信息计算2019级1班12号雷楚涵

19信计1班雷楚涵 · 发表于 2022-6-2 14:27:09

RSA签名和加密

一、Java实现RSA签名和加密
RSA属于非对称加密算法，有两个密钥。区别于共享密钥的对称加密算法，如DES和AES。公钥可以共享给任何人，私钥自己进行保管。公钥用于加密数据，使得该加密数据只能用私钥进行解密；私钥也可用于签名数据，签名和数据一起发送，然后使用公钥验证数据是否被篡改。
二、RSA实现密钥对
在实际做任何形式加密之前，需要有公钥和私钥两个密钥对。幸运的是，Java提供了非常简单的方法，首先获得RSA KeyPairGenerator实例，然后使用2048为长度进行初始化并传入SecureRandom实例。后者用作生成器的熵或随机数据源。第三行生成密钥对，所有内容都就是这样，非常简单。如果需要使用密钥对存储器，需要使用Java KeyStore工具,后面会详细解释。
三、加密和解密
这里使用base64编码，主要是典型的REST API中很常用，我们当然也可以不用base64编码而直接使用字节数组。确保明确地且一致地为字符串指定字节编码。否则字节错位将导致密文和无法解密或验证签名。首先获得RSA密码实例并设置为加密模式，然后使用公钥加密消息。然后一次性传入消息字符串的字节数组并获得加密后的字节数组，最后转码并返回。运维RSA是相当慢，比对称加密算法如AES要慢的多。
四、签名与验证
我们使用公钥进行加密，然后使用私钥解密。理论上反过来也行（私钥加密，公钥解密），但这不安全且大多数库(包括java.security)也不支持。然而，这种方式在构建API时比较有用。使用私钥对消息进行签名，然后使用公钥进行验证签名。这种机制可以确保消息确实来着公钥创建者(私钥持有者)，使得传输过程消息不会被篡改。

19信计1班雷楚涵 · 发表于 2022-6-2 14:28:53

本帖最后由 19信计1班雷楚涵于 2022-6-2 14:31 编辑

程序代码：Base64.java

package com.ihep;
public final class Base64 {
static private final int BASELENGTH = 128;
static private final int LOOKUPLENGTH = 64;
static private final int TWENTYFOURBITGROUP = 24;
static private final int EIGHTBIT = 8;
static private final int SIXTEENBIT = 16;
static private final int FOURBYTE = 4;
static private final int SIGN = -128;
static private final char PAD = '=';
static private final boolean fDebug = false;
static final private byte[] base64Alphabet = new byte[BASELENGTH];
static final private char[] lookUpBase64Alphabet = new char[LOOKUPLENGTH];
static {
for (int i = 0; i < BASELENGTH; ++i) {
base64Alphabet[i] = -1;
}
for (int i = 'Z'; i >= 'A'; i--) {
base64Alphabet[i] = (byte) (i - 'A');
}
for (int i = 'z'; i >= 'a'; i--) {
base64Alphabet[i] = (byte) (i - 'a' + 26);
}
for (int i = '9'; i >= '0'; i--) {
base64Alphabet[i] = (byte) (i - '0' + 52);
}
base64Alphabet['+'] = 62;
base64Alphabet['/'] = 63;
for (int i = 0; i <= 25; i++) {
lookUpBase64Alphabet[i] = (char) ('A' + i);
}
for (int i = 26, j = 0; i <= 51; i++, j++) {
lookUpBase64Alphabet[i] = (char) ('a' + j);
}
for (int i = 52, j = 0; i <= 61; i++, j++) {
lookUpBase64Alphabet[i] = (char) ('0' + j);
}
lookUpBase64Alphabet[62] = (char) '+';
lookUpBase64Alphabet[63] = (char) '/';
}
private static boolean isWhiteSpace(char octect) {
return (octect == 0x20 || octect == 0xd || octect == 0xa || octect == 0x9);
}
private static boolean isPad(char octect) {
return (octect == PAD);
}
private static boolean isData(char octect) {
return (octect < BASELENGTH && base64Alphabet[octect] != -1);
}
public static String encode(byte[] binaryData) {
if (binaryData == null) {
return null;
}
int lengthDataBits = binaryData.length * EIGHTBIT;
if (lengthDataBits == 0) {
return "";
}
int fewerThan24bits = lengthDataBits % TWENTYFOURBITGROUP;
int numberTriplets = lengthDataBits / TWENTYFOURBITGROUP;
int numberQuartet = fewerThan24bits != 0 ? numberTriplets + 1 : numberTriplets;
char encodedData[] = null;
encodedData = new char[numberQuartet * 4];
byte k = 0, l = 0, b1 = 0, b2 = 0, b3 = 0;
int encodedIndex = 0;
int dataIndex = 0;
if (fDebug) {
System.out.println("number of triplets = " + numberTriplets);
}
for (int i = 0; i < numberTriplets; i++) {
b1 = binaryData[dataIndex++];
b2 = binaryData[dataIndex++];
b3 = binaryData[dataIndex++];
if (fDebug) {
System.out.println("b1= " + b1 + ", b2= " + b2 + ", b3= " + b3);
}
l = (byte) (b2 & 0x0f);
k = (byte) (b1 & 0x03);
byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4) : (byte) ((b2) >> 4 ^ 0xf0);
byte val3 = ((b3 & SIGN) == 0) ? (byte) (b3 >> 6) : (byte) ((b3) >> 6 ^ 0xfc);
if (fDebug) {
System.out.println("val2 = " + val2);
System.out.println("k4 = " + (k << 4));
System.out.println("vak = " + (val2 | (k << 4)));
}
encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
encodedData[encodedIndex++] = lookUpBase64Alphabet[val2 | (k << 4)];
encodedData[encodedIndex++] = lookUpBase64Alphabet[(l << 2) | val3];
encodedData[encodedIndex++] = lookUpBase64Alphabet[b3 & 0x3f];
}
// form integral number of 6-bit groups
if (fewerThan24bits == EIGHTBIT) {
b1 = binaryData[dataIndex];
k = (byte) (b1 & 0x03);
if (fDebug) {
System.out.println("b1=" + b1);
System.out.println("b1<<2 = " + (b1 >> 2));
}
byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
encodedData[encodedIndex++] = lookUpBase64Alphabet[k << 4];
encodedData[encodedIndex++] = PAD;
encodedData[encodedIndex++] = PAD;
} else if (fewerThan24bits == SIXTEENBIT) {
b1 = binaryData[dataIndex];
b2 = binaryData[dataIndex + 1];
l = (byte) (b2 & 0x0f);
k = (byte) (b1 & 0x03);
byte val1 = ((b1 & SIGN) == 0) ? (byte) (b1 >> 2) : (byte) ((b1) >> 2 ^ 0xc0);
byte val2 = ((b2 & SIGN) == 0) ? (byte) (b2 >> 4) : (byte) ((b2) >> 4 ^ 0xf0);
encodedData[encodedIndex++] = lookUpBase64Alphabet[val1];
encodedData[encodedIndex++] = lookUpBase64Alphabet[val2 | (k << 4)];
encodedData[encodedIndex++] = lookUpBase64Alphabet[l << 2];
encodedData[encodedIndex++] = PAD;
}
return new String(encodedData);
}
public static byte[] decode(String encoded) {
if (encoded == null) {
return null;
}
char[] base64Data = encoded.toCharArray();
// remove white spaces
int len = removeWhiteSpace(base64Data);
if (len % FOURBYTE != 0) {
return null;//should be divisible by four
}
int numberQuadruple = (len / FOURBYTE);
if (numberQuadruple == 0) {
return new byte[0];
}
byte decodedData[] = null;
byte b1 = 0, b2 = 0, b3 = 0, b4 = 0;
char d1 = 0, d2 = 0, d3 = 0, d4 = 0;
int i = 0;
int encodedIndex = 0;
int dataIndex = 0;
decodedData = new byte[(numberQuadruple) * 3];
for (; i < numberQuadruple - 1; i++) {
if (!isData((d1 = base64Data[dataIndex++])) || !isData((d2 = base64Data[dataIndex++]))
|| !isData((d3 = base64Data[dataIndex++]))
|| !isData((d4 = base64Data[dataIndex++]))) {
return null;
}//if found "no data" just return null
b1 = base64Alphabet[d1];
b2 = base64Alphabet[d2];
b3 = base64Alphabet[d3];
b4 = base64Alphabet[d4];
decodedData[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
decodedData[encodedIndex++] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
decodedData[encodedIndex++] = (byte) (b3 << 6 | b4);
}
if (!isData((d1 = base64Data[dataIndex++])) || !isData((d2 = base64Data[dataIndex++]))) {
return null;//if found "no data" just return null
}
b1 = base64Alphabet[d1];
b2 = base64Alphabet[d2];
d3 = base64Data[dataIndex++];
d4 = base64Data[dataIndex++];
if (!isData((d3)) || !isData((d4))) {//Check if they are PAD characters
if (isPad(d3) && isPad(d4)) {
if ((b2 & 0xf) != 0)//last 4 bits should be zero
{
return null;
}
byte[] tmp = new byte[i * 3 + 1];
System.arraycopy(decodedData, 0, tmp, 0, i * 3);
tmp[encodedIndex] = (byte) (b1 << 2 | b2 >> 4);
return tmp;
} else if (!isPad(d3) && isPad(d4)) {
b3 = base64Alphabet[d3];
if ((b3 & 0x3) != 0)//last 2 bits should be zero
{
return null;
}
byte[] tmp = new byte[i * 3 + 2];
System.arraycopy(decodedData, 0, tmp, 0, i * 3);
tmp[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
tmp[encodedIndex] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
return tmp;
} else {
return null;
}
} else { //No PAD e.g 3cQl
b3 = base64Alphabet[d3];
b4 = base64Alphabet[d4];
decodedData[encodedIndex++] = (byte) (b1 << 2 | b2 >> 4);
decodedData[encodedIndex++] = (byte) (((b2 & 0xf) << 4) | ((b3 >> 2) & 0xf));
decodedData[encodedIndex++] = (byte) (b3 << 6 | b4);
}
return decodedData;
}
private static int removeWhiteSpace(char[] data) {
if (data == null) {
return 0;
}
// count characters that's not whitespace
int newSize = 0;
int len = data.length;
for (int i = 0; i < len; i++) {
if (!isWhiteSpace(data[i])) {
data[newSize++] = data[i];
}
}
return newSize;
}
}

复制代码

19信计1班雷楚涵 · 发表于 2022-6-2 14:35:19

19信计1班雷楚涵发表于 2022-6-2 14:28
程序代码：Base64.java

maintest.java

package com.ihep;
public class MainTest {
public static void main(String[] args) throws Exception {
String filepath = "E:/tmp/";
// 生成公钥和私钥文件
RSAEncrypt.genKeyPair(filepath);
System.out.println("--------------公钥加密私钥解密过程-------------------");
String plainText = "湖人总冠军";
// 公钥加密过程，得到加密后的数据
byte[] cipherData = RSAEncrypt.encrypt(RSAEncrypt.loadPublicKeyByStr(RSAEncrypt.loadPublicKeyByFile(filepath)), plainText.getBytes());
// 对加密数据进行编码处理，得到加密后的字符串
String cipher = Base64.encode(cipherData);
// 私钥解密过程
byte[] res = RSAEncrypt.decrypt(RSAEncrypt.loadPrivateKeyByStr(RSAEncrypt.loadPrivateKeyByFile(filepath)), Base64.decode(cipher));
String restr = new String(res);
System.out.println("原文：" + plainText);
System.out.println("加密：" + cipher);
System.out.println("解密：" + restr);
System.out.println();
System.out.println("--------------私钥加密公钥解密过程-------------------");
plainText = "湖人总冠军";
//私钥加密过程
cipherData = RSAEncrypt.encrypt(RSAEncrypt.loadPrivateKeyByStr(RSAEncrypt.loadPrivateKeyByFile(filepath)), plainText.getBytes());
cipher = Base64.encode(cipherData);
//公钥解密过程
res = RSAEncrypt.decrypt(RSAEncrypt.loadPublicKeyByStr(RSAEncrypt.loadPublicKeyByFile(filepath)), Base64.decode(cipher));
restr = new String(res);
System.out.println("原文：" + plainText);
System.out.println("加密：" + cipher);
System.out.println("解密：" + restr);
System.out.println();
System.out.println("---------------私钥签名过程------------------");
String content = "勒布朗·詹姆斯";
String signstr = RSASignature.sign(content, RSAEncrypt.loadPrivateKeyByFile(filepath));
System.out.println("签名原串：" + content);
System.out.println("签名串：" + signstr);
System.out.println();
System.out.println("---------------公钥校验签名------------------");
System.out.println("签名原串：" + content);
System.out.println("签名串：" + signstr);
System.out.println("验签结果：" + RSASignature.doCheck(content, signstr, RSAEncrypt.loadPublicKeyByFile(filepath)));
System.out.println();
}
}

复制代码

19信计1班雷楚涵 · 发表于 2022-6-2 14:36:48

19信计1班雷楚涵发表于 2022-6-2 14:35
maintest.java

RSAEncrypt.java

package com.ihep;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import java.io.*;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
private static final char[] HEX_CHAR = {'0', '1', '2', '3', '4', '5', '6',
'7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
public static void genKeyPair(String filePath) {
// 密钥对生成器
KeyPairGenerator keyPairGen = null;
try {
// KeyPairGenerator类用于生成公钥和私钥对，基于RSA算法生成对象
keyPairGen = KeyPairGenerator.getInstance("RSA");
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
// 初始化密钥对生成器，密钥大小为96-1024位
keyPairGen.initialize(1024, new SecureRandom());
// 生成一个密钥对，保存在keyPair中
KeyPair keyPair = keyPairGen.generateKeyPair();
// 得到私钥
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
// 得到公钥
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
try {
// 得到公钥字符串
String publicKeyString = Base64.encode(publicKey.getEncoded());
// 得到私钥字符串
String privateKeyString = Base64.encode(privateKey.getEncoded());
// 将密钥对写入到文件
FileWriter pubfw = new FileWriter(filePath + "/publicKey.keystore");
FileWriter prifw = new FileWriter(filePath + "/privateKey.keystore");
BufferedWriter pubbw = new BufferedWriter(pubfw);
BufferedWriter pribw = new BufferedWriter(prifw);
pubbw.write(publicKeyString);
pribw.write(privateKeyString);
pubbw.flush();
pubbw.close();
pubfw.close();
pribw.flush();
pribw.close();
prifw.close();
} catch (Exception e) {
e.printStackTrace();
}
}
public static String loadPublicKeyByFile(String path) throws Exception {
try {
BufferedReader br = new BufferedReader(new FileReader(path
+ "/publicKey.keystore"));
String readLine = null;
StringBuilder sb = new StringBuilder();
while ((readLine = br.readLine()) != null) {
sb.append(readLine);
}
br.close();
return sb.toString();
} catch (IOException e) {
throw new Exception("公钥数据流读取错误");
} catch (NullPointerException e) {
throw new Exception("公钥输入流为空");
}
}
public static RSAPublicKey loadPublicKeyByStr(String publicKeyStr)
throws Exception {
try {
byte[] buffer = Base64.decode(publicKeyStr);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(buffer);
return (RSAPublicKey) keyFactory.generatePublic(keySpec);
} catch (NoSuchAlgorithmException e) {
throw new Exception("无此算法");
} catch (InvalidKeySpecException e) {
throw new Exception("公钥非法");
} catch (NullPointerException e) {
throw new Exception("公钥数据为空");
}
}
public static String loadPrivateKeyByFile(String path) throws Exception {
try {
BufferedReader br = new BufferedReader(new FileReader(path
+ "/privateKey.keystore"));
String readLine = null;
StringBuilder sb = new StringBuilder();
while ((readLine = br.readLine()) != null) {
sb.append(readLine);
}
br.close();
/** 该字符串从私钥文件中获取，称之为私钥字符串
* MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBALaIDyyav7J8oD/8sONfP772aa1foDlHmoXRArqe+2po14c1q7nGR8DLk
* 55J0sgxt/EOvtvxtwo4cPFtoLSBzdKVn/ZmR7uyHQXsMzqcmz7n7DGAzNNqxlu0SLHVjZ4HscWxnC+dGa037Ec9m5DKRT6aMckNmxZp3G
* xic9wzId6zAgMBAAECgYEAhpOUFH/XvEH0aJjm1gzA1AubaI8rc2/edrDeQTe8B/1agr7IaMTO3E97++VT+fPmOV10zHbPTELGysnYBZ3
* 6X/wLaKs+GMO/uewNAsyu46u3izwNVCygBiM62mlmhk3Y9J8ZcmoQHzXGV0p0TuGJsIlAofCAN1ielWLPcEVUPckCQQDoQm4GKe2C26oU
* aXRwLy2WLczfmqLTlJ8QyJs8ruL78JikhDgLWaLPBJ+lHmTxahC4HjJ9LhNxNVcpbyMiHhM1AkEAyTBjkOGwBJTlYMmS1hn6BoqA5xCRF
* Iv8gZZMxj+xcvSSEfZU9ObVArOBQRUoIO3GdsyaVfG/DNwuP7zGI16/RwJBAMfyIEu4HpsvxeyKmE3Xn5QQ27WHpzMkWAeX22RTXl7r0k
* yW8rR6txkm7tS0JMxbtgb7IBX564zjEaU+4u0FHR0CQG+v+zYM9Ag3GHd4r5lH5nMHJLQhkEjVxaGy7IAKD9p/Ry/NjjA+jPXo7NJSimp
* tVYXR48PeZm8fNFWR2HT+PjUCQFu3yN71iiXA0EW35Y1HHIE814gUV/O5T4gpUNzK9NLvHLFQNbzgoZER5yIGgBWDju1keBkojm8P69A7
* qdtXILU=
*/
return sb.toString();
} catch (IOException e) {
throw new Exception("私钥数据读取错误");
} catch (NullPointerException e) {
throw new Exception("私钥输入流为空");
}
}
public static RSAPrivateKey loadPrivateKeyByStr(String privateKeyStr)
throws Exception {
try {
byte[] buffer = Base64.decode(privateKeyStr);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(buffer);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
return (RSAPrivateKey) keyFactory.generatePrivate(keySpec);
} catch (NoSuchAlgorithmException e) {
throw new Exception("无此算法");
} catch (InvalidKeySpecException e) {
throw new Exception("私钥非法");
} catch (NullPointerException e) {
throw new Exception("私钥数据为空");
}
}
public static byte[] encrypt(RSAPublicKey publicKey, byte[] plainTextData)
throws Exception {
if (publicKey == null) {
throw new Exception("加密公钥为空, 请设置");
}
Cipher cipher = null;
try {
// 使用默认RSA
cipher = Cipher.getInstance("RSA");
// cipher= Cipher.getInstance("RSA", new BouncyCastleProvider());
// 初始化算法:公钥加密
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
// 公钥加密后的字节数组
byte[] output = cipher.doFinal(plainTextData);
return output;
} catch (NoSuchAlgorithmException e) {
throw new Exception("无此加密算法");
} catch (NoSuchPaddingException e) {
e.printStackTrace();
return null;
} catch (InvalidKeyException e) {
throw new Exception("加密公钥非法,请检查");
} catch (IllegalBlockSizeException e) {
throw new Exception("明文长度非法");
} catch (BadPaddingException e) {
throw new Exception("明文数据已损坏");
}
}
public static byte[] encrypt(RSAPrivateKey privateKey, byte[] plainTextData)
throws Exception {
if (privateKey == null) {
throw new Exception("加密私钥为空, 请设置");
}
Cipher cipher = null;
try {
// 使用默认RSA
cipher = Cipher.getInstance("RSA");
// 初始化算法：私钥加密
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
// 加密后的密文数据，以字符数组的形式存在
byte[] output = cipher.doFinal(plainTextData);
return output;
} catch (NoSuchAlgorithmException e) {
throw new Exception("无此加密算法");
} catch (NoSuchPaddingException e) {
e.printStackTrace();
return null;
} catch (InvalidKeyException e) {
throw new Exception("加密私钥非法,请检查");
} catch (IllegalBlockSizeException e) {
throw new Exception("明文长度非法");
} catch (BadPaddingException e) {
throw new Exception("明文数据已损坏");
}
}
public static byte[] decrypt(RSAPrivateKey privateKey, byte[] cipherData)
throws Exception {
if (privateKey == null) {
throw new Exception("解密私钥为空, 请设置");
}
Cipher cipher = null;
try {
// 使用默认RSA
cipher = Cipher.getInstance("RSA");
// cipher= Cipher.getInstance("RSA", new BouncyCastleProvider());
// 初始化解密算法：私钥解密
cipher.init(Cipher.DECRYPT_MODE, privateKey);
// 解密，生成以字符数组形式存在的明文数据
byte[] output = cipher.doFinal(cipherData);
return output;
} catch (NoSuchAlgorithmException e) {
throw new Exception("无此解密算法");
} catch (NoSuchPaddingException e) {
e.printStackTrace();
return null;
} catch (InvalidKeyException e) {
throw new Exception("解密私钥非法,请检查");
} catch (IllegalBlockSizeException e) {
throw new Exception("密文长度非法");
} catch (BadPaddingException e) {
throw new Exception("密文数据已损坏");
}
}
public static byte[] decrypt(RSAPublicKey publicKey, byte[] cipherData)
throws Exception {
if (publicKey == null) {
throw new Exception("解密公钥为空, 请设置");
}
Cipher cipher = null;
try {
// 使用默认RSA
cipher = Cipher.getInstance("RSA");
// cipher= Cipher.getInstance("RSA", new BouncyCastleProvider());
// 初始化加密算法：公钥解密
cipher.init(Cipher.DECRYPT_MODE, publicKey);
byte[] output = cipher.doFinal(cipherData);
// 以字符数组形式存在的明文数据
return output;
} catch (NoSuchAlgorithmException e) {
throw new Exception("无此解密算法");
} catch (NoSuchPaddingException e) {
e.printStackTrace();
return null;
} catch (InvalidKeyException e) {
throw new Exception("解密公钥非法,请检查");
} catch (IllegalBlockSizeException e) {
throw new Exception("密文长度非法");
} catch (BadPaddingException e) {
throw new Exception("密文数据已损坏");
}
}
public static String byteArrayToString(byte[] data) {
StringBuilder stringBuilder = new StringBuilder();
for (int i = 0; i < data.length; i++) {
// 取出字节的高四位作为索引得到相应的十六进制标识符注意无符号右移
stringBuilder.append(HEX_CHAR[(data[i] & 0xf0) >>> 4]);
// 取出字节的低四位作为索引得到相应的十六进制标识符
stringBuilder.append(HEX_CHAR[(data[i] & 0x0f)]);
if (i < data.length - 1) {
stringBuilder.append(' ');
}
}
return stringBuilder.toString();
}
}

复制代码

19信计1班雷楚涵 · 发表于 2022-6-2 14:37:44

19信计1班雷楚涵发表于 2022-6-2 14:36
RSAEncrypt.java

RSASignature.java

package com.ihep;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
/**
* RSA签名验签类
*/
public class RSASignature {
/**
* 签名算法
*/
public static final String SIGN_ALGORITHMS = "SHA1WithRSA";
public static String sign(String content, String privateKey, String encode) {
try {
PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec(Base64.decode(privateKey));
KeyFactory keyf = KeyFactory.getInstance("RSA");
PrivateKey priKey = keyf.generatePrivate(priPKCS8);
java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS);
signature.initSign(priKey);
signature.update(content.getBytes(encode));
byte[] signed = signature.sign();
return Base64.encode(signed);
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
public static String sign(String content, String privateKey) {
try {
PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec(Base64.decode(privateKey));
KeyFactory keyf = KeyFactory.getInstance("RSA");
PrivateKey priKey = keyf.generatePrivate(priPKCS8);
// 这里签名使用的是 SHA1WithRSA
java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS);
// 以私钥字符串初始化签名
signature.initSign(priKey);
// 将原始串注入签名中
signature.update(content.getBytes());
// 签名后的结果，以字符数组形式存在
byte[] signed = signature.sign();
// 签名后的结果,以base64编码形式存在
return Base64.encode(signed);
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
public static boolean doCheck(String content, String sign, String publicKey, String encode) {
try {
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
byte[] encodedKey = Base64.decode(publicKey);
PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));
java.security.Signature signature = java.security.Signature
.getInstance(SIGN_ALGORITHMS);
signature.initVerify(pubKey);
signature.update(content.getBytes(encode));
boolean bverify = signature.verify(Base64.decode(sign));
return bverify;
} catch (Exception e) {
e.printStackTrace();
}
return false;
}
public static boolean doCheck(String content, String sign, String publicKey) {
try {
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
byte[] encodedKey = Base64.decode(publicKey);
PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));
// 使用 SHA1WithRSA 签名算法
java.security.Signature signature = java.security.Signature
.getInstance(SIGN_ALGORITHMS);
// 用公钥初始化签名校验
signature.initVerify(pubKey);
// 原始串注入签名校验中
signature.update(content.getBytes());
// 验证签名结果
boolean bverify = signature.verify(Base64.decode(sign));
// 返回签名是否成功
return bverify;
} catch (Exception e) {
e.printStackTrace();
}
return false;
}
}

复制代码

19信计1班雷楚涵 · 发表于 2022-6-2 14:56:54

本帖最后由 19信计1班雷楚涵于 2022-6-2 14:58 编辑

19信计1班雷楚涵发表于 2022-6-2 14:37
RSASignature.java

ECC-椭圆曲线加密算法
一、算法简介
椭圆加密算法（ECC）是一种公钥加密体制，最初由Koblitz和Miller两人于1985年提出，其数学基础是利用椭圆曲线上的有理点构成Abel加法群上椭圆离散对数的计算困难性。公钥密码体制根据其所依据的难题一般分为三类：大素数分解问题类、离散对数问题类、椭圆曲线类。有时也把椭圆曲线类归为离散对数类。
ECC的主要优势是在某些情况下它比其他的方法使用更小的密钥——比如RSA加密算法——提供相当的或更高等级的安全。ECC的另一个优势是可以定义群之间的双线性映射，基于Weil对或是Tate对；双线性映射已经在密码学中发现了大量的应用，例如基于身份的加密。不过一个缺点是加密和解密操作的实现比其他机制花费的时间长。
二、基本原理
设私钥、公钥分别为d、Q，即Q = dG，其中G为基点，椭圆曲线上的已知G和dG，求d是非常困难的，也就是说已知公钥和基点，想要算出私钥是非常困难的。
公钥加密：选择随机数r，将消息M生成密文C，该密文是一个点对，C = {rG, M+rQ}，其中Q为公钥。
私钥解密：M + rQ - d(rG) = M + r(dG) - d(rG) = M，其中d、Q分别为私钥、公钥。

椭圆曲线签名算法(ECDSA)
设私钥、公钥分别为d、Q，即Q = dG，其中G为基点。
私钥签名
选择随机数r，计算点rG(x, y)。
根据随机数r、消息M的哈希h、私钥d，计算s = (h + dx)/r。　　
将消息M、和签名{rG, s}发给接收方。

公钥验证签名：
接收方收到消息M、以及签名{rG=(x,y), s}。　　
根据消息求哈希h。　　
使用发送方公钥Q计算：hG/s + xQ/s，并与rG比较，如相等即验签成功。
原理：hG/s + xQ/s = hG/s + xG)/s = (h+xd)G/s = r(h+xd)G / (h+dx) = rG

19信计1班雷楚涵 · 发表于 2022-6-2 15:03:53

19信计1班雷楚涵发表于 2022-6-2 14:56
ECC-椭圆曲线加密算法
一、算法简介
椭圆 ...

三、代码

# include <stdio.h>
# include <math.h>
using System.Drawing;
int xy[22];
#define N 23
#define A 1
#define M 29
#define a1 1
#define b1 4
typedef struct point
{
int x;
int y;
}
Point;
typedef struct ecc
{
struct point p[100];
int len;
}
ECCPoint;
typedef struct generator
{
Point p;
int p_class;
}
GENE_SET;
ECCPoint eccPoint;
Point mul(Point p1, Point p2);
Point add_two_points(Point p1, Point p2);
GENE_SET geneSet[100];
int geneLen;
//判断平方根是否为整数
int int_sqrt(int s)
{
int temp;
temp = (int)sqrt(s);//转为整型
if (temp * temp == s)
{
return temp;
}
else
{
return -1;
}
}
//取模函数
int mod_p(int s)
{
int i; //保存s/p的倍数
int result; //模运算的结果
i = s / N;
result = s - i * N;
if (result >= 0)
{
return result;
}
else
{
return result + N;
}
}
//打印点集
void print()
{
int i;
int len = eccPoint.len;
printf("\n该椭圆曲线上共有%d个点(包含无穷远点)\n", len + 1);
for (i = 0; i < len; i++)
{
if (i % 8 == 0)
{
printf("\n");
}
printf("(%2d,%2d)\t", eccPoint.p[i].x, eccPoint.p[i].y);
}
printf("\n");
}
//task1:求出椭圆曲线上所有点
void get_all_points()
{
int i = 0;
int j = 0;
int s, y = 0;
int n = 0, q = 0;
int modsqrt = 0;
int flag = 0;
if (a1 * a1 * a1 + b1 * b1 + 4 != 0)
{
for (i = 0; i <= N - 1; i++)
{
flag = 0;
n = 1;
y = 0;
s = i * i * i + a1 * i + b1;
while (s < 0)
{
s += N;
}
s = mod_p(s);
modsqrt = int_sqrt(s);
if (modsqrt != -1)
{
flag = 1;
y = modsqrt;
}
else
{
while (n <= N - 1)
{
q = s + n * N;
modsqrt = int_sqrt(q);
if (modsqrt != -1)
{
y = modsqrt;
flag = 1;
break;
}
flag = 0;
n++;
}
}
if (flag == 1)
{
eccPoint.p[j].x = i;
eccPoint.p[j].y = y;
j++;
if (y != 0)
{
eccPoint.p[j].x = i;
eccPoint.p[j].y = (N - y) % N;
j++;
}
}
}
eccPoint.len = j;//点集个数
print(); //打印点集
}
}
//task3:求生成元以及阶
void get_generetor_class()
{
int i, j = 0;
int count = 1;
Point p1, p2;
get_all_points();
printf("\n**********************************输出生成元以及阶：*************************************\n");
for (i = 0; i < eccPoint.len; i++)
{
count = 1;
p1.x = p2.x = eccPoint.p[i].x;
p1.y = p2.y = eccPoint.p[i].y;
while (1)
{
p2 = add_two_points(p1, p2);
if (p2.x == -1 && p2.y == -1)
{
break;
}
count++;
if (p2.x == p1.x)
{
break;
}
}
count++;
if (count <= eccPoint.len + 1)
{
geneSet[j].p.x = p1.x;
geneSet[j].p.y = p1.y;
geneSet[j].p_class = count;
printf("(%d,%d)--->>%d\t", geneSet[j].p.x, geneSet[j].p.y, geneSet[j].p_class);
j++;
if (j % 6 == 0)
{
printf("\n");
}
}
geneLen = j;
}
}

复制代码

19信计1班雷楚涵 · 发表于 2022-6-2 15:05:03

19信计1班雷楚涵发表于 2022-6-2 15:03
三、代码

// 求 a mod b 的逆元
void exGcd(int a, int b)
{
if (b == 0)
{
xy[0] = 1;
xy[1] = 0;
}
else
{
exGcd(b, a % b);
int x = xy[0];
xy[0] = xy[1];
xy[1] = x - (a / b) * xy[1];
}
}
int calculate3(int y, int k, int p)
{
int l = 1;
for (int i = 0; i < k; i++)
{
l = l * y;
l = l % p;
}
return l;
}
Point eccmutiply(int n, Point p)
{
int a, b, l, k, m;
a = p.x;
b = p.y;
for (int i = 0; i < n - 1; i++)
{
if (a == p.x && b == p.y)
{
exGcd(2 * p.y, N);
k = xy[0];
if (k < 0) k = k + N;
printf("逆元=%d\n", k);
l = (3 * p.x * p.x + A) * k;
l = calculate3(l, 1, N);
if (l < 0)
{
l = l + N;
}
}
else
{
exGcd(a - p.x + N, N);
k = xy[0];
if (k < 0) k = k + N;
printf("else逆元=%d\n", k);
l = (b - p.y) * k;
l = calculate3(l, 1, N);
if (l < 0)
{
l = l + N;
}
printf("l=%d\n", l);
}
m = p.x;
a = l * l - a - p.x;
a = calculate3(a, 1, N);
if (a < 0)
{
a = a + N;
}
b = l * (m - a) - p.y;
b = calculate3(b, 1, N);
if (b < 0)
{
b = b + N;
}
printf("%d(a,b)=(%d,%d)\n", i + 2, a, b);
//if(a==4&&b==5)break;
}
Point p3;
p3.x = a;
p3.y = b;
return p3;
}
Point mul(Point p1, Point p2)
{
int k, l;
exGcd(p2.x - p1.x + N, N);
k = xy[0];
if (k < 0) k = k + N;
//printf("else逆元=%d\n",k);
l = (p2.y - p1.y) * k;
l = calculate3(l, 1, N);
if (l < 0)
{
l = l + N;
}
//printf("l=%d\n",l);
Point p3;
p3.x = l * l - p1.x - p2.x;
p3.x = calculate3(p3.x, 1, N);
if (p3.x < 0) p3.x = p3.x + N;
p3.y = l * (p1.x - p3.x) - p1.y;
p3.y = calculate3(p3.y, 1, N);
if (p3.y < 0) p3.y = p3.y + N;
return p3;
}
//求b关于n的逆元
int inverse(int n, int b)
{
int q, r, r1 = n, r2 = b, t, t1 = 0, t2 = 1, i = 1;
while (r2 > 0)
{
q = r1 / r2;
r = r1 % r2;
r1 = r2;
r2 = r;
t = t1 - q * t2;
t1 = t2;
t2 = t;
}
if (t1 >= 0)
return t1 % n;
else
{
while ((t1 + i * n) < 0)
i++;
return t1 + i * n;
}
}
//两点的加法运算
Point add_two_points(Point p1, Point p2)
{
long t;
int x1 = p1.x;
int y1 = p1.y;
int x2 = p2.x;
int y2 = p2.y;
int tx, ty;
int x3, y3;
int flag = 0;
//求
if ((x2 == x1) && (y2 == y1))
{
//相同点相加
if (y1 == 0)
{
flag = 1;
}
else
{
t = (3 * x1 * x1 + a1) * inverse(N, 2 * y1) % N;
}
//printf("inverse(p,2*y1)=%d\n",inverse(p,2*y1));
}
else
{
//不同点相加
ty = y2 - y1;
tx = x2 - x1;
while (ty < 0)
{
ty += N;
}
while (tx < 0)
{
tx += N;
}
if (tx == 0 && ty != 0)
{
flag = 1;
}
else
{
t = ty * inverse(N, tx) % N;
}
}
if (flag == 1)
{
p2.x = -1;
p2.y = -1;
}
else
{
x3 = (t * t - x1 - x2) % N;
y3 = (t * (x1 - x3) - y1) % N;
//使结果在有限域GF(P)上
while (x3 < 0)
{
x3 += N;
}
while (y3 < 0)
{
y3 += N;
}
p2.x = x3;
p2.y = y3;
}
return p2;
}
//task2:倍点运算的递归算法
Point timesPiont(int k, Point p0)
{
if (k == 1)
{
return p0;
}
else if (k == 2)
{
return add_two_points(p0, p0);
}
else
{
return add_two_points(p0, timesPiont(k - 1, p0));
}
}
main(){
get_generetor_class();
Point p1, p2, p, p4, p5, p6, p7, p8, p9, p10;
int na, k, h, r, s, u1, u2;
printf("选择生成元");
scanf("%d%d", &p1.x, &p1.y);
int j = 0;
while (j < N)
{
if (geneSet[j].p.x == p1.x && geneSet[j].p.y == p1.y)
{
break;
}
printf("j=%d\n", j);
++j;
}
int M = geneSet[j].p_class;
printf("M=%d", M);
// p1.x=0;
// p1.y=2;
//p.x=20;
//p.y=1;
printf("请输入私钥");
scanf("%d", &na);
p2 = eccmutiply(na, p1);
printf("公钥为（%d,%d)", p2.x, p2.y);
//p2=mul(p,p1);
//printf("(%d,%d)",p2.x,p2.y);
//签名过程
printf("输入随机数k\n");
scanf("%d", &k);
printf("输入hash\n");
scanf("%d", &h);
p4 = eccmutiply(k, p1);
r = calculate3(p4.x, 1, N);
if (r < 0) r = r + N;
s = inverse(M, k) * (h + na * r) % M;
if (s < 0) s = s + N;
printf("签名为(%d,%d)\n", r, s);
printf("========================");
//验证过程
u1 = h * inverse(M, s) % M;
if (u1 < 0) u1 = u1 + M;
u2 = r * inverse(M, s) % M;
if (u2 < 0) u2 = u2 + M;
printf("u1u2=%d,%d\n", u1, u2);
p5 = eccmutiply(u1, p1);
printf("sG=(%d,%d)\n", p5.x, p5.y);
p6 = eccmutiply(u2, p2);
printf("HP=(%d,%d)\n", p6.x, p6.y);
p7 = add_two_points(p5, p6);
printf("sG+HP=(%d,%d)\n", p7.x, p7.y);
if (calculate3(p7.x, 1, N) == r)
{
printf("通过");
}
else
{
printf("失败");
}
}

复制代码

		自动登录	找回密码
密码			立即注册