Java Security& amp; BouncyCastle API

时间:2009-01-14 14:33:19

标签: java cryptography rsa bouncycastle jce

我一直在尝试理解用于Java的BouncyCastle加密API。不幸的是,我发现Java加密通常被服务提供者接口和术语所掩盖,以至于我无法理解实际做的事情。我已经尝试过反复阅读必要的文档,但它只是难以理解,引入了许多概念,远远超出了我认为应该需要的概念。

我真正想要的是一个完成以下任务的课程:

public class KeyPair {
    public byte[] public;
    public byte[] private;
}

public class RSACrypto {
    public static KeyPair generateRSAKeyPair() { /*implementation*/}
    public static byte[] encrypt(byte[] data, byte[] publicKey) { /*impl*/}
    public static byte[] decrypt(byte[] encryptedData, byte[] privateKey) { /*impl*/ }
}

道歉,如果这是一个非常复杂的问题,可以问“我真正想要的是什么”。关于在Java加密和BouncyCastle上阅读的地方的任何指示都是非常受欢迎的。任何有关Java加密系统实际布局的概述都非常受欢迎。

3 个答案:

答案 0 :(得分:5)

import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;

import javax.crypto.Cipher;

public class RSACrypto
{

  /* A 1024-bit key will encrypt messages up to 117 bytes long. */
  private static final int KEY_SIZE = 1024;

  private static final String XFORM = 
    "RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING";

  public static KeyPair generateRSAKeyPair()
    throws GeneralSecurityException
  {
    KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA");
    gen.initialize(KEY_SIZE);
    return gen.generateKeyPair();
  }

  public static byte[] encrypt(byte[] plaintext, PublicKey pub)
    throws GeneralSecurityException
  {
    Cipher cipher = Cipher.getInstance(XFORM);
    cipher.init(Cipher.ENCRYPT_MODE, pub);
    return cipher.doFinal(plaintext);
  }

  public static byte[] decrypt(byte[] ciphertext, PrivateKey pvt)
    throws GeneralSecurityException
  {
    Cipher cipher = Cipher.getInstance(XFORM);
    cipher.init(Cipher.DECRYPT_MODE, pvt);
    return cipher.doFinal(ciphertext);
  }

  public static void main(String... argv)
    throws Exception
  {
    KeyPair pair = RSACrypto.generateRSAKeyPair();
    byte[] plaintext = "A short secret message.".getBytes("UTF-8");
    byte[] ciphertext = RSACrypto.encrypt(plaintext, pair.getPublic());
    byte[] recovered = RSACrypto.decrypt(ciphertext, pair.getPrivate());
    System.out.println(new String(recovered, "UTF-8"));
  }

}

答案 1 :(得分:1)

嗯,你试过O'Reilly book on Java Cryptography吗? (不能亲自担保)

答案 2 :(得分:0)

import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;

import javax.crypto.Cipher;

public class RsaCrypto {

    private static final int KEY_SIZE = 3072;
    private static final String TRANSFORMATION = "RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING";

    public static KeyPair generateRSAKeyPair() {
        try {
            KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA");
            gen.initialize(KEY_SIZE);
            java.security.KeyPair p = gen.generateKeyPair();
            KeyPair pair = new KeyPair();
            pair.privateKey = p.getPrivate().getEncoded();
            pair.publicKey = p.getPublic().getEncoded();
            return pair;
        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }

    }

    public static byte[] encrypt(byte[] data, byte[] publicKey) {
        X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(publicKey);
        try {
            KeyFactory kf = KeyFactory.getInstance("RSA");
            PublicKey pk = kf.generatePublic(publicKeySpec);
            Cipher rsa = Cipher.getInstance(TRANSFORMATION);
            rsa.init(Cipher.ENCRYPT_MODE, pk);
            return rsa.doFinal(data);
        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

    public static byte[] decrypt(byte[] encryptedData, byte[] privateKey) {
        try {
            PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(privateKey);
            RSAPrivateKey pk = (RSAPrivateKey) KeyFactory.getInstance("RSA")
                    .generatePrivate(privSpec);

            Cipher rsaCipher = Cipher.getInstance(TRANSFORMATION);
            rsaCipher.init(Cipher.DECRYPT_MODE, pk);
            return rsaCipher.doFinal(encryptedData);

        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

}