- 浏览: 352760 次
- 性别:
- 来自: 北京
文章分类
- 全部博客 (176)
- struts2 (4)
- javascript (9)
- database (11)
- hibernate (11)
- java (36)
- CSS (1)
- wap (8)
- html (5)
- spring (3)
- 操作系统 (9)
- xml (0)
- eclipse/myeclipse (6)
- freemarker (2)
- jsp+servlet (4)
- fckeditor (1)
- Linux (12)
- tomcat (4)
- SNMP (2)
- Loadrunner (1)
- php (0)
- 版本控制 (1)
- android (3)
- pki (7)
- jquery (4)
- webservice (4)
- ipad (1)
- 开发工具 (1)
- jslt (1)
- 连接池 (6)
- javaApi (1)
- 学习笔记 (6)
- eclipse (2)
最新评论
-
宋建勇:
nice
keytool详解 -
1122334455aabb:
java int,byte、char之间的相互转化,更多内容参 ...
java中byte 与16进制字符相互转换 -
01jiangwei01:
CA[i >>> 18 & 0x3f ...
使用JAVA数字证书做数字签名认证 -
sjp524617477:
good
keytool详解 -
whlngn:
输出结果我只想取汉字,而不要后面的数字,应该如何实现,求回答
配置paoding analysis
- import Javax.crypto.Cipher;
- import java.security.*;
- import java.security.spec.RSAPublicKeySpec;
- import java.security.spec.RSAPrivateKeySpec;
- import java.security.spec.InvalidKeySpecException;
- import java.security.interfaces.RSAPrivateKey;
- import java.security.interfaces.RSAPublicKey;
- import java.io.*;
- import java.math.BigInteger;
- /**
- * RSA 工具类。提供加密,解密,生成密钥对等方法。
- * 需要到http://www.bouncycastle.org下载bcprov-jdk14-123.jar。
- *
- */
- public class RSAUtil {
- /**
- * 生成密钥对
- * @return KeyPair
- * @throws EncryptException
- */
- public static KeyPair generateKeyPair() throws EncryptException {
- try {
- KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA",
- new org.bouncycastle.jce.provider.BouncyCastleProvider());
- final int KEY_SIZE = 1024;//没什么好说的了,这个值关系到块加密的大小,可以更改,但是不要太大,否则效率会低
- keyPairGen.initialize(KEY_SIZE, new SecureRandom());
- KeyPair keyPair = keyPairGen.genKeyPair();
- return keyPair;
- } catch (Exception e) {
- throw new EncryptException(e.getMessage());
- }
- }
- /**
- * 生成公钥
- * @param modulus
- * @param publicEXPonent
- * @return RSAPublicKey
- * @throws EncryptException
- */
- public static RSAPublicKey generateRSAPublicKey(byte[] modulus, byte[] publicExponent) throws EncryptException {
- KeyFactory keyFac = null;
- try {
- keyFac = KeyFactory.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider());
- } catch (NoSUChAlgorithmException ex) {
- throw new EncryptException(ex.getMessage());
- }
- RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(new BigInteger(modulus), new BigInteger(publicExponent));
- try {
- return (RSAPublicKey) keyFac.generatePublic(pubKeySpec);
- } catch (InvalidKeySpecException ex) {
- throw new EncryptException(ex.getMessage());
- }
- }
- /**
- * 生成私钥
- * @param modulus
- * @param privateExponent
- * @return RSAPrivateKey
- * @throws EncryptException
- */
- public static RSAPrivateKey generateRSAPrivateKey(byte[] modulus, byte[] privateExponent) throws EncryptException {
- KeyFactory keyFac = null;
- try {
- keyFac = KeyFactory.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider());
- } catch (NoSuchAlgorithmException ex) {
- throw new EncryptException(ex.getMessage());
- }
- RSAPrivateKeySpec priKeySpec = new RSAPrivateKeySpec(new BigInteger(modulus), new BigInteger(privateExponent));
- try {
- return (RSAPrivateKey) keyFac.generatePrivate(priKeySpec);
- } catch (InvalidKeySpecException ex) {
- throw new EncryptException(ex.getMessage());
- }
- }
- /**
- * 加密
- * @param key 加密的密钥
- * @param data 待加密的明文数据
- * @return 加密后的数据
- * @throws EncryptException
- */
- public static byte[] encrypt(Key key, byte[] data) throws EncryptException {
- try {
- Cipher cipher = Cipher.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider());
- cipher.init(Cipher.ENCRYPT_MODE, key);
- int blockSize = cipher.getBlockSize();//获得加密块大小,如:加密前数据为128个byte,而key_size=1024 加密块大小为127 byte,加密后为128个byte;因此共有2个加密块,第一个127 byte第二个为1个byte
- int outputSize = cipher.getOutputSize(data.length);//获得加密块加密后块大小
- int leavedSize = data.length % blockSize;
- int blocksSize = leavedSize != 0 ? data.length / blockSize + 1 : data.length / blockSize;
- byte[] raw = new byte[outputSize * blocksSize];
- int i = 0;
- while (data.length - i * blockSize > 0) {
- if (data.length - i * blockSize > blockSize)
- cipher.doFinal(data, i * blockSize, blockSize, raw, i * outputSize);
- else
- cipher.doFinal(data, i * blockSize, data.length - i * blockSize, raw, i * outputSize);
- //这里面doUpdate方法不可用,查看源代码后发现每次doUpdate后并没有什么实际动作除了把byte[]放到ByteArrayOutputStream中,而最后doFinal的时候才将所有的byte[]进行加密,可是到了此时加密块大小很可能已经超出了OutputSize所以只好用dofinal方法。
- i++;
- }
- return raw;
- } catch (Exception e) {
- throw new EncryptException(e.getMessage());
- }
- }
- /**
- * 解密
- * @param key 解密的密钥
- * @param raw 已经加密的数据
- * @return 解密后的明文
- * @throws EncryptException
- */
- public static byte[] decrypt(Key key, byte[] raw) throws EncryptException {
- try {
- Cipher cipher = Cipher.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider());
- cipher.init(cipher.DECRYPT_MODE, key);
- int blockSize = cipher.getBlockSize();
- ByteArrayOutputStream bout = new ByteArrayOutputStream(64);
- int j = 0;
- while (raw.length - j * blockSize > 0) {
- bout.write(cipher.doFinal(raw, j * blockSize, blockSize));
- j++;
- }
- return bout.toByteArray();
- } catch (Exception e) {
- throw new EncryptException(e.getMessage());
- }
- }
- /**
- *
- * @param args
- * @throws Exception
- */
- public static void main(String[] args) throws Exception {
- File file = new File("test.Html");
- FileInputStream in = new FileInputStream(file);
- ByteArrayOutputStream bout = new ByteArrayOutputStream();
- byte[] tmpbuf = new byte[1024];
- int count = 0;
- while ((count = in.read(tmpbuf)) != -1) {
- bout.write(tmpbuf, 0, count);
- tmpbuf = new byte[1024];
- }
- in.close();
- byte[] orgData = bout.toByteArray();
- KeyPair keyPair = RSAUtil.generateKeyPair();
- RSAPublicKey pubKey = (RSAPublicKey) keyPair.getPublic();
- RSAPrivateKey priKey = (RSAPrivateKey) keyPair.getPrivate();
- byte[] pubModBytes = pubKey.getModulus().toByteArray();
- byte[] pubPubExpBytes = pubKey.getPublicExponent().toByteArray();
- byte[] priModBytes = priKey.getModulus().toByteArray();
- byte[] priPriExpBytes = priKey.getPrivateExponent().toByteArray();
- RSAPublicKey recoveryPubKey = RSAUtil.generateRSAPublicKey(pubModBytes,pubPubExpBytes);
- RSAPrivateKey recoveryPriKey = RSAUtil.generateRSAPrivateKey(priModBytes,priPriExpBytes);
- byte[] raw = RSAUtil.encrypt(priKey, orgData);
- file = new File("encrypt_result.dat");
- OutputStream out = new FileOutputStream(file);
- out.write(raw);
- out.close();
- byte[] data = RSAUtil.decrypt(recoveryPubKey, raw);
- file = new File("decrypt_result.html");
- out = new FileOutputStream(file);
- out.write(data);
- out.flush();
- out.close();
- }
- }
import Javax.crypto.Cipher; import java.security.*; import java.security.spec.RSAPublicKeySpec; import java.security.spec.RSAPrivateKeySpec; import java.security.spec.InvalidKeySpecException; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; import java.io.*; import java.math.BigInteger; /** * RSA 工具类。提供加密,解密,生成密钥对等方法。 * 需要到http://www.bouncycastle.org下载bcprov-jdk14-123.jar。 * */ public class RSAUtil { /** * 生成密钥对 * @return KeyPair * @throws EncryptException */ public static KeyPair generateKeyPair() throws EncryptException { try { KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider()); final int KEY_SIZE = 1024;//没什么好说的了,这个值关系到块加密的大小,可以更改,但是不要太大,否则效率会低 keyPairGen.initialize(KEY_SIZE, new SecureRandom()); KeyPair keyPair = keyPairGen.genKeyPair(); return keyPair; } catch (Exception e) { throw new EncryptException(e.getMessage()); } } /** * 生成公钥 * @param modulus * @param publicEXPonent * @return RSAPublicKey * @throws EncryptException */ public static RSAPublicKey generateRSAPublicKey(byte[] modulus, byte[] publicExponent) throws EncryptException { KeyFactory keyFac = null; try { keyFac = KeyFactory.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider()); } catch (NoSUChAlgorithmException ex) { throw new EncryptException(ex.getMessage()); } RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(new BigInteger(modulus), new BigInteger(publicExponent)); try { return (RSAPublicKey) keyFac.generatePublic(pubKeySpec); } catch (InvalidKeySpecException ex) { throw new EncryptException(ex.getMessage()); } } /** * 生成私钥 * @param modulus * @param privateExponent * @return RSAPrivateKey * @throws EncryptException */ public static RSAPrivateKey generateRSAPrivateKey(byte[] modulus, byte[] privateExponent) throws EncryptException { KeyFactory keyFac = null; try { keyFac = KeyFactory.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider()); } catch (NoSuchAlgorithmException ex) { throw new EncryptException(ex.getMessage()); } RSAPrivateKeySpec priKeySpec = new RSAPrivateKeySpec(new BigInteger(modulus), new BigInteger(privateExponent)); try { return (RSAPrivateKey) keyFac.generatePrivate(priKeySpec); } catch (InvalidKeySpecException ex) { throw new EncryptException(ex.getMessage()); } } /** * 加密 * @param key 加密的密钥 * @param data 待加密的明文数据 * @return 加密后的数据 * @throws EncryptException */ public static byte[] encrypt(Key key, byte[] data) throws EncryptException { try { Cipher cipher = Cipher.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider()); cipher.init(Cipher.ENCRYPT_MODE, key); int blockSize = cipher.getBlockSize();//获得加密块大小,如:加密前数据为128个byte,而key_size=1024 加密块大小为127 byte,加密后为128个byte;因此共有2个加密块,第一个127 byte第二个为1个byte int outputSize = cipher.getOutputSize(data.length);//获得加密块加密后块大小 int leavedSize = data.length % blockSize; int blocksSize = leavedSize != 0 ? data.length / blockSize + 1 : data.length / blockSize; byte[] raw = new byte[outputSize * blocksSize]; int i = 0; while (data.length - i * blockSize > 0) { if (data.length - i * blockSize > blockSize) cipher.doFinal(data, i * blockSize, blockSize, raw, i * outputSize); else cipher.doFinal(data, i * blockSize, data.length - i * blockSize, raw, i * outputSize); //这里面doUpdate方法不可用,查看源代码后发现每次doUpdate后并没有什么实际动作除了把byte[]放到ByteArrayOutputStream中,而最后doFinal的时候才将所有的byte[]进行加密,可是到了此时加密块大小很可能已经超出了OutputSize所以只好用dofinal方法。 i++; } return raw; } catch (Exception e) { throw new EncryptException(e.getMessage()); } } /** * 解密 * @param key 解密的密钥 * @param raw 已经加密的数据 * @return 解密后的明文 * @throws EncryptException */ public static byte[] decrypt(Key key, byte[] raw) throws EncryptException { try { Cipher cipher = Cipher.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider()); cipher.init(cipher.DECRYPT_MODE, key); int blockSize = cipher.getBlockSize(); ByteArrayOutputStream bout = new ByteArrayOutputStream(64); int j = 0; while (raw.length - j * blockSize > 0) { bout.write(cipher.doFinal(raw, j * blockSize, blockSize)); j++; } return bout.toByteArray(); } catch (Exception e) { throw new EncryptException(e.getMessage()); } } /** * * @param args * @throws Exception */ public static void main(String[] args) throws Exception { File file = new File("test.Html"); FileInputStream in = new FileInputStream(file); ByteArrayOutputStream bout = new ByteArrayOutputStream(); byte[] tmpbuf = new byte[1024]; int count = 0; while ((count = in.read(tmpbuf)) != -1) { bout.write(tmpbuf, 0, count); tmpbuf = new byte[1024]; } in.close(); byte[] orgData = bout.toByteArray(); KeyPair keyPair = RSAUtil.generateKeyPair(); RSAPublicKey pubKey = (RSAPublicKey) keyPair.getPublic(); RSAPrivateKey priKey = (RSAPrivateKey) keyPair.getPrivate(); byte[] pubModBytes = pubKey.getModulus().toByteArray(); byte[] pubPubExpBytes = pubKey.getPublicExponent().toByteArray(); byte[] priModBytes = priKey.getModulus().toByteArray(); byte[] priPriExpBytes = priKey.getPrivateExponent().toByteArray(); RSAPublicKey recoveryPubKey = RSAUtil.generateRSAPublicKey(pubModBytes,pubPubExpBytes); RSAPrivateKey recoveryPriKey = RSAUtil.generateRSAPrivateKey(priModBytes,priPriExpBytes); byte[] raw = RSAUtil.encrypt(priKey, orgData); file = new File("encrypt_result.dat"); OutputStream out = new FileOutputStream(file); out.write(raw); out.close(); byte[] data = RSAUtil.decrypt(recoveryPubKey, raw); file = new File("decrypt_result.html"); out = new FileOutputStream(file); out.write(data); out.flush(); out.close(); } }
加密可以用公钥,解密用私钥;或者加密用私钥。通常非对称加密是非常消耗资源的,因此可以对大数据用对称加密如:des(具体代码可以看我以前发的贴子),而对其对称密钥进行非对称加密,这样既保证了数据的安全,还能保证效率。
- import javax.crypto.Cipher;
- import java.security.*;
- import java.security.spec.RSAPublicKeySpec;
- import java.security.spec.RSAPrivateKeySpec;
- import java.security.spec.InvalidKeySpecException;
- import java.security.interfaces.RSAPrivateKey;
- import java.security.interfaces.RSAPublicKey;
- import java.io.*;
- import java.math.BigInteger;
- public class RSAUtil {
- /**
- * * 生成密钥对
- * * @return KeyPair
- * * @throws EncryptException
- */
- public static KeyPair generateKeyPair() throws EncryptException {
- try {
- KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA",
- new org.bouncycastle.jce.provider.BouncyCastleProvider());
- final int KEY_SIZE = 1024;//没什么好说的了,这个值关系到块加密的大小,可以更改,但是不要太大,否则效率会低
- keyPairGen.initialize(KEY_SIZE, new SecureRandom());
- KeyPair keyPair = keyPairGen.genKeyPair();
- return keyPair;
- } catch (Exception e) {
- throw new EncryptException(e.getMessage());
- }
- }
- /**
- * * 生成公钥
- * * @param modulus
- * * @param publicExponent
- * * @return RSAPublicKey
- * * @throws EncryptException
- */
- public static RSAPublicKey generateRSAPublicKey(byte[] modulus, byte[] publicExponent) throws EncryptException {
- KeyFactory keyFac = null;
- try {
- keyFac = KeyFactory.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider());
- } catch (NoSuchAlgorithmException ex) {
- throw new EncryptException(ex.getMessage());
- }
- RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(new BigInteger(modulus), new BigInteger(publicExponent));
- try {
- return (RSAPublicKey) keyFac.generatePublic(pubKeySpec);
- } catch (InvalidKeySpecException ex) {
- throw new EncryptException(ex.getMessage());
- }
- }
- /**
- * * 生成私钥
- * * @param modulus
- * * @param privateExponent
- * * @return RSAPrivateKey
- * * @throws EncryptException
- */
- public static RSAPrivateKey generateRSAPrivateKey(byte[] modulus, byte[] privateExponent) throws EncryptException {
- KeyFactory keyFac = null;
- try {
- keyFac = KeyFactory.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider());
- } catch (NoSuchAlgorithmException ex) {
- throw new EncryptException(ex.getMessage());
- }
- RSAPrivateKeySpec priKeySpec = new RSAPrivateKeySpec(new BigInteger(modulus), new BigInteger(privateExponent));
- try {
- return (RSAPrivateKey) keyFac.generatePrivate(priKeySpec);
- } catch (InvalidKeySpecException ex) {
- throw new EncryptException(ex.getMessage());
- }
- }
- /**
- * * 加密
- * * @param key 加密的密钥
- * * @param data 待加密的明文数据
- * * @return 加密后的数据
- * * @throws EncryptException
- */
- public static byte[] encrypt(Key key, byte[] data) throws EncryptException {
- try {
- Cipher cipher = Cipher.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider());
- cipher.init(Cipher.ENCRYPT_MODE, key);
- int blockSize = cipher.getBlockSize();//获得加密块大小,如:加密前数据为128个byte,而key_size=1024 加密块大小为127 byte,加密后为128个byte;因此共有2个加密块,第一个127 byte第二个为1个byte
- int outputSize = cipher.getOutputSize(data.length);//获得加密块加密后块大小
- int leavedSize = data.length % blockSize;
- int blocksSize = leavedSize != 0 ? data.length / blockSize + 1 : data.length / blockSize;
- byte[] raw = new byte[outputSize * blocksSize];
- int i = 0;
- while (data.length - i * blockSize > 0) {
- if (data.length - i * blockSize > blockSize)
- cipher.doFinal(data, i * blockSize, blockSize, raw, i * outputSize);
- else
- cipher.doFinal(data, i * blockSize, data.length - i * blockSize, raw, i * outputSize);
- //这里面doUpdate方法不可用,查看源代码后发现每次doUpdate后并没有什么实际动作除了把byte[]放到ByteArrayOutputStream中,而最后doFinal的时候才将所有的byte[]进行加密,可是到了此时加密块大小很可能已经超出了OutputSize所以只好用dofinal方法。
- i++;
- }
- return raw;
- } catch (Exception e) {
- throw new EncryptException(e.getMessage());
- }
- }
- /**
- * * 解密
- * * @param key 解密的密钥
- * * @param raw 已经加密的数据
- * * @return 解密后的明文
- * * @throws EncryptException
- */
- public static byte[] decrypt(Key key, byte[] raw) throws EncryptException {
- try {
- Cipher cipher = Cipher.getInstance("RSA", new org.bouncycastle.jce.provider.BouncyCastleProvider());
- cipher.init(cipher.DECRYPT_MODE, key);
- int blockSize = cipher.getBlockSize();
- ByteArrayOutputStream bout = new ByteArrayOutputStream(64);
- int j = 0;
- while (raw.length - j * blockSize > 0) {
- bout.write(cipher.doFinal(raw, j * blockSize, blockSize));
- j++;
- }
- return bout.toByteArray();
- } catch (Exception e) {
- throw new EncryptException(e.getMessage());
- }
- }
- public static String byte2hex(byte[] b) {
- String hs = "";
- String stmp = "";
- for (int i = 0; i < b.length; i++) {
- stmp = Integer.toHexString(b[i] & 0xFF);
- if (stmp.length() == 1) {
- hs += "0" + stmp;
- } else {
- hs += stmp;
- }
- }
- //return hs;
- return hs.toUpperCase();
- }
- public static byte[] hex2byte(String hex) throws IllegalArgumentException {
- if (hex.length() % 2 != 0) {
- throw new IllegalArgumentException();
- }
- char[] arr = hex.toCharArray();
- byte[] b = new byte[hex.length() / 2];
-
for (int i = 0, j = 0, l = hex.length(); i < l; i++, j++) { <
发表评论
-
keytool详解
2011-01-03 11:03 4858★ 实例说明 本实例 ... -
解决no such provider: BC
2010-12-22 14:47 3832在jdk中的jre\lib\security修改java.se ... -
使用JAVA数字证书做数字签名认证
2010-12-16 21:43 61021. keytool -genkey -keystore ch ... -
javax.crypto.Cipher类提供加密和解密功能,该类是JCE框架的核心
2010-11-28 08:51 4546javax.crypto.Cipher类提供加密和解密功能,该 ... -
JavaTM 加密体系结构
2010-11-26 16:50 2213简介JDK 安全 API 是 Java ... -
object 解释
2010-11-15 22:03 1389<OBJECT ID="mscs_ocx&q ...
相关推荐
java非对称加密(一)-基础与理论
java非对称加密(三)-代码及说明
这是本人总结的Java 非对称 加密 算法,有疑问可以找我1038546502@qq.com
Java非对称加密源码实例。 Java非对称加密源码实例.zip
自己整理的非对称加密demo,包含生成秘钥文件、生成字符转秘钥两种方式。
Java非对称加密源码实例.rar
Java非对称加密源码实例
bctest-jdk16-140.jar
一个来自Java非对称加密算法演示源码,通过网络或磁盘等方式,把公钥编码传送给李四,李四接收到张三编码后的公钥,将其解码,将公钥的KeySpec对象转换为公钥,张三用自己的私钥解密从李四处收到的信息,里面对原理的...
用JAVA实现Rsa非对称加密算法 不算简单的算法 既可以加密又可以解密
Java非对称加密源程序代码,使用RSA加密技术,定义加密算法可用 DES
java源码:Java非对称加密源码实例.zip
非对称加密是公钥加密,私钥来解密.使用的是Bouncy Castle 是一种用于 Java 平台的开放源码的轻量级密码术包.
支持Java文件遇见的敏感字段的加密 包括对称和非对称加密
Java非对称加密源代码(RSA)-测试包2
Java非对称加密源码实例.7z