对称加密算法仅有一个密钥,既可用于加密,亦可用于解密。而非对称加密算法拥有两个密钥,一个用于加密,另一个则用于解密。相比对称加密算法的单钥体系,非对称加密算法的双钥体系更为安全。但非对称加密的缺点是加解密速度要远远慢于对称加密。
目前,Java 6中仅仅提供了DH和RSA两种算法实现。通过Boucy Castle可以获得ElGamal算法支持。
DH算法的使用
DH(Diffie-Hellman,密钥交换)算法,是第一个密钥协商算法,仅能用于密钥分配,不能用于加密或解密消息。下面整理DH算法时序:
初始化DH算法密钥对
甲乙双方构建DH算法本地密钥
DH算法加密消息传递
下面是对该算法JAVA实现的信息汇总:
| 算法 | 密钥长度 | 密钥长度默认值 | 工作模式 | 填充方式 | 备注 |
|---|---|---|---|---|---|
| DH | 512至1024位(密钥长度为64的倍数,范围在521~1024位之间) | 1024 | 无 | 无 | Java 6实现 |
下面给出一个使用DH算法的示例:
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PublicKey;
import java.security.PrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.SecretKeySpec;
public abstract class DHCoder {
/**
* 非对称加密密钥算法
*/
public static final String KEY_ALGORITHM = "DH";
/**
* 本地密钥算法,即对称加密密钥算法,可选DES、DESede和AES算法
*/
public static final String SECRET_KEY_ALGORITHM = "AES";
/**
* 默认密钥长度
*
* DH算法默认密钥长度为1024 密钥长度必须是64的倍数,其范围在512到1024位之间。
*/
private static final int KEY_SIZE = 512;
/**
* 公钥
*/
private static final String PUBLIC_KEY = "DHPublicKey";
/**
* 私钥
*/
private static final String PRIVATE_KEY = "DHPrivateKey";
/**
* 初始化甲方密钥
*
* @return Map 甲方密钥Map
* @throws Exception
*/
public static Map<String, Object> initKey() throws Exception {
// 实例化密钥对生成器
KeyPairGenerator keyPairGenerator = KeyPairGenerator
.getInstance(KEY_ALGORITHM);
// 初始化密钥对生成器
keyPairGenerator.initialize(KEY_SIZE);
// 生成密钥对
KeyPair keyPair = keyPairGenerator.generateKeyPair();
// 甲方公钥
DHPublicKey publicKey = (DHPublicKey) keyPair.getPublic();
// 甲方私钥
DHPrivateKey privateKey = (DHPrivateKey) keyPair.getPrivate();
// 将密钥对存储在Map中
Map<String, Object> keyMap = new HashMap<String, Object>(2);
keyMap.put(PUBLIC_KEY, publicKey);
keyMap.put(PRIVATE_KEY, privateKey);
return keyMap;
}
/**
* 初始化乙方密钥
*
* @param key
* 甲方公钥
* @return Map 乙方密钥Map
* @throws Exception
*/
public static Map<String, Object> initKey(byte[] key) throws Exception {
// 解析甲方公钥
// 转换公钥材料
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(key);
// 实例化密钥工厂
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
// 产生公钥
PublicKey pubKey = keyFactory.generatePublic(x509KeySpec);
// 由甲方公钥构建乙方密钥
DHParameterSpec dhParamSpec = ((DHPublicKey) pubKey).getParams();
// 实例化密钥对生成器
KeyPairGenerator keyPairGenerator = KeyPairGenerator
.getInstance(keyFactory.getAlgorithm());
// 初始化密钥对生成器
keyPairGenerator.initialize(dhParamSpec);
// 产生密钥对
KeyPair keyPair = keyPairGenerator.genKeyPair();
// 乙方公钥
DHPublicKey publicKey = (DHPublicKey) keyPair.getPublic();
// 乙方私钥
DHPrivateKey privateKey = (DHPrivateKey) keyPair.getPrivate();
// 将密钥对存储在Map中
Map<String, Object> keyMap = new HashMap<String, Object>(2);
keyMap.put(PUBLIC_KEY, publicKey);
keyMap.put(PRIVATE_KEY, privateKey);
return keyMap;
}
/**
* 加密
*
* @param data
* 待加密数据
* @param key
* 密钥
* @return byte[] 加密数据
* @throws Exception
*/
public static byte[] encrypt(byte[] data, byte[] key) throws Exception {
// 生成本地密钥
SecretKey secretKey = new SecretKeySpec(key, SECRET_KEY_ALGORITHM);
// 数据加密
Cipher cipher = Cipher.getInstance(secretKey.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
return cipher.doFinal(data);
}
/**
* 解密<br>
*
* @param data
* 待解密数据
* @param key
* 密钥
* @return byte[] 解密数据
* @throws Exception
*/
public static byte[] decrypt(byte[] data, byte[] key) throws Exception {
// 生成本地密钥
SecretKey secretKey = new SecretKeySpec(key, SECRET_KEY_ALGORITHM);
// 数据解密
Cipher cipher = Cipher.getInstance(secretKey.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, secretKey);
return cipher.doFinal(data);
}
/**
* 构建密钥
*
* @param publicKey
* 公钥
* @param privateKey
* 私钥
* @return byte[] 本地密钥
* @throws Exception
*/
public static byte[] getSecretKey(byte[] publicKey, byte[] privateKey)
throws Exception {
// 实例化密钥工厂
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
// 初始化公钥
// 密钥材料转换
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(publicKey);
// 产生公钥
PublicKey pubKey = keyFactory.generatePublic(x509KeySpec);
// 初始化私钥
// 密钥材料转换
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(privateKey);
// 产生私钥
PrivateKey priKey = keyFactory.generatePrivate(pkcs8KeySpec);
// 实例化
KeyAgreement keyAgree = KeyAgreement.getInstance(keyFactory
.getAlgorithm());
// 初始化
keyAgree.init(priKey);
keyAgree.doPhase(pubKey, true);
// 生成本地密钥
SecretKey secretKey = keyAgree.generateSecret(SECRET_KEY_ALGORITHM);
return secretKey.getEncoded();
}
/**
* 取得私钥
*
* @param keyMap
* 密钥Map
* @return byte[] 私钥
* @throws Exception
*/
public static byte[] getPrivateKey(Map<String, Object> keyMap)
throws Exception {
Key key = (Key) keyMap.get(PRIVATE_KEY);
return key.getEncoded();
}
/**
* 取得公钥
*
* @param keyMap
* 密钥Map
* @return byte[] 公钥
* @throws Exception
*/
public static byte[] getPublicKey(Map<String, Object> keyMap)
throws Exception {
Key key = (Key) keyMap.get(PUBLIC_KEY);
return key.getEncoded();
}
}
DHCoder的单元测试用例:
import static org.junit.Assert.*;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
import org.junit.Before;
import org.junit.Test;
public class DHCoderTest {
/**
* 甲方公钥
*/
private byte[] publicKey1;
/**
* 甲方私钥
*/
private byte[] privateKey1;
/**
* 甲方本地密钥
*/
private byte[] key1;
/**
* 乙方公钥
*/
private byte[] publicKey2;
/**
* 乙方私钥
*/
private byte[] privateKey2;
/**
* 乙方本地密钥
*/
private byte[] key2;
/**
* 初始化密钥
*
* @throws Exception
*/
@Before
public final void initKey() throws Exception {
// 生成甲方密钥对儿
Map<String, Object> keyMap1 = DHCoder.initKey();
publicKey1 = DHCoder.getPublicKey(keyMap1);
privateKey1 = DHCoder.getPrivateKey(keyMap1);
System.err.println("甲方公钥:\n" + Base64.encodeBase64String(publicKey1));
System.err.println("甲方私钥:\n" + Base64.encodeBase64String(privateKey1));
// 由甲方公钥产生本地密钥对儿
Map<String, Object> keyMap2 = DHCoder.initKey(publicKey1);
publicKey2 = DHCoder.getPublicKey(keyMap2);
privateKey2 = DHCoder.getPrivateKey(keyMap2);
System.err.println("乙方公钥:\n" + Base64.encodeBase64String(publicKey2));
System.err.println("乙方私钥:\n" + Base64.encodeBase64String(privateKey2));
key1 = DHCoder.getSecretKey(publicKey2, privateKey1);
System.err.println("甲方本地密钥:\n" + Base64.encodeBase64String(key1));
key2 = DHCoder.getSecretKey(publicKey1, privateKey2);
System.err.println("乙方本地密钥:\n" + Base64.encodeBase64String(key2));
assertArrayEquals(key1, key2);
}
/**
* 校验
*
* @throws Exception
*/
@Test
public final void test() throws Exception {
System.err.println("\n=====甲方向乙方发送加密数据=====");
String input1 = "密码交换算法 ";
System.err.println("原文: " + input1);
System.err.println("---使用甲方本地密钥对数据加密---");
// 使用甲方本地密钥对数据加密
byte[] code1 = DHCoder.encrypt(input1.getBytes(), key1);
System.err.println("加密: " + Base64.encodeBase64String(code1));
System.err.println("---使用乙方本地密钥对数据解密---");
// 使用乙方本地密钥对数据解密
byte[] decode1 = DHCoder.decrypt(code1, key2);
String output1 = (new String(decode1));
System.err.println("解密: " + output1);
assertEquals(input1, output1);
System.err.println("\n=====乙方向甲方发送加密数据=====");
String input2 = "DH";
System.err.println("原文: " + input2);
System.err.println("---使用乙方本地密钥对数据加密---");
// 使用乙方本地密钥对数据加密
byte[] code2 = DHCoder.encrypt(input2.getBytes(), key2);
System.err.println("加密: " + Base64.encodeBase64String(code2));
System.err.println("---使用甲方本地密钥对数据解密---");
// 使用甲方本地密钥对数据解密
byte[] decode2 = DHCoder.decrypt(code2, key1);
String output2 = (new String(decode2));
System.err.println("解密: " + output2);
// 校验
assertEquals(input2, output2);
}
}
RSA算法的使用
RSA典型非对称加密算法,基于大数因子分解难题。甲方构建密钥对,发送公钥给乙方;甲方使用私钥加密,乙方使用公钥解密;乙方使用公钥加密,甲方使用私钥解密。
构建RSA算法密钥对
RSA算法加密解密
下面是对该算法JAVA实现的信息汇总:
| 算法 | 密钥长度 | 密钥长度默认值 | 工作模式 | 填充方式 | 备注 |
|---|---|---|---|---|---|
| RSA | 512~65536位(密钥长度为64的倍数) | 1024 | ECB | NoPadding、PKCS1Padding、OAEPWITHMD5AndMGF1Padding、OAEPWITHSHA1AndMGF1Padding、OAEPWITHSHA256AndMGF1Padding、OAEPWITHSHA384AndMGF1Padding、OAEPWITHSHA512AndMGF1Padding | Java 6实现 |
| RSA | 同上 | 2048 | NONE | NoPadding、PKCS1Padding、OAEPWITHMD5AndMGF1Padding、OAEPWITHSHA1AndMGF1Padding、OAEPWITHSHA256AndMGF1Padding、OAEPWITHSHA384AndMGF1Padding、OAEPWITHSHA512AndMGF1Padding、ISO9796-1Padding | BC实现 |
下面给出一个使用RSA算法的示例:
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Cipher;
public abstract class RSACoder {
/**
* 非对称加密密钥算法
*/
public static final String KEY_ALGORITHM = "RSA";
/**
* 公钥
*/
private static final String PUBLIC_KEY = "RSAPublicKey";
/**
* 私钥
*/
private static final String PRIVATE_KEY = "RSAPrivateKey";
/**
* RSA密钥长度
* 默认1024位,
* 密钥长度必须是64的倍数,
* 范围在512至65536位之间。
*/
private static final int KEY_SIZE = 512;
/**
* 私钥解密
*
* @param data
* 待解密数据
* @param key
* 私钥
* @return byte[] 解密数据
* @throws Exception
*/
public static byte[] decryptByPrivateKey(byte[] data, byte[] key)
throws Exception {
// 取得私钥
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(key);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
// 生成私钥
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
// 对数据解密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, privateKey);
return cipher.doFinal(data);
}
/**
* 公钥解密
*
* @param data
* 待解密数据
* @param key
* 公钥
* @return byte[] 解密数据
* @throws Exception
*/
public static byte[] decryptByPublicKey(byte[] data, byte[] key)
throws Exception {
// 取得公钥
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(key);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
// 生成公钥
PublicKey publicKey = keyFactory.generatePublic(x509KeySpec);
// 对数据解密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, publicKey);
return cipher.doFinal(data);
}
/**
* 公钥加密
*
* @param data
* 待加密数据
* @param key
* 公钥
* @return byte[] 加密数据
* @throws Exception
*/
public static byte[] encryptByPublicKey(byte[] data, byte[] key)
throws Exception {
// 取得公钥
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(key);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
PublicKey publicKey = keyFactory.generatePublic(x509KeySpec);
// 对数据加密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
return cipher.doFinal(data);
}
/**
* 私钥加密
*
* @param data
* 待加密数据
* @param key
* 私钥
* @return byte[] 加密数据
* @throws Exception
*/
public static byte[] encryptByPrivateKey(byte[] data, byte[] key)
throws Exception {
// 取得私钥
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(key);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
// 生成私钥
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
// 对数据加密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
return cipher.doFinal(data);
}
/**
* 取得私钥
*
* @param keyMap
* 密钥Map
* @return byte[] 私钥
* @throws Exception
*/
public static byte[] getPrivateKey(Map<String, Object> keyMap)
throws Exception {
Key key = (Key) keyMap.get(PRIVATE_KEY);
return key.getEncoded();
}
/**
* 取得公钥
*
* @param keyMap
* 密钥Map
* @return byte[] 公钥
* @throws Exception
*/
public static byte[] getPublicKey(Map<String, Object> keyMap)
throws Exception {
Key key = (Key) keyMap.get(PUBLIC_KEY);
return key.getEncoded();
}
/**
* 初始化密钥
*
* @return Map 密钥Map
* @throws Exception
*/
public static Map<String, Object> initKey() throws Exception {
// 实例化密钥对生成器
KeyPairGenerator keyPairGen = KeyPairGenerator
.getInstance(KEY_ALGORITHM);
// 初始化密钥对生成器
keyPairGen.initialize(KEY_SIZE);
// 生成密钥对
KeyPair keyPair = keyPairGen.generateKeyPair();
// 公钥
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
// 私钥
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
// 封装密钥
Map<String, Object> keyMap = new HashMap<String, Object>(2);
keyMap.put(PUBLIC_KEY, publicKey);
keyMap.put(PRIVATE_KEY, privateKey);
return keyMap;
}
}
RSA单元测试用例:
import static org.junit.Assert.*;
import org.apache.commons.codec.binary.Base64;
import org.junit.Before;
import org.junit.Test;
import java.util.Map;
public class RSACoderTest {
/**
* 公钥
*/
private byte[] publicKey;
/**
* 私钥
*/
private byte[] privateKey;
/**
* 初始化密钥
*
* @throws Exception
*/
@Before
public void initKey() throws Exception {
// 初始化密钥
Map<String, Object> keyMap = RSACoder.initKey();
publicKey = RSACoder.getPublicKey(keyMap);
privateKey = RSACoder.getPrivateKey(keyMap);
System.err.println("公钥: \n" + Base64.encodeBase64String(publicKey));
System.err.println("私钥: \n" + Base64.encodeBase64String(privateKey));
}
/**
* 校验
*
* @throws Exception
*/
@Test
public void test() throws Exception {
System.err.println("\n---私钥加密——公钥解密---");
String inputStr1 = "RSA加密算法";
byte[] data1 = inputStr1.getBytes();
System.err.println("原文:\n" + inputStr1);
// 加密
byte[] encodedData1 = RSACoder.encryptByPrivateKey(data1, privateKey);
System.err.println("加密后:\n" + Base64.encodeBase64String(encodedData1));
// 解密
byte[] decodedData1 = RSACoder.decryptByPublicKey(encodedData1,
publicKey);
String outputStr1 = new String(decodedData1);
System.err.println("解密后:\n" + outputStr1);
// 校验
assertEquals(inputStr1, outputStr1);
System.err.println("\n---公钥加密——私钥解密---");
String inputStr2 = "RSA Encypt Algorithm";
byte[] data2 = inputStr2.getBytes();
System.err.println("原文:\n" + inputStr2);
// 加密
byte[] encodedData2 = RSACoder.encryptByPublicKey(data2, publicKey);
System.err.println("加密后:\n" + Base64.encodeBase64String(encodedData2));
// 解密
byte[] decodedData2 = RSACoder.decryptByPrivateKey(encodedData2,
privateKey);
String outputStr2 = new String(decodedData2);
System.err.println("解密后: " + outputStr2);
// 校验
assertEquals(inputStr2, outputStr2);
}
}
ElGamal算法的使用
ElGamal算法,是一种基于离散对数问题的非对称加密算法,该算法即可用于加密,又可用于数字签名。ElGamal具有较好的安全性,但它的密文会成倍的扩张。该算法遵循“公钥加密,私钥解密”。
ElGamal加密数据传输
下面是对该算法JAVA实现的信息汇总:
| 算法 | 密钥长度 | 密钥长度默认值 | 工作模式 | 填充方式 | 备注 |
|---|---|---|---|---|---|
| ElGamal | 160~16384位(密钥长度为8的倍数) | 1024 | ECB、NONE | NoPadding、PKCS1Padding、OAEPWITHMD5AndMGF1Padding、OAEPWITHSHA1AndMGF1Padding、OAEPWITHSHA224AndMGF1Padding、OAEPWITHSHA256AndMGF1Padding、OAEPWITHSHA384AndMGF1Padding、OAEPWITHSHA512AndMGF1Padding、ISO9796-1Padding | BC实现 |
下面是实现ElGamal算法的一个示例:
import java.security.AlgorithmParameterGenerator;
import java.security.AlgorithmParameters;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.spec.DHParameterSpec;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
public abstract class ElGamalCoder {
/**
* 非对称加密密钥算法
*/
public static final String KEY_ALGORITHM = "ElGamal";
/**
* 密钥长度
*
* ElGamal算法默认密钥长度为1024
* 密钥长度范围在160位至16,384位不等。
*/
private static final int KEY_SIZE = 256;
/**
* 公钥
*/
private static final String PUBLIC_KEY = "ElGamalPublicKey";
/**
* 私钥
*/
private static final String PRIVATE_KEY = "ElGamalPrivateKey";
/**
* 用私钥解密
*
* @param data
* 待解密数据
* @param key
* 私钥
* @return byte[] 解密数据
* @throws Exception
*/
public static byte[] decryptByPrivateKey(byte[] data, byte[] key)
throws Exception {
// 加入BouncyCastleProvider支持
Security.addProvider(new BouncyCastleProvider());
// 私钥材料转换
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(key);
// 实例化密钥工厂
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
// 生成私钥
Key privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
// 对数据解密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, privateKey);
return cipher.doFinal(data);
}
/**
* 用公钥加密
*
* @param data
* 待加密数据
* @param key
* 公钥
* @return byte[] 加密数据
* @throws Exception
*/
public static byte[] encryptByPublicKey(byte[] data, byte[] key)
throws Exception {
// 加入BouncyCastleProvider支持
Security.addProvider(new BouncyCastleProvider());
// 公钥材料转换
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(key);
// 实例化密钥工厂
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
// 生成公钥
Key publicKey = keyFactory.generatePublic(x509KeySpec);
// 对数据加密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
return cipher.doFinal(data);
}
/**
* 生成密钥
*
* @return Map 密钥Map
* @throws Exception
*/
public static Map<String, Object> initKey() throws Exception {
// 加入BouncyCastleProvider支持
Security.addProvider(new BouncyCastleProvider());
// 实例化算法参数生成器
AlgorithmParameterGenerator apg = AlgorithmParameterGenerator
.getInstance(KEY_ALGORITHM);
// 初始化算法参数生成器
apg.init(KEY_SIZE);
// 生成算法参数
AlgorithmParameters params = apg.generateParameters();
// 构建参数材料
DHParameterSpec elParams = (DHParameterSpec) params
.getParameterSpec(DHParameterSpec.class);
// 实例化密钥对儿生成器
KeyPairGenerator kpg = KeyPairGenerator.getInstance(KEY_ALGORITHM);
// 初始化密钥对儿生成器
kpg.initialize(elParams, new SecureRandom());
// 生成密钥对儿
KeyPair keys = kpg.genKeyPair();
// 取得密钥
PublicKey publicKey = keys.getPublic();
PrivateKey privateKey = keys.getPrivate();
// 封装密钥
Map<String, Object> map = new HashMap<String, Object>(2);
map.put(PUBLIC_KEY, publicKey);
map.put(PRIVATE_KEY, privateKey);
return map;
}
/**
* 取得私钥
*
* @param keyMap
* 密钥Map
* @return byte[] 私钥
* @throws Exception
*/
public static byte[] getPrivateKey(Map<String, Object> keyMap)
throws Exception {
Key key = (Key) keyMap.get(PRIVATE_KEY);
return key.getEncoded();
}
/**
* 取得公钥
*
* @param keyMap
* @return
* @throws Exception
*/
public static byte[] getPublicKey(Map<String, Object> keyMap)
throws Exception {
Key key = (Key) keyMap.get(PUBLIC_KEY);
return key.getEncoded();
}
}
并给出相应的单元测试用例:
import static org.junit.Assert.*;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
import org.junit.Before;
import org.junit.Test;
public class ElGamalCoderTest {
/**
* 公钥
*/
private byte[] publicKey;
/**
* 私钥
*/
private byte[] privateKey;
/**
* 初始化密钥
*
* @throws Exception
*/
@Before
public void initKey() throws Exception {
Map<String, Object> keyMap = ElGamalCoder.initKey();
publicKey = ElGamalCoder.getPublicKey(keyMap);
privateKey = ElGamalCoder.getPrivateKey(keyMap);
System.err.println("公钥: \n" + Base64.encodeBase64String(publicKey));
System.err.println("私钥: \n" + Base64.encodeBase64String(privateKey));
}
/**
* 校验
*
* @throws Exception
*/
@Test
public void test() throws Exception {
String inputStr = "ElGamal加密";
byte[] data = inputStr.getBytes();
System.err.println("原文: \n" + inputStr);
byte[] encodedData = ElGamalCoder.encryptByPublicKey(data, publicKey);
System.err.println("加密后: \n" + Base64.encodeBase64String(encodedData));
byte[] decodedData = ElGamalCoder.decryptByPrivateKey(encodedData,
privateKey);
String outputStr = new String(decodedData);
System.err.println("解密后: \n" + outputStr);
assertEquals(inputStr, outputStr);
}
}
