目录

使用说明非对称加密生成keystore文件公钥私钥互相解密获取fd-alias.keystore中的公钥私钥使用生成公钥私钥进行解密源码地址

使用说明

非对称加密

非对称加密算法主要有：RSA、Elgamal、背包算法、Rabin、D-H、ECC（椭圆曲线加密算法）。下面例子中使用的就是RSA算法。

 

特点：非对称加密算法比对称加密算法慢数千倍，但在保护通信安全方面，非对称加密算法却具有对称密码难以企及的优势。

 

理解：非对称加密需要两把密钥：公钥和私钥，他们是一对，如果用公钥对数据加密，那么只能用对应的私钥解密。如果用私钥对数据加密，只能用对应的公钥进行解密。因为加密和解密用的是不同的密钥，所以称为非对称加密。

 

私钥加密---------》公钥解密

公钥加密---------》私钥解密

案例：

为了保证安全：不允许中间第三方来截取篡改数据，生成唯一的公钥私钥。双方就需要各自生成自己的公钥私钥，并且发送给对方。

如：

客户端发请求到服务端，需要拿着自己的公钥发送过去，而服务端收到后，拿着对应的私钥进行解密，解密成功后，进行下一环节。

如果在中间被第三方拦截到，篡改内容，服务端没有对应的公钥，服务端则解析失败。

生成keystore文件

需要进入jdk的bin目录下，找到keytool.exe

.\keytool.exe

查看生成密钥对帮助说明

.\keytool.exe -genkeypair -help

输入命令生成自己的keystore文件

.\keytool.exe -genkeypair -alias fd-alias -keypass 123456 -keyalg RSA -keysize 1024 -validity 365 -keystore D:\sumscope\MyCode\cer\fd-alias.keystore -storepass 123456

查看自己的密钥库

.\keytool.exe -list -rfc -keystore D:\sumscope\MyCode\cer\fd-alias.keystore

生成文件

公钥私钥互相解密

获取fd-alias.keystore中的公钥私钥

package com.springweb.utils;import sun.misc.BASE64Decoder;import sun.misc.BASE64Encoder;import java.io.FileInputStream;import java.security.KeyStore;import java.security.PrivateKey;import java.security.PublicKey;/*** 从证书获取 公钥和私钥* @author admin* @date /1/7*/public class ReadKeyStoreUtils {/*** Java密钥库(Java Key Store，JKS)KEY_STORE*/public static final String KEY_STORE = "JKS";public static final String X509 = "X.509";/*** BASE64解密* @param key* @return* @throws Exception*/public static byte[] decryptBASE64(String key) throws Exception {return(new BASE64Decoder()).decodeBuffer(key);}/*** BASE64加密* @param key* @return* @throws Exception*/public static String encryptBASE64(byte[] key) throws Exception {return(new BASE64Encoder()).encodeBuffer(key).replace("\r","").replace("\n","");}/*** 获得KeyStore** @param keyStorePath* @param password* @return* @throws Exception*/private static KeyStore getKeyStore(String keyStorePath, String password)throws Exception {FileInputStream is = new FileInputStream(keyStorePath);KeyStore ks = KeyStore.getInstance(KEY_STORE);ks.load(is, password.toCharArray());is.close();return ks;}/*** 由KeyStore获得私钥** @param keyStorePath* @param alias* @param storePass* @return*/private static PrivateKey getPrivateKey(String keyStorePath, String alias, String storePass, String keyPass) throws Exception {KeyStore ks = getKeyStore(keyStorePath, storePass);PrivateKey key = (PrivateKey) ks.getKey(alias, keyPass.toCharArray());return key;}/*** 由Certificate获得公钥** @param keyStorePath KeyStore路径* @param alias 别名* @param storePass KeyStore访问密码*/private static PublicKey getPublicKey(String keyStorePath, String alias, String storePass) throws Exception {KeyStore ks = getKeyStore(keyStorePath, storePass);PublicKey key = ks.getCertificate(alias).getPublicKey();return key;}/*** 从KeyStore中获取公钥，并经BASE64编码** @param keyStorePath* @param alias* @param storePass*/public static String getStrPublicKey(String keyStorePath, String alias, String storePass) throws Exception {PublicKey key = getPublicKey(keyStorePath, alias, storePass);String strKey = encryptBASE64(key.getEncoded());return strKey;}/*** 获取经BASE64编码后的私钥** @param keyStorePath* @param alias* @param storePass* @param keyPass* @return* @throws Exception* @author 奔跑的蜗牛*/public static String getStrPrivateKey(String keyStorePath, String alias, String storePass, String keyPass) throws Exception {PrivateKey key = getPrivateKey(keyStorePath, alias, storePass, keyPass);String strKey = encryptBASE64(key.getEncoded());return strKey;}public static void main(String[] args) throws Exception {String keyStorePath = "D:\\sumscope\\MyCode\\cer\\fd-alias.keystore";String strPublicKey = getStrPublicKey(keyStorePath, "fd-alias", "123456");System.out.println("公钥："+strPublicKey);String strPrivateKey = getStrPrivateKey(keyStorePath, "fd-alias", "123456", "123456");System.out.println("私钥："+strPrivateKey);}}

结果：

使用生成公钥私钥进行解密

上面生成的公钥私钥需要保留，在这里需要使用到

package com.springweb.utils;import mons.codec.binary.Base64;import javax.crypto.Cipher;import java.security.*;import java.security.interfaces.RSAPrivateKey;import java.security.interfaces.RSAPublicKey;import java.security.spec.PKCS8EncodedKeySpec;import java.security.spec.X509EncodedKeySpec;import java.util.HashMap;import java.util.Map;public class RSAEncrypt {public static void main(String[] args) throws Exception {testAll();}public static void test() throws Exception {//生成公钥和私钥Map<String, String> keyMap = new HashMap<>();keyMap.put("publicKey", "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEXr8P0dlvpZRhcKSkKgfzSRA3TpH8RfZc7b529PeiaRQGm7cXlath5w0Nj1gs6jZWSzltcf7SIdMEkpxTX4/xbXt8v/87L7DdicGOt4+VVh6NOrqB9HhNqeEtGRMv+DAHg6zij3uA+YCNA40Oretojjf4v51QSsvfQv6W4DWhTQIDAQAB");keyMap.put("privateKey", "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMRevw/R2W+llGFwpKQqB/NJEDdOkfxF9lztvnb096JpFAabtxeVq2HnDQ2PWCzqNlZLOW1x/tIh0wSSnFNfj/Fte3y//zsvsN2JwY63j5VWHo06uoH0eE2p4S0ZEy/4MAeDrOKPe4D5gI0DjQ6t62iON/i/nVBKy99C/pbgNaFNAgMBAAECgYBRAjUXtZ5ZrJkVyX5iKuS0vINwDX2z8Li9hWZ5dH1kBq04PKy/kgLtlH+SBHx/qu9XkhjSyaAx17pRvJm420dpvJy7T9GHlQ9bOVxaKNxsodxokERu69+YqHmfFrRG7UjfVup4gqU1SRdBaRWmMhY7QwTCQgV5IOJG/gDICa6LkQJBAOJoCZGz3d+oKsv1GRpmtUMrACyuK20jAC0G8wkNyn80UF8eyX9C2axSFX55Ha94YSkLGC5hzxlkHvT1COaRmVsCQQDeCaQSoypYfYDaSPXi8IpXHgY2QzB2ABP0SjqDlcMV+pK/G4e5i8ptmQZOlYUgkjAGEeXX8sq5iQHJ7hNZXYh3AkEArEsB5Thcw0RFdTrK5LV+gWPq2RWeBIqbKqjcMGqnTBAyjYBvVII6BhHdO4bN2WehgMtplnpmUOtJR55lLJlmewJAEcDDlZnmMN0YCFv9DQAej4ifBoeowEaRUd79frfiuUcnpJAW8gbzUIADuRTLaCdIH7QepH2NJ/iEZBjdAzAvUQJAW0jhWNcfM+2eMuUNvjRCLlKnoJN8yhY0Sl+oPP1ImEbFoWSh/kIa4dZep8FDSrChq8FTPaK0DgUWno893QMszA==");String publicKey = keyMap.get("publicKey");String privateKey = keyMap.get("privateKey");System.out.println("公钥："+publicKey);System.out.println("私钥："+privateKey);// 原始字符串String message = "我是测试 原始内容";System.out.println("原始数据："+message);long startTime = System.currentTimeMillis();for (int i=0;i<10;i++){String messageEn = publicKeyEncrypt(message, publicKey);System.out.println("公钥加密后内容:" + messageEn);String messageDe = privateKeyDecrypt(messageEn, privateKey);System.out.println("私钥解密后内容:" + messageDe);}long endTime = System.currentTimeMillis();System.out.println(endTime - startTime);}/*** 公加私解* 私加公解* @throws Exception*/public static void testAll() throws Exception {//生成公钥和私钥Map<String, String> keyMap = new HashMap<>();keyMap.put("publicKey", "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCmqgoIV7+9E2JI7FHFPyEiFzaCufvP0JNIqR3HoytzME9Nt1c3ykMClOpgO8drsZILfAx/rXLdsWC4jjKORWSFDJ+UEqD6y8qOyzFwK3sRR9zdS7rWxdl62IfsdQdHptlygQ/MC09a8koXjbUdiqadf0NkjMiMaZfnHoqWbWmttQIDAQAB");keyMap.put("privateKey", "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKaqCghXv70TYkjsUcU/ISIXNoK5+8/Qk0ipHcejK3MwT023VzfKQwKU6mA7x2uxkgt8DH+tct2xYLiOMo5FZIUMn5QSoPrLyo7LMXArexFH3N1LutbF2XrYh+x1B0em2XKBD8wLT1rySheNtR2Kpp1/Q2SMyIxpl+ceipZtaa21AgMBAAECgYBuxJJ4awGXQ5vOBapvIv79blofVkbDHsfUwfl15r+JBjGe4FyKStZwj9KZ9QEcVV9QXLjd3sR6DVrQLknxfrNIGtKnw15tKrNvec+nt/TqKXlY1sQThouBGmISLl2kTe0mIdOdVfJ5bGpe8miH73/3C6eGMnCWfcT3/acLYP++vQJBAOBgIggoFqZlQi0IOQhC7tM8VeMG/D8ie8gJK2O86Q72elz/WLTs4ttIQZLDxEu3buFs5PUTpDnP9cuXRu3EF/cCQQC+J5R4ZrQZEr6yIyoal+3NzpyIE42KfOgYrOZc2E9BhaX2vVT+xyPhOARfG5TOiU0BNXiy3H9MGG24cj/e13SzAkBzEnqBqmWrYuUkiUIOrZ0kcp4tt+hoTLwk5Cb/mOQCC4DH7yFEcPULtywCJCqpFmNkc1+dHTytda0+g9AZoucTAkB59IiUb8oyCoOjXEo0pBwwUsKxw1iT6Wgx6zITeefa7gxzIxrQDIhGedbT6KyXiheJHvI6RJCgDUrRcPTlxulhAkEAjHzGzkMmzFM02WqUidyv3TQzCBaoSBeWr+69j6PeLg/i+3szERleWXiHtgPb/s+DzY0P+rZYkILHuxNRiKQU2A==");String publicKey = keyMap.get("publicKey");String privateKey = keyMap.get("privateKey");System.out.println("公钥："+publicKey);System.out.println("私钥："+privateKey);// 原始字符串String message = "我是测试原始内容";System.out.println("原始数据："+message);String messageEn = publicKeyEncrypt(message, publicKey);System.out.println("公钥加密后内容:" + messageEn);String messageDe = privateKeyDecrypt(messageEn, privateKey);System.out.println("私钥解密后内容:" + messageDe);System.out.println("=====================");//私钥加密，公钥解密String s = privateKeyEncrypt(message, privateKey);System.out.println("私钥加密后内容："+s);String s1 = publicKeyDecrypt(s, publicKey);System.out.println("公钥解密后内容："+s1);}/*** 随机生成密钥对** @throws NoSuchAlgorithmException*/public static Map<String, String> genKeyPair() throws NoSuchAlgorithmException {// KeyPairGenerator类用于生成公钥和私钥对，基于RSA算法生成对象KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA");// 初始化密钥对生成器，密钥大小为96-1024位keyPairGen.initialize(1024, new SecureRandom());// 生成一个密钥对，保存在keyPair中KeyPair keyPair = keyPairGen.generateKeyPair();RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate(); // 得到私钥RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); // 得到公钥String publicKeyString = new String(Base64.encodeBase64(publicKey.getEncoded()));// 得到私钥字符串String privateKeyString = new String(Base64.encodeBase64((privateKey.getEncoded())));// 将公钥和私钥保存到MapMap<String, String> map = new HashMap<>();map.put("publicKey", publicKeyString);map.put("privateKey", privateKeyString);return map;}/*** RSA公钥加密** @param str 加密字符串* @param publicKey 公钥* @return 密文* @throws Exception 加密过程中的异常信息*/public static String publicKeyEncrypt(String str, String publicKey) throws Exception {//base64编码的公钥byte[] decoded = Base64.decodeBase64(publicKey);RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(decoded));//RSA加密Cipher cipher = Cipher.getInstance("RSA");cipher.init(Cipher.ENCRYPT_MODE, pubKey);String outStr = Base64.encodeBase64String(cipher.doFinal(str.getBytes("UTF-8")));return outStr;}/*** RSA私钥解密** @param str 加密字符串* @param privateKey 私钥* @return 铭文* @throws Exception 解密过程中的异常信息*/public static String privateKeyDecrypt(String str, String privateKey) throws Exception {//64位解码加密后的字符串byte[] inputByte = Base64.decodeBase64(str.getBytes("UTF-8"));//base64编码的私钥byte[] decoded = Base64.decodeBase64(privateKey);RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decoded));//RSA解密Cipher cipher = Cipher.getInstance("RSA");cipher.init(Cipher.DECRYPT_MODE, priKey);String outStr = new String(cipher.doFinal(inputByte));return outStr;}/*** RSA私钥加密** @param str* @param privateKey* @return* @throws Exception*/public static String privateKeyEncrypt(String str, String privateKey) throws Exception {//base64编码的公钥byte[] decoded = Base64.decodeBase64(privateKey);PrivateKey priKey = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decoded));//RSA加密Cipher cipher = Cipher.getInstance("RSA");cipher.init(Cipher.ENCRYPT_MODE, priKey);String outStr = Base64.encodeBase64String(cipher.doFinal(str.getBytes()));return outStr;}/*** RSA公钥解密** @param str* @param publicKey* @return* @throws Exception*/public static String publicKeyDecrypt(String str, String publicKey) throws Exception {//64位解码加密后的字符串byte[] inputByte = Base64.decodeBase64(str.getBytes("UTF-8"));//base64编码的私钥byte[] decoded = Base64.decodeBase64(publicKey);PublicKey pubKey = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(decoded));//RSA解密Cipher cipher = Cipher.getInstance("RSA");cipher.init(Cipher.DECRYPT_MODE, pubKey);String outStr = new String(cipher.doFinal(inputByte));return outStr;}}

传入公钥私钥，进行解密，执行testAll方法，解密结果为：

源码地址

公钥私钥源码github