区块链基础:非对称算法

区块链基础:非对称算法_第1张图片

1.Hash算法

package cn.hadron.security;

import java.security.MessageDigest;
import java.util.UUID;

import org.eclipse.jetty.util.security.Credential.MD5;

/**
 * crypto['krɪptoʊ]秘密成员,
 * 一些语言的crypto模块的目的是为了提供通用的加密和哈希算法
 * 加密工具类
 */
public class CryptoUtil {
    //工具类,隐藏构造器
    private CryptoUtil() {}

    /**
     * 计算给定字符串的SHA256值
     */
    public static String sha256(String str) {
        MessageDigest messageDigest;
        String hash = "";
        try {
            messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(str.getBytes("UTF-8"));
            hash = byte2Hex(messageDigest.digest());
        } catch (Exception e) {
            System.out.println("getSHA256 is error" + e.getMessage());
        }
        return hash;
    }

    /**
     * 计算str的md5码(技巧:去除前几位,增强安全性)
     */
    public static String md5(String str) {
        String resultStr = MD5.digest(str);
        return resultStr.substring(4, resultStr.length());
    }

    /**
     * UUID的目的是让分布式系统中的所有元素都能有唯一的辨识
     * 获取一个UUID值,默认格式带有"-",需要删除所有的"-"
     */
    public static String getUUID() {
        return UUID.randomUUID().toString().replaceAll("\\-", "");
    }

    /**
     * 二进制字节数据转换为十六进制字符串形式
     * @param bytes
     */
    private static String byte2Hex(byte[] bytes) {
        StringBuilder sb = new StringBuilder();
        String tmp;
        for (int i = 0; i < bytes.length; i++) {
            /**
             * 注意toHexString(int i)的参数类型是32位int型,而传输入8位byte型数据会转换int型。
             * 转换后高24为也看作有效位,正数不影响,而负数会导致错误。
             * java中采用的是补码的形式表示负整数,比如byte的-1(0xff,11111111),会转换成int型的-1(0xffffffff),
             * 而oxff默认是int型,表示为0000 0000 0000 0000 0000 0000 1111 1111
             * 一个byte跟0xff &运算,高的24个比特就总会被清0,得到我们想要的结果。
             */
            tmp = Integer.toHexString(bytes[i] & 0xFF);
            if (tmp.length() == 1) {
                sb.append("0");
            }
            sb.append(tmp);
        }
        return sb.toString();
    }

    public static void main(String[] args){
        String s="chengyuqiang";
        System.out.println(CryptoUtil.md5(s));
        System.out.println(CryptoUtil.sha256(s));
        System.out.println(CryptoUtil.getUUID());
    }
}
1163a12be8b90e692445a7115ca900f4
c7a8233d922f3db03f1c7a0864675cb5092ce850d033b7ea07ca5208da27edfe
b286928d476b4de0aa5b8c83b7b27e54

2、RSA非对称算法

package cn.hadron.security;

import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Cipher;


/**
 * RSA安全编码组件
 */
public abstract class RsaUtil extends Coder {
    public static final String KEY_ALGORITHM = "RSA";
    public static final String SIGNATURE_ALGORITHM = "MD5withRSA";
    private static final String PUBLIC_KEY = "RSAPublicKey";
    private static final String PRIVATE_KEY = "RSAPrivateKey";

    /**
     * 初始化密钥
     */
    public static Map initKey() throws Exception {
        //RSA密钥对生成器
        KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(KEY_ALGORITHM);
        //初始化
        keyPairGen.initialize(1024);
        //耗时操作,动态生成密钥对
        KeyPair keyPair = keyPairGen.generateKeyPair();
        //获取公钥
        RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
        //获取私钥
        RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
        //保存密钥对
        Map keyMap = new HashMap(2);
        keyMap.put(PUBLIC_KEY, publicKey);
        keyMap.put(PRIVATE_KEY, privateKey);
        return keyMap;
    }
    /**
     * 取得私钥
     */
    public static String getPrivateKey(Map keyMap) throws Exception {
        Key key = (Key) keyMap.get(PRIVATE_KEY);
        return encryptBASE64(key.getEncoded());
    }

    /**
     * 取得公钥
     */
    public static String getPublicKey(Map keyMap) throws Exception {
        Key key = (Key) keyMap.get(PUBLIC_KEY);
        return encryptBASE64(key.getEncoded());
    }

    /*******************公钥加密,私钥解密**************************/

    /**
     * 消息发送者用对方公钥加密
     */
    public static byte[] encryptByPublicKey(byte[] data, String key) throws Exception {
        // 对公钥BASE64解密,取得公钥
        X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(decryptBASE64(key));
        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
        Key publicKey = keyFactory.generatePublic(x509KeySpec);

        // 对数据加密
        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
        //将Cipher初始化为加密模式
        cipher.init(Cipher.ENCRYPT_MODE, publicKey);
        //数据将被加密或解密
        return cipher.doFinal(data);
    }
    /**
     * 消息接收者用自己的私钥解密
     */
    public static byte[] decryptByPrivateKey(byte[] data, String key) throws Exception {
        // decryptBASE64(key)对密钥解密,取得私钥
        PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(decryptBASE64(key));
        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
        Key privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
        // 对数据解密
        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
        //将Cipher初始化为解密模式
        cipher.init(Cipher.DECRYPT_MODE, privateKey);
        //数据将被加密或解密
        return cipher.doFinal(data);
    }

    /*******************秘钥加密,公钥验证***********************/

    /**
     * 消息发送者用自己的私钥加密
     */
    public static byte[] encryptByPrivateKey(byte[] data, String key) throws Exception {
        // 对密钥解密,取得私钥
        PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(decryptBASE64(key));
        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
        Key privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
        // 对数据加密
        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
        //加密模式
        cipher.init(Cipher.ENCRYPT_MODE, privateKey);
        return cipher.doFinal(data);
    }
    /**
     * 用公钥解密
     */
    public static byte[] decryptByPublicKey(byte[] data, String key) throws Exception {
        //对密钥解密, 取得公钥
        X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(decryptBASE64(key));
        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
        Key publicKey = keyFactory.generatePublic(x509KeySpec);
        // 对数据解密
        Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm());
        //解密模式
        cipher.init(Cipher.DECRYPT_MODE, publicKey);
        return cipher.doFinal(data);
    }

    /****************数字签名:私钥加密,公钥验证**********************/

    /**
     * 用发送者的私钥对信息生成数字签名
     * @param data : 加密数据
     * @param privateKey: 私钥
     */
    public static String sign(byte[] data, String privateKey) throws Exception {
        // 解密由base64编码的私钥,构造PKCS8EncodedKeySpec对象
        PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(decryptBASE64(privateKey));
        //指定的加密算法RSA
        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
        //取私钥匙对象
        PrivateKey priKey = keyFactory.generatePrivate(pkcs8KeySpec);
        //Signature类用来提供数字签名算法功能
        //可以将签名算法指定为 MD2withRSA、MD5withRSA 或 SHA1withRSA
        Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
        //用私钥初始化这个用于签名的对象
        signature.initSign(priKey);
        //使用指定的byte数组更新要签名或验证的数据
        signature.update(data);
        //sign()返回已更新数据的签名字节,再进行BASE64加密
        return encryptBASE64(signature.sign());
    }

    /**
     * 使用发送者的公钥校验数字签名
     * 通过发送者的公钥publicKey验证他签名内容sign是否符合data数据
     * @param data: 加密数据
     * @param publicKey: 公钥
     * @param sign: 数字签名
     * @return 校验成功返回true 失败返回false
     */
    public static boolean verify(byte[] data, String publicKey, String sign) throws Exception {
        // 解密由base64编码的公钥,构造X509EncodedKeySpec对象
        X509EncodedKeySpec keySpec = new X509EncodedKeySpec(decryptBASE64(publicKey));
        // 指定加密算法RSA
        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
        // 取公钥匙对象
        PublicKey pubKey = keyFactory.generatePublic(keySpec);
        //Signature类用来提供数字签名算法功能
        Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
        //用公钥初始化验证对象
        signature.initVerify(pubKey);
        //使用指定的byte数组更新要签名或验证的数据
        signature.update(data);
        // 验证签名是否正常
        return signature.verify(decryptBASE64(sign));
    }

    public static void main(String[] args) throws Exception{
        String s="chengyuqiang";
        /**
         * 测试公钥加密,私有解密
         */
        Map map=RsaUtil.initKey();
        String publicKey=RsaUtil.getPublicKey(map);
        String privateKey=RsaUtil.getPrivateKey(map);
        System.out.println("公钥:\n"+publicKey);
        System.out.println("私钥:\n"+privateKey);
        //公钥加密
        byte[] msg=RsaUtil.encryptByPublicKey(s.getBytes(), publicKey);
        //秘钥解密
        msg=RsaUtil.decryptByPrivateKey(msg, privateKey);
        System.out.println("解密:\n"+new String(msg));

        /**
         * 测试私签名,公钥验证签名
         */
        // 产生签名
        String sign = RsaUtil.sign(s.getBytes(), privateKey);
        System.out.println("签名内容:\n"+sign);
        //验证签名
        boolean status = RsaUtil.verify(s.getBytes(), publicKey, sign);
        System.out.println("签名正确:\n"+status);
    }
}
公钥:
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2N1dAK2NzzcOjRwb3rBjT+NvpMKKgL98Pr3D0
jE99hfJL2MpuKflA0U18EKnZT1QjrninAeLHiR1BlnuJpHVGKNPkzXuIhggiHlvdb9WwsfB+u+pf
Igca7cURYR+4bELE+hlUVP8nyMuD9Vs8bY23oHG2Ff/svVQEo/j4uOMAywIDAQAB

私钥:
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALY3V0ArY3PNw6NHBvesGNP42+kw
oqAv3w+vcPSMT32F8kvYym4p+UDRTXwQqdlPVCOueKcB4seJHUGWe4mkdUYo0+TNe4iGCCIeW91v
1bCx8H676l8iBxrtxRFhH7hsQsT6GVRU/yfIy4P1WzxtjbegcbYV/+y9VASj+Pi44wDLAgMBAAEC
gYBOOEFvHXEK1CiIXcQi67CYxfp5BtS42PPzQsfFYrn401gosP5s/f2ukmqluG2BCKnAy3OllYyp
RTXW4udTNdLVOiglX5TSCk1zp3Hn6oLbbjWIpoqAhx5PJslZY35MscNYVViz69FwLHjCeDWRitsV
f/eDHyC+r6vb3PQTgpjegQJBAOvtWqLhMNhAOel14pirf+A520xz/gzpSj/dCzTS53oLGvCJqzn1
HJqA4xmhEf8MMcHN4+SiVtjQdKVINaFbeUECQQDFuCBzCMLKHNfrUp35lOlnmAT5RBEU+0CV85jl
oERpLTU1v6igsP6mxXJXXRQpNzP2orN1IbrVVwF8uuUU/wsLAkBiDtH4Fs69YtxvG08mE0ngAUwT
l7ZE2YXBy3bH6szI3erBhQbE3QqZcO5zDY40SnY3zgJlWc/s559DvyKDQUjBAkEAqa7filnWcgZW
98orcWpu9Uzt186mqk8Gmqo4abklfO4jYEFfwqijoxSIkJl9F/IcUmpHgRq1cSn+SMFMoLxRCQJA
PJFE5keSZgjJpGsMAdEIpHKKUxF5vd+oS9+Z7EpSn7VGTRPLycSIDKQT2F9/QV1z5IKni1jqbnXs
imRw1coviw==

解密:
chengyuqiang
签名内容:
BqJgQ4ciZNH0bE0TQeTgQQbF+h0jPNauHbgc95L8QggwD0p8qb4fdEjsmevdiN0OszOqyR9z71S9
LXCeH+ZeKVZagRWG0jx0Bfk74Rf5Pt2MMPqjzlDRfCTJyg0z8GjC/U70IaxgfgkrFVf3rsk4XzAB
R045Sjf2P+nJf/hf4wE=

签名正确:
true

3、RsaUtil 的父类

package cn.hadron.security;

import java.security.MessageDigest;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;

/**
 * 基础加密组件
 * 
 */
public abstract class Coder {
    public static final String KEY_SHA = "SHA";
    public static final String KEY_MD5 = "MD5";
    //HMAC(Hash Message Authentication Code),散列消息鉴别码,基于密钥的Hash算法的认证协议
    public static final String KEY_MAC = "HmacMD5";

    //BASE64实现主要就是BASE64Encoder、BASE64Decoder两个类,我们只需要知道使用对应的方法即可。

    /**
     * BASE64加密,把任意序列的8位字节描述为一种不易被人直接识别的形式。
     * BASE加密后产生的字节位数是8的倍数,如果不够位数以=符号填充
     */
    public static String encryptBASE64(byte[] key) throws Exception {
        return (new BASE64Encoder()).encodeBuffer(key);
    }
    /**
     * BASE64解密
     */
    public static byte[] decryptBASE64(String key) throws Exception {
        return (new BASE64Decoder()).decodeBuffer(key);
    }

    /**
     * JDK提供的MD5算法实现
     */
    public static byte[] encryptMD5(byte[] data) throws Exception {
        MessageDigest md5 = MessageDigest.getInstance(KEY_MD5);
        md5.update(data);
        return md5.digest();
    }

    /**
     * JDK提供的SHA算法
     */
    public static byte[] encryptSHA(byte[] data) throws Exception {
        MessageDigest sha = MessageDigest.getInstance(KEY_SHA);
        sha.update(data);
        return sha.digest();

    }

    /**
     * 初始化HMAC密钥
     */
    public static String initMacKey() throws Exception {
        KeyGenerator keyGenerator = KeyGenerator.getInstance(KEY_MAC);
        SecretKey secretKey = keyGenerator.generateKey();
        return encryptBASE64(secretKey.getEncoded());
    }

    /**
     * HMAC加密
     */
    public static byte[] encryptHMAC(byte[] data, String key) throws Exception {
        SecretKey secretKey = new SecretKeySpec(decryptBASE64(key), KEY_MAC);
        Mac mac = Mac.getInstance(secretKey.getAlgorithm());
        mac.init(secretKey);
        return mac.doFinal(data);
    }
}

你可能感兴趣的:(Java区块链)