700字范文 > Java 实现RSA 签名/验签与加密解密

Java 实现RSA 签名/验签与加密解密

时间：2024-09-13 19:14:34

文章目录

一、前言二、签名与验签1、程序代码如下：2、程序运行结果：三、加密解密1、添加加解密方法2、程序运行结果

一、前言

RSA 算法相比于AES算法不同的是RSA的秘钥为不同的两个一个为公钥一个为私钥且目前理论上无法通过私钥/公钥去推得公钥/私钥。其数学原理为数论中寻求两个大素数比较简单，而将它们的乘积进行因式分解却极其困难，将他们的乘积作为公钥，从而无法通过分解因式获得私钥实现。

一般情况下，使用私钥进行签名，使用公钥验证签名。签名验签是为了验证用户身份是否合法，和登录一个作用。用于被调用方验证；使用公钥进行加密使用私钥解密.。加密解密是为防止数据被篡改。

相比于AES来说RSA一般用于加密短的明文，因为内容越长，效率越低。

二、签名与验签

1、程序代码如下：

package cn.zlc.des.rsa;import java.nio.charset.StandardCharsets;import java.security.Key;import java.security.KeyFactory;import java.security.KeyPair;import java.security.KeyPairGenerator;import java.security.PrivateKey;import java.security.PublicKey;import java.security.Signature;import java.security.interfaces.RSAPrivateKey;import java.security.interfaces.RSAPublicKey;import java.security.spec.PKCS8EncodedKeySpec;import java.security.spec.X509EncodedKeySpec;import java.util.HashMap;import java.util.Map;import javax.crypto.Cipher;import lombok.extern.slf4j.Slf4j;import mons.codec.binary.Base64;/*** @author Jacob* @version 1.0* @date /11/4 15:57*/@Slf4jpublic class RSAUtil {public static final String KEY_ALGORITHM = "RSA";public static final String PUBLIC_KEY = "publicKey";public static final String PRIVATE_KEY = "privateKey";//map对象中存放公私钥public static Map<String, Key> initKey() throws Exception {//获得对象 KeyPairGenerator 参数 RSA 1024个字节KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(KEY_ALGORITHM);keyPairGen.initialize(1024);//通过对象 KeyPairGenerator 获取对象KeyPairKeyPair keyPair = keyPairGen.generateKeyPair();//通过对象 KeyPair 获取RSA公私钥对象RSAPublicKey RSAPrivateKeyRSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();//公私钥对象存入map中Map<String, Key> keyMap = new HashMap<>(2);keyMap.put(PUBLIC_KEY, publicKey);keyMap.put(PRIVATE_KEY, privateKey);return keyMap;}/*** 从公钥字符串中获取公钥* @param key Base64的公钥字符串* @return 公钥* @throws Exception 异常*/public static PublicKey getPublicKey(String key) throws Exception {byte[] keyBytes = Base64.decodeBase64(key);X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);return keyFactory.generatePublic(keySpec);}/*** 从私钥字符串中获取私钥* @param key Base64的私钥字符串* @return 私钥* @throws Exception 异常*/public static PrivateKey getPrivateKey(String key) throws Exception {byte[] keyBytes = Base64.decodeBase64(key.getBytes(StandardCharsets.UTF_8));PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);return keyFactory.generatePrivate(keySpec);}/*** RSA私钥签名* @param content 待签名数据* @param privateKey 私钥* @return 签名值*/public static String signByPrivateKey(String content, String privateKey) {try {PrivateKey priKey = getPrivateKey(privateKey);Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);signature.initSign(priKey);signature.update(content.getBytes(StandardCharsets.UTF_8));byte[] signed = signature.sign();return new String(Base64.encodeBase64URLSafe(signed), StandardCharsets.UTF_8);} catch (Exception e) {log.warn("sign error, content: {}, priKey: {}", content, privateKey);log.error("sign error, message is {}", e.getMessage());}return null;}/*** 通过公钥验签* @param content 验签内容* @param sign 签名* @param publicKey 公钥* @return 验签结果*/public static boolean verifySignByPublicKey(String content, String sign, String publicKey) {try {PublicKey pubKey = getPublicKey(publicKey);Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);signature.initVerify(pubKey);signature.update(content.getBytes(StandardCharsets.UTF_8));return signature.verify(Base64.decodeBase64(sign.getBytes(StandardCharsets.UTF_8)));} catch (Exception e) {log.warn("sign error, content: {}, sign: {}, pubKey: {}", content, sign, publicKey);log.error("sign error", e);}return false;}public static void main(String[] args) {String signContent = "待签名数据";// 第一步，生成一对公私钥Map<String, Key> keys = new HashMap<>(2);try {keys = RSAUtil.initKey();}catch (Exception e){log.error("init RSA key error，message is {}", e.getMessage());System.exit(-1);}// 获得私钥Key privateKey = keys.get(PRIVATE_KEY);// 私钥Base64编码字符串String base64PrivateKeyStr = Base64.encodeBase64String(privateKey.getEncoded());log.info("base64 privateKey String is:{}", base64PrivateKeyStr);// 签名String signString = RSAUtil.signByPrivateKey(signContent, base64PrivateKeyStr);log.info("sign by privateKey ,signString is: {}", signString);// 获得公钥Key publicKey = keys.get(PUBLIC_KEY);String base64PublicKeyStr = Base64.encodeBase64String(publicKey.getEncoded());log.info("base64 publicKey String is:{}", base64PublicKeyStr);boolean verifySignResult = RSAUtil.verifySignByPublicKey(signContent ,signString, base64PublicKeyStr);log.info("verify sign result is: {}", verifySignResult);}}

2、程序运行结果：

17:57:52.337 [main] INFO cn.zlc.des.rsa.RSAUtil - base64 privateKey String is:MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAInvHaqkXciGW5sFb9S2oF/2KYR7zm+IGfX/KIUlMoo/g5v5DZBBFRr4Ez+PUvsjvnCigwHhigD6QCs2bTPuQfUdqeUV3N5qcf1wHjxA0mERrVneAuR1dyhikB2RbRkw901ZIpYEKBh5LDNEiA1wAkYvw9cpl6i31uiISPhmvpoXAgMBAAECgYAUUHcaDqMRSVhseFyEA3GTMHnk3ScGHhFUvYOGOHg9DCWh7wgkWrF1C1wqXD1oZ1dA125b9I+SnUieFKH4p/pmm9XvQZ3pwz2rJd+PFdo3KpXtdH6snJn4X1dO/1E8uaJOVKyKqZmNYO7/TK+4SxPKsR7W1em1wtvXTMy6/jK84QJBAMPWULhZyw4YYQNNl9YhAP+T3bJLyI1zl1xXmg1JB34GrkReh/otw8Mc9rDTkf8wjUwYtPUyC7q3tibTdu1o0VMCQQC0Tv0XCTE/ghMndxM+16XAfFyY4WkN7Se/Cp62UPHmvQ/HIusvGrdPkI59Bv7rq+gTebImzXxnRwe29+X4tKetAkBIgWiRWG1dYplIZ8n3dXCxL0W9ZWFzPYCkp6pZkNg9SKvslDMz5Q29h1OuVCaRnKAztFILFeRR1QKTjWdSrqQRAkA+kaJ12fTDCwpGiaWeCwszrnQbgS0JbiB6xN6qeZBX94eAHPfr0qOF8q3faQwREAhqqbJOkMP4usdMkN223knJAkBW8PO+DilQFgRqH47RIhz3md0EKVzqE02aYb8XO4DMQ8UgOqX6YGp3KEWW7Gwb0ASQZLlW+wkFmgLtt4aGhNY/17:57:52.346 [main] INFO cn.zlc.des.rsa.RSAUtil - sign by privateKey ,signString is: F1agu3KpQtcxXMFwiRNUv5LA-A9ebellLL_RnwoqxRQTwI5mt8bHq3tMzZxUq0E9Odaa-88oVnq9t1X9G9PoiVDcaMLXIrWCvDMw3xdssZ-TbspteBO1sGdV9UOk58KLU3aft3R3HvCaYl0mXcybdrN--MRtnB5xJYfHyh8QwL817:57:52.346 [main] INFO cn.zlc.des.rsa.RSAUtil - base64 publicKey String is:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCJ7x2qpF3IhlubBW/UtqBf9imEe85viBn1/yiFJTKKP4Ob+Q2QQRUa+BM/j1L7I75wooMB4YoA+kArNm0z7kH1HanlFdzeanH9cB48QNJhEa1Z3gLkdXcoYpAdkW0ZMPdNWSKWBCgYeSwzRIgNcAJGL8PXKZeot9boiEj4Zr6aFwIDAQAB17:57:52.347 [main] INFO cn.zlc.des.rsa.RSAUtil - verify sign result is: true

三、加密解密

1、添加加解密方法

package cn.zlc.des.rsa;import java.nio.charset.StandardCharsets;import java.security.Key;import java.security.KeyFactory;import java.security.KeyPair;import java.security.KeyPairGenerator;import java.security.PrivateKey;import java.security.PublicKey;import java.security.Signature;import java.security.interfaces.RSAPrivateKey;import java.security.interfaces.RSAPublicKey;import java.security.spec.PKCS8EncodedKeySpec;import java.security.spec.X509EncodedKeySpec;import java.util.HashMap;import java.util.Map;import javax.crypto.Cipher;import lombok.extern.slf4j.Slf4j;import mons.codec.binary.Base64;/*** @author Jacob* @version 1.0* @date /11/4 15:57*/@Slf4jpublic class RSAUtil {public static final String KEY_ALGORITHM = "RSA";public static final String SIGNATURE_ALGORITHM = "SHA1WithRSA";public static final String PUBLIC_KEY = "publicKey";public static final String PRIVATE_KEY = "privateKey";//map对象中存放公私钥public static Map<String, Key> initKey() throws Exception {//获得对象 KeyPairGenerator 参数 RSA 1024个字节KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(KEY_ALGORITHM);keyPairGen.initialize(1024);//通过对象 KeyPairGenerator 获取对象KeyPairKeyPair keyPair = keyPairGen.generateKeyPair();//通过对象 KeyPair 获取RSA公私钥对象RSAPublicKey RSAPrivateKeyRSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();//公私钥对象存入map中Map<String, Key> keyMap = new HashMap<>(2);keyMap.put(PUBLIC_KEY, publicKey);keyMap.put(PRIVATE_KEY, privateKey);return keyMap;}/*** 从公钥字符串中获取公钥* @param key Base64的公钥字符串* @return 公钥* @throws Exception 异常*/public static PublicKey getPublicKey(String key) throws Exception {byte[] keyBytes = Base64.decodeBase64(key);X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);return keyFactory.generatePublic(keySpec);}/*** 从私钥字符串中获取私钥* @param key Base64的私钥字符串* @return 私钥* @throws Exception 异常*/public static PrivateKey getPrivateKey(String key) throws Exception {byte[] keyBytes = Base64.decodeBase64(key.getBytes(StandardCharsets.UTF_8));PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);return keyFactory.generatePrivate(keySpec);}/*** RSA私钥签名* @param content 待签名数据* @param privateKey 私钥* @return 签名值*/public static String signByPrivateKey(String content, String privateKey) {try {PrivateKey priKey = getPrivateKey(privateKey);Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);signature.initSign(priKey);signature.update(content.getBytes(StandardCharsets.UTF_8));byte[] signed = signature.sign();return new String(Base64.encodeBase64URLSafe(signed), StandardCharsets.UTF_8);} catch (Exception e) {log.warn("sign error, content: {}, priKey: {}", content, privateKey);log.error("sign error, message is {}", e.getMessage());}return null;}/*** 通过公钥验签* @param content 验签内容* @param sign 签名* @param publicKey 公钥* @return 验签结果*/public static boolean verifySignByPublicKey(String content, String sign, String publicKey) {try {PublicKey pubKey = getPublicKey(publicKey);Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);signature.initVerify(pubKey);signature.update(content.getBytes(StandardCharsets.UTF_8));return signature.verify(Base64.decodeBase64(sign.getBytes(StandardCharsets.UTF_8)));} catch (Exception e) {log.warn("sign error, content: {}, sign: {}, pubKey: {}", content, sign, publicKey);log.error("sign error", e);}return false;}/*** 通过公钥加密* @param plainText 明文* @param publicKey 公钥* @return 密文*/public static String encryptByPublicKey(String plainText, String publicKey) {try {PublicKey pubKey = getPublicKey(publicKey);Cipher cipher = Cipher.getInstance(KEY_ALGORITHM);cipher.init(Cipher.ENCRYPT_MODE, pubKey);byte[] enBytes = cipher.doFinal(plainText.getBytes(StandardCharsets.UTF_8));return Base64.encodeBase64String(enBytes);} catch (Exception e) {log.error("encrypt error", e);}return null;}/*** 通过私钥解密* @param enStr 加密字符串* @param privateKey 私钥* @return 明文*/public static String decryptByPrivateKey(String enStr, String privateKey) {try {PrivateKey priKey = getPrivateKey(privateKey);Cipher cipher = Cipher.getInstance(KEY_ALGORITHM);cipher.init(Cipher.DECRYPT_MODE, priKey);byte[] deBytes = cipher.doFinal(Base64.decodeBase64(enStr));return new String(deBytes);} catch (Exception e) {log.error("decrypt error", e);}return null;}public static void main(String[] args) {String encryptionContent = "待加密数据";// 第一步，生成一对公私钥Map<String, Key> keys = new HashMap<>(2);try {keys = RSAUtil.initKey();}catch (Exception e){log.error("init RSA key error，message is {}", e.getMessage());System.exit(-1);}// 获得公钥Key publicKey = keys.get(PUBLIC_KEY);String base64PublicKeyStr = Base64.encodeBase64String(publicKey.getEncoded());log.info("base64 publicKey String is:{}", base64PublicKeyStr);// 加密String encryptionString = RSAUtil.encryptByPublicKey(encryptionContent, base64PublicKeyStr);log.info("encryptionString by publicKey ,encryptionString is: {}", encryptionString);// 解密// 获得私钥Key privateKey = keys.get(PRIVATE_KEY);// 私钥Base64编码字符串String base64PrivateKeyStr = Base64.encodeBase64String(privateKey.getEncoded());log.info("base64 privateKey String is:{}", base64PrivateKeyStr);String decryptionString = RSAUtil.decryptByPrivateKey(encryptionString, base64PrivateKeyStr);log.info("decryptionString by privateKey ,decryptionString is: {}", decryptionString);}}

2、程序运行结果

18:30:52.140 [main] INFO cn.zlc.des.rsa.RSAUtil - base64 publicKey String is:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCU9l+2w68GDlSxNZQK5BaU+DvcKAAOfHLTJE3KYSOA+vucvoEGgmZ8rsULoI/s0nrsqtI/s/D0VS0vDTLpv/EFWAwAZquhrB6RNyAxjgzgugNbC9oxThEyOAD5VztM0p4XmR8ynK7OeD/BkNjSPVAeZLRfxZKsBGx846OhepX8swIDAQAB18:30:52.331 [main] INFO cn.zlc.des.rsa.RSAUtil - encryptionString by publicKey ,encryptionString is: icurdQyGP2JpI2q+BRf6MgnEk4or1Fdlpxyjr7/yTXVLNHgM7fcNKFcSO/s7EORJEwN1Z96sYOi7kU74fITSo92jsyem4yUajeHzbElJ7dy/fIAkyFwJibxfyaalY897NtJToFrT5eqk8LKkoUwSjfRo/SM/APkO4a1+oIs0zWA=18:30:52.331 [main] INFO cn.zlc.des.rsa.RSAUtil - base64 privateKey String is:MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAJT2X7bDrwYOVLE1lArkFpT4O9woAA58ctMkTcphI4D6+5y+gQaCZnyuxQugj+zSeuyq0j+z8PRVLS8NMum/8QVYDABmq6GsHpE3IDGODOC6A1sL2jFOETI4APlXO0zSnheZHzKcrs54P8GQ2NI9UB5ktF/FkqwEbHzjo6F6lfyzAgMBAAECgYAtyLfMZcKyus7fFJem7UnfiZhkZ0r1KNzl9n+OV2LhLsMM/ySLCqNTaSgZFcWGxX6QpUQv3i+N+WwEzSq724nJXkiWRHF/jxs9/qI8AtTzlTHUnXAQ4XriLYKBbPbQdATzXhn3tZbVvCZTZmsm1uJ0A/9i4dWtelgkgowzeuVVCQJBAPdXKnccO+AWBc3h4YFk1WS3sxx65AFqE9517iqpIoRB2gEnwxsReAdDGCXOye0C7+q5eutopoTGTJOQiEgqhVUCQQCaLXn43b/YoXJjbrNr2SjnzRaTy1nWHiTW0jCvfBJM+EqEpPfrRXmvGIAhIOsYTSUKY4edfxEnEkTeDU1+aPnnAkEA8H6NqNEIGwPu0tf9911+6/Z+LoQDLKji9tx+HnbkO+r3uUXbPHeI2K7RTPm7dzvy4a1Fqp3Pw6w4iwburBTEHQJAYzaSf+hKtR+nWX76LJOQ9CGQvsij5dp+AFNACxz/NdKtOVBjTV3m4RsWELt7LacvB9Fmip4jLo5eDLpovMjWzwJBANfFFdGxzZfH4D5dL9LDhSKslmIew7h2RHT16jUZPDbiOEIvMGXYE1BE5HuiliLt7fNFj3hcFqACTqTtbLoKHOw=18:30:52.336 [main] INFO cn.zlc.des.rsa.RSAUtil - decryptionString by privateKey ,decryptionString is: 待加密数据

本内容不代表本网观点和政治立场，如有侵犯你的权益请联系我们处理。

网友评论

网友评论仅供其表达个人看法，并不表明网站立场。