时间:2017年4月12日星期三
说明:本文部分内容均来自慕课网。@慕课网:http://www.imooc.com
教学示例源码:https://github.com/zccodere/s...
个人学习源码:https://github.com/zccodere/s...
第一章:概述
1-1 概述
非对称加密算法
高级
双保险
公钥、私钥
DH(Diffie-Hellman)密钥交换算法
RSA基于因子分解
ElGamal基于离散对数
ECC(Elliptical Curve Cryptography)椭圆曲线加密
第二章:密钥交换算法DH
2-1 DH算法概述
对称加密算法回顾
数据安全
密钥管理复杂
密钥传递过程复杂非对称加密算法:DH(密钥交换)
对称加密带来的困扰
构建本地密钥
密钥对称算法实现:
2-2 DH算法实现过程及相关类详解
涉及相关类
初始化发送方密钥
--KeyPairGenerator
--KeyPair
--PublicKey
初始化接收方密钥
--KeyFactory
--X509EncodedKeySpec
--DHPublicKey
--DHParameterSpec
--KeyPairGenerator
--PrivateKey
密钥构建
--KeyAgreement:用来提供密钥一致性(或密钥交换)协议的功能。
--SecretKey:秘密密钥,生成一个分组的秘密密钥。
--KeyFactory
--X509EncodedKeySpec
--PublicKey
加密、解密
--Cipher:为加密解密提供密码功能的类
2-3 DH算法实现
代码演示:
package com.myimooc.security.dh;
import org.apache.commons.codec.binary.Base64;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import java.security.*;
import java.security.spec.X509EncodedKeySpec;
/**
* DH非对称加密演示
* Created by ZC on 2017/4/12.
*/
public class DemoDH {
/** 待加密字符串 */
private static String src="imooc security dh";
public static void main(String[] args){
jdkDH();
}
/** 使用jdk实现DH非对称加密 */
public static void jdkDH(){
try {
// 1.初始化发送方密钥
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DH");
keyPairGenerator.initialize(512);
KeyPair senderKerPair = keyPairGenerator.generateKeyPair();
// 发送方公钥,发送给接收方(网络、文件...)
byte[] senderPublicKeyEnc = senderKerPair.getPublic().getEncoded();
// 2.初始化接收方密钥
KeyFactory receiverKeyFactory = KeyFactory.getInstance("DH");
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(senderPublicKeyEnc);
PublicKey receiverPublicKey = receiverKeyFactory.generatePublic(x509EncodedKeySpec);
DHParameterSpec dhParameterSpec = ((DHPublicKey)receiverPublicKey).getParams();
KeyPairGenerator receiverKeyPairGenerator = KeyPairGenerator.getInstance("DH");
receiverKeyPairGenerator.initialize(dhParameterSpec);
KeyPair receiverKeyPair = receiverKeyPairGenerator.generateKeyPair();
PrivateKey receiverPrivateKey = receiverKeyPair.getPrivate();
byte[] receiverPublicKeyEnc = receiverKeyPair.getPublic().getEncoded();
// 3.密钥构建
KeyAgreement receiverKeyAgreement = KeyAgreement.getInstance("DH");
receiverKeyAgreement.init(receiverPrivateKey);
receiverKeyAgreement.doPhase(receiverPublicKey,true);
SecretKey receiverDesKey = receiverKeyAgreement.generateSecret("DES");
KeyFactory senderKeyFactory = KeyFactory.getInstance("DH");
x509EncodedKeySpec = new X509EncodedKeySpec(receiverPublicKeyEnc);
PublicKey senderPublicKey = senderKeyFactory.generatePublic(x509EncodedKeySpec);
KeyAgreement senderKeyAgreement = KeyAgreement.getInstance("DH");
senderKeyAgreement.init(senderKerPair.getPrivate());
senderKeyAgreement.doPhase(senderPublicKey,true);
SecretKey senderDesKey = senderKeyAgreement.generateSecret("DES");
// if(Objects.equals(receiverDesKey,senderDesKey)){
// System.out.println("双方密钥相同");
// }
// 4.加密
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.ENCRYPT_MODE,senderDesKey);
byte[] result = cipher.doFinal(src.getBytes());
System.out.println("jdk dh encrypt:"+ Base64.encodeBase64String(result));
// 5.解密
cipher.init(Cipher.DECRYPT_MODE,receiverDesKey);
result = cipher.doFinal(result);
System.out.println("jdk dh decrypt:"+ new String(result));
} catch (Exception e) {
e.printStackTrace();
}
}
}
流程演示:
第三章:RSA算法
3-1 RSA算法实现及应用
非对称加密算法:RSA
唯一广泛接受并实现
数据加密&数字签名
公钥加密、私钥解密
私钥加密、公钥解密算法实现:
代码演示:
package com.myimooc.security.rsa;
import org.apache.commons.codec.binary.Base64;
import javax.crypto.Cipher;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
/**
* RSA非对称加密演示
* Created by ZC on 2017/4/12.
*/
public class DemoRSA {
/** 待加密字符串 */
private static String src="imooc security rsa";
public static void main(String[] args){
jdkRSA();
}
public static void jdkRSA(){
try{
// 1.初始化密钥
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(512);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
RSAPublicKey rsaPublicKey = (RSAPublicKey) keyPair.getPublic();
RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) keyPair.getPrivate();
// 2.私钥加密、公钥解密:加密
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(rsaPrivateKey.getEncoded());
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE,privateKey);
byte[] result = cipher.doFinal(src.getBytes());
System.out.println("私钥加密、公钥解密:加密:"+ Base64.encodeBase64String(result));
// 3.私钥加密、公钥解密:解密
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(rsaPublicKey.getEncoded());
keyFactory = KeyFactory.getInstance("RSA");
PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
cipher.init(Cipher.DECRYPT_MODE,publicKey);
result = cipher.doFinal(result);
System.out.println("私钥加密、公钥解密:解密:"+ new String(result));
// 4.公钥加密、私钥解密:加密
x509EncodedKeySpec = new X509EncodedKeySpec(rsaPublicKey.getEncoded());
keyFactory = KeyFactory.getInstance("RSA");
publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
cipher.init(Cipher.ENCRYPT_MODE,publicKey);
result = cipher.doFinal(src.getBytes());
System.out.println("公钥加密、私钥解密:加密:"+ Base64.encodeBase64String(result));
// 5.公钥加密、私钥解密:解密
pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(rsaPrivateKey.getEncoded());
keyFactory = KeyFactory.getInstance("RSA");
privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE,privateKey);
result = cipher.doFinal(result);
System.out.println("公钥加密、私钥解密:解密:"+ new String(result));
}catch (Exception e){
e.printStackTrace();
}
}
}
流程演示:
第四章:ELGamal算法
4-1 ELGamal算法实现
非对称加密算法:ELGamal
公钥加密算法
Bouncy Castle算法实现:
部分代码演示:
package com.myimooc.security.elgamal;
import org.apache.commons.codec.binary.Base64;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.crypto.Cipher;
import javax.crypto.spec.DHParameterSpec;
import java.security.*;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
/**
* ELGamal非对称加密演示
* Created by ZC on 2017/4/12.
*/
public class DemoELGamal {
/** 待加密字符串 */
private static String src="imooc security elgamal";
public static void main(String[] args)throws Exception{
bcELGamal();
}
/** 使用 BouncyCastle 实现 ELGamal 加解密 */
public static void bcELGamal()throws Exception{
// 公钥加密,私钥解密
Security.addProvider(new BouncyCastleProvider());
// 1.初始化密钥
AlgorithmParameterGenerator algorithmParameterGenerator = AlgorithmParameterGenerator.getInstance("ELGamal");
algorithmParameterGenerator.init(256);
AlgorithmParameters algorithmParameters = algorithmParameterGenerator.generateParameters();
DHParameterSpec dhParameterSpec = (DHParameterSpec) algorithmParameters.getParameterSpec(DHParameterSpec.class);
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("ELGamal");
keyPairGenerator.initialize(dhParameterSpec,new SecureRandom());
KeyPair keyPair = keyPairGenerator.generateKeyPair();
PublicKey publicKey = keyPair.getPublic();
PrivateKey privateKey = keyPair.getPrivate();
System.out.println("Public Key:"+ Base64.encodeBase64String(publicKey.getEncoded()));
System.out.println("Private Key:"+ Base64.encodeBase64String(privateKey.getEncoded()));
}
}
流程演示:
非对称加密算法:回顾
公钥、私钥
DH(Diffie-Hellman)密钥交换算法
RSA基于因子分解
ElGamal基于离散对数
