RSA公钥加密算法是1977年由罗纳德·李维斯特(Ron Rivest)、阿迪·萨莫尔(Adi Shamir)和伦纳德·阿德曼(Leonard Adleman)一起提出的。1987年首次公布,当时他们三人都在麻省理工学院工作。RSA就是他们三人姓氏开头字母拼在一起组成的。
RSA是目前最有影响力的公钥加密算法,它能够抵抗到目前为止已知的绝大多数密码攻击,已被ISO推荐为公钥数据加密标准。
今天只有短的RSA钥匙才可能被强力方式解破。到2008年为止,世界上还没有任何可靠的攻击RSA算法的方式。只要其钥匙的长度足够长,用RSA加密的信息实际上是不能被解破的。但在分布式计算和量子计算机理论日趋成熟的今天,RSA加密安全性受到了挑战。
RSA算法基于一个十分简单的数论事实:将两个大素数相乘十分容易,但是想要对其乘积进行因式分解却极其困难,因此可以将乘积公开作为加密密钥。
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Cipher;
/**
* RSA加密解密
*
* @author jianggujin
*
*/
public class RSACoder
{
public static final String SIGNATURE_ALGORITHM_MD5withRSA = "MD5withRSA";
public static final String SIGNATURE_ALGORITHM_SHA1withRSA = "SHA1withRSA";
public static final String PUBLIC_KEY = "RSAPublicKey";
public static final String PRIVATE_KEY = "RSAPrivateKey";
private static final String KEY_ALGORITHM = "RSA";
/**
* 签名
*
* @param data
* @param privateKey
* @return
* @throws Exception
*/
public byte[] sign(byte[] data, byte[] privateKey) throws Exception
{
return sign(data, privateKey, SIGNATURE_ALGORITHM_SHA1withRSA);
}
/**
* 签名
*
* @param data
* @param privateKey
* @param signatureAlgorithm
* @return
* @throws Exception
*/
public byte[] sign(byte[] data, byte[] privateKey, String signatureAlgorithm)
throws Exception
{
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(privateKey);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
PrivateKey priKey = keyFactory.generatePrivate(pkcs8KeySpec);
Signature signature = Signature.getInstance(signatureAlgorithm);
signature.initSign(priKey);
signature.update(data);
return signature.sign();
}
/**
* 验证
*
* @param data
* @param publicKey
* @param sign
* @return
* @throws Exception
*/
public boolean verify(byte[] data, byte[] publicKey, byte[] sign)
throws Exception
{
return verify(data, publicKey, sign, SIGNATURE_ALGORITHM_SHA1withRSA);
}
/**
* 验证
*
* @param data
* @param publicKey
* @param sign
* @param signatureAlgorithm
* @return
* @throws Exception
*/
public boolean verify(byte[] data, byte[] publicKey, byte[] sign,
String signatureAlgorithm) throws Exception
{
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicKey);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
PublicKey pubKey = keyFactory.generatePublic(keySpec);
Signature signature = Signature.getInstance(signatureAlgorithm);
signature.initVerify(pubKey);
signature.update(data);
return signature.verify(sign);
}
/**
* 公钥加密
*
* @param data
* @param publicKey
* @return
* @throws Exception
*/
public byte[] encryptByPublicKey(byte[] data, byte[] publicKey)
throws Exception
{
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(publicKey);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
Key publicK = keyFactory.generatePublic(x509KeySpec);
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(1, publicK);
return cipher.doFinal(data);
}
/**
* 私钥加密
*
* @param data
* @param privateKey
* @return
* @throws Exception
*/
public byte[] encryptByPrivateKey(byte[] data, byte[] privateKey)
throws Exception
{
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(privateKey);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
Key privateK = keyFactory.generatePrivate(pkcs8KeySpec);
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(1, privateK);
return cipher.doFinal(data);
}
/**
* 私钥解密
*
* @param data
* @param privateKey
* @return
* @throws Exception
*/
public byte[] decryptByPrivateKey(byte[] data, byte[] privateKey)
throws Exception
{
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(privateKey);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
Key privateK = keyFactory.generatePrivate(pkcs8KeySpec);
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(2, privateK);
return cipher.doFinal(data);
}
/**
* 公钥解密
*
* @param data
* @param publicKey
* @return
* @throws Exception
*/
public byte[] decryptByPublicKey(byte[] data, byte[] publicKey)
throws Exception
{
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(publicKey);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
Key publicK = keyFactory.generatePublic(x509KeySpec);
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(2, publicK);
return cipher.doFinal(data);
}
/**
* 初始化密钥
*
* @return
* @throws Exception
*/
public Map<String, byte[]> initKey() throws Exception
{
KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(KEY_ALGORITHM);
keyPairGen.initialize(1024);
KeyPair keyPair = keyPairGen.generateKeyPair();
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
Map<String, byte[]> keyMap = new HashMap<String, byte[]>(2);
keyMap.put(PUBLIC_KEY, publicKey.getEncoded());
keyMap.put(PRIVATE_KEY, privateKey.getEncoded());
return keyMap;
}
}