信息计算2019级1班14号钱星一

钱星一 · 发表于 2022-6-2 13:59:20

本帖最后由钱星一于 2022-6-2 13:59 编辑

RSA签名和加密

一、Java实现RSA签名和加密
RSA属于非对称加密算法，有两个密钥。区别于共享密钥的对称加密算法，如DES和AES。公钥可以共享给任何人，私钥自己进行保管。公钥用于加密数据，使得该加密数据只能用私钥进行解密；私钥也可用于签名数据，签名和数据一起发送，然后使用公钥验证数据是否被篡改。

二、RSA实现密钥对
在实际做任何形式加密之前，需要有公钥和私钥两个密钥对。幸运的是，Java提供了非常简单的方法，首先获得RSA KeyPairGenerator实例，然后使用2048为长度进行初始化并传入SecureRandom实例。后者用作生成器的熵或随机数据源。第三行生成密钥对，所有内容都就是这样，非常简单。如果需要使用密钥对存储器，需要使用Java KeyStore工具,后面会详细解释。

三、加密和解密
这里使用base64编码，主要是典型的REST API中很常用，我们当然也可以不用base64编码而直接使用字节数组。确保明确地且一致地为字符串指定字节编码。否则字节错位将导致密文和无法解密或验证签名。首先获得RSA密码实例并设置为加密模式，然后使用公钥加密消息。然后一次性传入消息字符串的字节数组并获得加密后的字节数组，最后转码并返回。运维RSA是相当慢，比对称加密算法如AES要慢的多。

四、签名与验证
我们使用公钥进行加密，然后使用私钥解密。理论上反过来也行（私钥加密，公钥解密），但这不安全且大多数库(包括java.security)也不支持。然而，这种方式在构建API时比较有用。使用私钥对消息进行签名，然后使用公钥进行验证签名。这种机制可以确保消息确实来着公钥创建者(私钥持有者)，使得传输过程消息不会被篡改。
五、运行结果

钱星一 · 发表于 2022-6-2 14:00:09

程序代码：
Base64.java

package com.ihep;
public final class Base64 {
static private final int BASELENGTH = 128;
static private final int LOOKUPLENGTH = 64;
static private final int TWENTYFOURBITGROUP = 24;
static private final int EIGHTBIT = 8;
static private final int SIXTEENBIT = 16;
static private final int FOURBYTE = 4;
static private final int SIGN = -128;
static private final char PAD = '=';
static private final boolean fDebug = false;
static final private byte[] base64Alphabet = new byte[BASELENGTH];
static final private char[] lookUpBase64Alphabet = new char[LOOKUPLENGTH];
static {
for (int i = 0; i < BASELENGTH; ++i) {
base64Alphabet[i] = -1;
}
for (int i = 'Z'; i >= 'A'; i--) {
base64Alphabet[i] = (byte) (i - 'A');
}
for (int i = 'z'; i >= 'a'; i--) {
base64Alphabet[i] = (byte) (i - 'a' + 26);
}
for (int i = '9'; i >= '0'; i--) {
base64Alphabet[i] = (byte) (i - '0' + 52);
}
base64Alphabet['+'] = 62;
base64Alphabet['/'] = 63;
for (int i = 0; i <= 25; i++) {
lookUpBase64Alphabet[i] = (char) ('A' + i);
}
for (int i = 26, j = 0; i <= 51; i++, j++) {
lookUpBase64Alphabet[i] = (char) ('a' + j);
}
for (int i = 52, j = 0; i <= 61; i++, j++) {
lookUpBase64Alphabet[i] = (char) ('0' + j);
}
lookUpBase64Alphabet[62] = (char) '+';
lookUpBase64Alphabet[63] = (char) '/';
}
private static boolean isWhiteSpace(char octect) {
return (octect == 0x20 || octect == 0xd || octect == 0xa || octect == 0x9);
}
private static boolean isPad(char octect) {
return (octect == PAD);
}
private static boolean isData(char octect) {
return (octect < BASELENGTH && base64Alphabet[octect] != -1);
}
public static String encode(byte[] binaryData) {
if (binaryData == null) {
return null;
}
int lengthDataBits = binaryData.length * EIGHTBIT;
if (lengthDataBits == 0) {
return "";
}
int fewerThan24bits = lengthDataBits % TWENTYFOURBITGROUP;
int numberTriplets = lengthDataBits / TWENTYFOURBITGROUP;
int numberQuartet = fewerThan24bits != 0 ? numberTriplets + 1 : numberTriplets;
char encodedData[] = null;
encodedData = new char[numberQuartet * 4];
byte k = 0, l = 0, b1 = 0, b2 = 0, b3 = 0;
int encodedIndex = 0;
int dataIndex = 0;
if (fDebug) {
System.out.println("number of triplets = " + numberTriplets);
}
for (int i = 0; i < numberTriplets; i++) {
b1 = binaryData[dataIndex++];
b2 = binaryData[dataIndex++];
b3 = binaryData[dataIndex++];
if (fDebug) {
System.out.println("b1= " + b1 + ", b2= " + b2 + ", b3= " + b3);
}
l = (byte) (b2 & 0x0f);
k = (byte) (b1 & 0x03);
byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4) : (byte) ((b2) >> 4 ^ 0xf0);
byte val3 = ((b3 & SIGN) == 0) ? (byte) (b3 >> 6) : (byte) ((b3) >> 6 ^ 0xfc);
if (fDebug) {
System.out.println("val2 = " + val2);
System.out.println("k4 = " + (k << 4));
System.out.println("vak = " + (val2 | (k << 4)));
}
encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
encodedData[encodedIndex++] = lookUpBase64Alphabet[val2 | (k << 4)];
encodedData[encodedIndex++] = lookUpBase64Alphabet[(l << 2) | val3];
encodedData[encodedIndex++] = lookUpBase64Alphabet[b3 & 0x3f];
}
// form integral number of 6-bit groups
if (fewerThan24bits == EIGHTBIT) {
b1 = binaryData[dataIndex];
k = (byte) (b1 & 0x03);
if (fDebug) {
System.out.println("b1=" + b1);
System.out.println("b1<<2 = " + (b1 >> 2));
}
byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
encodedData[encodedIndex++] = lookUpBase64Alphabet[k << 4];
encodedData[encodedIndex++] = PAD;
encodedData[encodedIndex++] = PAD;
} else if (fewerThan24bits == SIXTEENBIT) {
b1 = binaryData[dataIndex];
b2 = binaryData[dataIndex + 1];
l = (byte) (b2 & 0x0f);
k = (byte) (b1 & 0x03);
byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4) : (byte) ((b2) >> 4 ^ 0xf0);
encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
encodedData[encodedIndex++] = lookUpBase64Alphabet[val2 | (k << 4)];
encodedData[encodedIndex++] = lookUpBase64Alphabet[l << 2];
encodedData[encodedIndex++] = PAD;
}
return new String(encodedData);
}
public static byte[] decode(String encoded) {
if (encoded == null) {
return null;
}
char[] base64Data = encoded.toCharArray();
// remove white spaces
int len = removeWhiteSpace(base64Data);
if (len % FOURBYTE != 0) {
return null;//should be divisible by four
}
int numberQuadruple = (len / FOURBYTE);
if (numberQuadruple == 0) {
return new byte[0];
}
byte decodedData[] = null;
byte b1 = 0, b2 = 0, b3 = 0, b4 = 0;
char d1 = 0, d2 = 0, d3 = 0, d4 = 0;
int i = 0;
int encodedIndex = 0;
int dataIndex = 0;
decodedData = new byte[(numberQuadruple) * 3];
for (; i < numberQuadruple - 1; i++) {
if (!isData((d1 = base64Data[dataIndex++])) || !isData((d2 = base64Data[dataIndex++]))
|| !isData((d3 = base64Data[dataIndex++]))
|| !isData((d4 = base64Data[dataIndex++]))) {
return null;
}//if found "no data" just return null
b1 = base64Alphabet[d1];
b2 = base64Alphabet[d2];
b3 = base64Alphabet[d3];
b4 = base64Alphabet[d4];
decodedData[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
decodedData[encodedIndex++] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
decodedData[encodedIndex++] = (byte) (b3 << 6 | b4);
}
if (!isData((d1 = base64Data[dataIndex++])) || !isData((d2 = base64Data[dataIndex++]))) {
return null;//if found "no data" just return null
}
b1 = base64Alphabet[d1];
b2 = base64Alphabet[d2];
d3 = base64Data[dataIndex++];
d4 = base64Data[dataIndex++];
if (!isData((d3)) || !isData((d4))) {//Check if they are PAD characters
if (isPad(d3) && isPad(d4)) {
if ((b2 & 0xf) != 0)//last 4 bits should be zero
{
return null;
}
byte[] tmp = new byte[i * 3 + 1];
System.arraycopy(decodedData, 0, tmp, 0, i * 3);
tmp[encodedIndex] = (byte) (b1 << 2 | b2 >> 4);
return tmp;
} else if (!isPad(d3) && isPad(d4)) {
b3 = base64Alphabet[d3];
if ((b3 & 0x3) != 0)//last 2 bits should be zero
{
return null;
}
byte[] tmp = new byte[i * 3 + 2];
System.arraycopy(decodedData, 0, tmp, 0, i * 3);
tmp[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
tmp[encodedIndex] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
return tmp;
} else {
return null;
}
} else { //No PAD e.g 3cQl
b3 = base64Alphabet[d3];
b4 = base64Alphabet[d4];
decodedData[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
decodedData[encodedIndex++] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
decodedData[encodedIndex++] = (byte) (b3 << 6 | b4);
}
return decodedData;
}
private static int removeWhiteSpace(char[] data) {
if (data == null) {
return 0;
}
// count characters that's not whitespace
int newSize = 0;
int len = data.length;
for (int i = 0; i < len; i++) {
if (!isWhiteSpace(data[i])) {
data[newSize++] = data[i];
}
}
return newSize;
}
}

复制代码

钱星一 · 发表于 2022-6-2 14:01:58

maintest.java

package com.ihep;
public class MainTest {
public static void main(String[] args) throws Exception {
String filepath = "E:/tmp/";
// 生成公钥和私钥文件
RSAEncrypt.genKeyPair(filepath);
System.out.println("--------------公钥加密私钥解密过程-------------------");
String plainText = "钊钊致命";
// 公钥加密过程，得到加密后的数据
byte[] cipherData = RSAEncrypt.encrypt(RSAEncrypt.loadPublicKeyByStr(RSAEncrypt.loadPublicKeyByFile(filepath)), plainText.getBytes());
// 对加密数据进行编码处理，得到加密后的字符串
String cipher = Base64.encode(cipherData);
// 私钥解密过程
byte[] res = RSAEncrypt.decrypt(RSAEncrypt.loadPrivateKeyByStr(RSAEncrypt.loadPrivateKeyByFile(filepath)), Base64.decode(cipher));
String restr = new String(res);
System.out.println("原文：" + plainText);
System.out.println("加密：" + cipher);
System.out.println("解密：" + restr);
System.out.println();
System.out.println("--------------私钥加密公钥解密过程-------------------");
plainText = "钊钊致命";
//私钥加密过程
cipherData = RSAEncrypt.encrypt(RSAEncrypt.loadPrivateKeyByStr(RSAEncrypt.loadPrivateKeyByFile(filepath)), plainText.getBytes());
cipher = Base64.encode(cipherData);
//公钥解密过程
res = RSAEncrypt.decrypt(RSAEncrypt.loadPublicKeyByStr(RSAEncrypt.loadPublicKeyByFile(filepath)), Base64.decode(cipher));
restr = new String(res);
System.out.println("原文：" + plainText);
System.out.println("加密：" + cipher);
System.out.println("解密：" + restr);
System.out.println();
System.out.println("---------------私钥签名过程------------------");
String content = "我想喝奶盖";
String signstr = RSASignature.sign(content, RSAEncrypt.loadPrivateKeyByFile(filepath));
System.out.println("签名原串：" + content);
System.out.println("签名串：" + signstr);
System.out.println();
System.out.println("---------------公钥校验签名------------------");
System.out.println("签名原串：" + content);
System.out.println("签名串：" + signstr);
System.out.println("验签结果：" + RSASignature.doCheck(content, signstr, RSAEncrypt.loadPublicKeyByFile(filepath)));
System.out.println();
}
}

复制代码

钱星一 · 发表于 2022-6-2 14:03:26

RSAEncrypt.java

package com.ihep;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import java.io.*;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
private static final char[] HEX_CHAR = {'0', '1', '2', '3', '4', '5', '6',
'7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
public static void genKeyPair(String filePath) {
// 密钥对生成器
KeyPairGenerator keyPairGen = null;
try {
// KeyPairGenerator类用于生成公钥和私钥对，基于RSA算法生成对象
keyPairGen = KeyPairGenerator.getInstance("RSA");
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
// 初始化密钥对生成器，密钥大小为96-1024位
keyPairGen.initialize(1024, new SecureRandom());
// 生成一个密钥对，保存在keyPair中
KeyPair keyPair = keyPairGen.generateKeyPair();
// 得到私钥
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
// 得到公钥
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
try {
// 得到公钥字符串
String publicKeyString = Base64.encode(publicKey.getEncoded());
// 得到私钥字符串
String privateKeyString = Base64.encode(privateKey.getEncoded());
// 将密钥对写入到文件
FileWriter pubfw = new FileWriter(filePath + "/publicKey.keystore");
FileWriter prifw = new FileWriter(filePath + "/privateKey.keystore");
BufferedWriter pubbw = new BufferedWriter(pubfw);
BufferedWriter pribw = new BufferedWriter(prifw);
pubbw.write(publicKeyString);
pribw.write(privateKeyString);
pubbw.flush();
pubbw.close();
pubfw.close();
pribw.flush();
pribw.close();
prifw.close();
} catch (Exception e) {
e.printStackTrace();
}
}
public static String loadPublicKeyByFile(String path) throws Exception {
try {
BufferedReader br = new BufferedReader(new FileReader(path
+ "/publicKey.keystore"));
String readLine = null;
StringBuilder sb = new StringBuilder();
while ((readLine = br.readLine()) != null) {
sb.append(readLine);
}
br.close();
return sb.toString();
} catch (IOException e) {
throw new Exception("公钥数据流读取错误");
} catch (NullPointerException e) {
throw new Exception("公钥输入流为空");
}
}
public static RSAPublicKey loadPublicKeyByStr(String publicKeyStr)
throws Exception {
try {
byte[] buffer = Base64.decode(publicKeyStr);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(buffer);
return (RSAPublicKey) keyFactory.generatePublic(keySpec);
} catch (NoSuchAlgorithmException e) {
throw new Exception("无此算法");
} catch (InvalidKeySpecException e) {
throw new Exception("公钥非法");
} catch (NullPointerException e) {
throw new Exception("公钥数据为空");
}
}
public static String loadPrivateKeyByFile(String path) throws Exception {
try {
BufferedReader br = new BufferedReader(new FileReader(path
+ "/privateKey.keystore"));
String readLine = null;
StringBuilder sb = new StringBuilder();
while ((readLine = br.readLine()) != null) {
sb.append(readLine);
}
br.close();
/** 该字符串从私钥文件中获取，称之为私钥字符串
* MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBALaIDyyav7J8oD/8sONfP772aa1foDlHmoXRArqe+2po14c1q7nGR8DLk
* 55J0sgxt/EOvtvxtwo4cPFtoLSBzdKVn/ZmR7uyHQXsMzqcmz7n7DGAzNNqxlu0SLHVjZ4HscWxnC+dGa037Ec9m5DKRT6aMckNmxZp3G
* xic9wzId6zAgMBAAECgYEAhpOUFH/XvEH0aJjm1gzA1AubaI8rc2/edrDeQTe8B/1agr7IaMTO3E97++VT+fPmOV10zHbPTELGysnYBZ3
* 6X/wLaKs+GMO/uewNAsyu46u3izwNVCygBiM62mlmhk3Y9J8ZcmoQHzXGV0p0TuGJsIlAofCAN1ielWLPcEVUPckCQQDoQm4GKe2C26oU
* aXRwLy2WLczfmqLTlJ8QyJs8ruL78JikhDgLWaLPBJ+lHmTxahC4HjJ9LhNxNVcpbyMiHhM1AkEAyTBjkOGwBJTlYMmS1hn6BoqA5xCRF
* Iv8gZZMxj+xcvSSEfZU9ObVArOBQRUoIO3GdsyaVfG/DNwuP7zGI16/RwJBAMfyIEu4HpsvxeyKmE3Xn5QQ27WHpzMkWAeX22RTXl7r0k
* yW8rR6txkm7tS0JMxbtgb7IBX564zjEaU+4u0FHR0CQG+v+zYM9Ag3GHd4r5lH5nMHJLQhkEjVxaGy7IAKD9p/Ry/NjjA+jPXo7NJSimp
* tVYXR48PeZm8fNFWR2HT+PjUCQFu3yN71iiXA0EW35Y1HHIE814gUV/O5T4gpUNzK9NLvHLFQNbzgoZER5yIGgBWDju1keBkojm8P69A7
* qdtXILU=
*/
return sb.toString();
} catch (IOException e) {
throw new Exception("私钥数据读取错误");
} catch (NullPointerException e) {
throw new Exception("私钥输入流为空");
}
}
public static RSAPrivateKey loadPrivateKeyByStr(String privateKeyStr)
throws Exception {
try {
byte[] buffer = Base64.decode(privateKeyStr);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(buffer);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
return (RSAPrivateKey) keyFactory.generatePrivate(keySpec);
} catch (NoSuchAlgorithmException e) {
throw new Exception("无此算法");
} catch (InvalidKeySpecException e) {
throw new Exception("私钥非法");
} catch (NullPointerException e) {
throw new Exception("私钥数据为空");
}
}
public static byte[] encrypt(RSAPublicKey publicKey, byte[] plainTextData)
throws Exception {
if (publicKey == null) {
throw new Exception("加密公钥为空, 请设置");
}
Cipher cipher = null;
try {
// 使用默认RSA
cipher = Cipher.getInstance("RSA");
// cipher= Cipher.getInstance("RSA", new BouncyCastleProvider());
// 初始化算法:公钥加密
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
// 公钥加密后的字节数组
byte[] output = cipher.doFinal(plainTextData);
return output;
} catch (NoSuchAlgorithmException e) {
throw new Exception("无此加密算法");
} catch (NoSuchPaddingException e) {
e.printStackTrace();
return null;
} catch (InvalidKeyException e) {
throw new Exception("加密公钥非法,请检查");
} catch (IllegalBlockSizeException e) {
throw new Exception("明文长度非法");
} catch (BadPaddingException e) {
throw new Exception("明文数据已损坏");
}
}
public static byte[] encrypt(RSAPrivateKey privateKey, byte[] plainTextData)
throws Exception {
if (privateKey == null) {
throw new Exception("加密私钥为空, 请设置");
}
Cipher cipher = null;
try {
// 使用默认RSA
cipher = Cipher.getInstance("RSA");
// 初始化算法：私钥加密
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
// 加密后的密文数据，以字符数组的形式存在
byte[] output = cipher.doFinal(plainTextData);
return output;
} catch (NoSuchAlgorithmException e) {
throw new Exception("无此加密算法");
} catch (NoSuchPaddingException e) {
e.printStackTrace();
return null;
} catch (InvalidKeyException e) {
throw new Exception("加密私钥非法,请检查");
} catch (IllegalBlockSizeException e) {
throw new Exception("明文长度非法");
} catch (BadPaddingException e) {
throw new Exception("明文数据已损坏");
}
}
public static byte[] decrypt(RSAPrivateKey privateKey, byte[] cipherData)
throws Exception {
if (privateKey == null) {
throw new Exception("解密私钥为空, 请设置");
}
Cipher cipher = null;
try {
// 使用默认RSA
cipher = Cipher.getInstance("RSA");
// cipher= Cipher.getInstance("RSA", new BouncyCastleProvider());
// 初始化解密算法：私钥解密
cipher.init(Cipher.DECRYPT_MODE, privateKey);
// 解密，生成以字符数组形式存在的明文数据
byte[] output = cipher.doFinal(cipherData);
return output;
} catch (NoSuchAlgorithmException e) {
throw new Exception("无此解密算法");
} catch (NoSuchPaddingException e) {
e.printStackTrace();
return null;
} catch (InvalidKeyException e) {
throw new Exception("解密私钥非法,请检查");
} catch (IllegalBlockSizeException e) {
throw new Exception("密文长度非法");
} catch (BadPaddingException e) {
throw new Exception("密文数据已损坏");
}
}
public static byte[] decrypt(RSAPublicKey publicKey, byte[] cipherData)
throws Exception {
if (publicKey == null) {
throw new Exception("解密公钥为空, 请设置");
}
Cipher cipher = null;
try {
// 使用默认RSA
cipher = Cipher.getInstance("RSA");
// cipher= Cipher.getInstance("RSA", new BouncyCastleProvider());
// 初始化加密算法：公钥解密
cipher.init(Cipher.DECRYPT_MODE, publicKey);
byte[] output = cipher.doFinal(cipherData);
// 以字符数组形式存在的明文数据
return output;
} catch (NoSuchAlgorithmException e) {
throw new Exception("无此解密算法");
} catch (NoSuchPaddingException e) {
e.printStackTrace();
return null;
} catch (InvalidKeyException e) {
throw new Exception("解密公钥非法,请检查");
} catch (IllegalBlockSizeException e) {
throw new Exception("密文长度非法");
} catch (BadPaddingException e) {
throw new Exception("密文数据已损坏");
}
}
public static String byteArrayToString(byte[] data) {
StringBuilder stringBuilder = new StringBuilder();
for (int i = 0; i < data.length; i++) {
// 取出字节的高四位作为索引得到相应的十六进制标识符注意无符号右移
stringBuilder.append(HEX_CHAR[(data[i] & 0xf0) >>> 4]);
// 取出字节的低四位作为索引得到相应的十六进制标识符
stringBuilder.append(HEX_CHAR[(data[i] & 0x0f)]);
if (i < data.length - 1) {
stringBuilder.append(' ');
}
}
return stringBuilder.toString();
}
}

复制代码

钱星一 · 发表于 2022-6-2 14:04:05

RSASignature.java

package com.ihep;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
/**
* RSA签名验签类
*/
public class RSASignature {
/**
* 签名算法
*/
public static final String SIGN_ALGORITHMS = "SHA1WithRSA";
public static String sign(String content, String privateKey, String encode) {
try {
PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec(Base64.decode(privateKey));
KeyFactory keyf = KeyFactory.getInstance("RSA");
PrivateKey priKey = keyf.generatePrivate(priPKCS8);
java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS);
signature.initSign(priKey);
signature.update(content.getBytes(encode));
byte[] signed = signature.sign();
return Base64.encode(signed);
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
public static String sign(String content, String privateKey) {
try {
PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec(Base64.decode(privateKey));
KeyFactory keyf = KeyFactory.getInstance("RSA");
PrivateKey priKey = keyf.generatePrivate(priPKCS8);
// 这里签名使用的是 SHA1WithRSA
java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS);
// 以私钥字符串初始化签名
signature.initSign(priKey);
// 将原始串注入签名中
signature.update(content.getBytes());
// 签名后的结果，以字符数组形式存在
byte[] signed = signature.sign();
// 签名后的结果,以base64编码形式存在
return Base64.encode(signed);
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
public static boolean doCheck(String content, String sign, String publicKey, String encode) {
try {
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
byte[] encodedKey = Base64.decode(publicKey);
PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));
java.security.Signature signature = java.security.Signature
.getInstance(SIGN_ALGORITHMS);
signature.initVerify(pubKey);
signature.update(content.getBytes(encode));
boolean bverify = signature.verify(Base64.decode(sign));
return bverify;
} catch (Exception e) {
e.printStackTrace();
}
return false;
}
public static boolean doCheck(String content, String sign, String publicKey) {
try {
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
byte[] encodedKey = Base64.decode(publicKey);
PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));
// 使用 SHA1WithRSA 签名算法
java.security.Signature signature = java.security.Signature
.getInstance(SIGN_ALGORITHMS);
// 用公钥初始化签名校验
signature.initVerify(pubKey);
// 原始串注入签名校验中
signature.update(content.getBytes());
// 验证签名结果
boolean bverify = signature.verify(Base64.decode(sign));
// 返回签名是否成功
return bverify;
} catch (Exception e) {
e.printStackTrace();
}
return false;
}
}

复制代码

钱星一 · 发表于 2022-6-2 14:08:45

椭圆曲线加密算法（ECC）

一、算法介绍

椭圆曲线密码体制来源于对椭圆曲线的研究，所谓椭圆曲线指的是由韦尔斯特拉斯（Weierstrass）方程：y2+a1xy+a3y=x3+a2x2+a4x+a6 (1)
所确定的平面曲线。其中系数ai(I=1,2,…,6)定义在某个域上，可以是有理数域、实数域、复数域，还可以是有限域GF（pr），椭圆曲线密码体制中用到的椭圆曲线都是定义在有限域上的。椭圆曲线上所有的点外加一个叫做无穷远点的特殊点构成的集合连同一个定义的加法运算构成一个Abel群。在等式
mP=P+P+…+P=Q (2)中，已知m和点P求点Q比较容易，反之已知点Q和点P求m却是相当困难的，这个问题称为椭圆曲线上点群的离散对数问题。椭圆曲线密码体制正是利用这个困难问题设计而来。公钥算法是基于数学函数（如单向陷门函数），公钥密码体制根据其所依据的难题一般分为三类：大整数分解问题类、离散对数问题类、椭圆曲线类。本文是在素域Zp上的，以Menezes-Vanstone形式的椭圆加密算法。
二、算法原理
在素域上的曲线函数为：y^2 = x ^ 3 +a* x+ b，其中a，b为小于p的非负数，且 4*a^3+ 27*b^2 != 0
对于在素域上的加法中，对于所有的点P,Q 属于E(Zp),有加法规则：
1。P + O = O + P = P ,P + (-P) = O; O为椭圆曲线上的零点或者称为无限远的点，但是O在椭圆曲线的加法域上。
2.加法的分配率和结合律，对于s,t 属于Zp,有（s + t ）* P = s * P + t* P;
3.对于 P = (x1,y1),Q = (x2,y2) ,并且 P != - Q,则P + Q=（x3，y3），
x3 = k^2 - x1 -x2;
y3 = k*(x1-x3) - y1;
k = (y2-y1)/(x2-x1) if P != Q;
k = (3x1^2 + a)/(2*y1) if P == Q;
椭圆曲线在素域上的运算用到除法，而在除法的规则是a / b = c mod p 即计算 a x b^-1 = c mod p ，其中 b^-1为b的乘法逆元，即 b x b^-1 = 1 mod p。对于乘法逆元，当b与p互素时，存在唯一解，而这里p是一个素数，且b不可能为1，则肯定有解。对于求乘法逆元，一般使用欧几里德算法，如下：

int getX_1(int x,int mod){
int Q,X1,X2,X3,Y1,Y2,Y3,T1,T2,T3;
X1 = 1;
X2 = 0;
X3 = mod;
Y1 = 0;
Y2 = 1;
Y3 = (x%mod + mod) %mod;//获得正整数
while(Y3 != 1){
Q = X3 / Y3;
T1 = X1 - Q * Y1;
T2 = X2 - Q * Y2;
T3 = X3 - Q * Y3;
X1 = Y1;
X2 = Y2;
X3 = Y3;
Y1 = T1;
Y2 = T2;
Y3 = T3;
}
return Y2;
}

复制代码

乘法运算规则：
1. 对于任意 k 属于 Zp，有 k * P = P + ..... + P (k个P相加）
2. 对于任意 s,t 属于 Zp，有 s *(t *P) = (s*t)*P
对于Menezes-Vanstone的椭圆加密算法：
1. 产生密钥，
任选一个整数k ,0<k<p ,为私钥，在曲线上任选一点 A ，并计算 B = k*A ，公钥为（A,，B）。其中又可称A为基钥，对于最小整数n以使 n* A = O ，则n称为周期，要是周期为素数，且为一个较大值才合理。
2.加密过程：
令明文为 M = (m1,m2),M可以不是曲线E上的点。计算得到密文(C1,C2),其中任选一个数属于Zp：
C1 = r * A;；
Y= （y1,y2) = r * B;
C2 = (C21,C22) = (y1 * m1 mod p,y2* m2 mod p)
3 解密过程；
计算Z = (z1,z2) = k*C1;计算明文 M = (C21 * z1^-1 mod p, C22 * z2 ^ -1 mod p).
c++中的模运算，当有负数存在时无法达到正确结果，简直是坑，如 -1 % 2，在使用vs2012进行测试，会返回-1，而不是1. c++中模运算结果的符号和被除数的符号一致。
参数选取：选取 p = 127,曲线函数为: y^2 = x^3 + 5* x + 37， a = 5 ,b= 37， r = 7.选取私钥 k = 9选取一个点A为（11,4)则 B = k*A = (120,41)
三、源代码

#include "stdafx.h"
#include <string>
#include <iostream>
using namespace std;
const int k = 9;
const int a = 5;
const int b = 37;
const int p = 127;
const int r =7;
int getX_1(int x,int mod){
int Q,X1,X2,X3,Y1,Y2,Y3,T1,T2,T3;
X1 = 1;
X2 = 0;
X3 = mod;
Y1 = 0;
Y2 = 1;
Y3 = (x%mod + mod) %mod;//获得正整数
while(Y3 != 1){
Q = X3 / Y3;
T1 = X1 - Q * Y1;
T2 = X2 - Q * Y2;
T3 = X3 - Q * Y3;
X1 = Y1;
X2 = Y2;
X3 = Y3;
Y1 = T1;
Y2 = T2;
Y3 = T3;
}
return Y2;
}//获得其乘法逆元
struct point{
int x;
int y;
};
point A,B;//公钥
typedef pair<point,point> twopoint;
bool operator == (point pa,point pb){
return pa.x == pb.x && pa.y == pb.y;
}
point operator + (point pa , point pb){
int k;
if(pa == pb)
k = ((3 * pa.x * pa.x + a) * getX_1(2* pa.y ,p)) % p ;
else
k = (pb.y - pa.y) * getX_1(pb.x - pa.x , p) %p;
point c;
c.x = (k*k - pa.x -pb.x) %p;
c.y = (k * (pa.x - c.x) - pa.y)%p ;
c.x = (c.x + p) %p;
c.y = (c.y + p) %p;
return c;
}
point operator * (point &b,int n){
point q = b;
n = n -1;
for(int i = 1 ; i < n;i++){
q = q + b ;
}
return q;
}
twopoint ECodePoint(point m){
point c1,c2;
c1 = A * r ;
point Y = B * r ;
c2.x = Y.x * m.x % p ;
c2.y = Y.y * m.y % p ;
return twopoint(c1,c2);
}
point DCodePoint(twopoint t){
point Z = t.first * k;
point m;
m.x = t.second.x * getX_1(Z.x,p) % p ;
m.y = t.second.y * getX_1(Z.y,p) % p ;
return m;
}
string ECode(string input){
string output = "";
point M;
twopoint C;
for(int i =0; i < input.length();i++){
M.x = i;
M.y = input[i];
C = ECodePoint(M);
output += (char)C.first.x ;
output += (char)C.first.y ;
output += (char)C.second.x ;
output += (char)C.second.y ;
}
return output;
}
string DCode(string input){
string output = "";
point M;
twopoint C;
if(input.length()%4 != 0)
return "错误输入";
for(int i = 0;i < input.length();){
C.first.x = input[i++];
C.first.y = input[i++];
C.second.x = input[i++];
C.second.y = input[i++];
M = DCodePoint(C);
output += (char)M.y;
}
return output;
}
int main()
{
A.x = 11;
A.y = 4;
B = A*k;
string s = "";
cout<<"使用在素域上的曲线 y^2 = x^3 + 5*x +37 ，使用Menezes-Vanstone的算法："<<endl;
cout<<"在素域p=127上，私钥为k=9,公钥A(11,4),B(120,41),对明文字符串直接转换为int进行加密"<<endl;
cout<<"请输入要加密的内容："<<endl;
cin>>s;
cout<<"密文如下："<<"\r\n";
s = ECode(s);
cout<<s<<endl;
cout<<"对之前密文解密，得到明文如下（由于输入密文不正确绝对会使这个程序出错，所以只能解密绝对安全的密文）："<<"\r\n";
s = DCode(s);
cout<<s<<"\r\n"<<"完成"<<endl;
cin>>s;
return 0;
}

复制代码

		自动登录	找回密码
密码			立即注册

信息计算2019级1班14号钱星一

本帖子中包含更多资源

浏览过的版块