + "/PrivateKey.keystore");

            BufferedWriter pubbw = new BufferedWriter(pubfw);
            BufferedWriter pribw = new BufferedWriter(prifw);

            pubbw.write(publicKeyString);
            pribw.write(privateKeyString);

            pubbw.flush();
            pubbw.close();
            pubfw.close();
            pribw.flush();
            pribw.close();
            prifw.close();
        } catch (IOException e) {
            logger.error("failed to genKeypair", e);
        }
    }



kl个人博客