JAVA_RSA_的加解密

RSA为非对称加密算法。

数字签名的过程：1、对明文数据进行HASH加密，不可逆；2、对加密后的数据再用RSA的私钥进行二次加密。

数字签名的验证过程：1、对明文数据进行HASH加密，不可逆；2、用RSA的公钥对数字签名后的数据进行解密；3、把1的结果和2的结果进行比较是否相等。

RSA加密的过程和解密的过程都需要三步：加/解密、分组、填充。这三部分每一步都可以选择各自的算法。例如：RSA/ECB/PKCS1Padding。

在这里RSA的公钥是用X509编码的。

在这里RSA的私钥使用PKCS8编码的。

 RAS算法数字签名漫画详解

import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;

import javax.crypto.Cipher;

public class Secret {

    public static final String KEY_ALGORITHM = "RSA";
    public static final String SIGNATURE_ALGORITHM = "SHA256withRSA";
    private static final String PUBLIC_KEY = "PublicKey";
    private static final String PRIVATE_KEY = "PrivateKey";
 
    public static void main(String[] args) throws Exception{
        // TODO Auto-generated method stub
        Map<String,Key> keyMap = initKeyPair();
        String publicKey = encryptBASE64(keyMap.get(PUBLIC_KEY).getEncoded());
        String privateKey = encryptBASE64(keyMap.get(PRIVATE_KEY).getEncoded());
        String data = "123456";
        byte[] miwen = encryptByPrivateKey(data.getBytes(), privateKey);
        byte[] mingwen = decryptByPublicKey(miwen, publicKey);
        String redata = new String(mingwen);
        System.out.println(redata);
        String data2 = "asdfgh";
        byte[] miwen2 = encryptByPublicKey(data2.getBytes(), publicKey);
        byte[] mingwen2 = decryptByPrivateKey(miwen2, privateKey);
        String redata2 = new String(mingwen2);
        System.out.println(redata2);
        String data3 = "678901";
        byte[] miwen3 = sign(data3.getBytes(), privateKey);
        boolean flag = verify(data3.getBytes(), publicKey, miwen3);
        System.out.println(flag);
        

    }
    //生成密匙对
    public    static Map<String,Key> initKeyPair() throws Exception{
        KeyPairGenerator kpg = KeyPairGenerator.getInstance(KEY_ALGORITHM); 
        kpg.initialize(1024);
        KeyPair keyPair = kpg.generateKeyPair();
        PublicKey publicKey = keyPair.getPublic();
        PrivateKey privateKey = keyPair.getPrivate();
        Map<String,Key> keyMap = new HashMap<>();
        keyMap.put(PUBLIC_KEY, publicKey);
        keyMap.put(PRIVATE_KEY, privateKey);
        return keyMap;
    }
    //字节数组到公钥
    public static PrivateKey strToPrivateKey(String str) throws Exception{
        PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(decryptBASE64(str));
        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
        PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
        return privateKey;
    }
    //字节数组到私钥
    public static PublicKey strToPublicKey(String str) throws Exception{
        X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(decryptBASE64(str));
        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
        PublicKey publicKey = keyFactory.generatePublic(x509KeySpec);
        return publicKey;
    }
    //字节数组到文件字符串
    public static String encryptBASE64(byte[] bytes) {
        return Base64.getEncoder().encodeToString(bytes);
    }
    //文件字符串到字节数组
    public static byte[] decryptBASE64(String str) {
        return Base64.getDecoder().decode(str);
    }
    //用公钥加密
    public static byte[] encryptByPublicKey(byte[] data, String key) throws Exception{
        PublicKey publicKey = strToPublicKey(key);
        Cipher cipher = Cipher.getInstance(KEY_ALGORITHM);
        //Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        //加解密算法/分組算法/填充算法
        cipher.init(Cipher.ENCRYPT_MODE, publicKey);
        return cipher.doFinal(data);
    }
    //用私钥加密
    public static byte[] encryptByPrivateKey(byte[] data, String key) throws Exception{
        PrivateKey privateKey = strToPrivateKey(key);
        Cipher cipher = Cipher.getInstance(KEY_ALGORITHM);
        //Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        //加解密算法/分組算法/填充算法
        cipher.init(Cipher.ENCRYPT_MODE, privateKey);
        return cipher.doFinal(data);
    }
    //用公钥解密
    public static byte[] decryptByPublicKey(byte[] data, String key) throws Exception {
        PublicKey publicKey = strToPublicKey(key);
        Cipher cipher = Cipher.getInstance(KEY_ALGORITHM);
        //Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        //加解密算法/分組算法/填充算法
        cipher.init(Cipher.DECRYPT_MODE, publicKey);
        return cipher.doFinal(data);
    }
    //用私钥解密
    public static byte[] decryptByPrivateKey(byte[] data, String key) throws Exception {
        PrivateKey privateKey = strToPrivateKey(key);
        Cipher cipher = Cipher.getInstance(KEY_ALGORITHM);
        //Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        //加解密算法/分組算法/填充算法
        cipher.init(Cipher.DECRYPT_MODE, privateKey);
        return cipher.doFinal(data);
    }
    //对字符串进行数字签名
    public static byte[] sign(byte[] data, String privateKey) throws Exception {
        PrivateKey priKey = strToPrivateKey(privateKey);
        Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
        signature.initSign(priKey);
        signature.update(data);
        return signature.sign();
    }
    //对数字签名进行验证
    public static boolean verify(byte[] data, String publicKey, byte[] sign) throws Exception {
        PublicKey pubKey = strToPublicKey(publicKey);
        Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
        signature.initVerify(pubKey);
        signature.update(data);
        return signature.verify(sign);
    }
}