非对称加密为数据的加密与解密提供了一个非常安全的方法,它使用了一对密钥,公钥(public key)和私钥(private key)。私钥只能由一方安全保管,不能外泄,而公钥则可以发给任何请求它的人。非对称加密使用这对密钥中的一个进行加密,而解密则需要另一个密钥。比如,你向银行请求公钥,银行将公钥发给你,你使用公钥对消息加密,那么只有私钥的持有人--银行才能对你的消息解密。与对称加密不同的是,银行不需要将私钥通过网络发送出去,因此安全性大大提高。
目前最常用的非对称加密算法是RSA算法,是Rivest, Shamir, 和Adleman于1978年发明,他们那时都是在MIT。
以下是RSA运行实例:
package Utils; import java.io.UnsupportedEncodingException; import java.security.InvalidKeyException; import java.security.Key; import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; import java.security.PublicKey; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import javax.crypto.Cipher; import javax.crypto.NoSuchPaddingException; import org.apache.commons.codec.binary.Base64; public class RSAUtils { /** * 生成非对称密钥对 * @return * @throws Exception */ public static KeyPair genKeyPair() throws Exception{ KeyPairGenerator keyp = KeyPairGenerator.getInstance("RSA"); keyp.initialize(1024); return keyp.generateKeyPair(); } public static String getPublicKey() throws Exception{ Key key = genKeyPair().getPublic(); byte[] bytekey = key.getEncoded(); byte[] byte64 = Base64.encodeBase64(bytekey);//将字符编码为base64编码 String keystr = new String(byte64,"UTF-8"); return keystr; } public static String getPrivateKey() throws Exception{ Key key = genKeyPair().getPrivate(); byte[] bytekey = key.getEncoded(); byte[] byte64 = Base64.encodeBase64(bytekey);//将字符编码为base64编码 String keystr = new String(byte64,"UTF-8"); return keystr; } /** * 加密 * @param src * @param key * @return * @throws Exception */ public static byte[] encrypt(byte[] src,String key) throws Exception{ // byte[] bytekey = key.getBytes("UTF-8"); // byte[] byte64 = Base64.decodeBase64(bytekey); byte[] byte64 = Base64.decodeBase64(key); X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(byte64); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); Key publicKey = keyFactory.generatePublic(x509KeySpec); // 对数据加密 Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); cipher.init(Cipher.ENCRYPT_MODE, publicKey); return cipher.doFinal(src); } /** * 解密 * @param src * @param key * @return * @throws Exception */ public static byte[] decrypt(byte[] src,String key) throws Exception{ // byte[] bytekey = key.getBytes("UTF-8"); // byte[] byte64 = Base64.decodeBase64(bytekey); byte[] byte64 = Base64.decodeBase64(key); // 取得私钥 PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(byte64); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); Key privateKey = keyFactory.generatePrivate(pkcs8KeySpec); // 对数据解密 Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); cipher.init(Cipher.DECRYPT_MODE, privateKey); return cipher.doFinal(src); } public static void main(String[] arg) throws Exception{ String name = "2"; byte[] bytes= name.getBytes("UTF-8"); String pubKey = getPublicKey(); String priKey = getPrivateKey(); byte[] bytes1 = encrypt(bytes,pubKey); byte[] byte64 = Base64.encodeBase64(bytes1); String name1 = new String(byte64,"UTF-8"); System.out.println(name1); System.out.println("==========="); byte[] bytes2 = name1.getBytes("UTF-8"); byte[] bytes3 = decrypt(bytes2,priKey); byte[] byte641 = Base64.encodeBase64(bytes1); String name2 = new String(byte641,"UTF-8"); System.out.println(name2); } }
原文:http://www.cnblogs.com/youzhongmin/p/6934888.html