涉及类:KeyPairGenerator KeyPair SAPrivateKey RSAPublicKey X509EncodedKeySpec X509EncodedKeySpec PKCS8EncodedKeySpec Cipher
rsa 公钥加密,私钥解密常用使用场景
1.客户端-服务端通讯发送消息,客户端消息公钥加密,服务端私钥解密
2.机密文件加密存储,服务端解密在线显示
3.机密数据库数据内容加密存储,服务端解密显示
4.文章关键页加密,付费后服务端解密查看等等
rsa 公钥加密私钥解密demo
<dependency> <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> <version>1.11</version> </dependency>
公钥加密私钥解密测试方法
private static final String ALGORITHM_NAME = "RSA"; public static final String CHARSET = "UTF-8";
/** * @description: demos of jdk8 java.security KeyPairGenerator KeyPair * RSAPrivateKey RSAPublicKey X509EncodedKeySpec X509EncodedKeySpec PKCS8EncodedKeySpec Cipher * ras public_key encode and private_key decode 用ras 公钥加密 私钥解密 */ @Test public void testPublicEncryptAndPrivateDecrypt() throws Exception { String originMessage = "需要加密的字符串"; // KeyPairGenerator类用于生成公钥和私钥对,基于RSA算法生成对象 KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA"); // 初始化生成器大小 keyPairGenerator.initialize(1024); // 生成密钥对 KeyPair keyPair = keyPairGenerator.generateKeyPair(); // 获取私钥 PrivateKey privateKey = keyPair.getPrivate(); // 获取公钥 PublicKey publicKey = keyPair.getPublic(); // 公钥字符串 String publicKeyStr = Base64.encodeBase64URLSafeString(publicKey.getEncoded()); // 私钥字符串 String privateKeyStr =Base64.encodeBase64URLSafeString(privateKey.getEncoded()); System.out.println("public key str is:"+ publicKeyStr); System.out.println("private key str is:"+ privateKeyStr); // 加密后bytes byte[] encryptedBytes = publicKeyEncrypt(originMessage,publicKeyStr); // 解密后bytes byte[] decryptedBytes = privateKeydecrypt(encryptedBytes,privateKeyStr); //输出加密后字符串 System.out.println("public encrypted str:"+ new String(encryptedBytes)); //输出解密后内容 System.out.println("private decrypted str:"+ new String(decryptedBytes,CHARSET)); }
公钥加密方法
/** * @description public key encrypt * 公钥加密:实际情况一般是私钥和公钥是提前生成好的,我们需要读取配置文件或者输入值获取公钥私钥字符串去加密解密,因为传入参数需要是字符串, * privateKey publicKey 对象进行后续操作 **/ public byte[] publicKeyEncrypt(String message ,String publicKeyStr) throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, NoSuchPaddingException, BadPaddingException, IllegalBlockSizeException, UnsupportedEncodingException { // 初始化rsa密钥factory KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM_NAME); // 根据公钥字符串初始化X509的keySpec对象 X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(Base64.decodeBase64(publicKeyStr)); // 根据keySpec初始化rsa公钥,以及Cipher密码器 RSAPublicKey rsaPublicKey = (RSAPublicKey) keyFactory.generatePublic(x509KeySpec); Cipher cipher =Cipher.getInstance("RSA"); cipher.init(Cipher.ENCRYPT_MODE,rsaPublicKey); // 返回加密后的内容 return cipher.doFinal(message.getBytes(CHARSET)); }
私钥解密方法
/** * @description private key decrypt * 私钥解密:实际情况一般是私钥和公钥是提前生成好的,我们需要读取配置文件或者输入值获取公钥私钥字符串去加密解密,因为传入参数需要是字符串, * privateKey publicKey 对象进行后续操作 **/ public byte[] privateKeydecrypt(byte[] encryptBytes ,String privateKeyStr) throws NoSuchAlgorithmException, InvalidKeyException, NoSuchPaddingException, BadPaddingException, IllegalBlockSizeException, InvalidKeySpecException { // 初始化rsa密钥factory KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM_NAME); // 根据私钥初始化PKCS8的keySpec对象 PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKeyStr)); // 根据keySpec初始化rsa私钥,以及Cipher密码器 RSAPrivateKey privateKey = (RSAPrivateKey) keyFactory.generatePrivate(pkcs8KeySpec); Cipher cipher =Cipher.getInstance("RSA"); cipher.init(Cipher.DECRYPT_MODE,privateKey); // 返回解密后的内容 return cipher.doFinal(encryptBytes); }
