文章详情

短信预约-IT技能 免费直播动态提醒

请输入下面的图形验证码

提交验证

短信预约提醒成功

RSA加密解密(无数据大小限制,php、go、java互通实现)

2023-10-25 19:30

关注

RSA加解密中必须考虑到的**长度、明文长度和密文长度问题。明文长度需要小于**长度,而密文长度则等于**长度。因此当加密内容长度大于**长度时,有效的RSA加解密就需要对内容进行分段。

这是因为,RSA算法本身要求加密内容也就是明文长度m必须0

这样,对于1024长度的**。128字节(1024bits)-减去11字节正好是117字节,但对于RSA加密来讲,padding也是参与加密的,所以,依然按照1024bits去理解,但实际的明文只有117字节了。

生成:在线RSA公钥私钥生成

公钥:

-----BEGIN PUBLIC KEY-----MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXyvN9fLKoixOZsD61cJQxzuRNCPdruj5ApBsr2jIakpF7yCXTh3OgKOzE2Y9O5r8kC7oDaDOhmcagPG4nsi80HMGynh/Kwa3bUpPEySsHk6qYI4QAz8XS9IQ/y1GD9tsEgY/783fA1hKr/yPpfPeVQdmlYd2GT4owUAoSS4zXcFNlUf/4dy052Jbb/0am6zONLC7BwyZ2d+znGhX2teLdR9EegPZcpRBAf+litsmzhsRa3CO4vRWgexYOrsr07gCpwnEFEJYUnB8Zq/OfCrqxqXnj+NkqTcMB6JUvyYWtfuWrRxgf8iHsau8Ds354BDv3t3TgMjpuWxpzX+eArc9QIDAQAB-----END PUBLIC KEY-----

公钥:

-----BEGIN RSA PRIVATE KEY-----MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDJfK8318sqiLE5mwPrVwlDHO5E0I92u6PkCkGyvaMhqSkXvIJdOHc6Ao7MTZj07mvyQLugNoM6GZxqA8bieyLzQcwbKeH8rBrdtSk8TJKweTqpgjhADPxdL0hD/LUYP22wSBj/vzd8DWEqv/I+l895VB2aVh3YZPijBQChJLjNdwU2VR//h3LTnYltv/RqbrM40sLsHDJnZ37OcaFfa14t1H0R6A9lylEEB/6WK2ybOGxFrcI7i9FaB7Fg6uyvTuAKnCcQUQlhScHxmr858KurGpeeP42SpNwwHolS/Jha1+5atHGB/yIexq7wOzfngEO/e3dOAyOm5bGnNf54Ctz1AgMBAAECggEAUjvtV6FfblCz5Ir8IoU3ZojcRoHIy/DxhxUYk1cKyaY8+08Y9esh3i9FEOVq1CyrKgh5i340OPZS/IHmHnGbZiUopL2HWpTzsiFKXy3xgM05wA1B4AJszauKlxUA5JCeuB/09AybHKppSgVlXV6gcyh9nIwhSjyLrh1QkHRoaJK9DebFWCGEFEl5mpKtklc9TQCmbwIJEVk2406BgKt1iCHqFqsXSEDXh0/HYAwLgLxgmQTvKDqI1XTUqXYKXLEbTVpRqgdM9+LxsscoNxqX8vA/NnqpSVS1onVlyR3tYWQmupN72wInNcJS3rLb8BX34rLvQguXOOpT4w5+kRfUUQKBgQD4f2+EU+J8f13+mO6vk0iZ0kOURHAXrgf1oOQSAYGnU6vmnpLNkTUcHwUfCb06VwKvPAKK0hFBgirbaTeDYQOLT7XJmX8vpt9baNT++51PtSMj61GnZaxeR7fd1MzL2NcGQshFJr8S4h7IWOTMbFc/xLurmmbH1/Dzg+Y5CtTtHwKBgQDPkeq+yWa//OjGPxbKNZ/ES2+kat+/bKuGm6RoSZ0WpAgGk5gyI/soLt3ARdd6xHW8OG+vMGuo1530V7B3GZVVIK3x7FcMJ61EI7JQDUvTlM1IEXiQMQxBgTyrvKEhsc39H4UNoSLd0GobB4d5Re2jdghS3s4nKgRax5m4CAsfawKBgBB9fGv+mRAD77vecDBsiKvUfTGQnROlM9gD9j6PpQfykHy8VyeXFDwqfs+BePIvJfl09QI7UHPVbHyk7c8lF/QdtQWMzxjdbQMG4OOO1PCeJ5fRnNiL8bVL8xKgdXqtiA9dTSbxnEpngP1wkLZUFjIgHwgTNfDbDp1KSnPMmTanAoGAI9MMT9dUy4fr6ONUnJu6sldOsnLboR8xT28nZfRmj1TKKdBpcSXyoBHOpfOn6AFmTJD0/ah+vEpScax8wWGB+4pDW0CuGWPzrJH4oYZZ8u94qpqRU1mTwu56OS26JaWZZrl87khES0JAPeADyrN9+ztQ3nSj4fCHhd9zMWb5/HcCgYEAz0w883BdI1uvWq12IE5ggJ62EDpSx0RoFlhq4ys6XvWGBywMdg4l3Ls2Xc+VY/jzE87f2hJdGTprHkEkQEHmTf7WvCd/lfwW7DuC7M34QCn4GbUI1i23wcHvUaR9nztqjCBug4hgwYsJee9EYDjkGoqgYm9dIQw0g9d2FYJU1Pg=-----END RSA PRIVATE KEY-----

Go实现

package xrsa import (    "encoding/pem"    "encoding/base64"    "crypto/x509"    "crypto/rsa"    "crypto/rand"    "errors"    "crypto"    "io"    "bytes"    "encoding/asn1") const (    CHAR_SET = "UTF-8"    BASE_64_FORMAT = "UrlSafeNoPadding"    RSA_ALGORITHM_KEY_TYPE = "PKCS8"    RSA_ALGORITHM_SIGN = crypto.SHA256) type XRsa struct {    publicKey *rsa.PublicKey    privateKey *rsa.PrivateKey} // 生成**对func CreateKeys(publicKeyWriter, privateKeyWriter io.Writer, keyLength int) error {    // 生成私钥文件    privateKey, err := rsa.GenerateKey(rand.Reader, keyLength)    if err != nil {        return err    }    derStream := MarshalPKCS8PrivateKey(privateKey)    block := &pem.Block{        Type:  "PRIVATE KEY",        Bytes: derStream,    }    err = pem.Encode(privateKeyWriter, block)    if err != nil {        return err    }     // 生成公钥文件    publicKey := &privateKey.PublicKey    derPkix, err := x509.MarshalPKIXPublicKey(publicKey)    if err != nil {        return err    }    block = &pem.Block{        Type:  "PUBLIC KEY",        Bytes: derPkix,    }    err = pem.Encode(publicKeyWriter, block)    if err != nil {        return err    }     return nil} func NewXRsa(publicKey []byte, privateKey []byte) (*XRsa, error) {    block, _ := pem.Decode(publicKey)    if block == nil {        return nil, errors.New("public key error")    }    pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)    if err != nil {        return nil, err    }    pub := pubInterface.(*rsa.PublicKey)     block, _ = pem.Decode(privateKey)    if block == nil {        return nil, errors.New("private key error!")    }    priv, err := x509.ParsePKCS8PrivateKey(block.Bytes)    if err != nil {        return nil, err    }     pri, ok := priv.(*rsa.PrivateKey)    if ok {        return &XRsa {            publicKey: pub,            privateKey: pri,        }, nil    } else {        return nil, errors.New("private key not supported")    }} // 公钥加密func (r *XRsa) PublicEncrypt(data string) (string, error) {    partLen := r.publicKey.N.BitLen() / 8 - 11    chunks := split([]byte(data), partLen)     buffer := bytes.NewBufferString("")    for _, chunk := range chunks {        bytes, err := rsa.EncryptPKCS1v15(rand.Reader, r.publicKey, chunk)        if err != nil {            return "", err        }        buffer.Write(bytes)    }     return base64.RawURLEncoding.EncodeToString(buffer.Bytes()), nil} // 私钥解密func (r *XRsa) PrivateDecrypt(encrypted string) (string, error) {    partLen := r.publicKey.N.BitLen() / 8    raw, err := base64.RawURLEncoding.DecodeString(encrypted)    chunks := split([]byte(raw), partLen)     buffer := bytes.NewBufferString("")    for _, chunk := range chunks {        decrypted, err := rsa.DecryptPKCS1v15(rand.Reader, r.privateKey, chunk)        if err != nil {            return "", err        }        buffer.Write(decrypted)    }     return buffer.String(), err} // 数据加签func (r *XRsa) Sign(data string) (string, error) {    h := RSA_ALGORITHM_SIGN.New()    h.Write([]byte(data))    hashed := h.Sum(nil)     sign, err := rsa.SignPKCS1v15(rand.Reader, r.privateKey, RSA_ALGORITHM_SIGN, hashed)    if err != nil {        return "", err    }    return base64.RawURLEncoding.EncodeToString(sign), err} // 数据验签func (r *XRsa) Verify(data string, sign string) error {    h := RSA_ALGORITHM_SIGN.New()    h.Write([]byte(data))    hashed := h.Sum(nil)     decodedSign, err := base64.RawURLEncoding.DecodeString(sign)    if err != nil {        return err    }     return rsa.VerifyPKCS1v15(r.publicKey, RSA_ALGORITHM_SIGN, hashed, decodedSign)} func MarshalPKCS8PrivateKey(key *rsa.PrivateKey) []byte {    info := struct {        Version             int        PrivateKeyAlgorithm []asn1.ObjectIdentifier        PrivateKey          []byte    }{}    info.Version = 0    info.PrivateKeyAlgorithm = make([]asn1.ObjectIdentifier, 1)    info.PrivateKeyAlgorithm[0] = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 1, 1}    info.PrivateKey = x509.MarshalPKCS1PrivateKey(key)     k, _ := asn1.Marshal(info)    return k} func split(buf []byte, lim int) [][]byte {    var chunk []byte    chunks := make([][]byte, 0, len(buf)/lim+1)    for len(buf) >= lim {        chunk, buf = buf[:lim], buf[lim:]        chunks = append(chunks, chunk)    }    if len(buf) > 0 {        chunks = append(chunks, buf[:len(buf)])    }    return chunks}

Php实现

public_key = $pub_key;        $this->private_key = $pri_key;        $pub_id = openssl_get_publickey($this->public_key);        $this->key_len = openssl_pkey_get_details($pub_id)['bits'];    }        public static function createKeys($key_size = 2048)    {        $config = array(            "private_key_bits" => $key_size,            "private_key_type" => self::RSA_ALGORITHM_KEY_TYPE,        );        $res = openssl_pkey_new($config);        openssl_pkey_export($res, $private_key);        $public_key_detail = openssl_pkey_get_details($res);        $public_key = $public_key_detail["key"];        return [            "public_key" => $public_key,            "private_key" => $private_key,        ];    }        public function publicEncrypt($data)    {        $encrypted = '';        $part_len = $this->key_len / 8 - 11;        $parts = str_split($data, $part_len);        foreach ($parts as $part) {            $encrypted_temp = '';            openssl_public_encrypt($part, $encrypted_temp, $this->public_key);            $encrypted .= $encrypted_temp;        }        return $this->url_safe_base64_encode($encrypted);    }        public function privateDecrypt($encrypted)    {        $decrypted = "";        $part_len = $this->key_len / 8;        $base64_decoded = $this->url_safe_base64_decode($encrypted);        $parts = str_split($base64_decoded, $part_len);        foreach ($parts as $part) {            $decrypted_temp = '';            openssl_private_decrypt($part, $decrypted_temp, $this->private_key);            $decrypted .= $decrypted_temp;        }        return $decrypted;    }        public function privateEncrypt($data)    {        $encrypted = '';        $part_len = $this->key_len / 8 - 11;        $parts = str_split($data, $part_len);        foreach ($parts as $part) {            $encrypted_temp = '';            openssl_private_encrypt($part, $encrypted_temp, $this->private_key);            $encrypted .= $encrypted_temp;        }        return $this->url_safe_base64_encode($encrypted);    }        public function publicDecrypt($encrypted)    {        $decrypted = "";        $part_len = $this->key_len / 8;        $base64_decoded = $this->url_safe_base64_decode($encrypted);        $parts = str_split($base64_decoded, $part_len);        foreach ($parts as $part) {            $decrypted_temp = '';            openssl_public_decrypt($part, $decrypted_temp, $this->public_key);            $decrypted .= $decrypted_temp;        }        return $decrypted;    }        public function sign($data)    {        openssl_sign($data, $sign, $this->private_key, self::RSA_ALGORITHM_SIGN);        return $this->url_safe_base64_encode($sign);    }        public function verify($data, $sign)    {        $pub_id = openssl_get_publickey($this->public_key);        $res = openssl_verify($data, $this->url_safe_base64_decode($sign), $pub_id, self::RSA_ALGORITHM_SIGN);        return $res;    }    function url_safe_base64_decode($data)    {        $base_64 = str_replace(array('-', '_'), array('+', '/'), $data);        return base64_decode($base_64);    }    function url_safe_base64_encode($data)    {        return str_replace(array('+', '/', '='), array('-', '_', ''), base64_encode($data));    }}?>

Java实现

package com.inspii; import org.apache.commons.codec.binary.Base64;import org.apache.commons.io.IOUtils; import javax.crypto.Cipher;import java.io.ByteArrayOutputStream;import java.security.*;import java.security.interfaces.RSAPublicKey;import java.security.interfaces.RSAPrivateKey;import java.security.spec.PKCS8EncodedKeySpec;import java.security.spec.X509EncodedKeySpec;import java.util.HashMap;import java.util.Map; public class XRsa {    public static final String CHARSET = "UTF-8";    public static final String RSA_ALGORITHM = "RSA";    public static final String RSA_ALGORITHM_SIGN = "SHA256WithRSA";     private RSAPublicKey publicKey;    private RSAPrivateKey privateKey;     public XRsa(String publicKey, String privateKey)    {        try {            KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM);             //通过X509编码的Key指令获得公钥对象            X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(Base64.decodeBase64(publicKey));            this.publicKey = (RSAPublicKey) keyFactory.generatePublic(x509KeySpec);            //通过PKCS#8编码的Key指令获得私钥对象            PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKey));            this.privateKey = (RSAPrivateKey) keyFactory.generatePrivate(pkcs8KeySpec);        } catch (Exception e) {            throw new RuntimeException("不支持的**", e);        }    }     public static Map createKeys(int keySize){        //为RSA算法创建一个KeyPairGenerator对象        KeyPairGenerator kpg;        try{            kpg = KeyPairGenerator.getInstance(RSA_ALGORITHM);        }catch(NoSuchAlgorithmException e){            throw new IllegalArgumentException("No such algorithm-->[" + RSA_ALGORITHM + "]");        }         //初始化KeyPairGenerator对象,不要被initialize()源码表面上欺骗,其实这里声明的size是生效的        kpg.initialize(keySize);        //生成密匙对        KeyPair keyPair = kpg.generateKeyPair();        //得到公钥        Key publicKey = keyPair.getPublic();        String publicKeyStr = Base64.encodeBase64URLSafeString(publicKey.getEncoded());        //得到私钥        Key privateKey = keyPair.getPrivate();        String privateKeyStr = Base64.encodeBase64URLSafeString(privateKey.getEncoded());        Map keyPairMap = new HashMap();        keyPairMap.put("publicKey", publicKeyStr);        keyPairMap.put("privateKey", privateKeyStr);         return keyPairMap;    }     public String publicEncrypt(String data){        try{            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);            cipher.init(Cipher.ENCRYPT_MODE, publicKey);            return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, data.getBytes(CHARSET), publicKey.getModulus().bitLength()));        }catch(Exception e){            throw new RuntimeException("加密字符串[" + data + "]时遇到异常", e);        }    }     public String privateDecrypt(String data){        try{            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);            cipher.init(Cipher.DECRYPT_MODE, privateKey);            return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(data), publicKey.getModulus().bitLength()), CHARSET);        }catch(Exception e){            throw new RuntimeException("解密字符串[" + data + "]时遇到异常", e);        }    }     public String privateEncrypt(String data){        try{            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);            cipher.init(Cipher.ENCRYPT_MODE, privateKey);            return Base64.encodeBase64URLSafeString(rsaSplitCodec(cipher, Cipher.ENCRYPT_MODE, data.getBytes(CHARSET), publicKey.getModulus().bitLength()));        }catch(Exception e){            throw new RuntimeException("加密字符串[" + data + "]时遇到异常", e);        }    }     public String publicDecrypt(String data){        try{            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);            cipher.init(Cipher.DECRYPT_MODE, publicKey);            return new String(rsaSplitCodec(cipher, Cipher.DECRYPT_MODE, Base64.decodeBase64(data), publicKey.getModulus().bitLength()), CHARSET);        }catch(Exception e){            throw new RuntimeException("解密字符串[" + data + "]时遇到异常", e);        }    }     public String sign(String data){        try{            //sign            Signature signature = Signature.getInstance(RSA_ALGORITHM_SIGN);            signature.initSign(privateKey);            signature.update(data.getBytes(CHARSET));            return Base64.encodeBase64URLSafeString(signature.sign());        }catch(Exception e){            throw new RuntimeException("签名字符串[" + data + "]时遇到异常", e);        }    }     public boolean verify(String data, String sign){        try{            Signature signature = Signature.getInstance(RSA_ALGORITHM_SIGN);            signature.initVerify(publicKey);            signature.update(data.getBytes(CHARSET));            return signature.verify(Base64.decodeBase64(sign));        }catch(Exception e){            throw new RuntimeException("验签字符串[" + data + "]时遇到异常", e);        }    }     private static byte[] rsaSplitCodec(Cipher cipher, int opmode, byte[] datas, int keySize){        int maxBlock = 0;        if(opmode == Cipher.DECRYPT_MODE){            maxBlock = keySize / 8;        }else{            maxBlock = keySize / 8 - 11;        }        ByteArrayOutputStream out = new ByteArrayOutputStream();        int offSet = 0;        byte[] buff;        int i = 0;        try{            while(datas.length > offSet){                if(datas.length-offSet > maxBlock){                    buff = cipher.doFinal(datas, offSet, maxBlock);                }else{                    buff = cipher.doFinal(datas, offSet, datas.length-offSet);                }                out.write(buff, 0, buff.length);                i++;                offSet = i * maxBlock;            }        }catch(Exception e){            throw new RuntimeException("加解密阀值为["+maxBlock+"]的数据时发生异常", e);        }        byte[] resultDatas = out.toByteArray();        IOUtils.closeQuietly(out);        return resultDatas;    }}

来源地址:https://blog.csdn.net/shachao888/article/details/131699721

阅读原文内容投诉

免责声明:

① 本站未注明“稿件来源”的信息均来自网络整理。其文字、图片和音视频稿件的所属权归原作者所有。本站收集整理出于非商业性的教育和科研之目的,并不意味着本站赞同其观点或证实其内容的真实性。仅作为临时的测试数据,供内部测试之用。本站并未授权任何人以任何方式主动获取本站任何信息。

② 本站未注明“稿件来源”的临时测试数据将在测试完成后最终做删除处理。有问题或投稿请发送至: 邮箱/279061341@qq.com QQ/279061341

软考中级精品资料免费领

  • 历年真题答案解析
  • 备考技巧名师总结
  • 高频考点精准押题
  • 2024年上半年信息系统项目管理师第二批次真题及答案解析(完整版)

    难度     813人已做
    查看
  • 【考后总结】2024年5月26日信息系统项目管理师第2批次考情分析

    难度     354人已做
    查看
  • 【考后总结】2024年5月25日信息系统项目管理师第1批次考情分析

    难度     318人已做
    查看
  • 2024年上半年软考高项第一、二批次真题考点汇总(完整版)

    难度     435人已做
    查看
  • 2024年上半年系统架构设计师考试综合知识真题

    难度     224人已做
    查看

相关文章

发现更多好内容

猜你喜欢

AI推送时光机
位置:首页-资讯-后端开发
咦!没有更多了?去看看其它编程学习网 内容吧
首页课程
资料下载
问答资讯