前言
本篇文章主要讲解的有关Android开发中常用的Rsa的处理方式以及应用。
文章目录
- 前言
- @[TOC](文章目录)
- 一、公私钥
- 1.公钥加密(用于数据加密)
- 2.私钥解密(用于数据解密)
- 3.私钥加密(用于数据签名)
- 4.公钥解密(用于数据验签)
- 二、生成密钥对
- 1.生成密钥对
- 2.RSA校验数字签名
- 总结
文章目录
- 前言
- @[TOC](文章目录)
- 一、公私钥
- 1.公钥加密(用于数据加密)
- 2.私钥解密(用于数据解密)
- 3.私钥加密(用于数据签名)
- 4.公钥解密(用于数据验签)
- 二、生成密钥对
- 1.生成密钥对
- 2.RSA校验数字签名
- 总结
下面主要讲解具体的使用方法
一、公私钥
1.公钥加密(用于数据加密)
//Java原生base64解码byte[] pubKey = Base64.getDecoder().decode(publicKeyStr);//创建X509编码密钥规范X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(pubKey);//返回转换指定算法的KeyFactory对象KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM);//根据X509编码密钥规范产生公钥对象PublicKey publicKey = keyFactory.generatePublic(x509KeySpec);//根据转换的名称获取密码对象Cipher(转换的名称:算法/工作模式/填充模式)Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());//用公钥初始化此Cipher对象(加密模式)cipher.init(Cipher.ENCRYPT_MODE, publicKey);//对数据加密byte[] decode = data.getBytes();byte[][] bytes = splitBytes(decode, MAX_ENCRYPT_BLOCK );byte[] enBytes = null;for (byte[] decoByte : bytes) {byte[] decrypt = cipher.doFinal(decoByte);enBytes = ArrayUtils.addAll(enBytes, decrypt);}
2.私钥解密(用于数据解密)
byte[] priKey = Base64.getDecoder().decode(privateKeyStr);//创建PKCS8编码密钥规范PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(priKey);//返回转换指定算法的KeyFactory对象KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM);//根据PKCS8编码密钥规范产生私钥对象PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec);//根据转换的名称获取密码对象Cipher(转换的名称:算法/工作模式/填充模式)Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());//用私钥初始化此Cipher对象(解密模式)cipher.init(Cipher.DECRYPT_MODE, privateKey);//对数据解密byte[] decrypt = cipher.doFinal(Base64.getDecoder().decode(data));
3.私钥加密(用于数据签名)
//Java原生base64解码byte[] priKey = Base64.getDecoder().decode(privateKeyStr);//创建PKCS8编码密钥规范PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(priKey);//返回转换指定算法的KeyFactory对象KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM);//根据PKCS8编码密钥规范产生私钥对象PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec);//根据转换的名称获取密码对象Cipher(转换的名称:算法/工作模式/填充模式)Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());//用私钥初始化此Cipher对象(加密模式)cipher.init(Cipher.ENCRYPT_MODE, privateKey);//对数据加密byte[] encrypt = cipher.doFinal(data.getBytes());
4.公钥解密(用于数据验签)
//Java原生base64解码byte[] pubKey = Base64.getDecoder().decode(publicKeyStr);//创建X509编码密钥规范X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(pubKey);//返回转换指定算法的KeyFactory对象KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM);//根据X509编码密钥规范产生公钥对象PublicKey publicKey = keyFactory.generatePublic(x509KeySpec);//根据转换的名称获取密码对象Cipher(转换的名称:算法/工作模式/填充模式)Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());//用公钥初始化此Cipher对象(解密模式)cipher.init(Cipher.DECRYPT_MODE, publicKey);//对数据解密byte[] decode = Base64.getDecoder().decode(data);byte[][] bytes = splitBytes(decode, MAX_DECRYPT_BLOCK);StringBuilder result = new StringBuilder();for (byte[] decoByte : bytes) {byte[] decrypt = cipher.doFinal(decoByte);result.append(new String(decrypt));}
二、生成密钥对
1.生成密钥对
KeyPairGenerator keygen;try {keygen = KeyPairGenerator.getInstance(RSA_KEY_ALGORITHM);} catch (NoSuchAlgorithmException e) {throw new RuntimeException("RSA初始化密钥出现错误,算法异常");}SecureRandom secrand = new SecureRandom();//初始化随机产生器secrand.setSeed("Alian".getBytes());//初始化密钥生成器keygen.initialize(KEY_SIZE, secrand);KeyPair keyPair = keygen.genKeyPair();//获取公钥并转成base64编码byte[] pub_key = keyPair.getPublic().getEncoded();String publicKeyStr = Base64.getEncoder().encodeToString(pub_key);//获取私钥并转成base64编码byte[] pri_key = keyPair.getPrivate().getEncoded();String privateKeyStr = Base64.getEncoder().encodeToString(pri_key);//创建一个Map返回结果Map<String, String> keyPairMap = new HashMap<>();keyPairMap.put("publicKeyStr", publicKeyStr);keyPairMap.put("privateKeyStr", privateKeyStr);
2.RSA校验数字签名
//返回转换指定算法的KeyFactory对象KeyFactory keyFactory = KeyFactory.getInstance(RSA_KEY_ALGORITHM);//创建X509编码密钥规范X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(pubKey);//根据X509编码密钥规范产生公钥对象PublicKey publicKey = keyFactory.generatePublic(x509KeySpec);//标准签名算法名称(RSA还是RSA2)String algorithm = RSA_KEY_ALGORITHM.equals(signType) ? RSA_SIGNATURE_ALGORITHM : RSA2_SIGNATURE_ALGORITHM;//用指定算法产生签名对象SignatureSignature signature = Signature.getInstance(algorithm);//用公钥初始化签名对象,用于验证签名signature.initVerify(publicKey);//更新签名内容signature.update(data);
public static byte[][] splitBytes(byte[] bytes, int size) {double splitLength = Double.parseDouble(size + "");int arrayLength = (int) Math.ceil(bytes.length / splitLength);byte[][] result = new byte[arrayLength][];int from, to;for (int i = 0; i < arrayLength; i++) {from = (int) (i * splitLength);to = (int) (from + splitLength);if(to > bytes.length){to = bytes.length;}result[i] = Arrays.copyOfRange(bytes, from, to);}return result;}
总结
以上就是今天要讲的内容,本文仅仅简单介绍了Android加密的使用,而Android提供了大量能使我们快速便捷地处理的函数和方法。
)
