Java Tutorial/Security/RSA algorithm
Содержание
- 1 An example of using RSA to encrypt a single asymmetric key.
- 2 An RSA sample application
- 3 Basic RSA example.
- 4 Creates a it RSA key pair and stores it to the filesystem as two files
- 5 RSA example with OAEP Padding and random key generation.
- 6 RSA example with PKCS #1 Padding.
- 7 RSA example with random key generation.
- 8 RSA Signature Generation
- 9 Simple Digital Signature Example
An example of using RSA to encrypt a single asymmetric key.
<source lang="java">
import java.security.Key; import java.security.KeyPair; import java.security.KeyPairGenerator; import javax.crypto.Cipher; import javax.crypto.KeyGenerator; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; public class MainClass {
public static void main(String[] args) throws Exception { KeyGenerator keyGenerator = KeyGenerator.getInstance("Blowfish"); keyGenerator.init(128); Key blowfishKey = keyGenerator.generateKey(); KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA"); keyPairGenerator.initialize(1024); KeyPair keyPair = keyPairGenerator.genKeyPair(); Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding"); cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPublic()); byte[] blowfishKeyBytes = blowfishKey.getEncoded(); System.out.println(new String(blowfishKeyBytes)); byte[] cipherText = cipher.doFinal(blowfishKeyBytes); System.out.println(new String(cipherText)); cipher.init(Cipher.DECRYPT_MODE, keyPair.getPrivate()); byte[] decryptedKeyBytes = cipher.doFinal(cipherText); System.out.println(new String(decryptedKeyBytes)); SecretKey newBlowfishKey = new SecretKeySpec(decryptedKeyBytes, "Blowfish"); }
}</source>
An RSA sample application
<source lang="java">
import java.math.BigInteger; import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.spec.RSAKeyGenParameterSpec; import java.security.spec.RSAPublicKeySpec; public class MainClass {
public static void main(String[] args) throws Exception { int eValue = 79; int bitLength = 1024; // KeySize BigInteger e = e = new BigInteger(Integer.toString(eValue)); KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA"); kpg.initialize(bitLength); KeyPair kp = kpg.generateKeyPair(); KeyFactory kfactory = KeyFactory.getInstance("RSA"); RSAPublicKeySpec kspec = (RSAPublicKeySpec) kfactory.getKeySpec(kp.getPublic(), RSAPublicKeySpec.class); kpg = KeyPairGenerator.getInstance("RSA", "SunRsaSign"); e = new BigInteger(Integer.toString(eValue)); System.out.println("e =" + e); RSAKeyGenParameterSpec param = new RSAKeyGenParameterSpec(bitLength, e); kpg.initialize(param); kp = kpg.generateKeyPair(); kfactory = KeyFactory.getInstance("RSA", "SunRsaSign"); kspec = (RSAPublicKeySpec) kfactory.getKeySpec(kp.getPublic(),RSAPublicKeySpec.class); }
}</source>
Basic RSA example.
<source lang="java">
import java.math.BigInteger; import java.security.KeyFactory; import java.security.Security; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; import java.security.spec.RSAPrivateKeySpec; import java.security.spec.RSAPublicKeySpec; import javax.crypto.Cipher; public class MainClass {
public static void main(String[] args) throws Exception { Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); byte[] input = new byte[] { (byte) 0xbe, (byte) 0xef }; Cipher cipher = Cipher.getInstance("RSA/None/NoPadding", "BC"); KeyFactory keyFactory = KeyFactory.getInstance("RSA", "BC"); RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(new BigInteger( "12345678", 16), new BigInteger("11", 16)); RSAPrivateKeySpec privKeySpec = new RSAPrivateKeySpec(new BigInteger( "12345678", 16), new BigInteger("12345678", 16)); RSAPublicKey pubKey = (RSAPublicKey) keyFactory.generatePublic(pubKeySpec); RSAPrivateKey privKey = (RSAPrivateKey) keyFactory.generatePrivate(privKeySpec); cipher.init(Cipher.ENCRYPT_MODE, pubKey); byte[] cipherText = cipher.doFinal(input); System.out.println("cipher: " + new String(cipherText)); cipher.init(Cipher.DECRYPT_MODE, privKey); byte[] plainText = cipher.doFinal(cipherText); System.out.println("plain : " + new String(plainText)); }
}</source>
Creates a it RSA key pair and stores it to the filesystem as two files
<source lang="java">
import java.io.ByteArrayOutputStream; import java.io.FileOutputStream; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.SecureRandom; import javax.crypto.Cipher; import javax.crypto.SecretKey; import javax.crypto.SecretKeyFactory; import javax.crypto.spec.PBEKeySpec; import javax.crypto.spec.PBEParameterSpec; public class MainClass {
public static void main(String[] args) throws Exception { String password = "password"; KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA"); keyPairGenerator.initialize(1024); KeyPair keyPair = keyPairGenerator.genKeyPair(); String publicKeyFilename = "public"; byte[] publicKeyBytes = keyPair.getPublic().getEncoded(); FileOutputStream fos = new FileOutputStream(publicKeyFilename); fos.write(publicKeyBytes); fos.close(); String privateKeyFilename = "privateKeyFilename"; byte[] privateKeyBytes = keyPair.getPrivate().getEncoded(); byte[] encryptedPrivateKeyBytes = passwordEncrypt(password.toCharArray(), privateKeyBytes); fos = new FileOutputStream(privateKeyFilename); fos.write(encryptedPrivateKeyBytes); fos.close(); } private static byte[] passwordEncrypt(char[] password, byte[] plaintext) throws Exception { int MD5_ITERATIONS = 1000; byte[] salt = new byte[8]; SecureRandom random = new SecureRandom(); random.nextBytes(salt); PBEKeySpec keySpec = new PBEKeySpec(password); SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithSHAAndTwofish-CBC"); SecretKey key = keyFactory.generateSecret(keySpec); PBEParameterSpec paramSpec = new PBEParameterSpec(salt, MD5_ITERATIONS); Cipher cipher = Cipher.getInstance("PBEWithSHAAndTwofish-CBC"); cipher.init(Cipher.ENCRYPT_MODE, key, paramSpec); byte[] ciphertext = cipher.doFinal(plaintext); ByteArrayOutputStream baos = new ByteArrayOutputStream(); baos.write(salt); baos.write(ciphertext); return baos.toByteArray(); }
}</source>
RSA example with OAEP Padding and random key generation.
<source lang="java">
import java.security.Key; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.SecureRandom; import java.security.Security; import javax.crypto.Cipher; public class MainClass {
public static void main(String[] args) throws Exception { Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); byte[] input = "abc".getBytes(); Cipher cipher = Cipher.getInstance("RSA/None/OAEPWithSHA1AndMGF1Padding", "BC"); SecureRandom random = new SecureRandom(); KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", "BC"); generator.initialize(386, random); KeyPair pair = generator.generateKeyPair(); Key pubKey = pair.getPublic(); Key privKey = pair.getPrivate(); cipher.init(Cipher.ENCRYPT_MODE, pubKey, random); byte[] cipherText = cipher.doFinal(input); System.out.println("cipher: " + new String(cipherText)); cipher.init(Cipher.DECRYPT_MODE, privKey); byte[] plainText = cipher.doFinal(cipherText); System.out.println("plain : " + new String(plainText)); }
}</source>
RSA example with PKCS #1 Padding.
<source lang="java">
import java.security.Key; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.SecureRandom; import java.security.Security; import javax.crypto.Cipher; public class MainClass {
public static void main(String[] args) throws Exception { Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); byte[] input = "abc".getBytes(); Cipher cipher = Cipher.getInstance("RSA/None/PKCS1Padding", "BC"); SecureRandom random = new SecureRandom(); KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", "BC"); generator.initialize(256, random); KeyPair pair = generator.generateKeyPair(); Key pubKey = pair.getPublic(); Key privKey = pair.getPrivate(); cipher.init(Cipher.ENCRYPT_MODE, pubKey, random); byte[] cipherText = cipher.doFinal(input); System.out.println("cipher: " + new String(cipherText)); cipher.init(Cipher.DECRYPT_MODE, privKey); byte[] plainText = cipher.doFinal(cipherText); System.out.println("plain : " + new String(plainText)); }
}</source>
RSA example with random key generation.
<source lang="java">
import java.security.Key; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.SecureRandom; import java.security.Security; import javax.crypto.Cipher; public class MainClass {
public static void main(String[] args) throws Exception { Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); byte[] input = "aa".getBytes(); Cipher cipher = Cipher.getInstance("RSA/None/NoPadding", "BC"); SecureRandom random = new SecureRandom(); KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", "BC"); generator.initialize(256, random); KeyPair pair = generator.generateKeyPair(); Key pubKey = pair.getPublic(); Key privKey = pair.getPrivate(); cipher.init(Cipher.ENCRYPT_MODE, pubKey, random); byte[] cipherText = cipher.doFinal(input); System.out.println("cipher: " + new String(cipherText)); cipher.init(Cipher.DECRYPT_MODE, privKey); byte[] plainText = cipher.doFinal(cipherText); System.out.println("plain : " + new String(plainText)); }
}</source>
RSA Signature Generation
<source lang="java">
import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.SecureRandom; import java.security.Security; import java.security.Signature; public class MainClass {
public static void main(String[] args) throws Exception { Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA", "BC"); keyGen.initialize(512, new SecureRandom()); KeyPair keyPair = keyGen.generateKeyPair(); Signature signature = Signature.getInstance("SHA1withRSA", "BC"); signature.initSign(keyPair.getPrivate(), new SecureRandom()); byte[] message = "abc".getBytes(); signature.update(message); byte[] sigBytes = signature.sign(); signature.initVerify(keyPair.getPublic()); signature.update(message); System.out.println(signature.verify(sigBytes)); }
}</source>
Simple Digital Signature Example
<source lang="java">
import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.Signature; import sun.misc.BASE64Encoder; public class MainClass {
public static void main(String[] args) throws Exception { KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA"); kpg.initialize(1024); KeyPair keyPair = kpg.genKeyPair(); byte[] data = "test".getBytes("UTF8"); Signature sig = Signature.getInstance("MD5WithRSA"); sig.initSign(keyPair.getPrivate()); sig.update(data); byte[] signatureBytes = sig.sign(); System.out.println("Singature:" + new BASE64Encoder().encode(signatureBytes)); sig.initVerify(keyPair.getPublic()); sig.update(data); System.out.println(sig.verify(signatureBytes)); }
}</source>