• Home
• com.github.luues.tool
• tool-crypto
• 1.0.4.0.RELEASE
• source code
• RSA.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

cn.luues.tool.crypto.asymmetric.RSA Maven / Gradle / Ivy

package cn.luues.tool.crypto.asymmetric;

import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.net.URLDecoder;
import java.nio.charset.Charset;
import java.security.*;
import java.security.interfaces.RSAKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import cn.luues.tool.core.util.CharsetUtil;
import cn.luues.tool.crypto.CryptoException;
import cn.luues.tool.crypto.GlobalBouncyCastleProvider;
import cn.luues.tool.crypto.SecureUtil;
import lombok.SneakyThrows;
import org.apache.commons.codec.binary.Base64;

import javax.crypto.Cipher;

/**
 * 

 * RSA公钥/私钥/签名加密解密
 * 
 * 

 * 罗纳德·李维斯特（Ron [R]ivest）、阿迪·萨莫尔（Adi [S]hamir）和伦纳德·阿德曼（Leonard [A]dleman）
 * 
 * 

 * 由于非对称加密速度极其缓慢，一般文件不使用它来加密而是使用对称加密，

 * 非对称加密算法可以用来对对称加密的密钥加密，这样保证密钥的安全也就保证了数据的安全
 * 
 * 
 * @author Looly
 *
 */
public class RSA extends AsymmetricCrypto {

	/** 默认的RSA算法 */
	private static final AsymmetricAlgorithm ALGORITHM_RSA = AsymmetricAlgorithm.RSA_ECB_PKCS1;

	// ------------------------------------------------------------------ Static method start
	/**
	 * 生成RSA私钥
	 * 
	 * @param modulus N特征值
	 * @param privateExponent d特征值
	 * @return {@link PrivateKey}
	 */
	public static PrivateKey generatePrivateKey(BigInteger modulus, BigInteger privateExponent) {
		return SecureUtil.generatePrivateKey(ALGORITHM_RSA.getValue(), new RSAPrivateKeySpec(modulus, privateExponent));
	}

	/**
	 * 生成RSA公钥
	 * 
	 * @param modulus N特征值
	 * @param publicExponent e特征值
	 * @return {@link PublicKey}
	 */
	public static PublicKey generatePublicKey(BigInteger modulus, BigInteger publicExponent) {
		return SecureUtil.generatePublicKey(ALGORITHM_RSA.getValue(), new RSAPublicKeySpec(modulus, publicExponent));
	}
	// ------------------------------------------------------------------ Static method end

	// ------------------------------------------------------------------ Constructor start
	/**
	 * 构造，生成新的私钥公钥对
	 */
	public RSA() {
		super(ALGORITHM_RSA);
	}

	/**
	 * 构造，生成新的私钥公钥对
	 * 
	 * @param rsaAlgorithm 自定义RSA算法，例如RSA/ECB/PKCS1Padding
	 */
	public RSA(String rsaAlgorithm) {
		super(rsaAlgorithm);
	}

	/**
	 * 构造

	 * 私钥和公钥同时为空时生成一对新的私钥和公钥

	 * 私钥和公钥可以单独传入一个，如此则只能使用此钥匙来做加密或者解密
	 * 
	 * @param privateKeyStr 私钥Hex或Base64表示
	 * @param publicKeyStr 公钥Hex或Base64表示
	 */
	public RSA(String privateKeyStr, String publicKeyStr) {
		super(ALGORITHM_RSA, privateKeyStr, publicKeyStr);
	}

	/**
	 * 构造

	 * 私钥和公钥同时为空时生成一对新的私钥和公钥

	 * 私钥和公钥可以单独传入一个，如此则只能使用此钥匙来做加密或者解密
	 * 
	 * @param rsaAlgorithm 自定义RSA算法，例如RSA/ECB/PKCS1Padding
	 * @param privateKeyStr 私钥Hex或Base64表示
	 * @param publicKeyStr 公钥Hex或Base64表示
	 * @since 4.5.8
	 */
	public RSA(String rsaAlgorithm, String privateKeyStr, String publicKeyStr) {
		super(rsaAlgorithm, privateKeyStr, publicKeyStr);
	}

	/**
	 * 构造 

	 * 私钥和公钥同时为空时生成一对新的私钥和公钥

	 * 私钥和公钥可以单独传入一个，如此则只能使用此钥匙来做加密或者解密
	 * 
	 * @param privateKey 私钥
	 * @param publicKey 公钥
	 */
	public RSA(byte[] privateKey, byte[] publicKey) {
		super(ALGORITHM_RSA, privateKey, publicKey);
	}

	/**
	 * 构造 

	 * 私钥和公钥同时为空时生成一对新的私钥和公钥

	 * 私钥和公钥可以单独传入一个，如此则只能使用此钥匙来做加密或者解密
	 * 
	 * @param modulus N特征值
	 * @param privateExponent d特征值
	 * @param publicExponent e特征值
	 * @since 3.1.1
	 */
	public RSA(BigInteger modulus, BigInteger privateExponent, BigInteger publicExponent) {
		this(generatePrivateKey(modulus, privateExponent), generatePublicKey(modulus, publicExponent));
	}

	/**
	 * 构造 

	 * 私钥和公钥同时为空时生成一对新的私钥和公钥

	 * 私钥和公钥可以单独传入一个，如此则只能使用此钥匙来做加密或者解密
	 * 
	 * @param privateKey 私钥
	 * @param publicKey 公钥
	 * @since 3.1.1
	 */
	public RSA(PrivateKey privateKey, PublicKey publicKey) {
		super(ALGORITHM_RSA, privateKey, publicKey);
	}

	/**
	 * 构造 

	 * 私钥和公钥同时为空时生成一对新的私钥和公钥

	 * 私钥和公钥可以单独传入一个，如此则只能使用此钥匙来做加密或者解密
	 * 
	 * @param rsaAlgorithm 自定义RSA算法，例如RSA/ECB/PKCS1Padding
	 * @param privateKey 私钥
	 * @param publicKey 公钥
	 * @since 4.5.8
	 */
	public RSA(String rsaAlgorithm, PrivateKey privateKey, PublicKey publicKey) {
		super(rsaAlgorithm, privateKey, publicKey);
	}
	// ------------------------------------------------------------------ Constructor end

	/**
	 * 分组加密
	 * 
	 * @param data 数据
	 * @param keyType 密钥类型
	 * @return 加密后的密文
	 * @throws CryptoException 加密异常
	 * @deprecated 请使用 {@link #encryptBcd(String, KeyType)}
	 */
	@Deprecated
	public String encryptStr(String data, KeyType keyType) {
		return encryptBcd(data, keyType, CharsetUtil.CHARSET_UTF_8);
	}

	/**
	 * 分组加密
	 * 
	 * @param data 数据
	 * @param keyType 密钥类型
	 * @param charset 加密前编码
	 * @return 加密后的密文
	 * @throws CryptoException 加密异常
	 * @since 3.1.1
	 * @deprecated 请使用 {@link #encryptBcd(String, KeyType, Charset)}
	 */
	@Deprecated
	public String encryptStr(String data, KeyType keyType, Charset charset) {
		return encryptBcd(data, keyType, charset);
	}

	@Override
	public byte[] encrypt(byte[] data, KeyType keyType) {
		// 在非使用BC库情况下，blockSize使用默认的算法
		if (this.encryptBlockSize < 0 && null == GlobalBouncyCastleProvider.INSTANCE.getProvider()) {
			// 加密数据长度 <= 模长-11
			this.encryptBlockSize = ((RSAKey) getKeyByType(keyType)).getModulus().bitLength() / 8 - 11;
		}
		return super.encrypt(data, keyType);
	}

	@Override
	public byte[] decrypt(byte[] bytes, KeyType keyType) {
		// 在非使用BC库情况下，blockSize使用默认的算法
		if (this.decryptBlockSize < 0 && null == GlobalBouncyCastleProvider.INSTANCE.getProvider()) {
			// 加密数据长度 <= 模长-11
			this.decryptBlockSize = ((RSAKey) getKeyByType(keyType)).getModulus().bitLength() / 8;
		}
		return super.decrypt(bytes, keyType);
	}
	
	@Override
	protected void initCipher() {
		try {
			super.initCipher();
		} catch (CryptoException e) {
			final Throwable cause = e.getCause();
			if(cause instanceof NoSuchAlgorithmException) {
				// 在Linux下，未引入BC库可能会导致RSA/ECB/PKCS1Padding算法无法找到，此时使用默认算法
				this.algorithm = AsymmetricAlgorithm.RSA.getValue();
				super.initCipher();
			}
			throw e;
		}
	}

	@SneakyThrows
	@Deprecated
	public String decryptByJs(String data, KeyType keyType) {
		byte[] encryptedData = Base64.decodeBase64(data.getBytes());
		final Key key = getKeyByType(keyType);
		PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(key.getEncoded());
		KeyFactory keyFactory = KeyFactory.getInstance(this.algorithm);
		Key privateK = keyFactory.generatePrivate(pkcs8KeySpec);
		Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
		cipher.init(Cipher.DECRYPT_MODE, privateK);
		int inputLen = encryptedData.length;
		ByteArrayOutputStream out = new ByteArrayOutputStream();
		int offSet = 0;
		byte[] cache;
		int i = 0;
		// 对数据分段解密
		while (inputLen - offSet > 0) {
			if (inputLen - offSet > MAX_DECRYPT_BLOCK) {
				cache = cipher.doFinal(encryptedData, offSet, MAX_DECRYPT_BLOCK);
			} else {
				cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet);
			}
			out.write(cache, 0, cache.length);
			i++;
			offSet = i * MAX_DECRYPT_BLOCK;
		}
		byte[] decryptedData = out.toByteArray();
		out.close();
		return new String(decryptedData, CharsetUtil.CHARSET_UTF_8);
	}

	/**
	 *  Description:默认的RSA解密方法 一般用来解密 参数 小数据
	 */
	public static String decryptByJs(String data, String privateKeyStr) {
		try{
			KeyFactory keyFactory = KeyFactory.getInstance("RSA");
			byte[] privateKeyArray = privateKeyStr.getBytes();
			byte[] dataArray = data.getBytes();
			PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKeyArray));
			PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
			Cipher cipher = Cipher.getInstance("RSA");
			cipher.init(Cipher.DECRYPT_MODE, privateKey);
			return new String(cipher.doFinal(Base64.decodeBase64(dataArray)), "UTF-8");
		}catch (Exception e){
			e.printStackTrace();
		}
		return "";
	}

	@SneakyThrows
	public static void main(String[] args) {
		// 生成公钥私钥
		/*KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
		keyPairGenerator.initialize(2048);
		KeyPair keyPair = keyPairGenerator.generateKeyPair();
		RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
		RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
		System.out.println("公钥"+Base64.encodeBase64String(publicKey.getEncoded()));
		System.out.println("私钥"+Base64.encodeBase64String(privateKey.getEncoded()));*/

		String messageEn = "AQxvDtcW5x/zb279qBa1FkjBmCzJV/xLoTVs5k81AvF0+GRXAsizxGleeZNkSAzJHDIxSVJ2AaYVznaL7lRc0v0B53l9C1pNebB6aRh+8AUnpMf9tGLTsCpWWlZ/2LZw7UFi6WYGU6FJoIzt9N5UTmZoYM99cv/dzqsuxuSs1GF5GCTmTLsBztfBPlWr3AAFSy6gnT+JYFNWTp8O9vdDXCeTA/RlovJ5eTLXTmekgL703KzbXACUcG3xkpIXjbaAGIu8MIZ+3bzNc4tpfacpvXV+ifbfYRhZ+X5CWkD60vYWZRLt/KCd3hxlFfJr4zVL+rpGy3hRVmgRTgly5LhS2g==";
		String s = URLDecoder.decode(decryptByJs("私钥",messageEn) ,"UTF-8");
		System.out.println(s);
	}

}