信息计算2019级2班30号高鹏

2019-2高鹏 · 发表于 2022-6-2 15:32:40

实现RSA签名和加密

一.实现RSA签名和加密的原理

RSA加密是⼀种⾮对称加密。可以在不直接传递密钥的情况下，完成解密。这能够确保信息的安全性，避免了直接传递密钥所造成的被破解的风险。是由⼀对密钥来进⾏加解密的过程，分别称为公钥和私钥。两者之间有数学相关，该加密算法的原理就是对⼀极⼤整数做因数分解的困难性来保证安全性。通常个⼈保存私钥，公钥是公开的。

二.、RSA加密解密
　1.获取密钥，这⾥是产⽣密钥，实际应⽤中可以从各种存储介质上读取密钥
2.加密
3.解密

三.签名与验证
我们使用公钥进行加密，然后使用私钥解密。理论上反过来也行（私钥加密，公钥解密），但这不安全且大多数库(包括java.security)也不支持。然而，这种方式在构建API时比较有用。使用私钥对消息进行签名，然后使用公钥进行验证签名。这种机制可以确保消息确实来着公钥创建者(私钥持有者)，使得传输过程消息不会被篡改。

2019-2高鹏 · 发表于 2022-6-2 15:35:00

源代码：

package rsa;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import javax.crypto.Cipher;
public class RSAUtil{
public static final String SIGN_ALGORITHMS = "SHA1WithRSA";
/**加密算法RSA*/
public static final String KEY_ALGORITHM = "RSA";
/**RSA最大加密明文大小*/
private static final int MAX_ENCRYPT_BLOCK = 117;
/**RSA最大解密密文大小*/
private static final int MAX_DECRYPT_BLOCK = 128;
/**
* RSA签名
* @param content 待签名数据
* @param privateKey 商户私钥
* @param input_charset 编码格式
*/
public static String sign(String content, String privateKey, String input_charset){
try {
PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec(Base64_.decode(privateKey) );
KeyFactory keyf = KeyFactory.getInstance(KEY_ALGORITHM);
PrivateKey priKey = keyf.generatePrivate(priPKCS8);
java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS);
signature.initSign(priKey);
signature.update(content.getBytes(input_charset));
byte[] signed = signature.sign();
return Base64_.encode(signed);
}catch (Exception e) {
e.printStackTrace();
}
return null;
}
/**
* RSA验签名检查
* @param content 待签名数据
* @param sign 签名值
* @param ali_public_key 支付宝公钥
* @param input_charset 编码格式
*/
public static boolean verify(String content, String sign, String ali_public_key, String input_charset){
try {
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
byte[] encodedKey = Base64_.decode(ali_public_key);
PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));
java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS);
signature.initVerify(pubKey);
signature.update(content.getBytes(input_charset) );
boolean bverify = signature.verify( Base64_.decode(sign) );
return bverify;
} catch (Exception e) {
e.printStackTrace();
}
return false;
}
/**
* 私钥解密
* @param content 密文
* @param private_key 商户私钥
* @param input_charset 编码格式
*/
public static String decrypt(String content, String private_key, String input_charset) throws Exception {
PrivateKey prikey = getPrivateKey(private_key);
Cipher cipher = Cipher.getInstance(KEY_ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, prikey);
InputStream ins = new ByteArrayInputStream(Base64_.decode(content));
ByteArrayOutputStream writer = new ByteArrayOutputStream();
//rsa解密的字节大小最多是128，将需要解密的内容，按128位拆开解密
byte[] buf = new byte[128];
int bufl;
while ((bufl = ins.read(buf)) != -1) {
byte[] block = null;
if (buf.length == bufl) {
block = buf;
} else {
block = new byte[bufl];
for (int i = 0; i < bufl; i++) {
block[i] = buf[i];
}
}
writer.write(cipher.doFinal(block));
}
return new String(writer.toByteArray(), input_charset);
}
/**
* 公钥加密
* @param data 源数据
* @param publicKey 公钥(BASE64编码)
*/
public static byte[] encryptByPublicKey(byte[] data, String publicKey) throws Exception {
byte[] keyBytes = Base64_.decode(publicKey);
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
Key publicK = keyFactory.generatePublic(x509KeySpec);
// 对数据加密
Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, publicK);
int inputLen = data.length;
ByteArrayOutputStream out = new ByteArrayOutputStream();
int offSet = 0;
byte[] cache;
int i = 0;
// 对数据分段加密
while (inputLen - offSet > 0) {
if (inputLen - offSet > MAX_ENCRYPT_BLOCK) {
cache = cipher.doFinal(data, offSet, MAX_ENCRYPT_BLOCK);
} else {
cache = cipher.doFinal(data, offSet, inputLen - offSet);
}
out.write(cache, 0, cache.length);
i++;
offSet = i * MAX_ENCRYPT_BLOCK;
}
byte[] encryptedData = out.toByteArray();
out.close();
return encryptedData;
}
public static String encryptByPublicKeyToStr(byte[] data, String publicKey) throws Exception {
byte[] bytes = encryptByPublicKey(data, publicKey);
String result = Base64_.encode(bytes);
return result;
}
/**
* 得到私钥
* @param key 密钥字符串（经过base64编码）
* @throws Exception
*/
public static PrivateKey getPrivateKey(String key) throws Exception {
byte[] keyBytes;
keyBytes = Base64_.decode(key);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
PrivateKey privateKey = keyFactory.generatePrivate(keySpec);
return privateKey;
}
public static class Base64_ {
private static final Base64.Decoder decoder = Base64.getDecoder();
private static final Base64.Encoder encoder = Base64.getEncoder();
public static byte[] decode(String key) {
if (key == null) { return null;}
byte[] decode = decoder.decode(key);
return decode;
}
public static String encode(byte[] content) {
if (content == null) {return null;}
String encode = encoder.encodeToString(content);
return encode;
}
}
/**
* 测试
*/
public static void main(String args[]) throws Exception{
KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA");
keyPairGen.initialize(1024);
KeyPair keyPair = keyPairGen.generateKeyPair();
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
String pubKey = Base64_.encode(publicKey.getEncoded()); //公钥
String priKey = Base64_.encode(privateKey.getEncoded()); //私钥
// System.out.println(pubKey);
// System.out.println(priKey);
//......................................公钥加密，私钥解密！
String sourceStr = "Wise men don't fall in love, but a few kings are rich all the way";
//公钥加密
byte[] ens = RSAUtil.encryptByPublicKey(sourceStr.getBytes(),pubKey);
String encodes = Base64_.encode(ens);
System.out.println("公钥加密后:"+encodes);
//私钥解密
String res2 = RSAUtil.decrypt(encodes, priKey, "UTF-8");
System.out.println("私钥解密后:"+res2+"，翻译：智者不入爱河，寡王一路硕博");
//.......................................签名验证，私钥签名，公钥验证是否正确!
String source = "id=shoig&name=shoer&age=23dnjlegj;reg"; //模拟请求参数,然后对此请求参数进行签名。
String sign = RSAUtil.sign(source, priKey, "UTF-8");
System.out.println("签名是："+sign);
// 公钥验证签名是否正确.
// 具体流程是，请求参数+sign发送给公钥方，然后公钥方过滤掉sign，用公钥验证其他参数是否通过。
boolean result = RSAUtil.verify(source, sign, pubKey, "UTF-8");
System.out.println("验签结果是："+result);
}
}

复制代码

运行截图：

2019-2高鹏 · 发表于 2022-6-2 15:42:21

ECC椭圆曲线上公钥密码
一.算法原理
ECC 是 Elliptic Curves Cryptography 的缩写，意为椭圆曲线密码编码学。和RSA算法一样，ECC算法也属于公开密钥算法。最初由 Koblitz 和 Miller 两人于1985年提出，其数学基础是利用椭圆曲线上的有理点构成Abel加法群上椭圆离散对数的计算困难性。

二、执行过程
1、生成公钥和私钥；
2、公钥加密；
3、私钥解密；
4、用私钥对信息生成数字签名；

2019-2高鹏 · 发表于 2022-6-2 15:46:04

源代码：

#include "stdafx.h"
#include <string>
#include <iostream>
using namespace std;
const int k = 9;
const int a = 5;
const int b = 37;
const int p = 127;
const int r =7;
int getX_1(int x,int mod){
int Q,X1,X2,X3,Y1,Y2,Y3,T1,T2,T3;
X1 = 1;
X2 = 0;
X3 = mod;
Y1 = 0;
Y2 = 1;
Y3 = (x%mod + mod) %mod;//获得正整数
while(Y3 != 1){
Q = X3 / Y3;
T1 = X1 - Q * Y1;
T2 = X2 - Q * Y2;
T3 = X3 - Q * Y3;
X1 = Y1;
X2 = Y2;
X3 = Y3;
Y1 = T1;
Y2 = T2;
Y3 = T3;
}
return Y2;
}//获得其乘法逆元
struct point{
int x;
int y;
};
point A,B;//公钥
typedef pair<point,point> twopoint;
bool operator == (point pa,point pb){
return pa.x == pb.x && pa.y == pb.y;
}
point operator + (point pa , point pb){
int k;
if(pa == pb)
k = ((3 * pa.x * pa.x + a) * getX_1(2* pa.y ,p)) % p ;
else
k = (pb.y - pa.y) * getX_1(pb.x - pa.x , p) %p;
point c;
c.x = (k*k - pa.x -pb.x) %p;
c.y = (k * (pa.x - c.x) - pa.y)%p ;
c.x = (c.x + p) %p;
c.y = (c.y + p) %p;
return c;
}
point operator * (point &b,int n){
point q = b;
n = n -1;
for(int i = 1 ; i < n;i++){
q = q + b ;
}
return q;
}
twopoint ECodePoint(point m){
point c1,c2;
c1 = A * r ;
point Y = B * r ;
c2.x = Y.x * m.x % p ;
c2.y = Y.y * m.y % p ;
return twopoint(c1,c2);
}
point DCodePoint(twopoint t){
point Z = t.first * k;
point m;
m.x = t.second.x * getX_1(Z.x,p) % p ;
m.y = t.second.y * getX_1(Z.y,p) % p ;
return m;
}
string ECode(string input){
string output = "";
point M;
twopoint C;
for(int i =0; i < input.length();i++){
M.x = i;
M.y = input[i];
C = ECodePoint(M);
output += (char)C.first.x ;
output += (char)C.first.y ;
output += (char)C.second.x ;
output += (char)C.second.y ;
}
return output;
}
string DCode(string input){
string output = "";
point M;
twopoint C;
if(input.length()%4 != 0)
return "错误输入";
for(int i = 0;i < input.length();){
C.first.x = input[i++];
C.first.y = input[i++];
C.second.x = input[i++];
C.second.y = input[i++];
M = DCodePoint(C);
output += (char)M.y;
}
return output;
}
int main()
{
A.x = 11;
A.y = 4;
B = A*k;
string s = "";
cout<<"使用在素域上的曲线 y^2 = x^3 + 5*x +37 ，使用Menezes-Vanstone的算法："<<endl;
cout<<"在素域p=127上，私钥为k=9,公钥A(11,4),B(120,41),对明文字符串直接转换为int进行加密"<<endl;
cout<<"请输入要加密的内容："<<endl;
cin>>s;
cout<<"密文如下："<<"\r\n";
s = ECode(s);
cout<<s<<endl;
cout<<"对之前密文解密，得到明文如下（由于输入密文不正确绝对会使这个程序出错，所以只能解密绝对安全的密文）："<<"\r\n";
s = DCode(s);
cout<<s<<"\r\n"<<"完成"<<endl;
cin>>s;
return 0;
}

复制代码

		自动登录	找回密码
密码			立即注册

信息计算2019级2班30号高鹏

本帖子中包含更多资源

本帖子中包含更多资源