公钥与私钥是成对的,一般的,我们认为的是公钥加密、私钥解密、私钥签名、公钥验证,有人说成私钥加密,公钥解密时不对的。
公钥与私钥的生成有多种方式,可以通过程序生成(下文具体实现),可以通过openssl工具:
- # 生成一个私钥,推荐使用1024位的秘钥,秘钥以pem格式保存到-out参数指定的文件中,采用PKCS1格式
- openssl genrsa -out rsa.pem 1024
- # 生成与私钥对应的公钥,生成的是Subject Public Key,一般配合PKCS8格式私钥使用
- openssl rsa -in rsa.pem -pubout -out rsa.pub
RSA生成公钥与私钥一般有两种格式:PKCS1和PKCS8,上面的命令生成的秘钥是PKCS1格式的,而公钥是Subject Public Key,一般配合PKCS8格式私钥使用,所以就可能会涉及到PKCS1和PKCS8之间的转换:
- # PKCS1格式私钥转换为PKCS8格式私钥,私钥直接输出到-out参数指定的文件中
- openssl pkcs8 -topk8 -inform PEM -in rsa.pem -outform pem -nocrypt -out rsa_pkcs8.pem
- # PKCS8格式私钥转换为PKCS1格式私钥,私钥直接输出到-out参数指定的文件中
- openssl rsa -in rsa_pkcs8.pem -out rsa_pkcs1.pem
-
- # PKCS1格式公钥转换为PKCS8格式公钥,转换后的内容直接输出
- openssl rsa -pubin -in rsa.pub -RSAPublicKey_out
- # PKCS8格式公钥转换为PKCS1格式公钥,转换后的内容直接输出
- openssl rsa -RSAPublicKey_in -pubout -in rsa.pub
现实中,我们往往从pem、crt、pfx文件获取公私和私钥,crt、pfx的制作可以参考:简单的制作ssl证书,并在nginx和IIS中使用。
Java实现
为简化说明介绍,这里我直接封装了一个工具类,因为要从pem、crt、pfx文件获取公私和私钥,因此引用了一个第三方包:BouncyCastle,可以直接在pom.xml中添加依赖:
- <dependency>
- <groupId>org.bouncycastle</groupId>
- <artifactId>bcprov-jdk15on</artifactId>
- <version>1.68</version>
- </dependency>
简单封装的RsaUtil.java:
- import java.io.FileInputStream;
- import java.io.FileReader;
- import java.io.FileWriter;
- import java.math.BigInteger;
- import java.security.KeyFactory;
- import java.security.KeyPair;
- import java.security.KeyPairGenerator;
- import java.security.KeyStore;
- import java.security.PrivateKey;
- import java.security.PublicKey;
- import java.security.SecureRandom;
- import java.security.Security;
- import java.security.Signature;
- import java.security.cert.Certificate;
- import java.security.cert.CertificateFactory;
- import java.security.cert.X509Certificate;
- import java.security.interfaces.RSAPrivateKey;
- import java.security.interfaces.RSAPublicKey;
- import java.security.spec.KeySpec;
- import java.security.spec.PKCS8EncodedKeySpec;
- import java.security.spec.RSAPrivateCrtKeySpec;
- import java.security.spec.RSAPublicKeySpec;
- import java.security.spec.X509EncodedKeySpec;
- import java.util.Enumeration;
-
- import javax.crypto.Cipher;
-
- import org.bouncycastle.asn1.ASN1Integer;
- import org.bouncycastle.asn1.ASN1Primitive;
- import org.bouncycastle.asn1.DLSequence;
- import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
- import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
- import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
- import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
- import org.bouncycastle.jce.provider.BouncyCastleProvider;
- import org.bouncycastle.util.io.pem.PemObject;
- import org.bouncycastle.util.io.pem.PemReader;
- import org.bouncycastle.util.io.pem.PemWriter;
-
- public class RsaUtil {
-
- static {
- Security.addProvider(new BouncyCastleProvider());
- }
-
- /**
- * 随机生成密钥对
- *
- * @param usePKCS8
- * 是否采用PKCS8填充模式
- */
- public static Object[] generateRsaKey(boolean usePKCS8) throws Exception {
- KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME);
- // 初始化
- keyPairGen.initialize(1024, new SecureRandom());
- // 生成一个密钥对,保存在keyPair中
- KeyPair keyPair = keyPairGen.generateKeyPair();
- RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate(); // 得到私钥
- RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); // 得到公钥
-
- // 这两个公私钥是PKCS8格式的
- byte[] publicKeyBytes = publicKey.getEncoded();
- byte[] privateKeyBytes = privateKey.getEncoded();
-
- if (!usePKCS8) {
- // 将PSCK8格式公私钥转换为PKCS1格式
- publicKeyBytes = pkcs8ToPkcs1(false, publicKeyBytes);
- privateKeyBytes = pkcs8ToPkcs1(true, privateKeyBytes);
- }
-
- return new Object[] { publicKeyBytes, privateKeyBytes };
- }
-
- /**
- * 从Pem文件读取密钥对
- *
- * @param reader
- * 输入流
- * @param pemFileName
- * pem文件
- */
- public static byte[] readFromPem(String pemFileName) throws Exception {
- PemReader pemReader = new PemReader(new FileReader(pemFileName));
- PemObject pemObject = pemReader.readPemObject();
- byte[] publicKey = pemObject.getContent();
- pemReader.close();
- return publicKey;
- }
-
- /**
- * 从Pem文件读取密钥
- *
- * @param isPrivateKey
- * 是否是私钥
- * @param buffer
- * 字节
- * @param pemFileName
- * pem文件
- */
- public static void writeToPem(byte[] buffer, boolean isPrivateKey, String pemFileName) throws Exception {
-
- PemObject pemObject = new PemObject(isPrivateKey ? "RSA PRIVATE KEY" : "RSA PUBLIC KEY", buffer);
- FileWriter fileWriter = new FileWriter(pemFileName);
- PemWriter pemWriter = new PemWriter(fileWriter);
- pemWriter.writeObject(pemObject);
- pemWriter.close();
- }
-
- /**
- * 从crt文件读取公钥(pkcs8)
- *
- * @param crtFileName
- * crt文件
- * @return 公钥
- */
- public static byte[] readPublicKeyFromCrt(String crtFileName) throws Exception {
- CertificateFactory cf = CertificateFactory.getInstance("X.509");
- X509Certificate cert = (X509Certificate) cf.generateCertificate(new FileInputStream(crtFileName));
-
- PublicKey publicKey = cert.getPublicKey();
- return publicKey.getEncoded();
- }
-
- /**
- * 从pfx文件读取秘钥对(pkcs8)
- *
- * @param pfxFileName
- * pfx文件
- * @return 秘钥对
- */
- public static Object[] readFromPfx(String pfxFileName, String password) throws Exception {
- KeyStore keystore = KeyStore.getInstance("PKCS12");
- char[] passwordChars = null;
- if (password == null || password.equals("")) {
- passwordChars = null;
- } else {
- passwordChars = password.toCharArray();
- }
- keystore.load(new FileInputStream(pfxFileName), passwordChars);
- Enumeration<String> enums = keystore.aliases();
-
- PrivateKey privateKey = null;
- Certificate certificate = null;
- while (enums.hasMoreElements()) {
- String alias = enums.nextElement();
- System.out.println(alias);
- if (keystore.isKeyEntry(alias)) {
- privateKey = (PrivateKey) keystore.getKey(alias, passwordChars);
- certificate = keystore.getCertificate(alias);
- }
- if (privateKey != null && certificate != null)
- break;
- }
- if (privateKey == null || certificate == null) {
- throw new Exception("fail to read key from pfx");
- }
-
- PublicKey publicKey = certificate.getPublicKey();
- return new Object[] { publicKey.getEncoded(), privateKey.getEncoded() };
- }
-
- /**
- * Pkcs8转Pkcs1
- *
- * @param isPrivateKey
- * 是否是私钥转换
- * @param buffer
- * Pkcs1秘钥
- * @return Pkcs8秘钥
- * @throws Exception
- * 加密过程中的异常信息
- */
- public static byte[] pkcs8ToPkcs1(boolean isPrivateKey, byte[] buffer) throws Exception {
- if (isPrivateKey) {
- PrivateKeyInfo privateKeyInfo = PrivateKeyInfo.getInstance(buffer);
- return privateKeyInfo.parsePrivateKey().toASN1Primitive().getEncoded();
- } else {
- SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(buffer);
- return subjectPublicKeyInfo.parsePublicKey().toASN1Primitive().getEncoded();
- }
- }
-
- /**
- * Pkcs1转Pkcs8
- *
- * @param isPrivateKey
- * 是否是私钥转换
- * @param buffer
- * Pkcs1秘钥
- * @return Pkcs8秘钥
- * @throws Exception
- * 加密过程中的异常信息
- */
- public static byte[] pkcs1ToPkcs8(boolean isPrivateKey, byte[] buffer) throws Exception {
- AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption);
- ASN1Primitive asn1Primitive = ASN1Primitive.fromByteArray(buffer);
- if (isPrivateKey) {
- PrivateKeyInfo privateKeyInfo = new PrivateKeyInfo(algorithmIdentifier, asn1Primitive);
- return privateKeyInfo.getEncoded();
- } else {
- SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(algorithmIdentifier, asn1Primitive);
- return subjectPublicKeyInfo.getEncoded();
- }
- }
-
- /**
- * RSA公钥
- *
- * @param usePKCS8
- * 是否采用PKCS8填充模式
- * @param publicKey
- * 公钥
- * @return 公钥
- * @throws Exception
- * 加密过程中的异常信息
- */
- public static RSAPublicKey generatePublicKey(boolean usePKCS8, byte[] publicKey) throws Exception {
- KeySpec keySpec;
- if (usePKCS8) {
- // PKCS8填充
- keySpec = new X509EncodedKeySpec(publicKey);
- } else {
- // PKCS1填充
- DLSequence sequence = (DLSequence) ASN1Primitive.fromByteArray(publicKey);
- BigInteger v1 = ((ASN1Integer) sequence.getObjectAt(0)).getValue();
- BigInteger v2 = ((ASN1Integer) sequence.getObjectAt(1)).getValue();
- keySpec = new RSAPublicKeySpec(v1, v2);
- }
-
- RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME).generatePublic(keySpec);
- return pubKey;
- }
-
- /**
- * RSA私钥
- *
- * @param usePKCS8
- * 是否采用PKCS8填充模式
- * @param privateKey
- * 私钥
- * @return 私钥
- * @throws Exception
- * 解密过程中的异常信息
- */
- public static RSAPrivateKey generatePrivateKey(boolean usePKCS8, byte[] privateKey) throws Exception {
- KeySpec keySpec;
- if (usePKCS8) {
- // PKCS8填充
- keySpec = new PKCS8EncodedKeySpec(privateKey);
- } else {
- // PKCS1填充
- DLSequence sequence = (DLSequence) ASN1Primitive.fromByteArray(privateKey);
- // BigInteger v1= ((ASN1Integer)sequence.getObjectAt(0)).getValue();
- BigInteger v2 = ((ASN1Integer) sequence.getObjectAt(1)).getValue();
- BigInteger v3 = ((ASN1Integer) sequence.getObjectAt(2)).getValue();
- BigInteger v4 = ((ASN1Integer) sequence.getObjectAt(3)).getValue();
- BigInteger v5 = ((ASN1Integer) sequence.getObjectAt(4)).getValue();
- BigInteger v6 = ((ASN1Integer) sequence.getObjectAt(5)).getValue();
- BigInteger v7 = ((ASN1Integer) sequence.getObjectAt(6)).getValue();
- BigInteger v8 = ((ASN1Integer) sequence.getObjectAt(7)).getValue();
- BigInteger v9 = ((ASN1Integer) sequence.getObjectAt(8)).getValue();
- keySpec = new RSAPrivateCrtKeySpec(v2, v3, v4, v5, v6, v7, v8, v9);
- }
-
- RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME).generatePrivate(keySpec);
- return priKey;
- }
-
- /**
- * RSA公钥加密
- *
- * @param value
- * 加密字符串
- * @param publicKey
- * 公钥
- * @return 密文
- * @throws Exception
- * 加密过程中的异常信息
- */
- public static String rsaEncrypt(String value, RSAPublicKey publicKey) throws Exception {
- if (value == null || value.length() == 0)
- return "";
-
- // RSA加密
- Cipher cipher = Cipher.getInstance("RSA");
- cipher.init(Cipher.ENCRYPT_MODE, publicKey);
- byte[] buffer = cipher.doFinal(value.getBytes("utf-8"));
-
- // 使用hex格式输出公钥
- StringBuffer result = new StringBuffer();
- for (int i = 0; i < buffer.length; i++) {
- result.append(String.format("%02x", buffer[i]));
- }
- return result.toString();
- }
-
- /**
- * RSA私钥解密
- *
- * @param value
- * 加密字符串
- * @param privateKey
- * 私钥
- * @return 明文
- * @throws Exception
- * 解密过程中的异常信息
- */
- public static String rsaDecrypt(String value, RSAPrivateKey privateKey) throws Exception {
- if (value == null || value.length() == 0)
- return "";
-
- byte[] buffer = new byte[value.length() / 2];
- for (int i = 0; i < buffer.length; i++) {
- buffer[i] = (byte) Integer.parseInt(value.substring(i * 2, i * 2 + 2), 16);
- }
-
- // RSA解密
- Cipher cipher = Cipher.getInstance("RSA");
- cipher.init(Cipher.DECRYPT_MODE, privateKey);
- buffer = cipher.doFinal(buffer);
- return new String(buffer, "utf-8");
- }
-
- /**
- * RSA签名
- *
- * @param value
- * 加密字符串
- * @param privateKey
- * 私钥
- * @param halg
- * 加密算法,如MD5, SHA1, SHA256, SHA384, SHA512等
- * @return 签名
- * @throws Exception
- * 签名过程中的异常信息
- */
- public static String sign(String value, RSAPrivateKey privateKey, String halg) throws Exception {
-
- Signature s = Signature.getInstance(halg.toUpperCase().endsWith("WithRSA") ? halg : (halg + "WithRSA"));
-
- s.initSign(privateKey);
- s.update(value.getBytes("utf-8"));
-
- byte[] buffer = s.sign();
-
- // 使用hex格式输出公钥
- StringBuffer result = new StringBuffer();
- for (int i = 0; i < buffer.length; i++) {
- result.append(String.format("%02x", buffer[i]));
- }
- return result.toString();
- }
-
- /**
- * RSA签名验证
- *
- * @param value
- * 加密字符串
- * @param publicKey
- * 公钥
- * @param halg
- * 加密算法,如MD5, SHA1, SHA256, SHA384, SHA512等
- * @return 签名合法则返回true,否则返回false
- * @throws Exception
- * 验证过程中的异常信息
- */
- public static boolean verify(String value, RSAPublicKey publicKey, String signature, String halg) throws Exception {
- Signature s = Signature.getInstance(halg.toUpperCase().endsWith("WithRSA") ? halg : (halg + "WithRSA"));
- s.initVerify(publicKey);
- s.update(value.getBytes("utf-8"));
-
- byte[] buffer = new byte[signature.length() / 2];
- for (int i = 0; i < buffer.length; i++) {
- buffer[i] = (byte) Integer.parseInt(signature.substring(i * 2, i * 2 + 2), 16);
- }
-
- return s.verify(buffer);
- }
-
- }
生成公钥和私钥:
- // 生成公私钥
- Object[] rsaKey = RsaUtil.generateRsaKey(usePKCS8); //usePKCS8=true表示是否成PKCS8格式的公私秘钥,否则乘车PKCS1格式的公私秘钥
- byte[] publicKey = (byte[]) rsaKey[0];
- byte[] privateKey = (byte[]) rsaKey[1];
生成秘钥后,需要保存,一般保存到pem文件中:
- // 保存到pem文件,filePath是保存目录
- RsaUtil.writeToPem(publicKey, false, filePath + "rsa.pub");
- RsaUtil.writeToPem(privateKey, true, filePath + "rsa.pem");
可以保存到pem文件中,当然也可以从pem文件中读取了:
- // 从Pem文件读取公私钥,filePath是文件目录
- byte[] publicKey = RsaUtil.readFromPem(filePath + "rsa.pub");
- byte[] privateKey = RsaUtil.readFromPem(filePath + "rsa.pem");
还可以从crt证书中读取公钥,而crt文件不包含私钥,因此需要单独获取私钥:
- // 从crt文件读取公钥(crt文件中不包含私钥),filePath是文件目录
- byte[] publicKey = RsaUtil.readPublicKeyFromCrt(filePath + "demo.crt");
- byte[] privateKey = RsaUtil.readFromPem(filePath + "demo.key");
pfx文件中包含了公钥和私钥,可以很方便就读取到:
- // 从pfx文件读取公私钥,filePath是文件目录
- Object[] rsaKey = RsaUtil.readFromPfx(filePath + "demo.pfx", "123456");
- byte[] publicKey = (byte[]) rsaKey[0];
- byte[] privateKey = (byte[]) rsaKey[1];
有时候我们还可能需要进行秘钥的转换:
- // Pkcs8格式公钥转换为Pkcs1格式公钥
- publicKey = RsaUtil.pkcs8ToPkcs1(false, publicKey);
- // Pkcs8格式私钥转换为Pkcs1格式私钥
- privateKey = RsaUtil.pkcs8ToPkcs1(true, privateKey);
- // Pkcs1格式公钥转换为Pkcs8格式公钥
- publicKey = RsaUtil.pkcs1ToPkcs8(false, publicKey);
- // Pkcs1格式私钥转换为Pkcs8格式私钥
- privateKey = RsaUtil.pkcs1ToPkcs8(true, privateKey);
有了公钥和私钥,接下就就能实现加密、解密、签名、验证签名等操作了:
- RSAPublicKey rsaPublicKey = RsaUtil.generatePublicKey(usePKCS8, publicKey);
- RSAPrivateKey rsaPrivateKey = RsaUtil.generatePrivateKey(usePKCS8, privateKey);
-
- String encryptText = RsaUtil.rsaEncrypt(text, rsaPublicKey);
- System.out.printf("【%s】经过【RSA】加密后:%s\n", text, encryptText);
-
- String decryptText = RsaUtil.rsaDecrypt(encryptText, rsaPrivateKey);
- System.out.printf("【%s】经过【RSA】解密后:%s\n", encryptText, decryptText);
-
- String signature = RsaUtil.sign(text, rsaPrivateKey, "MD5");
- System.out.printf("【%s】经过【RSA】签名后:%s\n", text, signature);
-
- boolean result = RsaUtil.verify(text, rsaPublicKey, signature, "MD5");
- System.out.printf("【%s】的签名【%s】经过【RSA】验证后结果是:" + result, text, signature);
这里完整的demo代码:
- import java.security.interfaces.RSAPrivateKey;
- import java.security.interfaces.RSAPublicKey;
-
- public class RsaMain {
-
- public static void main(String[] args) {
- try {
- String text = "上山打老虎";
- boolean usePKCS8 = true; // usePKCS8=true表示是否成PKCS8格式的公私秘钥,否则乘车PKCS1格式的公私秘钥
- String filePath = RsaUtil.class.getClassLoader().getResource("").getPath();
- System.out.printf("文件路径:%s\n", filePath);// 存放pem,crt,pfx等文件的目录
- byte[] publicKey, privateKey;// 公钥和私钥
-
- // 生成公私钥
- Object[] rsaKey = RsaUtil.generateRsaKey(usePKCS8); // usePKCS8=true表示是否成PKCS8格式的公私秘钥,否则乘车PKCS1格式的公私秘钥
- publicKey = (byte[]) rsaKey[0];
- privateKey = (byte[]) rsaKey[1];
- // 从Pem文件读取公私钥,filePath是文件目录
- // publicKey = RsaUtil.readFromPem(filePath + "rsa.pub");
- // privateKey = RsaUtil.readFromPem(filePath + "rsa.pem");
- // 从pfx文件读取公私钥,filePath是文件目录
- // Object[] rsaKey = RsaUtil.readFromPfx(filePath + "demo.pfx",
- // "123456");
- // publicKey = (byte[]) rsaKey[0];
- // privateKey = (byte[]) rsaKey[1];
- // 从crt文件读取公钥(crt文件中不包含私钥),filePath是文件目录
- // publicKey = RsaUtil.readPublicKeyFromCrt(filePath + "demo.crt");
- // privateKey = RsaUtil.readFromPem(filePath + "demo.key");
-
- // 保存到pem文件,filePath是保存目录
- RsaUtil.writeToPem(publicKey, false, filePath + "rsa.pub");
- RsaUtil.writeToPem(privateKey, true, filePath + "rsa.pem");
-
- // Pkcs8格式公钥转换为Pkcs1格式公钥
- publicKey = RsaUtil.pkcs8ToPkcs1(false, publicKey);
- // Pkcs8格式私钥转换为Pkcs1格式私钥
- privateKey = RsaUtil.pkcs8ToPkcs1(true, privateKey);
- // Pkcs1格式公钥转换为Pkcs8格式公钥
- publicKey = RsaUtil.pkcs1ToPkcs8(false, publicKey);
- // Pkcs1格式私钥转换为Pkcs8格式私钥
- privateKey = RsaUtil.pkcs1ToPkcs8(true, privateKey);
-
- RSAPublicKey rsaPublicKey = RsaUtil.generatePublicKey(usePKCS8, publicKey);
- RSAPrivateKey rsaPrivateKey = RsaUtil.generatePrivateKey(usePKCS8, privateKey);
-
- String encryptText = RsaUtil.rsaEncrypt(text, rsaPublicKey);
- System.out.printf("【%s】经过【RSA】加密后:%s\n", text, encryptText);
-
- String decryptText = RsaUtil.rsaDecrypt(encryptText, rsaPrivateKey);
- System.out.printf("【%s】经过【RSA】解密后:%s\n", encryptText, decryptText);
-
- String signature = RsaUtil.sign(text, rsaPrivateKey, "MD5");
- System.out.printf("【%s】经过【RSA】签名后:%s\n", text, signature);
-
- boolean result = RsaUtil.verify(text, rsaPublicKey, signature, "MD5");
- System.out.printf("【%s】的签名【%s】经过【RSA】验证后结果是:" + result, text, signature);
-
- } catch (Exception e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
- }
以上就是Java 实现RSA非对称加密算法的详细内容。