RSA非对称加密简析

发布时间：2017-11-27 20:00:05

1 非对称加密算法1.1 概述　　1976年，美国学者Dime和Henman为解决信息公开传送和密钥管理问题，提出一种新的密钥交换协议，允许在不安全的媒体上的通讯双方交换信息，安全地达成一致的密钥，这就是“公开密钥系统”。　　与对称加密算法不同，非对称加密算法需要两个密钥：公开密 ...

1 非对称加密算法

1.1 概述

　　1976年，美国学者Dime和Henman为解决信息公开传送和密钥管理问题，提出一种新的密钥交换协议，允许在不安全的媒体上的通讯双方交换信息，安全地达成一致的密钥，这就是“公开密钥系统”。

　　与对称加密算法不同，非对称加密算法需要两个密钥：公开密钥（publickey）和私有密钥（privatekey）。公开密钥与私有密钥是一对，如果用公开密钥对数据进行加密，只有用对应的私有密钥才能解密；如果用私有密钥对数据进行加密，那么只有用对应的公开密钥才能解密。因为加密和解密使用的是两个不同的密钥，所以这种算法叫作非对称加密算法。

1.2 加密流程

　　如下图所示，甲乙之间使用非对称加密的方式完成了重要信息的安全传输。　　

　　非对称加密工作过程简要示意图　　1、乙方生成一对密钥（公钥和私钥）并将公钥向其它方公开。　　2、得到该公钥的甲方使用该密钥对机密信息进行加密后再发送给乙方。　　3、乙方再用自己保存的另一把专用密钥（私钥）对加密后的信息进行解密。乙方只能用其专用密钥（私钥）解密由对应的公钥加密后的信息。　　在传输过程中，即使攻击者截获了传输的密文，并得到了乙的公钥，也无法破解密文，因为只有乙的私钥才能解密密文。　　同样，如果乙要回复加密信息给甲，那么需要甲先公布甲的公钥给乙用于加密，甲自己保存甲的私钥用于解密。

2 RSA加密算法

2.1 概述

　　RSA是目前最有影响力和最常用的公钥加密算法，它能够抵抗到目前为止已知的绝大多数密码攻击，已被ISO推荐为公钥数据加密标准。

　　RSA公开密钥密码体制。所谓的公开密钥密码体制就是使用不同的加密密钥与解密密钥，是一种“由已知加密密钥推导出解密密钥在计算上是不可行的”密码体制。　　在公开密钥密码体制中，加密密钥（即公开密钥）PK是公开信息，而解密密钥（即秘密密钥）SK是需要保密的。加密算法E和解密算法D也都是公开的。虽然解密密钥SK是由公开密钥PK决定的，但却不能根据PK计算出SK。　　正是基于这种理论，1978年出现了著名的RSA算法，它通常是先生成一对RSA 密钥，其中之一是保密密钥，由用户保存；另一个为公开密钥，可对外公开，甚至可在网络服务器中注册。为提高保密强度，RSA密钥至少为500位长，一般推荐使用1024位。这就使加密的计算量很大。为减少计算量，在传送信息时，常采用传统加密方法与公开密钥加密方法相结合的方式，即信息采用改进的DES或IDEA对话密钥加密，然后使用RSA密钥加密对话密钥和信息摘要。对方收到信息后，用不同的密钥解密并可核对信息摘要。　　RSA算法是第一个能同时用于加密和数字签名的算法，也易于理解和操作。RSA是被研究得最广泛的公钥算法，从提出到现今的三十多年里，经历了各种攻击的考验，逐渐为人们接受，普遍认为是目前最优秀的公钥方案之一。

2.2 算法实现过程

1. 随意选择两个大的质数p和q，p不等于q，计算N=pq。 2. 根据欧拉函数，不大于N且与N互质的整数個数為(p-1)(q-1)。 3. 选择一个整数e与(p-1)(q-1)互质，并且e小于(p-1)(q-1)。 4. 用以下这个公式计算d：d× e ≡ 1 (mod (p-1)(q-1))。 5. 将p和q的记录销毁。以上内容中，(N,e)是公钥，(N,d)是私钥。

2.3 算法缺点

　　1）产生密钥很麻烦，受到素数产生技术的限制，因而难以做到一次一密。

　　2）安全性，RSA的安全性依赖于大数的因子分解，但并没有从理论上证明破译RSA的难度与大数分解难度等价，而且密码学界多数人士倾向于因子分解不是NP问题。

　　3）速度太慢，由于RSA 的分组长度太大，为保证安全性，n 至少也要 600 bits以上，使运算代价很高，尤其是速度较慢，较对称密码算法慢几个数量级；且随着大数分解技术的发展，这个长度还在增加，不利于数据格式的标准化。

2.4 java代码实现加解密

 1 package xin.dreaming.rsa; 2  3 import java.io.ByteArrayOutputStream; 4 import java.io.UnsupportedEncodingException; 5 import java.security.Key; 6 import java.security.KeyFactory; 7 import java.security.KeyPair; 8 import java.security.KeyPairGenerator; 9 import java.security.NoSuchAlgorithmException; 10 import java.security.interfaces.RSAPrivateKey; 11 import java.security.interfaces.RSAPublicKey; 12 import java.security.spec.PKCS8EncodedKeySpec; 13 import java.security.spec.X509EncodedKeySpec; 14 import java.util.HashMap; 15 import java.util.Map; 16  17 import javax.crypto.Cipher; 18  19 import org.bouncycastle.util.encoders.Base64; 20  21 /** 22  * Rsa工具类 23  *  24  * @author DREAMING.XIN 25  * 26 */ 27 public abstract class RsaUtils { 28  /** 29   * 生成公钥私钥对，使用默认模长1024。 30   *  31   * @return Object[] : 0:公钥( RSAPublicKey )，1:私钥( RSAPrivateKey ) 32  */ 33  34  private static final int DEFAULT_KEY_LEN = 2048; 35  36  public static Map<String, String> genKeyPair() { 37   return genKeyPair(DEFAULT_KEY_LEN); 38  39  } 40  41  /** 42   * 指定模长生成公私钥对 43   *  44   * @param modulus 45   * @return 46  */ 47  public static Map<String, String> genKeyPair(int modulus) { 48   KeyPairGenerator keyPairGen; 49   try { 50    keyPairGen = KeyPairGenerator.getInstance("RSA"); 51    keyPairGen.initialize(modulus); 52    KeyPair keyPair = keyPairGen.generateKeyPair(); 53  54    Map<String, String> keyMaps = new HashMap<String, String>(); 55    RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); 56    keyMaps.put("publicKey", new String(Base64.encode(publicKey.getEncoded()))); 57    RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate(); 58    keyMaps.put("privateKey", new String(Base64.encode(privateKey.getEncoded()))); 59  60    return keyMaps; 61   } catch (NoSuchAlgorithmException e) { 62    throw new RuntimeException(e); 63   } 64  } 65  66  /** 67   * 公钥加密 68   *  69   * @param publicKeyBytes 70   * @param data 71   * @param modulus 72   *   公钥模长，范围512-2048。 73   * @return 74  */ 75  public static byte[] encryptByPublicKey(byte[] publicKeyBytes, byte[] data, int modulus) { 76   try { 77    // RSA最大加密明文大小 78    int maxEncryptBlock = modulus / 8 - 11; 79  80    X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(publicKeyBytes); 81    KeyFactory keyFactory = KeyFactory.getInstance("RSA"); 82    Key publicK = keyFactory.generatePublic(x509KeySpec); 83    Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); 84    cipher.init(Cipher.ENCRYPT_MODE, publicK); 85    int inputLen = data.length; 86    ByteArrayOutputStream out = new ByteArrayOutputStream(); 87    int offSet = 0; 88    byte[] cache; 89    int i = 0; 90    while (inputLen - offSet > 0) { 91     if (inputLen - offSet > maxEncryptBlock) { 92      cache = cipher.doFinal(data, offSet, maxEncryptBlock); 93     } else { 94      cache = cipher.doFinal(data, offSet, inputLen - offSet); 95     } 96     out.write(cache, 0, cache.length); 97     i++; 98     offSet = i * maxEncryptBlock; 99    }100    byte[] encryptedData = out.toByteArray();101    out.close();102    return encryptedData;103   } catch (Exception e) {104    throw new RuntimeException(e);105   }106 107  }108 109  /**110   * 公钥加密，密钥模长使用默认长度1024。111   * 112   * @param publicKeyBytes113   *   公钥RSAPublicKey getEncoded()114   * @param data115   *   要加密的字节数组116  */117  public static byte[] encryptByPublicKey(byte[] publicKeyBytes, byte[] data) {118   return encryptByPublicKey(publicKeyBytes, data, DEFAULT_KEY_LEN);119  }120 121  /**122   * 公钥解密123   * 124   * @param publicKeyBytes125   *   公钥RSAPublicKey getEncoded()126   * @param encryptedData127   *   被(私钥)加密过的字节数组128   * @param modulus129   *   模长，范围512-2048130   * @return131  */132  public static byte[] decryptByPublicKey(byte[] publicKeyBytes, byte[] encryptedData, int modulus) {133   // RSA最大解密密文大小134   int maxDecryptBlock = modulus / 8;135   try {136    X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(publicKeyBytes);137    KeyFactory keyFactory = KeyFactory.getInstance("RSA");138    Key publicK = keyFactory.generatePublic(x509KeySpec);139    Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());140    cipher.init(Cipher.DECRYPT_MODE, publicK);141    int inputLen = encryptedData.length;142    ByteArrayOutputStream out = new ByteArrayOutputStream();143    int offSet = 0;144    byte[] cache;145    int i = 0;146    // 对数据分段解密147    while (inputLen - offSet > 0) {148     if (inputLen - offSet > maxDecryptBlock) {149      cache = cipher.doFinal(encryptedData, offSet, maxDecryptBlock);150     } else {151      cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet);152     }153     out.write(cache, 0, cache.length);154     i++;155     offSet = i * maxDecryptBlock;156    }157    byte[] decryptedData = out.toByteArray();158    out.close();159    return decryptedData;160   } catch (Exception e) {161    throw new RuntimeException(e);162   }163  }164 165  /**166   * 公钥解密，默认模长1024167   * 168   * @param publicKeyBytes169   *   公钥RSAPublicKey getEncoded()170   * @param encryptedData171   *   被(私钥)加密过的字节数组172  */173  public static byte[] decryptByPublicKey(byte[] publicKeyBytes, byte[] encryptedData) {174   return decryptByPublicKey(publicKeyBytes, encryptedData, DEFAULT_KEY_LEN);175  }176 177  /**178   * 私钥加密179   * 180   * @param privateKeyBytes181   *   私钥RSAPrivateKey getEncoded()182   * @param data183   *   要加密的字节数组184   * @param modulus185   *   模长，范围512-2048。186  */187  public static byte[] encryptByPrivateKey(byte[] privateKeyBytes, byte[] data, int modulus) {188   try {189    // RSA最大加密明文大小190    int maxEncryptBlock = modulus / 8 - 11;191 192    PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(privateKeyBytes);193    KeyFactory keyFactory = KeyFactory.getInstance("RSA");194    Key privateK = keyFactory.generatePrivate(pkcs8KeySpec);195    Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());196    cipher.init(Cipher.ENCRYPT_MODE, privateK);197    int inputLen = data.length;198    ByteArrayOutputStream out = new ByteArrayOutputStream();199    int offSet = 0;200    byte[] cache;201    int i = 0;202    while (inputLen - offSet > 0) {203     if (inputLen - offSet > maxEncryptBlock) {204      cache = cipher.doFinal(data, offSet, maxEncryptBlock);205     } else {206      cache = cipher.doFinal(data, offSet, inputLen - offSet);207     }208     out.write(cache, 0, cache.length);209     i++;210     offSet = i * maxEncryptBlock;211    }212    byte[] encryptedData = out.toByteArray();213    out.close();214    return encryptedData;215   } catch (Exception e) {216    throw new RuntimeException(e);217   }218  }219 220  /**221   * 私钥加密，默认模长1024。222   * 223   * @param privateKeyBytes224   *   私钥RSAPrivateKey getEncoded()225   * @param data226   *   要加密的字节数组227  */228  public static byte[] encryptByPrivateKey(byte[] privateKeyBytes, byte[] data) {229   return encryptByPrivateKey(privateKeyBytes, data, DEFAULT_KEY_LEN);230  }231 232  /**233   * 私钥解密234   * 235   * @param privateKeyBytes236   *   私钥RSAPrivateKey getEncoded()237   * @param encryptedData238   *   被(公钥)加密过的字节数组239   * @param modulus240   *   模长，范围512-2048241  */242  public static byte[] decryptByPrivateKey(byte[] privateKeyBytes, byte[] encryptedData, int modulus) {243   try {244    // RSA最大解密密文大小245    int maxDecryptBlock = modulus / 8;246 247    PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(privateKeyBytes);248    KeyFactory keyFactory = KeyFactory.getInstance("RSA");249    Key privateK = keyFactory.generatePrivate(pkcs8KeySpec);250    Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());251    cipher.init(Cipher.DECRYPT_MODE, privateK);252    int inputLen = encryptedData.length;253    ByteArrayOutputStream out = new ByteArrayOutputStream();254    int offSet = 0;255    byte[] cache;256    int i = 0;257    while (inputLen - offSet > 0) {258     if (inputLen - offSet > maxDecryptBlock) {259      cache = cipher.doFinal(encryptedData, offSet, maxDecryptBlock);260     } else {261      cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet);262     }263     out.write(cache, 0, cache.length);264     i++;265     offSet = i * maxDecryptBlock;266    }267    byte[] decryptedData = out.toByteArray();268    out.close();269    return decryptedData;270   } catch (Exception e) {271    throw new RuntimeException(e);272   }273  }274 275  /**276   * 私钥解密，默认模长1024。277   * 278   * @param privateKeyBytes279   *   私钥RSAPrivateKey getEncoded()280   * @param encryptedData281   *   被(公钥)加密过的字节数组282  */283  public static byte[] decryptByPrivateKey(byte[] privateKeyBytes, byte[] encryptedData) {284   return decryptByPrivateKey(privateKeyBytes, encryptedData, DEFAULT_KEY_LEN);285  }286 287  public static void main(String[] args) throws UnsupportedEncodingException {288   // 加密原串289   String value = "DREAMING.XIN";290   System.out.println("加密原串 ： ");291   System.out.println(value);292   System.out.println("------------------------------------------------------------------------------------------");293   // 生成公私钥对294   Map<String, String> genKeyPair = genKeyPair();295 296   System.out.println("自行生成公私钥对： ");297   System.out.println(genKeyPair);298   System.out.println("------------------------------------------------------------------------------------------");299   byte[] encryptByPublicKey = encryptByPublicKey(Base64.decode(genKeyPair.get("publicKey").getBytes("utf-8")),300     value.getBytes());301 302   // 3、Base64编码303   byte[] encode = Base64.encode(encryptByPublicKey);304 305   System.out.println("最终加密结果： ");306   String sign = new String(encode, "utf-8");307   System.out.println(new String(encode, "utf-8"));308   System.out.println("------------------------------------------------------------------------------------------");309 310   // 1、签名密文->Base64解码->RSA解密311   byte[] signCipherArr = decryptByPrivateKey(Base64.decode(genKeyPair.get("privateKey").getBytes("utf-8")),312     Base64.decode(sign.getBytes("utf-8")));313   System.out.println("解密结果： ");314   System.out.println(new String (signCipherArr));315   System.out.println("------------------------------------------------------------------------------------------");316 317  }318 }

输出结果：

加密原串 ： DREAMING.XIN------------------------------------------------------------------------------------------自行生成公私钥对： {publicKey=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmRw1oug/LBmpkRsubsKoeEBQvGeRfUTMX8fTEuLJqKuWfHkB6HJ/08xf/BYhbL+GrUFk5DR/lbJdnD9SEx0ZDZHecrjj262T67izwf7d+rB3o7z5w/3Pk3p3Ye6Ns7SdGM6D8O6InUK4mQFSBKQhw25BqPzUQKb4DY/S+I2OAx1/qVB56Na+if5H9ttP8nhVVnQZXheTPh5Say0+ySFEBb1i2sxJQuwFLbtA9RkKNFSSB2+4sBrn5fRmemu6OGToR/WQ8KFa96+u9X2t41HPxa7dTF+g9btkEMWwbiXkPatjD9JaNXKKrueIQoDt/FKonUZQ0AafSs8r/xsrb4pfwIDAQAB, privateKey=MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCSZHDWi6D8sGamRGy5uwqh4QFC8Z5F9RMxfx9MS4smoq5Z8eQHocn/TzF/8FiFsv4atQWTkNH+Vsl2cP1ITHRkNkd5yuOPbrZPruLPB/t36sHejvPnD/c+Tendh7o2ztJ0YzoPw7oidQriZAVIEpCHDbkGo/NRApvgNj9L4jY4DHX+pUHno1r6J/kf220/yeFVWdBleF5M+HlJrLT7JIUQFvWLazElC7AUtu0D1GQo0VJIHb7iwGufl9GZ6a7o4ZOhH9ZDwoVr3r671fa3jUc/Frt1MX6D1u2QQxbBuJeQ9q2MP0lo1coqu54hCgO38UqidRlDQBp9Kzyv/Gytvil/AgMBAAECggEAWWoJ1bExIkYoXHO8qPDKfLduytHDZ11aXMgVeMdHddC1h3CMY/D47P0U8dz+ZKNAO1XH0ysIaD3gDXzT5z3zdWYF4CkBNxFbP25FUEjC2qrDwUk1RjNlQ2PZbRrCrUlEGBynUQuue+9bN435/9x+9E54bcrkCd37EUZxAMtpbG+bZ8/sizBsIQYfiKlGV3FJ68OTnkCzvjltYmzWn4q1a6CDqN40G6IfBJD1g1ENkkKJvi4hu6U7LhkpI3oil4+zZuxdGNphICz6L5CQVn01MahnfJlNszQD1H0sq/G9ymHtzYyvq6Fu8URjksw4doaqYVRuGuZL58qP33BNSzilwQKBgQDHZDC5YgViTmqAC9/GGnm1Cwhi8SkbsG0j6jCRx4e6nYgux4TOg9V6MdzXrm/w6X5ZtTTDPoB4vn+l2pX8SGyO1c2JfaL3w+iMahSAee6CFDbBzmiF5b+PiiKmYKzrNTtjPNkcDsrwErIhiyplgkj/+gsiVAepliJRUVTVeApvHwKBgQC79EUDck2kwSMsw3kXb/ZUIG6BPH0j/A0xn7SqcsVc/Rt3WFzfUJV9qCsN9TwGm3lk8fIsdXYoLrm96MlNOU3uNUzwwYwqespkdJ5R6iniWA+LAVuGgHhDYk84VFDxcldMLlG16O7uuIoUSeXdVwCChx1OllKFxsEj1z6X4mPZoQKBgQCy883zI/FXGK/m+kE9aFehUCSXwH+3lTFvEWnD/MNpjqdB7NnaC2JWiFf/z1QycS1wT/zp2retJrQj47nHMi0USPluk67nFhIpq69423ZfksrOSHVw7xFtP3n3vz6S3zTMzTjCQNiMfQsYpfFIJ5VjAERr6+TwpIlqWEd+S3152wKBgH+t6FP3ChepvCNkhpYNUODFR0wzsy8Gwk+7lhdT8A7DQi1IsY5iR6sc2mKY/TXf2A9i7IiXIrUZSMRhpp33F6GCQ8opMPaKg4LKVeJ/mARSnfxn56zvCMN9vSMe4/2hFvyBWrCgk+9HHUW7DZPWzlndP2NrapPF+N5IEhVLjVkBAoGABqIvu4Vpgg3viiE6PRmlA0iAnAz2ZnaqPS7Xk8+Ua44rCxTE62Vhm5ZbfQQzxlqFL/32NnJ3+zG/ONnWqdkGkvE5N/7NZg5CNzTPVqn/PbUAQ1L01yzcAETqr1dMLhGqlMMLkdbLO8VzoagVRuE+jSOwl3a+5Yq/cu0TMKLhrAE=}------------------------------------------------------------------------------------------最终加密结果： YmGXP+nSAY23ENUryid4zdE6KRAfFGhQWPJ4NAM1odZIEZCh5BbOtw437E85TdzABNE+NTDVogq+AI8WfAiD0yUpDukdRrZMb/IwG5k7xCgsVo0Tgt2SiH9bZFkvMaIIWH6d90muVtA/dyGHPSk/WmdgSl3QCcsZ3JAzMeadZwtL685eBhJD6hwXwKLfQj1OQBlLH3R9D5gBNGf36RHyi20LteTOKIR9lvMQPGbsnvspqi7t3xo5ajLpeuCr9azEovP0UFiiaxrkGLYMG2YM91r7JXUCn2gtVuDnXPFVVfOj84mN51229UJwQWBZe0BGPLSpROmOUZeWj2gjvuyqGg==------------------------------------------------------------------------------------------解密结果： DREAMING.XIN------------------------------------------------------------------------------------------

2.5 java代码实现加签验签

 1 package xin.dreaming.rsa; 2  3 import org.apache.commons.codec.binary.Base64; 4  5 import javax.crypto.Cipher; 6 import java.io.ByteArrayInputStream; 7 import java.security.KeyFactory; 8 import java.security.PrivateKey; 9 import java.security.PublicKey; 10 import java.security.Signature; 11 import java.security.cert.Certificate; 12 import java.security.cert.CertificateFactory; 13 import java.security.spec.PKCS8EncodedKeySpec; 14  15 /** 16  *  17  * @author DREAMING.XIN 18  * 19 */ 20 public class RSAUtil { 21  22  private static final String CHARSET = "UTF-8"; 23  24  private static final String algorithm = "SHA256withRSA"; 25  26  /** 27   * 网联请求报文签名 28   *  29   * @param privateKey 30   *   机构私钥字符串 31   * @param content 32   *   签名原文 33   * @return 签名密文 34   * @throws Exception 35  */ 36  public static String sign(String privateKey, String content) throws Exception { 37   Signature signature = Signature.getInstance(algorithm); 38   signature.initSign(convertPrivateKey(privateKey)); 39   signature.update(content.getBytes(CHARSET)); 40   return Base64.encodeBase64String(signature.sign()); 41  } 42  43  /** 44   * 网联返回报文验签 45   *  46   * @param publicKey 47   *   网联公钥字符串 48   * @param content 49   *   验签原文报文 50   * @param signStr 51   *   网联返回签名字符串 52   * @return 验签结果 53   * @throws Exception 54  */ 55  public static boolean vertify(String publicKey, String content, String signStr) throws Exception { 56   Signature signature = Signature.getInstance(algorithm); 57   signature.initVerify(convertPublicKey(publicKey)); 58   signature.update(content.getBytes(CHARSET)); 59   return signature.verify(Base64.decodeBase64(signStr.getBytes(CHARSET))); 60  } 61  62  /** 63   * 对称密钥公钥加密 64   *  65   * @param publicKey 66   *   网联公钥字符串 67   * @param content 68   *   密钥原文 69   * @return 加密密文 70   * @throws Exception 71  */ 72  public static String encryptByPublicKey(String publicKey, String content) throws Exception { 73   String result = null; 74   try { 75    Cipher cipher = cipher = Cipher.getInstance("RSA"); 76    cipher.init(Cipher.ENCRYPT_MODE, convertPublicKey(publicKey)); 77    byte[] encoded = cipher.doFinal(content.getBytes(CHARSET)); 78    result = Base64.encodeBase64String(encoded); 79   } catch (Exception e) { 80    81   } 82   return result; 83  } 84  85  /** 86   * 对称密钥密文解密 87   *  88   * @param privateKey 89   *   机构私钥字符串 90   * @param content 91   *   网联对称密钥密文 92   * @return 对称密钥明文 93   * @throws Exception 94  */ 95  public static String decryptByPrivateKey(String privateKey, String content) throws Exception { 96   String result = null; 97   try { 98    Cipher cipher = cipher = Cipher.getInstance("RSA"); 99    cipher.init(Cipher.DECRYPT_MODE, convertPrivateKey(privateKey));100    byte[] encoded = cipher.doFinal(Base64.decodeBase64(content.getBytes(CHARSET)));101    result = new String(encoded, CHARSET);102   } catch (Exception e) {103   }104   return result;105  }106 107  public static PrivateKey convertPrivateKey(String keyStr) throws Exception {108   PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(keyStr.getBytes(CHARSET)));109   KeyFactory keyFactory = KeyFactory.getInstance("RSA");110   return keyFactory.generatePrivate(keySpec);111  }112 113  public static PublicKey convertPublicKey(String keyStr) throws Exception {114   CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");115   Certificate certificate = certificateFactory116     .generateCertificate(new ByteArrayInputStream(Base64.decodeBase64(keyStr.getBytes(CHARSET))));117   return certificate.getPublicKey();118  }119 120  public static void main(String[] args) throws Exception {121   // 获取私钥122   String privatekey = CertConfig.PrivateKey;123   String publicKey = CertConfig.PublicKeyZ;124   125   String sign = sign(privatekey, "DREAMING.XIN");126 127   System.out.println("加签结果："+sign);128 129   boolean vertify = vertify(publicKey,"DREAMING.XIN",sign);130     131   System.out.println("验签结果： "+vertify);132  }133 134 }

密钥java类：

 1 package xin.dreaming.rsa; 2  3 public class CertConfig { 4  5  public static final String PrivateKey ="MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDtO4yND2EGec6InFURBZtE6TV5RB/GXmkrSADSor/zPEQsYT3TxD/d3snwOStAfyKbUEIdNHfOKYGLcnEUX7mokQoXn7/0Vtp6XV2+VuL/s8+Dx79iPQ1vpCqn8TN+VlL9bmL5gdd0jenmEJJRmWHV4DTypzXyLSRjMzZsOjcJMeXQDPGDxE5J8JIsz9mh9fggQjDnpPzjcF6X3qFBwq/w/LwZ/g8s2CdLQeql3TJ0hUFhrCt/Ii5bFaYQ/KbUbCXylQHpQ86tRicpSmMLVqNZuH0MnDAdhWVq3qMbYqsb8IkrlPKXh1VrZRI+lc0EvLyT8lvb6DISFbx7drJg4Y+3AgMBAAECggEAT1xwdHAEoUn2UbUasAsUGkV54gtsJcxHmncH728Kj7BFjiMpr8IjK3HwVDCLy5O8XADJXUPEIG+6KpAqTAqJ7V435hdG+9JiXDUHuzkNz0Sz0v3rhE2wRPzCWFRUSZtPQADBk35gOVmQOaqpiCqrlAThMZvGbDG1zom/Vw1Sg/xMY/Mloj/ycfGtNkVB05es5mcwWFJC+Mvj/qHJGc7PM5rw98+nFWZanzwvhrdQdSsA18FalCmeF3+n1bcOt+gCnZuq7/ZFpEuqK6dsj6mIZ5fnAB3P7S63foSQkqSYS8tFH+o8CU898wdJ1Ba26XnQ2ghX5X9zWP+oTYzuVPV1gQKBgQD5VzSr6fsj3CrjLuwQ7LqDemXC8n7AUDDQ5Z87yxpZZtPxu9CYdxxfBKfWjYskSTLm6DPyNQ8eqmpARBLGxRIKzXQF+5wLGqxr0FwSoBUM47uR68ChY4v4T84dxQ9RpNvbn8C+lPru+F2hrCWLwBnY1IGFxPWrro8qVUJCrvd+RwKBgQDzkY7ggsmf68kmVAj2JMwZ01o5vsCQbMZu+v79o5cvUxEmcQo2hb+0l/qizA/Vse/fOs9l7GDZN4nSwFzE141cVC7BmIqZpYxYSksGTlH7JcnuWdSZA4G1cK1rbJdR/M6zTPgTFkRjD1egFIK3P02fXu44toFkJb6CrNicssHrEQKBgC9Ma6Fw8UMMMNaHwCA1x+vI/CTO+1xf2eLGrD4beRQcfXgNuLQzZB5iM7RvhUWM3SsQQUpg5k1a5mzqfOVX3ORPtQKtiBxTIwIQtGaUF2oqiRpVLmVvDM491UuwZgeGzm4LD/UXLcLHOnvAvB6WglCvfyJxCmlW47GUGs2rgydhAoGBAJJ2t/T3kKjSz1118QGatQTenAXXV9JBJr37vrPk2HfDuq9kECEjIllFfpjAntEAs96Hbcm7b62PARizRdW0TLP1hzwxLz8fVpqM6jp7hD7CxX/HktkES85AWHgdj4zkuaMGKLLJlAwBYM7JJqVsso+gNR3zWTFQpRPNPmBT+doRAoGBANhtqTKRAcn4lBam2cOOMCLIrU+UEDDWfzgUUeBHFYTwwPLgRXCRyvgP9B+1r9IR3v18Rb0IJo2p0oDe7l/QM7iR53Vg2HVQ5vlgyvWrLODZQMss52vgvZJhetzFNxkT0UmGyug5Uy1Wf+BUH4lHgCnBOOUxgZoZdVJtgCyLr549"; 6  //签名私钥 7  //public static final String PrivateKey ="MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6WywVY3QjRicJyIWB4Huw3aEkUH4oOZQVpAPo1KL2yxx11A2l6WmdbsngxqI/fJIe69RyGbmzZr9vRD4VOlinRCbRJ4WXH061COG6lFBUi/K6hVX4HBgwE8svbNNnFuwLQBeds5XXWSKMSLTf9XTz+uiJLJA+pYaVMmrNzsEgN8nZTPjZrCWyzaAo1Wz7NOH1gLxRDpPYvIzufDxLKby0l5huqszQSsiEzV8eff/axskBLuOkCGd4LznwPvnzMU40JVMt1Bsh5XWpqY+A+woyslhPzax62u5af2dZ7cs8loL9WbA7Ia3ZuhfPwKF3MpUEKW+wyVyfIQc/uhaOea5zAgMBAAECggEAc11bpgYCcI/OPP04wRUyHWSmjC+UWdyDMv5tOSbhl7xXaw4SQOKFcmOScCcna/v3DVNbGiOY1VnHKt9pO4T6Otoy2YoI5mwIMoREEVgdfqmAYz2F4emqg6DNSReqq4gCKljMBeGV4lGY1JVx+68dbqimabz/sviPny8t9SiIYCN5/FcQtsH93EZPQSsWe047Fc5UgVmXdV3x+Bc+cCdso/P0yoCx18VL6krxF3LhOcQs53765rA6yWYFLActV65x32rn9P6+FGLg9nFyERaKujyRujZtSlBzfYi/L+/38wdddt2N+/R0JdooLvHgmlWlRndQcs81Ah/SM81k2r/V2QKBgQDsL0MgE2MQ4OcO8rBC0K+DTioOTNkrAiwxAiPlKW0n9jp5tr4KLRPcRU5gg34nskPfgxOU6gDK7HGvochPuAwv+3LP2lNGdpLsUtx00co0rmwHSiu3fr3iEnHG3pKCJvHW+KfZpqsgLksiXKCWH7AsSEVLwFgiLE8ibg995IuDjwKBgQDJ/bOSITae8uaGqiNs5bti9PEWhgDRR8FPMiTmBH2yllEzwLr94oPMdHTIXOW0U4+8ZcuV3et1vf5tjUbSHfGp1fRmHKJPjEPlLy9VfU6UiDxFdRChQPTWB1//l+bWJjYMrbsthwoEBeP+vL4hNfBkwgvCza7fAmDK60zDe2ck3QKBgDeGOOKejCiYptlFxpg+lTRqOMrZ2CgbP6ZZ2XRzU70UTtT0WCLuS//5rx5Ta2ILr5cpKn5UsNED2wouH3hWTU8ubuRccD1dfNbf+AHinAXch3sDPdnKivtN2L+m7Yx5eVtPY65wV0SefX1bh0kjs/gFGX1gf5exEP2IIE45X28TAoGBALfuEj9FiTRR4QLNGLcHtouUmZg167amTWutMJZXjpI5eLXUkTGwuu1JOjJdDToYQTF/zFOqocc0e+MMG2onpDBPyF3XQyGGiyi9v69sDEsKhz+EKuF7gbcHPi5DBwsH/n2rEV+SsNca+hKzkboyILXPUOBRZSRjSPpeKydyTmjtAoGAeEp+MatIX+SohXJe4uYak3zuoOCze4XqS9rH4wecSHn2J7jfOoZg2UzvOpEeKpfVngC6qfet8F2liWQ4UMcFC+ydnWfmVOF0KjkdV5gU8rlcF+mTs0cEOTF+3xf+nDMFkjC8XrQ5ZOqdSvDGkVfvFyzUkZ9DmqHbR3LQlf6OTFk="; 8  //验签公钥 9  public static final String PublicKey ="MIIESDCCAzCgAwIBAgIFQAAGiCkwDQYJKoZIhvcNAQELBQAwXTELMAkGA1UEBhMCQ04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEcMBoGA1UEAwwTQ0ZDQSBBQ1MgVEVTVCBPQ0EzMTAeFw0xNzAyMDkwMjI5NDdaFw0yMjAyMDkwMjI5NDdaMGkxCzAJBgNVBAYTAkNOMREwDwYDVQQKDAhPQ0EzMVJTQTENMAsGA1UECwwERVBDQzEZMBcGA1UECwwQT3JnYW5pemF0aW9uYWwtMTEdMBsGA1UEAwwURVBDQ0B3YW5nbGlhbkBaMTIzQDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZEowS2/FFgW/MNp1k+NUROPfQ1HHwN7N3dM6Q70T6hSOVYEpTVWTjrWYkcuZIItf4K1MGgzDuvJRJBefP1T4MpW1sfBzxJ+IJP5GGEFLNMXOR5+9f315eebULdfFfVH7qmrFuEsmpnu+t93AeZx2f4xQEtYEAU9j3+dUzx0qVNaVDa0oeUMlt209THbamgltQNhMRZpEQnKdLrPcS9lJ9vWwU9Ro3VSxsbCXSWnTs3tG2JUdsov22I6MV+vTassz5Da/uhhFCh7T6vGkplHnEcrtDb1hDvn0uyCHr+kONV1BEkYha0/TDU7Py8mC2I8tuZVERMxSlRr5mj2QAJDWNAgMBAAGjggEBMIH+MEYGCCsGAQUFBwEBBDowODA2BggrBgEFBQcwAYYqaHR0cDovLzIxMC43NC40Mi4xMTo4MDg1L29jc3Bfc2VydmVyL29jc3AvMB8GA1UdIwQYMBaAFJo9tK5lWPvOWgV4JqBtKwSGusbsMAwGA1UdEwEB/wQCMAAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovLzIxMC43NC40Mi4zL09DQTMxL1JTQS9jcmw4OS5jcmwwDgYDVR0PAQH/BAQDAgbAMB0GA1UdDgQWBBSAsKx7L3tslIlUn7nm21OT5uzXfDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggEBAIpP7adHCgrPoTGYLpZ4ENZO7t24G29ksaBd/BjmjEAAU1vqJkWPrrkgbr/llfpYJpMY/lYWUJFctNKp3TwU3ZMIKQ9fQAdi2mAPqWU8GBw/8C5FetBIBxB3g13C76KASgYCMTMTgPbdrRmFSyE0mOubcMwPC1g/S07TKsmGKMs5QaTZ36VAJU21fXXa/sqGeUSKzdmChoNkug8At+shnEU10ogSXfSv55lPGMISYeg7h3Hk2lwbOX0t6ugXgn6RjMDHqB5ZVDF0Kvrzmt++xFhTI5uyNk3t1Wr2Uz3MsDI4SNLcMu7EaTf8rrNPlu3/qsNCXufoIso3UVe56KRfqws=";10  //验签公钥11  public static final String PublicKeyZ ="MIIEWzCCA0OgAwIBAgIFQAJQhUAwDQYJKoZIhvcNAQELBQAwXTELMAkGA1UEBhMCQ04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEcMBoGA1UEAwwTQ0ZDQSBBQ1MgVEVTVCBPQ0EzMTAeFw0xNzA5MjcwODQwMzRaFw0yMDA5MjcwODQwMzRaMIGBMQswCQYDVQQGEwJDTjEXMBUGA1UECgwOQ0ZDQSBSU0EgT0NBMzExETAPBgNVBAsMCExvY2FsIFJBMRkwFwYDVQQLDBBPcmdhbml6YXRpb25hbC0xMSswKQYDVQQDDCIwNTFAVGVzdDE1MDY1MDE2MzQ2MDJAWkgxMjM0NTY3OEAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7TuMjQ9hBnnOiJxVEQWbROk1eUQfxl5pK0gA0qK/8zxELGE908Q/3d7J8DkrQH8im1BCHTR3zimBi3JxFF+5qJEKF5+/9Fbael1dvlbi/7PPg8e/Yj0Nb6Qqp/EzflZS/W5i+YHXdI3p5hCSUZlh1eA08qc18i0kYzM2bDo3CTHl0Azxg8ROSfCSLM/ZofX4IEIw56T843Bel96hQcKv8Py8Gf4PLNgnS0Hqpd0ydIVBYawrfyIuWxWmEPym1Gwl8pUB6UPOrUYnKUpjC1ajWbh9DJwwHYVlat6jG2KrG/CJK5Tyl4dVa2USPpXNBLy8k/Jb2+gyEhW8e3ayYOGPtwIDAQABo4H8MIH5MD8GCCsGAQUFBwEBBDMwMTAvBggrBgEFBQcwAYYjaHR0cDovL29jc3B0ZXN0LmNmY2EuY29tLmNuOjgwL29jc3AwHwYDVR0jBBgwFoAUmj20rmVY+85aBXgmoG0rBIa6xuwwDAYDVR0TAQH/BAIwADA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vMjEwLjc0LjQyLjMvT0NBMzEvUlNBL2NybDQ4NDYuY3JsMA4GA1UdDwEB/wQEAwIGwDAdBgNVHQ4EFgQU5afVQ1AjMzdZ5o/OVDBU5zw+ZgswHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBCwUAA4IBAQAszGTg4RRzqrJrf598sou0WKLjFUoK2hcnHaUJv9A3Zkbu5XCy5SrBrYOibw0Uw5zwM6cKz0s7YkKusrwDUKg+QRodQvFvMqVI0BsJguc3cqOCy0dvibWseKFlEc+C1ffx1yVK/2ElrLW6TUPixKSzyEo6h852z2w575+/S1S9XZbdtS7OXozA4zfxy5D32QToNCqPFundhB7HYPMbQaZr+sjsZ7sBqKaPq6TRVUcdVQ1OXatK2O4mRwQDHQFqkBLnrijiht6+p2YUpKACbJREqylN+ToJMYcdIlRpQ3DlWZPSuzbWgtw5tqH4bLFaOG07wl7Q1fOOFaVScPzqFRRB";12  13  //铭感信息加密14  public static final String MGJMKEY = "MIIESDCCAzCgAwIBAgIFQAAGiCkwDQYJKoZIhvcNAQELBQAwXTELMAkGA1UEBhMCQ04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEcMBoGA1UEAwwTQ0ZDQSBBQ1MgVEVTVCBPQ0EzMTAeFw0xNzAyMDkwMjI5NDdaFw0yMjAyMDkwMjI5NDdaMGkxCzAJBgNVBAYTAkNOMREwDwYDVQQKDAhPQ0EzMVJTQTENMAsGA1UECwwERVBDQzEZMBcGA1UECwwQT3JnYW5pemF0aW9uYWwtMTEdMBsGA1UEAwwURVBDQ0B3YW5nbGlhbkBaMTIzQDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZEowS2/FFgW/MNp1k+NUROPfQ1HHwN7N3dM6Q70T6hSOVYEpTVWTjrWYkcuZIItf4K1MGgzDuvJRJBefP1T4MpW1sfBzxJ+IJP5GGEFLNMXOR5+9f315eebULdfFfVH7qmrFuEsmpnu+t93AeZx2f4xQEtYEAU9j3+dUzx0qVNaVDa0oeUMlt209THbamgltQNhMRZpEQnKdLrPcS9lJ9vWwU9Ro3VSxsbCXSWnTs3tG2JUdsov22I6MV+vTassz5Da/uhhFCh7T6vGkplHnEcrtDb1hDvn0uyCHr+kONV1BEkYha0/TDU7Py8mC2I8tuZVERMxSlRr5mj2QAJDWNAgMBAAGjggEBMIH+MEYGCCsGAQUFBwEBBDowODA2BggrBgEFBQcwAYYqaHR0cDovLzIxMC43NC40Mi4xMTo4MDg1L29jc3Bfc2VydmVyL29jc3AvMB8GA1UdIwQYMBaAFJo9tK5lWPvOWgV4JqBtKwSGusbsMAwGA1UdEwEB/wQCMAAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovLzIxMC43NC40Mi4zL09DQTMxL1JTQS9jcmw4OS5jcmwwDgYDVR0PAQH/BAQDAgbAMB0GA1UdDgQWBBSAsKx7L3tslIlUn7nm21OT5uzXfDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggEBAIpP7adHCgrPoTGYLpZ4ENZO7t24G29ksaBd/BjmjEAAU1vqJkWPrrkgbr/llfpYJpMY/lYWUJFctNKp3TwU3ZMIKQ9fQAdi2mAPqWU8GBw/8C5FetBIBxB3g13C76KASgYCMTMTgPbdrRmFSyE0mOubcMwPC1g/S07TKsmGKMs5QaTZ36VAJU21fXXa/sqGeUSKzdmChoNkug8At+shnEU10ogSXfSv55lPGMISYeg7h3Hk2lwbOX0t6ugXgn6RjMDHqB5ZVDF0Kvrzmt++xFhTI5uyNk3t1Wr2Uz3MsDI4SNLcMu7EaTf8rrNPlu3/qsNCXufoIso3UVe56KRfqws=";15 }

输出结果：

加签结果：fbolWDixTffN2oeMSpAUkbDvQ3ZXNeEUPgGOgQ3boCTIft34kIA8LtSwRMD+uAbKSk6vZffDb2Zro7IDGhS8lv35Bz23zs9j04GMB4d55EnjqjyRQAQer8fTujKMPHa2JUPjlUau6wjJaK50A8+TysC7Qq4uz69T0iXtTJPvFxwjCeXL0fShIuD4UQwJkQk7Mqqvzdy71dPs94EobMVEX84lSkfTwZKCwAR58NbYdgWWGKcwbU/N+riU6NyiCVr1rj+j9LqUrgW0HHDfp8hNcRm1lluGgk7BrjD7ZBpdYwuhbA1v2IGEsdhYVyMHdFpg6Ta3uoHoCJRJhtMp1Hw0qw==验签结果： true

说明：

　　一般rsa加密解密，加签验签都会与BASE64编码或url编码结合使用。