import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.security.*;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
public class DHUtils {
/**
* 非對稱加密密鑰算法
*/
private static final String KEY_ALGORITHM = "DH";
/**
* 本地密鑰算法,即對稱加密密鑰算法
* 可選DES、DESede或者AES
*/
private static final String SELECT_ALGORITHM = "AES";
/**
* 默認的加密算法
*/
private static final String DEFAULT_CIPHER_ALGORITHM = "AES/ECB/PKCS5Padding";
/**
* 密鑰長度
*/
private static final int KEY_SIZE = 512;
//公鑰
private static final String PUBLIC_KEY = "DHPublicKey";
//私鑰
private static final String PRIVATE_KEY = "DHPrivateKey";
/**
* 初始化甲方密鑰
*
* @return Map 甲方密鑰Map
* @throws Exception
*/
public static Map<String, Object> initKey() throws Exception {
//實例化密鑰對生成器
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_ALGORITHM);
//初始化密鑰對生成器
keyPairGenerator.initialize(KEY_SIZE);
//生成密鑰對
KeyPair keyPair = keyPairGenerator.generateKeyPair();
//甲方公鑰
DHPublicKey publicKey = (DHPublicKey) keyPair.getPublic();
//甲方私鑰
DHPrivateKey privateKey = (DHPrivateKey) keyPair.getPrivate();
//將密鑰對存儲在Map中
Map<String, Object> keyMap = new HashMap<String, Object>(2);
keyMap.put(PUBLIC_KEY, publicKey);
keyMap.put(PRIVATE_KEY, privateKey);
return keyMap;
}
/**
* 初始化乙方密鑰
*
* @param key 甲方公鑰
* @return Map 乙方密鑰Map
* @throws Exception
*/
public static Map<String, Object> initKey(byte[] key) throws Exception {
//解析甲方公鑰
//轉換公鑰材料
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(key);
//實例化密鑰工廠
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
//產生公鑰
PublicKey pubKey = keyFactory.generatePublic(x509KeySpec);
//由甲方公鑰構建乙方密鑰
DHParameterSpec dhParameterSpec = ((DHPublicKey) pubKey).getParams();
//實例化密鑰對生成器
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_ALGORITHM);
//初始化密鑰對生成器
keyPairGenerator.initialize(dhParameterSpec);
//產生密鑰對
KeyPair keyPair = keyPairGenerator.generateKeyPair();
//乙方公鑰
DHPublicKey publicKey = (DHPublicKey) keyPair.getPublic();
//乙方私約
DHPrivateKey privateKey = (DHPrivateKey) keyPair.getPrivate();
//將密鑰對存儲在Map中
Map<String, Object> keyMap = new HashMap<String, Object>(2);
keyMap.put(PUBLIC_KEY, publicKey);
keyMap.put(PRIVATE_KEY, privateKey);
return keyMap;
}
/**
* 生成加密秘鑰
*
* @return
*/
private static SecretKeySpec getSecretKey(final byte[] key) {
//返回生成指定算法密鑰生成器的 KeyGenerator 對象
KeyGenerator kg = null;
try {
kg = KeyGenerator.getInstance(SELECT_ALGORITHM);
//AES 要求密鑰長度為 128
kg.init(128, new SecureRandom(key));
//生成一個密鑰
SecretKey secretKey = kg.generateKey();
return new SecretKeySpec(secretKey.getEncoded(), SELECT_ALGORITHM);// 轉換為AES專用密鑰
} catch (NoSuchAlgorithmException ex) {
// Logger.getLogger(AESUtil.class.getName()).log(Level.SEVERE, null, ex);
}
return null;
}
/**
* 加密
*
* @param data 待加密數據
* @param key 密鑰
* @return byte[] 加密數據
* @throws Exception
*/
public static byte[] encrypt(byte[] data, byte[] key) throws Exception {
try {
Cipher cipher = Cipher.getInstance(DEFAULT_CIPHER_ALGORITHM);// 創建密碼器
byte[] byteContent = data;
cipher.init(Cipher.ENCRYPT_MODE, getSecretKey(key));// 初始化為加密模式的密碼器
byte[] result = cipher.doFinal(byteContent);// 加密
return result;
// return org.apache.commons.codec.binary.Base64.encodeBase64String(result);//通過Base64轉碼返回
} catch (Exception ex) {
// Logger.getLogger(AESUtil.class.getName()).log(Level.SEVERE, null, ex);
}
return null;
}
/**
* 解密
*
* @param data 待解密數據
* @param key 密鑰
* @return byte[] 解密數據
* @throws Exception
*/
public static byte[] decrypt(byte[] data, byte[] key) throws Exception {
try {
//實例化
Cipher cipher = Cipher.getInstance(DEFAULT_CIPHER_ALGORITHM);
//使用密鑰初始化,設置為解密模式
cipher.init(Cipher.DECRYPT_MODE, getSecretKey(key));
//執行操作
byte[] result = cipher.doFinal(data);
return result;
} catch (Exception ex) {
// Logger.getLogger(AESUtil.class.getName()).log(Level.SEVERE, null, ex);
}
return null;
}
/**
* 構建密鑰
*
* @param publicKey 公鑰
* @param privateKey 私鑰
* @return byte[] 本地密鑰
* @throws Exception
*/
public static byte[] getSecretKey(byte[] publicKey, byte[] privateKey) throws Exception {
//實例化密鑰工廠
KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
//初始化公鑰
//密鑰材料轉換
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(publicKey);
//產生公鑰
PublicKey pubKey = keyFactory.generatePublic(x509KeySpec);
//初始化私鑰
//密鑰材料轉換
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(privateKey);
//產生私鑰
PrivateKey priKey = keyFactory.generatePrivate(pkcs8KeySpec);
//實例化
KeyAgreement keyAgree = KeyAgreement.getInstance(keyFactory.getAlgorithm());
//初始化
keyAgree.init(priKey);
keyAgree.doPhase(pubKey, true);
//生成本地密鑰
SecretKey secretKey = keyAgree.generateSecret(SELECT_ALGORITHM);
return secretKey.getEncoded();
}
/**
* 取得私鑰
*
* @param keyMap 密鑰Map
* @return byte[] 私鑰
* @throws Exception
*/
public static byte[] getPrivateKey(Map<String, Object> keyMap) throws Exception {
Key key = (Key) keyMap.get(PRIVATE_KEY);
return key.getEncoded();
}
/**
* 取得公鑰
*
* @param keyMap 密鑰Map
* @return byte[] 公鑰
* @throws Exception
*/
public static byte[] getPublicKey(Map<String, Object> keyMap) throws Exception {
Key key = (Key) keyMap.get(PUBLIC_KEY);
return key.getEncoded();
}
/**
* 主方法
*
* @param args
* @throws Exception
*/
public static void main(String[] args) throws Exception {
//甲方公鑰
byte[] publicKeyA;
//甲方私鑰
byte[] privateKeyA;
//甲方本地密鑰
byte[] localKeyA;
//乙方公鑰
byte[] publicKeyB;
//乙方私鑰
byte[] privateKeyB;
//乙方本地密鑰
byte[] localKeyB;
//初始化密鑰
//生成甲方密鑰對
Map<String, Object> keyMapA = DHUtils.initKey();
publicKeyA = DHUtils.getPublicKey(keyMapA);
privateKeyA = DHUtils.getPrivateKey(keyMapA);
System.out.println("甲方公鑰:\n" + org.apache.commons.codec.binary.Base64.encodeBase64String(publicKeyA));
System.out.println("甲方私鑰:\n" + org.apache.commons.codec.binary.Base64.encodeBase64String(privateKeyA));
//由甲方公鑰產生乙方本地密鑰對
Map<String, Object> keyMapB = DHUtils.initKey(publicKeyA);
publicKeyB = DHUtils.getPublicKey(keyMapB);
privateKeyB = DHUtils.getPrivateKey(keyMapB);
System.out.println("乙方公鑰:\n" + org.apache.commons.codec.binary.Base64.encodeBase64String(publicKeyB));
System.out.println("乙方私鑰:\n" + org.apache.commons.codec.binary.Base64.encodeBase64String(privateKeyB));
localKeyA = DHUtils.getSecretKey(publicKeyB, privateKeyA);
System.out.println("甲方本地密鑰:\n" + org.apache.commons.codec.binary.Base64.encodeBase64String(localKeyA));
localKeyB = DHUtils.getSecretKey(publicKeyA, privateKeyB);
System.out.println("乙方本地密鑰:\n" + org.apache.commons.codec.binary.Base64.encodeBase64String(localKeyB));
System.out.println();
System.out.println("===甲方向乙方發送加密數據===");
String msgA2B = "求知若飢,虛心若愚。";
System.out.println("原文:\n" + msgA2B);
System.out.println("---使用甲方本地密鑰對數據進行加密---");
//使用甲方本地密鑰對數據加密
byte[] encodeMsgA2B = DHUtils.encrypt(msgA2B.getBytes(), localKeyA);
System.out.println("加密:\n" + org.apache.commons.codec.binary.Base64.encodeBase64String(encodeMsgA2B));
System.out.println("---使用乙方本地密鑰對數據庫進行解密---");
//使用乙方本地密鑰對數據進行解密
byte[] msgB2A = DHUtils.decrypt(encodeMsgA2B, localKeyB);
String output1 = new String(msgB2A);
System.out.println("解密:\n" + output1);
System.out.println("/~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~..~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~/");
System.out.println("===乙方向甲方發送加密數據===");
String input2 = "好好學習,天天向上。";
System.out.println("原文:\n" + input2);
System.out.println("---使用乙方本地密鑰對數據進行加密---");
//使用乙方本地密鑰對數據進行加密
byte[] encode2 = DHUtils.encrypt(input2.getBytes(), localKeyB);
System.out.println("加密:\n" + org.apache.commons.codec.binary.Base64.encodeBase64String(encode2));
System.out.println("---使用甲方本地密鑰對數據進行解密---");
//使用甲方本地密鑰對數據進行解密
byte[] decode2 = DHUtils.decrypt(encode2, localKeyA);
String output2 = new String(decode2);
System.out.println("解密:\n" + output2);
}
}
輸出結果
"C:\Program Files\Java\jdk1.8.0_91\bin\java.exe" "-javaagent:C:\Program Files\JetBrains\IntelliJ IDEA 2019.3.3\lib\idea_rt.jar=56888:C:\Program Files\JetBrains\IntelliJ IDEA 2019.3.3\bin" -Dfile.encoding=UTF-8 -classpath "C:\Program Files\Java\jdk1.8.0_91\jre\lib\charsets.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\deploy.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\ext\access-bridge-64.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\ext\cldrdata.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\ext\dnsns.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\ext\jaccess.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\ext\jfxrt.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\ext\localedata.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\ext\nashorn.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\ext\sunec.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\ext\sunjce_provider.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\ext\sunmscapi.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\ext\sunpkcs11.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\ext\zipfs.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\javaws.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\jce.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\jfr.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\jfxswt.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\jsse.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\management-agent.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\plugin.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\resources.jar;C:\Program Files\Java\jdk1.8.0_91\jre\lib\rt.jar;Z:\workspace\im\target\test-classes;Z:\.m2\repository\org\apache\commons\commons-lang3\3.9\commons-lang3-3.9.jar;Z:\.m2\repository\commons-codec\commons-codec\1.14\commons-codec-1.14.jar;Z:\.m2\repository\cn\hutool\hutool-all\5.1.4\hutool-all-5.1.4.jar;Z:\.m2\repository\org\bouncycastle\bcprov-jdk15on\1.52\bcprov-jdk15on-1.52.jar" DHUtils 甲方公鑰: MIHgMIGXBgkqhkiG9w0BAwEwgYkCQQD8poLOjhLKuibvzPcRDlJtsHiwXt7LzR60ogjzrhYXrgHzW5Gkfm32NBPF4S7QiZvNEyrNUNmRUb3EPuc3WS4XAkBnhHGyepz0TukaScUUfbGpqvJE8FpDTWSGkx0tFCcbnjUDC3H9c9oXkGmzLik1Yw4cIGI1TQ2iCmxBblC+eUykAgIBgANEAAJBANKee3tUIVRpwpLj+Kfqe5t8w4QIM54k94fKcp2Alg/kWLm4bEBTvWv4XMKIH13k9eQcvTRxVuqxdkS62yi1guc= 甲方私鑰: MIHSAgEAMIGXBgkqhkiG9w0BAwEwgYkCQQD8poLOjhLKuibvzPcRDlJtsHiwXt7LzR60ogjzrhYXrgHzW5Gkfm32NBPF4S7QiZvNEyrNUNmRUb3EPuc3WS4XAkBnhHGyepz0TukaScUUfbGpqvJE8FpDTWSGkx0tFCcbnjUDC3H9c9oXkGmzLik1Yw4cIGI1TQ2iCmxBblC+eUykAgIBgAQzAjEA/cVM7DmzLK7gijP61uR2ipNjP/tG84kCZJzt10KM8XPpvvKGDa6c000GO3dNliIC 乙方公鑰: MIHgMIGXBgkqhkiG9w0BAwEwgYkCQQD8poLOjhLKuibvzPcRDlJtsHiwXt7LzR60ogjzrhYXrgHzW5Gkfm32NBPF4S7QiZvNEyrNUNmRUb3EPuc3WS4XAkBnhHGyepz0TukaScUUfbGpqvJE8FpDTWSGkx0tFCcbnjUDC3H9c9oXkGmzLik1Yw4cIGI1TQ2iCmxBblC+eUykAgIBgANEAAJBAJIS3ho3UENwFuQwrB3uPXS0q9K+0Box8fdGeCdj10uyT0vSV+TgoO6IhX11k535QfBMvh8cHR4BrYo7LSC/wdY= 乙方私鑰: MIHSAgEAMIGXBgkqhkiG9w0BAwEwgYkCQQD8poLOjhLKuibvzPcRDlJtsHiwXt7LzR60ogjzrhYXrgHzW5Gkfm32NBPF4S7QiZvNEyrNUNmRUb3EPuc3WS4XAkBnhHGyepz0TukaScUUfbGpqvJE8FpDTWSGkx0tFCcbnjUDC3H9c9oXkGmzLik1Yw4cIGI1TQ2iCmxBblC+eUykAgIBgAQzAjEAyMLT94TotoWZCPvaJpT3VYlQ3TgwJvo7Mc/gsbdTBIQKQRIRhEZ1MCpn8is83CKh 甲方本地密鑰: SZb1nFDuDT34Q9WkIb7bNVndlSOfHa0s55ZbxuldNhQ= 乙方本地密鑰: SZb1nFDuDT34Q9WkIb7bNVndlSOfHa0s55ZbxuldNhQ= ===甲方向乙方發送加密數據=== 原文: 求知若飢,虛心若愚。 ---使用甲方本地密鑰對數據進行加密--- 加密: 5cORf8g/pkzIvSPd7sNn0yWkOjx0JQvzwYaKR0/ox2c= ---使用乙方本地密鑰對數據庫進行解密--- 解密: 求知若飢,虛心若愚。 /~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~..~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~.~/ ===乙方向甲方發送加密數據=== 原文: 好好學習,天天向上。 ---使用乙方本地密鑰對數據進行加密--- 加密: Mh08mY3CwWCJowGf8t/ZPaNJUxJpcAifHepADby3kTs= ---使用甲方本地密鑰對數據進行解密--- 解密: 好好學習,天天向上。 Process finished with exit code 0