RSA为非对称加密,发送方用公钥加密,接收方用私钥解密。 只要私钥不被泄露,即使获得公钥和数据也无法解密。 RSA的安全性取决于很大的整数因数分解的难度,目前已知分解的最大整数为768位二进制位。 这就是说,能够解密的最大RSA私钥为768位,但通常使用1024位私钥,并将2048位私钥用于关键数据(当然,提高安全性需要解密时间)。
首先生成公钥和私钥:
publicstaticvoidmain (string [ ] args ) try ) keypairgeneratorkp=key pair generator.getinstance (RSA ); KP.initialize(1024; 如果需要2048私钥,修改参数key pair key pair=KP.generate key pair (); 公共密钥公共密钥=key pair.get公共密钥(; System.out.println (公钥为' newstring(base64.getencoder ).encode(publickey.getencoded ) ) )专用密钥System.out.println (私钥为' newstring(base64.getencoder ).encode(privatekey.getencoded ) ) } catch } nosusuch。 }执行后会产生结果:
公钥为MIG fma0gcsqgsib3dqebaquaa4gnadcbiqkbgqdl0vjjliux5zfefpqq8mf 57 ebrwqchggs6ayrhyvwxkpstyfbcluu 7r6mnaiawfzrflvftne6or7ad MGS m3 xxilnsjzmuvbnl 5a VC/njazzumgfvma 910 w9 I2C2emmwidaqab私钥为、 作为miicdwibadanbgkqhkig9w0 baqefaaascamewgjdageaaogbaack的nsqfapwcecczobhedhvylbgsljngvsiu5tthoycahpyvmt8u9 v9m0tqivtotozt 4c wdg coze 5 C1 sc2 yk3/hgiudkpmxs9ucvlpvz 80 lrpo 4y D4 vwzr3XT D2 lzzyqybagmbaaecgybhnzrdjv5seelfnubhp6cxkonovn1r5 hpbunmzf 7969 rj UML/mzetzvszm8elec 54 okdgynwpwscgkvkz9H7 TMT8yqfiwp 5u VX zy9 bbnl0MSU 97 lmd VJ/n w0 bdzytz0uz0o V6 yvylube 4g7yqhckzxtolo8SJ rib 15 w6hx2qhgqjbapibqvkzopyl3ey9hhhmyoe9vffm/lxhxocfm6man4ikbwcoofmhok 7u4gvowio3curbulhn5wlitwcyvktybscqdswryqjdbj 5t f 412 YY8rpf0gljrvm 2f agg0zz8 bbveyjmrvsvi9Q1 ucfgipvhdpkaooooo 36 E0 jajekkzcxk 90 e i9 c8 cjupacb2qd f1 gn 8d ii 68 AFL lld0jvi y v1 n1 gitlfrakeahrccj 47 ud WAP4jhcjyoidirlgcqvnuda 33 MBP a6 eoy 529 tszsfbxehb8zzzzzzsbbbbbach D4 svuziuv 6a au2P1 bk 3f/ftbpydpm3skn3TV0/RPE 3k jo1di 2g 8gx yr8tge6DM3radou=当然每次获得的公钥的私钥是不同的。 然后,将公钥传递给发送方335555
publicstaticvoidmain (string [ ] args )//公钥字符串,在此处直接赋值。 当然一般不会那样写。 将公钥放在一个数据文件或结构中, 获取stringpublickeystr=' MIG fma0gcsqgsib3dqebaquaa4gnadcbiqkbgqdl0vjjliux5zfefpqq8 MF 57 ebrwqchggs6ayrhyvwxkpstyfbyfbaqdl 3iu 915 wt m3 ns 62 kquxnbhnspn/xxilnsjzmuvbnl 5a VC/njazzumgfvma 910 w9 I2C2emmwidaqab '; try {//将公钥字符串转换为对象byte [ ] public key by=base64.get dec
oder().decode(publicKeyStr.getBytes());KeyFactory keyFactory = KeyFactory.getInstance("RSA");PublicKey publicKey = keyFactory.generatePublic(new X509EncodedKeySpec(publicKeyBy)); // 以上获得的PublicKey可以固化下来,只要秘钥不变,就可以一直使用,但是下面的cipherPublic 不要固化!因为他不是线程安全的,如果使用同一个cipherPublic 并发访问时可能会抛出异常javax.crypto.IllegalBlockSizeException: Data must not be longer than 128 bytesCipher cipherPublic = Cipher.getInstance("RSA");// 设置为加密模式并设置公钥cipherPublic.init(Cipher.ENCRYPT_MODE, publicKey);// 定义一个发送的数据String sendMsg = "你好呀!";// 获得加密的byte[]byte[] encryptByte = cipherPublic.doFinal(sendMsg.toString().getBytes("UTF-8"));// 转变成字符串以进行传输String strKey = Base64.getEncoder().encodeToString(encryptByte);System.out.println("加密后的数据为:" + strKey);} catch (Exception e) {// TODO Auto-generated catch blocke.printStackTrace();}}得到的结果为:
加密后的数据为:dBz/nSJ+jK13dhEhNZOeBcMgQjJfauWP9xl0OLYKiuhKOzYbI+zOezyM1PhHqTvl3hjaTf+wzpzUd+2p75v4Zn8sxSmRw8CIzXTtY/4g3v94cdZbvTfWe+snLXt7qTMdK9grrBqSvBhp/JsOPhd336h/lo77mYd0XEUNJhIFyl0=获得加密数据后接收方就可以进行相应的解密了,不过要注意一些传输方式会破坏加密数据,如url的get方式传输时,加密数据的’+'会被转换成 ’ ',所以接收到数据之后要注意转换回来,不然就解密错误了:
public static void main(String[] args) {// 私钥字符串,这里直接赋值了,同样的,可以把私钥放在一个数据文件或者配置里面去获取String privateKeyStr = "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAOXS+OOWJRfll958+pDwx/nsQFFapwceCCzoBhEdhVYlbGSlJNgVsIu5TtHoycAhpYVmt8u9V9M0TqivtoOZt4cWdgc5nC9l89E8Mvci73XnBMzc2zraRC5c1sc2yk3/HGIudKPMxS9ucvlpVz80lrPO4yD4VWZr3XTD2LZzYQybAgMBAAECgYBHnZRdJv5sEelfNUbHP6CxKoNoVn1R5HPbunmZf7969rJuMl/mzetzvszm8EleC54OkdGYNWpWsCgKvKZ9H7tmT8yQfIwP5uvXZY9bbnL0mSU97LmdvJ/NW0+BDZYTz0Uz0OV6yvyluBe4g7YqhckzXToLO8SJrIB15W6hx2qhgQJBAPiBqvkZOPYL3ey9h+hhMyOE9VfFm/LxHxoCFM6MaN4IkBWCoOFMHoK7U4gVOwio3cURBUlHN5wlITwcyvktYbsCQQDswRYqJDBJ5tF412yy8RpF0glJRVM2FAgG0zz8bBvEYJMRVSVi9+Q1u+cFgIPvHDpkaOEezLq+pR3uBGKJ92KhAkBm3n5g+UDsEUN/sYFl/36E0JAjEkkZCxk90ei9C8CJUPAcB2QDf1gN8++DII68afLLld0jVVi+yVv1n1GiTlfrAkEAhrCCj47u+dwap4jHCjYoIDiRl+GcqVNUDa33MBPA6EOY529tSZSFfBxeHb8zT8DbZ2xTRlZqlzMQh+xustbOgQJBAJSq6ioVUR8YwYMl0VD4svuZiuv6aAu2P1BK3f/ftbPyDPm3SKn3TV0/Rpe3KJO1Di2G+8gXyR8tge6Dm3RAdoU=";// 刚才我们获得的加密数据,一般通过各种传输途径接收到String encryptReceiveMsg = "dBz/nSJ+jK13dhEhNZOeBcMgQjJfauWP9xl0OLYKiuhKOzYbI+zOezyM1PhHqTvl3hjaTf+wzpzUd+2p75v4Zn8sxSmRw8CIzXTtY/4g3v94cdZbvTfWe+snLXt7qTMdK9grrBqSvBhp/JsOPhd336h/lo77mYd0XEUNJhIFyl0=";try {// 把私钥字符串转换成对象byte[] privateKeyBy = Base64.getDecoder().decode(privateKeyStr.getBytes());KeyFactory keyFactory = KeyFactory.getInstance("RSA");PrivateKey privateKey = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(privateKeyBy));// 同样的,可以固化cipherPrivate ,但是不能固化cipherPrivate,因为它不是线程安全的Cipher cipherPrivate = Cipher.getInstance("RSA");// 设置为解密模式并设置私钥cipherPrivate.init(Cipher.DECRYPT_MODE, privateKey);// 进行解密byte[] decryptByte = cipherPrivate.doFinal(Base64.getDecoder().decode(encryptReceiveMsg));// 转换成字符串 String receiveMsg = new String(decryptByte, "UTF-8");System.out.println("解密后的数据:" + receiveMsg);} catch (Exception e) {// TODO Auto-generated catch blocke.printStackTrace();}}得到解密结果:
解密后的数据:你好呀!