對稱加密算法僅有一個密鑰,既可用於加密,亦可用於解密。而非對稱加密算法擁有兩個密鑰,一個用於加密,另一個則用於解密。相比對稱加密算法的單鑰體系,非對稱加密算法的雙鑰體系更爲安全。但非對稱加密的缺點是加解密速度要遠遠慢於對稱加密。
目前,Java 6中僅僅提供了DH和RSA兩種算法實現。通過Boucy Castle可以獲得ElGamal算法支持。
DH算法的使用
DH(Diffie-Hellman,密鑰交換)算法,是第一個密鑰協商算法,僅能用於密鑰分配,不能用於加密或解密消息。下面整理DH算法時序:
初始化DH算法密鑰對
甲乙雙方構建DH算法本地密鑰
DH算法加密消息傳遞
下面是對該算法JAVA實現的信息彙總:
算法 | 密鑰長度 | 密鑰長度默認值 | 工作模式 | 填充方式 | 備註 |
---|---|---|---|---|---|
DH | 512至1024位(密鑰長度爲64的倍數,範圍在521~1024位之間) | 1024 | 無 | 無 | Java 6實現 |
下面給出一個使用DH算法的示例:
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PublicKey;
import java.security.PrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.SecretKeySpec;
public abstract class DHCoder {
/**
* 非對稱加密密鑰算法
*/
public static final String KEY_ALGORITHM = "DH";
/**
* 本地密鑰算法,即對稱加密密鑰算法,可選DES、DESede和AES算法
*/
public static final String SECRET_KEY_ALGORITHM = "AES";
/**
* 默認密鑰長度
*
* DH算法默認密鑰長度爲1024 密鑰長度必須是64的倍數,其範圍在512到1024位之間。
*/
private static final int KEY_SIZE = 512;
/**
* 公鑰
*/
private static final String PUBLIC_KEY = "DHPublicKey";
/**
* 私鑰
*/
private static final String PRIVATE_KEY = "DHPrivateKey";
/**
* 初始化甲方密鑰
*
* @return Map 甲方密鑰Map
* @throws Exception
*/
public static Map<String, Object> initKey() throws Exception {
// 實例化密鑰對生成器
KeyPairGenerator keyPairGenerator = KeyPairGenerator
.getInstance(KEY_ALGORITHM);
// 初始化密鑰對生成器
keyPairGenerator.initialize(KEY_SIZE);
// 生成密鑰對
KeyPair keyPair = keyPairGenerator.generateKeyPair();
// 甲方公鑰
DHPublicKey publicKey = (DHPublicKey) keyPair.getPublic();
// 甲方私鑰
DHPrivateKey privateKey = (DHPrivateKey) keyPair.getPrivate();
// 將密鑰對存儲在Map中
Map<String, Object> keyMap = new HashMap<String, Object>(2);
keyMap.put(PUBLIC_KEY, publicKey);
keyMap.put(PRIVATE_KEY, privateKey);
return keyMap;
}
/**
* 初始化乙方密鑰
*
* @param key
* 甲方公鑰
* @return Map 乙方密鑰Map
* @throws Exception
*/
public static Map<String, Object> initKey(byte[] key) throws Exception {
// 解析甲方公鑰
// 轉換公鑰材料
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(key);
// 實例化密鑰工廠
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
// 產生公鑰
PublicKey pubKey = keyFactory.generatePublic(x509KeySpec);
// 由甲方公鑰構建乙方密鑰
DHParameterSpec dhParamSpec = ((DHPublicKey) pubKey).getParams();
// 實例化密鑰對生成器
KeyPairGenerator keyPairGenerator = KeyPairGenerator
.getInstance(keyFactory.getAlgorithm());
// 初始化密鑰對生成器
keyPairGenerator.initialize(dhParamSpec);
// 產生密鑰對
KeyPair keyPair = keyPairGenerator.genKeyPair();
// 乙方公鑰
DHPublicKey publicKey = (DHPublicKey) keyPair.getPublic();
// 乙方私鑰
DHPrivateKey privateKey = (DHPrivateKey) keyPair.getPrivate();
// 將密鑰對存儲在Map中
Map<String, Object> keyMap = new HashMap<String, Object>(2);
keyMap.put(PUBLIC_KEY, publicKey);
keyMap.put(PRIVATE_KEY, privateKey);
return keyMap;
}
/**
* 加密
*
* @param data
* 待加密數據
* @param key
* 密鑰
* @return byte[] 加密數據
* @throws Exception
*/
public static byte[] encrypt(byte[] data, byte[] key) throws Exception {
// 生成本地密鑰
SecretKey secretKey = new SecretKeySpec(key, SECRET_KEY_ALGORITHM);
// 數據加密
Cipher cipher = Cipher.getInstance(secretKey.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
return cipher.doFinal(data);
}
/**
* 解密<br>
*
* @param data
* 待解密數據
* @param key
* 密鑰
* @return byte[] 解密數據
* @throws Exception
*/
public static byte[] decrypt(byte[] data, byte[] key) throws Exception {
// 生成本地密鑰
SecretKey secretKey = new SecretKeySpec(key, SECRET_KEY_ALGORITHM);
// 數據解密
Cipher cipher = Cipher.getInstance(secretKey.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, secretKey);
return cipher.doFinal(data);
}
/**
* 構建密鑰
*
* @param publicKey
* 公鑰
* @param privateKey
* 私鑰
* @return byte[] 本地密鑰
* @throws Exception
*/
public static byte[] getSecretKey(byte[] publicKey, byte[] privateKey)
throws Exception {
// 實例化密鑰工廠
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
// 初始化公鑰
// 密鑰材料轉換
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(publicKey);
// 產生公鑰
PublicKey pubKey = keyFactory.generatePublic(x509KeySpec);
// 初始化私鑰
// 密鑰材料轉換
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(privateKey);
// 產生私鑰
PrivateKey priKey = keyFactory.generatePrivate(pkcs8KeySpec);
// 實例化
KeyAgreement keyAgree = KeyAgreement.getInstance(keyFactory
.getAlgorithm());
// 初始化
keyAgree.init(priKey);
keyAgree.doPhase(pubKey, true);
// 生成本地密鑰
SecretKey secretKey = keyAgree.generateSecret(SECRET_KEY_ALGORITHM);
return secretKey.getEncoded();
}
/**
* 取得私鑰
*
* @param keyMap
* 密鑰Map
* @return byte[] 私鑰
* @throws Exception
*/
public static byte[] getPrivateKey(Map<String, Object> keyMap)
throws Exception {
Key key = (Key) keyMap.get(PRIVATE_KEY);
return key.getEncoded();
}
/**
* 取得公鑰
*
* @param keyMap
* 密鑰Map
* @return byte[] 公鑰
* @throws Exception
*/
public static byte[] getPublicKey(Map<String, Object> keyMap)
throws Exception {
Key key = (Key) keyMap.get(PUBLIC_KEY);
return key.getEncoded();
}
}
DHCoder的單元測試用例:
import static org.junit.Assert.*;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
import org.junit.Before;
import org.junit.Test;
public class DHCoderTest {
/**
* 甲方公鑰
*/
private byte[] publicKey1;
/**
* 甲方私鑰
*/
private byte[] privateKey1;
/**
* 甲方本地密鑰
*/
private byte[] key1;
/**
* 乙方公鑰
*/
private byte[] publicKey2;
/**
* 乙方私鑰
*/
private byte[] privateKey2;
/**
* 乙方本地密鑰
*/
private byte[] key2;
/**
* 初始化密鑰
*
* @throws Exception
*/
@Before
public final void initKey() throws Exception {
// 生成甲方密鑰對兒
Map<String, Object> keyMap1 = DHCoder.initKey();
publicKey1 = DHCoder.getPublicKey(keyMap1);
privateKey1 = DHCoder.getPrivateKey(keyMap1);
System.err.println("甲方公鑰:\n" + Base64.encodeBase64String(publicKey1));
System.err.println("甲方私鑰:\n" + Base64.encodeBase64String(privateKey1));
// 由甲方公鑰產生本地密鑰對兒
Map<String, Object> keyMap2 = DHCoder.initKey(publicKey1);
publicKey2 = DHCoder.getPublicKey(keyMap2);
privateKey2 = DHCoder.getPrivateKey(keyMap2);
System.err.println("乙方公鑰:\n" + Base64.encodeBase64String(publicKey2));
System.err.println("乙方私鑰:\n" + Base64.encodeBase64String(privateKey2));
key1 = DHCoder.getSecretKey(publicKey2, privateKey1);
System.err.println("甲方本地密鑰:\n" + Base64.encodeBase64String(key1));
key2 = DHCoder.getSecretKey(publicKey1, privateKey2);
System.err.println("乙方本地密鑰:\n" + Base64.encodeBase64String(key2));
assertArrayEquals(key1, key2);
}
/**
* 校驗
*
* @throws Exception
*/
@Test
public final void test() throws Exception {
System.err.println("\n=====甲方向乙方發送加密數據=====");
String input1 = "密碼交換算法 ";
System.err.println("原文: " + input1);
System.err.println("---使用甲方本地密鑰對數據加密---");
// 使用甲方本地密鑰對數據加密
byte[] code1 = DHCoder.encrypt(input1.getBytes(), key1);
System.err.println("加密: " + Base64.encodeBase64String(code1));
System.err.println("---使用乙方本地密鑰對數據解密---");
// 使用乙方本地密鑰對數據解密
byte[] decode1 = DHCoder.decrypt(code1, key2);
String output1 = (new String(decode1));
System.err.println("解密: " + output1);
assertEquals(input1, output1);
System.err.println("\n=====乙方向甲方發送加密數據=====");
String input2 = "DH";
System.err.println("原文: " + input2);
System.err.println("---使用乙方本地密鑰對數據加密---");
// 使用乙方本地密鑰對數據加密
byte[] code2 = DHCoder.encrypt(input2.getBytes(), key2);
System.err.println("加密: " + Base64.encodeBase64String(code2));
System.err.println("---使用甲方本地密鑰對數據解密---");
// 使用甲方本地密鑰對數據解密
byte[] decode2 = DHCoder.decrypt(code2, key1);
String output2 = (new String(decode2));
System.err.println("解密: " + output2);
// 校驗
assertEquals(input2, output2);
}
}
RSA算法的使用
RSA典型非對稱加密算法,基於大數因子分解難題。甲方構建密鑰對,發送公鑰給乙方;甲方使用私鑰加密,乙方使用公鑰解密;乙方使用公鑰加密,甲方使用私鑰解密。
構建RSA算法密鑰對
RSA算法加密解密
下面是對該算法JAVA實現的信息彙總:
算法 | 密鑰長度 | 密鑰長度默認值 | 工作模式 | 填充方式 | 備註 |
---|---|---|---|---|---|
RSA | 512~65536位(密鑰長度爲64的倍數) | 1024 | ECB | NoPadding、PKCS1Padding、OAEPWITHMD5AndMGF1Padding、OAEPWITHSHA1AndMGF1Padding、OAEPWITHSHA256AndMGF1Padding、OAEPWITHSHA384AndMGF1Padding、OAEPWITHSHA512AndMGF1Padding | Java 6實現 |
RSA | 同上 | 2048 | NONE | NoPadding、PKCS1Padding、OAEPWITHMD5AndMGF1Padding、OAEPWITHSHA1AndMGF1Padding、OAEPWITHSHA256AndMGF1Padding、OAEPWITHSHA384AndMGF1Padding、OAEPWITHSHA512AndMGF1Padding、ISO9796-1Padding | BC實現 |
下面給出一個使用RSA算法的示例:
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Cipher;
public abstract class RSACoder {
/**
* 非對稱加密密鑰算法
*/
public static final String KEY_ALGORITHM = "RSA";
/**
* 公鑰
*/
private static final String PUBLIC_KEY = "RSAPublicKey";
/**
* 私鑰
*/
private static final String PRIVATE_KEY = "RSAPrivateKey";
/**
* RSA密鑰長度
* 默認1024位,
* 密鑰長度必須是64的倍數,
* 範圍在512至65536位之間。
*/
private static final int KEY_SIZE = 512;
/**
* 私鑰解密
*
* @param data
* 待解密數據
* @param key
* 私鑰
* @return byte[] 解密數據
* @throws Exception
*/
public static byte[] decryptByPrivateKey(byte[] data, byte[] key)
throws Exception {
// 取得私鑰
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(key);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
// 生成私鑰
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
// 對數據解密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, privateKey);
return cipher.doFinal(data);
}
/**
* 公鑰解密
*
* @param data
* 待解密數據
* @param key
* 公鑰
* @return byte[] 解密數據
* @throws Exception
*/
public static byte[] decryptByPublicKey(byte[] data, byte[] key)
throws Exception {
// 取得公鑰
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(key);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
// 生成公鑰
PublicKey publicKey = keyFactory.generatePublic(x509KeySpec);
// 對數據解密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, publicKey);
return cipher.doFinal(data);
}
/**
* 公鑰加密
*
* @param data
* 待加密數據
* @param key
* 公鑰
* @return byte[] 加密數據
* @throws Exception
*/
public static byte[] encryptByPublicKey(byte[] data, byte[] key)
throws Exception {
// 取得公鑰
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(key);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
PublicKey publicKey = keyFactory.generatePublic(x509KeySpec);
// 對數據加密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
return cipher.doFinal(data);
}
/**
* 私鑰加密
*
* @param data
* 待加密數據
* @param key
* 私鑰
* @return byte[] 加密數據
* @throws Exception
*/
public static byte[] encryptByPrivateKey(byte[] data, byte[] key)
throws Exception {
// 取得私鑰
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(key);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
// 生成私鑰
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
// 對數據加密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
return cipher.doFinal(data);
}
/**
* 取得私鑰
*
* @param keyMap
* 密鑰Map
* @return byte[] 私鑰
* @throws Exception
*/
public static byte[] getPrivateKey(Map<String, Object> keyMap)
throws Exception {
Key key = (Key) keyMap.get(PRIVATE_KEY);
return key.getEncoded();
}
/**
* 取得公鑰
*
* @param keyMap
* 密鑰Map
* @return byte[] 公鑰
* @throws Exception
*/
public static byte[] getPublicKey(Map<String, Object> keyMap)
throws Exception {
Key key = (Key) keyMap.get(PUBLIC_KEY);
return key.getEncoded();
}
/**
* 初始化密鑰
*
* @return Map 密鑰Map
* @throws Exception
*/
public static Map<String, Object> initKey() throws Exception {
// 實例化密鑰對生成器
KeyPairGenerator keyPairGen = KeyPairGenerator
.getInstance(KEY_ALGORITHM);
// 初始化密鑰對生成器
keyPairGen.initialize(KEY_SIZE);
// 生成密鑰對
KeyPair keyPair = keyPairGen.generateKeyPair();
// 公鑰
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
// 私鑰
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
// 封裝密鑰
Map<String, Object> keyMap = new HashMap<String, Object>(2);
keyMap.put(PUBLIC_KEY, publicKey);
keyMap.put(PRIVATE_KEY, privateKey);
return keyMap;
}
}
RSA單元測試用例:
import static org.junit.Assert.*;
import org.apache.commons.codec.binary.Base64;
import org.junit.Before;
import org.junit.Test;
import java.util.Map;
public class RSACoderTest {
/**
* 公鑰
*/
private byte[] publicKey;
/**
* 私鑰
*/
private byte[] privateKey;
/**
* 初始化密鑰
*
* @throws Exception
*/
@Before
public void initKey() throws Exception {
// 初始化密鑰
Map<String, Object> keyMap = RSACoder.initKey();
publicKey = RSACoder.getPublicKey(keyMap);
privateKey = RSACoder.getPrivateKey(keyMap);
System.err.println("公鑰: \n" + Base64.encodeBase64String(publicKey));
System.err.println("私鑰: \n" + Base64.encodeBase64String(privateKey));
}
/**
* 校驗
*
* @throws Exception
*/
@Test
public void test() throws Exception {
System.err.println("\n---私鑰加密——公鑰解密---");
String inputStr1 = "RSA加密算法";
byte[] data1 = inputStr1.getBytes();
System.err.println("原文:\n" + inputStr1);
// 加密
byte[] encodedData1 = RSACoder.encryptByPrivateKey(data1, privateKey);
System.err.println("加密後:\n" + Base64.encodeBase64String(encodedData1));
// 解密
byte[] decodedData1 = RSACoder.decryptByPublicKey(encodedData1,
publicKey);
String outputStr1 = new String(decodedData1);
System.err.println("解密後:\n" + outputStr1);
// 校驗
assertEquals(inputStr1, outputStr1);
System.err.println("\n---公鑰加密——私鑰解密---");
String inputStr2 = "RSA Encypt Algorithm";
byte[] data2 = inputStr2.getBytes();
System.err.println("原文:\n" + inputStr2);
// 加密
byte[] encodedData2 = RSACoder.encryptByPublicKey(data2, publicKey);
System.err.println("加密後:\n" + Base64.encodeBase64String(encodedData2));
// 解密
byte[] decodedData2 = RSACoder.decryptByPrivateKey(encodedData2,
privateKey);
String outputStr2 = new String(decodedData2);
System.err.println("解密後: " + outputStr2);
// 校驗
assertEquals(inputStr2, outputStr2);
}
}
ElGamal算法的使用
ElGamal算法,是一種基於離散對數問題的非對稱加密算法,該算法即可用於加密,又可用於數字簽名。ElGamal具有較好的安全性,但它的密文會成倍的擴張。該算法遵循“公鑰加密,私鑰解密”。
ElGamal加密數據傳輸
下面是對該算法JAVA實現的信息彙總:
算法 | 密鑰長度 | 密鑰長度默認值 | 工作模式 | 填充方式 | 備註 |
---|---|---|---|---|---|
ElGamal | 160~16384位(密鑰長度爲8的倍數) | 1024 | ECB、NONE | NoPadding、PKCS1Padding、OAEPWITHMD5AndMGF1Padding、OAEPWITHSHA1AndMGF1Padding、OAEPWITHSHA224AndMGF1Padding、OAEPWITHSHA256AndMGF1Padding、OAEPWITHSHA384AndMGF1Padding、OAEPWITHSHA512AndMGF1Padding、ISO9796-1Padding | BC實現 |
下面是實現ElGamal算法的一個示例:
import java.security.AlgorithmParameterGenerator;
import java.security.AlgorithmParameters;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.spec.DHParameterSpec;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
public abstract class ElGamalCoder {
/**
* 非對稱加密密鑰算法
*/
public static final String KEY_ALGORITHM = "ElGamal";
/**
* 密鑰長度
*
* ElGamal算法默認密鑰長度爲1024
* 密鑰長度範圍在160位至16,384位不等。
*/
private static final int KEY_SIZE = 256;
/**
* 公鑰
*/
private static final String PUBLIC_KEY = "ElGamalPublicKey";
/**
* 私鑰
*/
private static final String PRIVATE_KEY = "ElGamalPrivateKey";
/**
* 用私鑰解密
*
* @param data
* 待解密數據
* @param key
* 私鑰
* @return byte[] 解密數據
* @throws Exception
*/
public static byte[] decryptByPrivateKey(byte[] data, byte[] key)
throws Exception {
// 加入BouncyCastleProvider支持
Security.addProvider(new BouncyCastleProvider());
// 私鑰材料轉換
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(key);
// 實例化密鑰工廠
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
// 生成私鑰
Key privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
// 對數據解密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, privateKey);
return cipher.doFinal(data);
}
/**
* 用公鑰加密
*
* @param data
* 待加密數據
* @param key
* 公鑰
* @return byte[] 加密數據
* @throws Exception
*/
public static byte[] encryptByPublicKey(byte[] data, byte[] key)
throws Exception {
// 加入BouncyCastleProvider支持
Security.addProvider(new BouncyCastleProvider());
// 公鑰材料轉換
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(key);
// 實例化密鑰工廠
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
// 生成公鑰
Key publicKey = keyFactory.generatePublic(x509KeySpec);
// 對數據加密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
return cipher.doFinal(data);
}
/**
* 生成密鑰
*
* @return Map 密鑰Map
* @throws Exception
*/
public static Map<String, Object> initKey() throws Exception {
// 加入BouncyCastleProvider支持
Security.addProvider(new BouncyCastleProvider());
// 實例化算法參數生成器
AlgorithmParameterGenerator apg = AlgorithmParameterGenerator
.getInstance(KEY_ALGORITHM);
// 初始化算法參數生成器
apg.init(KEY_SIZE);
// 生成算法參數
AlgorithmParameters params = apg.generateParameters();
// 構建參數材料
DHParameterSpec elParams = (DHParameterSpec) params
.getParameterSpec(DHParameterSpec.class);
// 實例化密鑰對兒生成器
KeyPairGenerator kpg = KeyPairGenerator.getInstance(KEY_ALGORITHM);
// 初始化密鑰對兒生成器
kpg.initialize(elParams, new SecureRandom());
// 生成密鑰對兒
KeyPair keys = kpg.genKeyPair();
// 取得密鑰
PublicKey publicKey = keys.getPublic();
PrivateKey privateKey = keys.getPrivate();
// 封裝密鑰
Map<String, Object> map = new HashMap<String, Object>(2);
map.put(PUBLIC_KEY, publicKey);
map.put(PRIVATE_KEY, privateKey);
return map;
}
/**
* 取得私鑰
*
* @param keyMap
* 密鑰Map
* @return byte[] 私鑰
* @throws Exception
*/
public static byte[] getPrivateKey(Map<String, Object> keyMap)
throws Exception {
Key key = (Key) keyMap.get(PRIVATE_KEY);
return key.getEncoded();
}
/**
* 取得公鑰
*
* @param keyMap
* @return
* @throws Exception
*/
public static byte[] getPublicKey(Map<String, Object> keyMap)
throws Exception {
Key key = (Key) keyMap.get(PUBLIC_KEY);
return key.getEncoded();
}
}
並給出相應的單元測試用例:
import static org.junit.Assert.*;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
import org.junit.Before;
import org.junit.Test;
public class ElGamalCoderTest {
/**
* 公鑰
*/
private byte[] publicKey;
/**
* 私鑰
*/
private byte[] privateKey;
/**
* 初始化密鑰
*
* @throws Exception
*/
@Before
public void initKey() throws Exception {
Map<String, Object> keyMap = ElGamalCoder.initKey();
publicKey = ElGamalCoder.getPublicKey(keyMap);
privateKey = ElGamalCoder.getPrivateKey(keyMap);
System.err.println("公鑰: \n" + Base64.encodeBase64String(publicKey));
System.err.println("私鑰: \n" + Base64.encodeBase64String(privateKey));
}
/**
* 校驗
*
* @throws Exception
*/
@Test
public void test() throws Exception {
String inputStr = "ElGamal加密";
byte[] data = inputStr.getBytes();
System.err.println("原文: \n" + inputStr);
byte[] encodedData = ElGamalCoder.encryptByPublicKey(data, publicKey);
System.err.println("加密後: \n" + Base64.encodeBase64String(encodedData));
byte[] decodedData = ElGamalCoder.decryptByPrivateKey(encodedData,
privateKey);
String outputStr = new String(decodedData);
System.err.println("解密後: \n" + outputStr);
assertEquals(inputStr, outputStr);
}
}