RSA公开密钥密码体制

所谓的公开密钥密码体制就是使用不同的加密密钥与解密密钥，是一种“由已知加密密钥推导出解密密钥在计算上是不可行的”密码体制。在公开密钥密码体制中，加密密钥（即公开密钥）PK是公开信息，而解密密钥（即秘密密钥）SK是需要保密的。加密算法E和解密算法D也都是公开的。虽然解密密钥SK是由公开密钥PK决定的，但却不能根据PK计算出SK。

Java简单实现

public class RSAUtil {

    /**
     * 随机生成秘钥对
     *
     * @return
     * @throws Exception
     */
    public static KeyPair getKeyPair() throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(2048);
        KeyPair keyPair = keyPairGenerator.generateKeyPair();
        return keyPair;
    }

    /**
     * 获取公钥(Base64编码)
     *
     * @param keyPair
     * @return
     */
    public static String getPublicKey(KeyPair keyPair) {
        PublicKey publicKey = keyPair.getPublic();
        byte[] bytes = publicKey.getEncoded();
        return byte2Base64(bytes);
    }


    /**
     * 获取私钥(Base64编码)
     *
     * @param keyPair
     * @return
     */
    public static String getPrivateKey(KeyPair keyPair) {
        PrivateKey privateKey = keyPair.getPrivate();
        byte[] bytes = privateKey.getEncoded();
        return byte2Base64(bytes);
    }


    /**
     * 将Base64编码后的公钥转换成PublicKey对象
     *
     * @param pubStr
     * @return
     * @throws Exception
     */
    public static PublicKey string2PublicKey(String pubStr) throws Exception {
        byte[] keyBytes = base642Byte(pubStr);
        X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        PublicKey publicKey = keyFactory.generatePublic(keySpec);
        return publicKey;
    }

    /**
     * 将Base64编码后的私钥转换成PrivateKey对象
     *
     * @param priStr
     * @return
     * @throws Exception
     */
    public static PrivateKey string2PrivateKey(String priStr) throws Exception {
        byte[] keyBytes = base642Byte(priStr);
        PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        PrivateKey privateKey = keyFactory.generatePrivate(keySpec);
        return privateKey;
    }

    /**
     * 公钥加密
     *
     * @param content
     * @param publicKey
     * @return
     * @throws Exception
     */
    public static byte[] publicEncrypt(byte[] content, PublicKey publicKey) throws Exception {
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.ENCRYPT_MODE, publicKey);
        byte[] bytes = cipher.doFinal(content);
        return bytes;
    }

    /**
     * 私钥解密
     *
     * @param content
     * @param privateKey
     * @return
     * @throws Exception
     */
    public static byte[] privateDecrypt(byte[] content, PrivateKey privateKey) throws Exception {
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.DECRYPT_MODE, privateKey);
        byte[] bytes = cipher.doFinal(content);
        return bytes;
    }

    /**
     * 字节数组转Base64编码
     *
     * @param bytes
     * @return
     */
    public static String byte2Base64(byte[] bytes) {
        BASE64Encoder encoder = new BASE64Encoder();
        return encoder.encode(bytes);
    }

    /**
     * Base64编码转字节数组
     *
     * @param base64Key
     * @return
     * @throws IOException
     */
    public static byte[] base642Byte(String base64Key) throws IOException {
        BASE64Decoder decoder = new BASE64Decoder();
        return decoder.decodeBuffer(base64Key);
    }
}

测试

public class RSATest {

    @Test
    public void testRSA() throws Exception {
        //===============生成公钥和私钥，公钥传给客户端，私钥服务端保留==================
        //1、生成RSA公钥和私钥，并Base64编码
        KeyPair keyPair = RSAUtil.getKeyPair();
        String publicKeyStr = RSAUtil.getPublicKey(keyPair);
        System.out.println("对RSA公钥Base64编码:" + publicKeyStr);

        //=================客户端=================
        //hello, i am infi, good night!加密
        String message = "hello,~!#$%^&*() word !";
        //2、将Base64编码后的公钥转换成PublicKey对象
        PublicKey publicKey = RSAUtil.string2PublicKey(publicKeyStr);
        //3、用公钥加密
        byte[] publicEncrypt = RSAUtil.publicEncrypt(message.getBytes(), publicKey);
        //4、对加密后的内容进行Base64编码
        String byte2Base64 = RSAUtil.byte2Base64(publicEncrypt);
        System.out.println("对加密后的内容进行Base64编码：" + byte2Base64);

        //5、网络上传输的内容有Base64编码后的公钥和Base64编码后的公钥加密的内容

        //===================服务端================
        //6、将自己的私钥Base64编码后转换成PrivateKey对象
        String privateKeyStr = RSAUtil.getPrivateKey(keyPair);
        System.out.println("RSA私钥Base64编码:" + privateKeyStr);
        PrivateKey privateKey = RSAUtil.string2PrivateKey(privateKeyStr);
        //7、加密后的内容Base64解码
        byte[] base642Byte = RSAUtil.base642Byte(byte2Base64);
        //8、用私钥解密
        byte[] privateDecrypt = RSAUtil.privateDecrypt(base642Byte, privateKey);
        //9、解密后的明文
        System.out.println("解密后的明文: " + new String(privateDecrypt));
    }
}

结果：

对RSA公钥Base64编码:MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xYnm00TiK9g6m2xpVbXvvEDkRVLOeX7
qv8b4/c0xGQOon8SDxDKSse0wcp4ZvKxd03izqKbXVlvzrFwgeXR+3aAme5MAZbEGIWfHolij5d8
VtSbOqj0a65Fn35QcZ8dFG3HekBUq8VvlUxVpTxwT6yjvFWKcaP0w1iRopE9uVuQGLcPCIc7lywg
Aym+RWOXlgbCizpiTwUtIBlcmZ36BiPzNhmPa2QfXAb+qvfVt+MF6+rcv250XzT3xsj8dwdVYx5T
PcfFepGKn7xSe3vQFw3fGVP/YnG4yxPPsBwuNJgLwAl026ROylFVtkruY2nn7gCDGUFyMZ9hirML
LpDEawIDAQAB

对加密后的内容进行Base64编码：n7xVhjBFEWGQ3D4NEYgRB50Tcf7CrsMhmwDbZZ10gcgp07Q7sjQCestjZPgxJS0XLBLL/EdwjEI4
54iDjbfCRHYV9Lf921HkHhwBNhN6tsLynn990wBg7jXlehmEgPkhpaiOJ5lwUu6pRaQVx1vw2LD1
NzBtdLQcY0B4a4nByVa/OiZYg4xltwpUPHbKnluEUvrC5HZCL6B/kPq9LYwLV6txvHAnabqVjOzs
R10T7juPSBKhjESK14kHLSVbfBFmkXza1efDXBlabP8QIsc3QiJ2y+k3ZCu58mRGbLFQJ3p26byQ
Y5q9bJBPdtqzusj1ObB7p420z7tEevLQ98hcPQ==

RSA私钥Base64编码:MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDrFiebTROIr2DqbbGlVte+8QOR
FUs55fuq/xvj9zTEZA6ifxIPEMpKx7TBynhm8rF3TeLOoptdWW/OsXCB5dH7doCZ7kwBlsQYhZ8e
iWKPl3xW1Js6qPRrrkWfflBxnx0Ubcd6QFSrxW+VTFWlPHBPrKO8VYpxo/TDWJGikT25W5AYtw8I
hzuXLCADKb5FY5eWBsKLOmJPBS0gGVyZnfoGI/M2GY9rZB9cBv6q99W34wXr6ty/bnRfNPfGyPx3
B1VjHlM9x8V6kYqfvFJ7e9AXDd8ZU/9icbjLE8+wHC40mAvACXTbpE7KUVW2Su5jaefuAIMZQXIx
n2GKswsukMRrAgMBAAECggEADajb5Eo2OFr4Zqa5C8JgBtg6PNPf6x1R4j2wgS58Am1N7GM1yWpQ
VsgD2L7LADBZ33THGPqZzHLF7FyjDOktqk7YahlOkUkRW9tnw354G5/RubngyyfGC/u0T/Am/HMi
XW2DibbzNIfkU+h7kX5RiE+fs/HEeZXtQuyCic+mpn5u/a70uF1cH5mgjq5/tHsFgRwok/Sgbz2i
zhghkVBSPGboNBSaM7IXrJezJobg4mr/rPHBxGfEEDlqe30AaaDa4wKo1jvJm3naFYTuK7dy5v+b
dAaoo+v5oGYTi6zoHBsrqR91sBXInKa1QSM3zA2e7aqentfilEFZkAlQTNwmAQKBgQD5fAnpXK5g
z2UPyLvInlkyfJEKnN2QICR5amxbxjP4LidvylzVOyG7JJmA/oNg6yAV/+/zuFngDx1Rq2WCWcPU
MJSbkcW+4HG1ZQCXBuqZcSItQHNAMRTk5g8x9gKurxPDSQRFWk/BUZcVCnt5PKSO7BI62iBccJft
T+j1SZQhswKBgQDxOds8187fSYrRSHnmZLS/tmPba1LYYHyH5VgNGTP8r5LKv9nigS5ECTe6BzWS
SuMQu3r/M52w0VZkKfG8W5Clgkyvi22ZeZ91imVvCscWe81piSOo+As+oDKaYd4VgP5h/c1VLs+q
WZR6Oky0qaIwc05DTtOLQdcyhePgxghGaQKBgQDVVtZ68cBEFNWM+9Boq9AGtjKpap6konfOQ81J
ZWIHdiBPHjLoPFqJ17BUeFAMTsPvTB76wMhKK2Kc9f4ly3EEQE60AaGhqfhSb35jp4xxjib1n0lu
uQnu+zQ/OunsStaRhhza2XGeFJEncwFHGS528TRdky1dHwMr8ct6BWNgtQKBgDpVK1cDONt2BUOm
qxOztqHFkVA2G8qHSpXyN+Cy/4dTTcQJsL69TlrVf8xUgffmdBJPw+aCrNddR+7g1bweyFO9tp2c
sdwzNQRPe0fm603ckke7CgyKLu3t/06l6/Z3QwyfO1AmCcG/98+22WW2v6nHuF0+apl6SnfFON3a
BZZBAoGAAbcItSD89Al4OgMXOlr0npCDphPvEuxGSBW5VJliM9dV1SzT3BzmuAlvRVIE7Gu6BcNe
ZQT0uvF/o1LP0FjsX58QmlUCbPmoY8xsj5NvKnti5XeeRGaEt+8GgH8V/xaRYxYIrj3OyCG4VFLs
mdYUg25OqirV+LNFzufrN9115M0=

解密后的明文: hello,~!#$%^&*() word !

Java-加密篇
Java加解-RSA加解密
Java加密-Signature数据签名
Java加密-AES加解密
Java加密-密钥的保存与获取