非对称加密算法DH

package com.imooc.security.dh; import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.PrivateKey; import java.security.PublicKey; import java.security.spec.X509EncodedKeySpec; import java.util.Objects; import javax.crypto.Cipher; import javax.crypto.KeyAgreement; import javax.crypto.SecretKey; import javax.crypto.interfaces.DHPublicKey; import javax.crypto.spec.DHParameterSpec; import org.apache.commons.codec.binary.Base64; /** * 非对称加密算法 * @author Bingo_Ge * */ public class ImoocDH { private static String src = "imooc security dh"; public static void main(String[] args) { jdkDH(); } //比较复杂 public static void jdkDH() { try { // 1.初始化发送方（甲方）密钥（公开自己的公钥，保留私钥） KeyPairGenerator senderKeyPairGenerator = KeyPairGenerator.getInstance("DH"); //使用DH非对称加密方式 senderKeyPairGenerator.initialize(512); KeyPair senderKeyPair = senderKeyPairGenerator.generateKeyPair(); //生成发送发的密钥对 byte[] senderPublicKeyEnc = senderKeyPair.getPublic().getEncoded(); //发送方（甲方）公开的密钥 // 2.初始化接收方（乙方）密钥（同样也是公开自己的公钥，保留私钥） /* * 发送者公钥通过X509EncodedKeySpec类生成接收者（乙方）公钥，再由公钥类得到**（DH）ParameterSpec，然后生成KeyPair得到接收者私钥，最后通过生成的公钥、私钥构建自己的密钥 * 发送者的公钥并不是刚开始生成的公钥，同样的是由接收者的KeyPair类的getPublic().getEncoded()传入X509EncodedKeySpec类生成 */ KeyFactory receiverKeyFactory = KeyFactory.getInstance("DH"); //同样也是DH X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(senderPublicKeyEnc); //传入发送方公开的密钥 PublicKey receiverPublicKey = receiverKeyFactory.generatePublic(x509EncodedKeySpec); //生成自己的公钥 DHParameterSpec dhParameterSpec = ((DHPublicKey)receiverPublicKey).getParams(); //需要强转成DHPublicKey KeyPairGenerator receiverKeyPairGenerator = KeyPairGenerator.getInstance("DH"); //同样要使用DH非对称加密方式 receiverKeyPairGenerator.initialize(dhParameterSpec); //初始化方式为根据x509EncodedKeySpec生成dhParameterSpec（这步和发送方的initialize方式是不一样的） KeyPair receiverKeyPair = receiverKeyPairGenerator.generateKeyPair(); PrivateKey receiverPrivateKey = receiverKeyPair.getPrivate(); //接收方的私钥 byte[] receiverPublicKeyEnc = receiverKeyPair.getPublic().getEncoded(); // System.out.println(Objects.equals(receiverPublicKey, receiverKeyPair.getPublic())); //3.密钥构建（接收方和发送方） KeyAgreement receiverKeyAgreement = KeyAgreement.getInstance("DH"); //接收方 receiverKeyAgreement.init(receiverPrivateKey); receiverKeyAgreement.doPhase(receiverPublicKey, true); SecretKey receiverDESKey = receiverKeyAgreement.generateSecret("DES"); //使用DES方式加密(接收方） KeyFactory senderKeyFactory = KeyFactory.getInstance("DH"); //发送方 x509EncodedKeySpec = new X509EncodedKeySpec(receiverPublicKeyEnc); //传入接收方的公钥数组 PublicKey senderPublicKey = senderKeyFactory.generatePublic(x509EncodedKeySpec); KeyAgreement senderKeyAgreement = KeyAgreement.getInstance("DH"); //发送方 senderKeyAgreement.init(senderKeyPair.getPrivate()); senderKeyAgreement.doPhase(senderPublicKey, true); SecretKey senderDESKey = senderKeyAgreement.generateSecret("DES"); //使用DES方式加密（发送方） // System.out.println(Objects.equals(receiverDESKey, senderDESKey)); //加密 Cipher cipher = Cipher.getInstance("DES"); cipher.init(Cipher.ENCRYPT_MODE, senderDESKey); //加密模式senderDESKey byte[] result = cipher.doFinal(src.getBytes()); System.out.println("jdk dh encrpt:" + Base64.encodeBase64String(result)); //解密 cipher.init(Cipher.DECRYPT_MODE, receiverDESKey); //此处为解密模式，使用receiverDESKey result = cipher.doFinal(result); //得到解密后结果数组 System.out.println("jdk dh decrypt:" + new String(result)); } catch (Exception e) { e.printStackTrace(); } } }