1 package jdbc.pro.lin; 2 3 import java.security.InvalidKeyException; 4 import java.security.Key; 5 import java.security.KeyFactory; 6 import java.security.KeyPair; 7 import java.security.KeyPairGenerator; 8 import java.security.NoSuchAlgorithmException; 9 import java.security.PrivateKey; 10 import java.security.PublicKey; 11 import java.security.interfaces.RSAPrivateKey; 12 import java.security.interfaces.RSAPublicKey; 13 import java.security.spec.InvalidKeySpecException; 14 import java.security.spec.PKCS8EncodedKeySpec; 15 import java.security.spec.X509EncodedKeySpec; 16 import java.util.HashMap; 17 import java.util.Map; 18 19 import javax.crypto.BadPaddingException; 20 import javax.crypto.Cipher; 21 import javax.crypto.IllegalBlockSizeException; 22 import javax.crypto.NoSuchPaddingException; 23 24 import org.apache.commons.codec.binary.Base64; 25 26 public class MyRSA { 27 public static final String KEY_ALGORITHM = "RSA"; 28 /** 貌似默认是RSA/NONE/PKCS1Padding,未验证 */ 29 public static final String CIPHER_ALGORITHM = "RSA/ECB/PKCS1Padding"; 30 public static final String PUBLIC_KEY = "publicKey"; 31 public static final String PRIVATE_KEY = "privateKey"; 32 33 /** RSA密钥长度必须是64的倍数,在512~65536之间。默认是1024 */ 34 public static final int KEY_SIZE = 2048; 35 36 public static final String PLAIN_TEXT = "MANUTD is the greatest club in the world"; 37 38 public static void main(String[] args) { 39 Map<String, byte[]> keyMap = generateKeyBytes(); 40 41 // 加密 42 PrivateKey privateKey = restorePrivateKey(keyMap.get(PRIVATE_KEY)); 43 byte[] encodedText = RSAEncode(privateKey, PLAIN_TEXT.getBytes()); 44 System.out.println("RSA encoded: " + Base64.encodeBase64String(encodedText)); 45 46 // 解密 47 PublicKey publicKey = restorePublicKey(keyMap.get(PUBLIC_KEY)); 48 System.out.println("RSA decoded: " 49 + RSADecode(publicKey, encodedText)); 50 } 51 52 /** 53 * 生成密钥对。注意这里是生成密钥对KeyPair,再由密钥对获取公私钥 54 * 55 * @return 56 */ 57 public static Map<String, byte[]> generateKeyBytes() { 58 59 try { 60 KeyPairGenerator keyPairGenerator = KeyPairGenerator 61 .getInstance(KEY_ALGORITHM); 62 keyPairGenerator.initialize(KEY_SIZE); 63 KeyPair keyPair = keyPairGenerator.generateKeyPair(); 64 RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); 65 RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate(); 66 67 Map<String, byte[]> keyMap = new HashMap<String, byte[]>(); 68 keyMap.put(PUBLIC_KEY, publicKey.getEncoded()); 69 keyMap.put(PRIVATE_KEY, privateKey.getEncoded()); 70 return keyMap; 71 } catch (NoSuchAlgorithmException e) { 72 // TODO Auto-generated catch block 73 e.printStackTrace(); 74 } 75 return null; 76 } 77 78 /** 79 * 还原公钥,X509EncodedKeySpec 用于构建公钥的规范 80 * 81 * @param keyBytes 82 * @return 83 */ 84 public static PublicKey restorePublicKey(byte[] keyBytes) { 85 X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(keyBytes); 86 87 try { 88 KeyFactory factory = KeyFactory.getInstance(KEY_ALGORITHM); 89 PublicKey publicKey = factory.generatePublic(x509EncodedKeySpec); 90 return publicKey; 91 } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { 92 // TODO Auto-generated catch block 93 e.printStackTrace(); 94 } 95 return null; 96 } 97 98 /** 99 * 还原私钥,PKCS8EncodedKeySpec 用于构建私钥的规范 100 * 101 * @param keyBytes 102 * @return 103 */ 104 public static PrivateKey restorePrivateKey(byte[] keyBytes) { 105 PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec( 106 keyBytes); 107 try { 108 KeyFactory factory = KeyFactory.getInstance(KEY_ALGORITHM); 109 PrivateKey privateKey = factory 110 .generatePrivate(pkcs8EncodedKeySpec); 111 return privateKey; 112 } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { 113 // TODO Auto-generated catch block 114 e.printStackTrace(); 115 } 116 return null; 117 } 118 119 /** 120 * 加密,三步走。 121 * 122 * @param key 123 * @param plainText 124 * @return 125 */ 126 public static byte[] RSAEncode(PrivateKey key, byte[] plainText) { 127 128 try { 129 Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM); 130 cipher.init(Cipher.ENCRYPT_MODE, key); 131 return cipher.doFinal(plainText); 132 } catch (NoSuchAlgorithmException | NoSuchPaddingException 133 | InvalidKeyException | IllegalBlockSizeException 134 | BadPaddingException e) { 135 // TODO Auto-generated catch block 136 e.printStackTrace(); 137 } 138 return null; 139 140 } 141 142 /** 143 * 解密,三步走。 144 * 145 * @param key 146 * @param encodedText 147 * @return 148 */ 149 public static String RSADecode(PublicKey key, byte[] encodedText) { 150 151 try { 152 Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM); 153 cipher.init(Cipher.DECRYPT_MODE, key); 154 return new String(cipher.doFinal(encodedText)); 155 } catch (NoSuchAlgorithmException | NoSuchPaddingException 156 | InvalidKeyException | IllegalBlockSizeException 157 | BadPaddingException e) { 158 // TODO Auto-generated catch block 159 e.printStackTrace(); 160 } 161 return null; 162 163 } 164 }
几点注意:
1.用到了KeyFactory。
2.用到了公私钥的规范。
3.RSA密钥长度从512~65536,必须是64的整数倍



原文:http://www.cnblogs.com/SirSmith/p/4990183.html