1. 首頁
  2. 問答
  3. 如何在Java非對稱加密中保存和重用密鑰對?

如何在Java非對稱加密中保存和重用密鑰對?

2017-10-18 114 views
0

我已經編寫了生成密鑰對的代碼,但想知道是否有任何方法可以保存並重新使用它們?如何在Java非對稱加密中保存和重用密鑰對?

下面是generaes該對代碼:

公共靜態無效的主要(字串[] args)拋出異常{

String plainText = "Hello world"; 

    Map<String, Object> keys = getRSAKeys(); 

    PrivateKey privateKey = (PrivateKey) keys.get("private"); 
    PublicKey publicKey = (PublicKey) keys.get("public"); 

    System.out.println(privateKey.getEncoded()); 

    System.out.println(publicKey.getEncoded()); 



    String encrypted = encryptMessage(plainText, privateKey); 


    System.out.println(encrypted); 

    String decrypted = decryptMessage(plainText, publicKey, encrypted); 

    System.out.println(decrypted); 

} 

private static Map<String, Object> getRSAKeys() throws Exception { 

    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA"); 
    keyPairGenerator.initialize(2048); 
    KeyPair keyPair = keyPairGenerator.generateKeyPair(); 
    PrivateKey privateKey = keyPair.getPrivate(); 
    PublicKey publicKey = keyPair.getPublic(); 
    Map<String, Object> keys = new HashMap<String, Object>(); 
    keys.put("private", privateKey); 
    keys.put("public", publicKey); 

    return keys; 

}

來源

2017-10-18 TheRealJoeWilson

+0

肯定。只是保持數據。在程序的整個生命週期內,只保留參考。在程序的生命週期之外 - 它們是可序列化的,所以序列化它們。 (當然,你必須考慮保持序列化密鑰的安全......) –

+0

另外:爲什麼把它們放到一個Map中,只要返回'KeyPair'對象? –

+0

謝謝安迪,你會怎麼做呢? – TheRealJoeWilson

回答

-1

https://docs.oracle.com/javase/tutorial/security/apisign/step2.html - 良好的入口點。

另外這裏的一些示例代碼,做你想要什麼:

package mx.playground.security; 

import java.io.File; 
import java.io.FileOutputStream; 
import java.io.IOException; 
import java.nio.file.Files; 
import java.security.KeyFactory; 
import java.security.PrivateKey; 
import java.security.PublicKey; 
import java.security.spec.PKCS8EncodedKeySpec; 
import java.security.spec.X509EncodedKeySpec; 
import java.util.Base64; 

import javax.crypto.Cipher; 

public class AppForStackOverflow { 

    public static final int KEY_SIZE = 2048; 

    public static final String PUBLIC_KEY_X509 = "C:\\workspace\\rsa-pair\\public-key"; 
    public static final String PUBLIC_KEY_PKCS1 = "C:\\workspace\\rsa-pair\\public-key-pkcs1"; 
    public static final String PUBLIC_KEY_PEM = "C:\\workspace\\rsa-pair\\public-key-pem"; 

    public static final String PRIVATE_KEY_PKCS8 = "C:\\workspace\\rsa-pair\\private-key"; 
    public static final String PRIVATE_KEY_PKCS1 = "C:\\workspace\\rsa-pair\\private-key-pkcs1"; 
    public static final String PRIVATE_KEY_PEM = "C:\\workspace\\rsa-pair\\private-key-pem"; 

    public static final String SIGNATURE_PATH = "C:\\workspace\\rsa-pair\\signature"; 

    public static final String PRIVATE_KEY_PATH = PRIVATE_KEY_PKCS8; 
    public static final String PUBLIC_KEY_PATH = PUBLIC_KEY_X509; 

    public static void main(String[] args) { 
     generateRsaKeysPair(); 
     encryptDecryptTest(); 

     // symmetric encryption example, use it to store your Private Key in safe manner 
     String message = "test message"; 
     String rightPass = "ABCDEF"; // for AES password should be at least 16 chars 
     String wrongPass = "zzz"; 

     byte[] encryptedMessage = symmetricEncrypt(message.getBytes(), rightPass); 
     System.out.print(new String(encryptedMessage)); 

     byte[] decryptedMessage = symmetricDecrypt(encryptedMessage, rightPass); 
     System.out.println(new String(decryptedMessage)); 

    }  

    public static void generateRsaKeysPair() { 
     try { 
      KeyPairGeneratorJdk kpg = new KeyPairGeneratorJdk(KEY_SIZE, "RSA"); 

      PublicKey publicKey = kpg.getPublicKey(); 
      PrivateKey privateKey = kpg.getPrivateKey(); 

      save(PUBLIC_KEY_PATH, publicKey.getEncoded()); 
      save(PRIVATE_KEY_PATH, privateKey.getEncoded()); 
     } catch (Exception e) { 
      throw new RuntimeException("Failed to execute generateRsaKeysPair()", e);   
     } 
    } 

    public static void encryptDecryptTest() { 
     try { 
      byte[] privateKeyBytes = read(PRIVATE_KEY_PATH); 
      byte[] publicKeyBytes = read(PUBLIC_KEY_PATH); 

      KeyFactory kf = KeyFactory.getInstance("RSA"); 
      PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(privateKeyBytes); 
      PrivateKey privateKey = kf.generatePrivate(privateKeySpec); 

      X509EncodedKeySpec spec = new X509EncodedKeySpec(publicKeyBytes); 
      PublicKey publicKey = kf.generatePublic(spec); 

      Cipher cipher = Cipher.getInstance("RSA"); 

      // doing encryption 
      String message = "test message"; 
      cipher.init(Cipher.ENCRYPT_MODE, publicKey); 
      byte[] encodedMessage = cipher.doFinal(message.getBytes("UTF-8")); 
      System.out.println("ENCRYPTED: " + new String(encodedMessage)); 

      // doing decryption 
      cipher.init(Cipher.DECRYPT_MODE, privateKey); 
      byte[] decodedMessage = cipher.doFinal(encodedMessage); 
      System.out.println("DECRYPTED: " + new String(decodedMessage)); 
     } catch (Exception e) { 
      throw new RuntimeException("Failed to execute encryptDecryptTest()", e); 
     } 
    } 

    private static void save(String path, byte[] data) { 
     try { 
      File file = new File(path); 
      file.getParentFile().mkdirs(); 

      try (FileOutputStream fos = new FileOutputStream(file)){ 
       fos.write(Base64.getEncoder().encode(data)); 
       fos.flush(); 
      }; 
     } catch (IOException e) { 
      throw new RuntimeException("Failed to save data to file: " + path, e); 
     } 
    } 

    private static byte[] read(String path) { 
     try { 
      return Base64.getDecoder().decode(Files.readAllBytes(new File(path).toPath())); 
     } catch (IOException e) { 
      throw new RuntimeException("Failed to read data from file: " + path, e); 
     } 
    } 

    /* 
    * Use this to encrypt your private key before saving it to disk 
    */ 
    public static byte[] symmetricEncrypt(byte[] data, String password) { 
     try { 
      SecretKeySpec secretKey = new SecretKeySpec(password.getBytes(), "AES"); 
      Cipher cipher = Cipher.getInstance("AES"); 
      cipher.init(Cipher.ENCRYPT_MODE, secretKey); 
      byte[] result = cipher.doFinal(data); 
      return result; 
     } catch (Exception e) { 
      throw new RuntimeException("Failed to execute symmetricEncrypt()", e); 
     } 
    } 

    public static byte[] symmetricDecrypt(byte[] data, String password) { 
     try { 
      SecretKeySpec secretKey = new SecretKeySpec(password.getBytes(), "AES"); 
      Cipher cipher = Cipher.getInstance("AES"); 
      cipher.init(Cipher.DECRYPT_MODE, secretKey); 
      byte[] result = cipher.doFinal(data); 
      return result; 
     } catch (Exception e) { 
      throw new RuntimeException("Failed to execute symmetricEncrypt()", e); 
     } 
    } 

}

來源

2017-10-18 12:05:50

+0

沒有安全感。不能接受的。 – EJP

+0

只是爲了好玩,我添加了一些代碼,用私鑰進行一些對稱加密,使其不那麼不安全,有點可以接受。 –

相關問題

 相關問題