📄 java上加密算法的实现用例.htm
字号:
<P>bob根据alice的公钥生成本地的DES密钥</P>
<TABLE bgColor=#cccccc border=1 cellPadding=5 cellSpacing=0
width="100%"><TBODY>
<TR>
<TD><PRE><CODE> KeyAgreement bobKeyAgree = KeyAgreement.getInstance("DH");
bobKeyAgree.init(bobKpair.getPrivate());
bobKeyAgree.doPhase(alicePubKey, true);
SecretKey bobDesKey = bobKeyAgree.generateSecret("DES");</CODE>
</PRE></TD></TR></TBODY></TABLE><BR><BR>
<P>bob已经生成了他的DES密钥,他现把他的公钥发给alice,</P>
<TABLE bgColor=#cccccc border=1 cellPadding=5 cellSpacing=0
width="100%"><TBODY>
<TR>
<TD><PRE><CODE> byte[] bobPubKeyEnc = bobKpair.getPublic().getEncoded();</CODE>
</PRE></TD></TR></TBODY></TABLE><BR><BR>
<P>alice根据bob的公钥生成本地的DES密钥</P>
<TABLE bgColor=#cccccc border=1 cellPadding=5 cellSpacing=0
width="100%"><TBODY>
<TR>
<TD><PRE><CODE> ,,,,,,解码
KeyAgreement aliceKeyAgree = KeyAgreement.getInstance("DH");
aliceKeyAgree.init(aliceKpair.getPrivate());
aliceKeyAgree.doPhase(bobPubKey, true);
SecretKey aliceDesKey = aliceKeyAgree.generateSecret("DES");</CODE>
</PRE></TD></TR></TBODY></TABLE><BR><BR>
<P>bob和alice能过这个过程就生成了相同的DES密钥,在这种基础就可进行安全能信</P>
<P><B>常用API</B></P>
<P>java.security.KeyPairGenerator 密钥生成器类<BR>public static KeyPairGenerator
getInstance(String algorithm)<BR>throws
NoSuchAlgorithmException<BR>以指定的算法返回一个KeyPairGenerator 对象<BR>参数: algorithm
算法名.如:原来是DSA,现在添加了 DiffieHellman(DH)</P>
<P>public void initialize(int
keysize)<BR>以指定的长度初始化KeyPairGenerator对象,如果没有初始化系统以1024长度默认设置<BR>参数:keysize
算法位长.其范围必须在 512 到 1024 之间,且必须为 64
的倍数<BR>注意:如果用1024生长的时间很长,最好生成一次后就保存,下次就不用生成了</P>
<P>public void initialize(AlgorithmParameterSpec params)<BR>throws
InvalidAlgorithmParameterException<BR>以指定参数初始化</P>
<P>javax.crypto.interfaces.DHPublicKey<BR>public DHParameterSpec
getParams()<BR>返回<BR>java.security.KeyFactory</P>
<P>public static KeyFactory getInstance(String algorithm)<BR>throws
NoSuchAlgorithmException<BR>以指定的算法返回一个KeyFactory<BR>参数: algorithm
算法名:DSH,DH</P>
<P>public final PublicKey generatePublic(KeySpec keySpec)<BR>throws
InvalidKeySpecException<BR>根据指定的key说明,返回一个PublicKey对象</P>
<P>java.security.spec.X509EncodedKeySpec<BR>public
X509EncodedKeySpec(byte[]
encodedKey)<BR>根据指定的二进制编码的字串生成一个key的说明<BR>参数:encodedKey
二进制编码的字串(一般能过PublicKey.getEncoded()生成)<BR>javax.crypto.KeyAgreement
密码一至类</P>
<P>public static final KeyAgreement getInstance(java.lang.String
algorithm)<BR>throws
java.security.NoSuchAlgorithmException<BR>返回一个指定算法的KeyAgreement对象<BR>参数:algorithm
算法名,现在只能是DiffieHellman(DH)</P>
<P>public final void init(java.security.Key key)<BR>throws
java.security.InvalidKeyException<BR>用指定的私钥初始化<BR>参数:key 一个私钥</P>
<P>public final java.security.Key doPhase(java.security.Key
key,<BR>boolean lastPhase)<BR>throws
java.security.InvalidKeyException,<BR>java.lang.IllegalStateException<BR>用指定的公钥进行定位,lastPhase确定这是否是最后一个公钥,对于两个用户的<BR>情况下就可以多次定次,最后确定<BR>参数:key
公钥<BR>lastPhase 是否最后公钥</P>
<P>public final SecretKey generateSecret(java.lang.String
algorithm)<BR>throws
java.lang.IllegalStateException,<BR>java.security.NoSuchAlgorithmException,<BR>java.security.InvalidKeyException<BR>根据指定的算法生成密钥<BR>参数:algorithm
加密算法(可用 DES,DESede,Blowfish)</P>
<TABLE bgColor=#cccccc border=1 cellPadding=5 cellSpacing=0
width="100%"><TBODY>
<TR>
<TD><PRE><CODE>*/
import java.io.*;
import java.math.BigInteger;
import java.security.*;
import java.security.spec.*;
import java.security.interfaces.*;
import javax.crypto.*;
import javax.crypto.spec.*;
import javax.crypto.interfaces.*;
import com.sun.crypto.provider.SunJCE;
public class testDHKey {
public static void main(String argv[]) {
try {
testDHKey my= new testDHKey();
my.run();
} catch (Exception e) {
System.err.println(e);
}
}
private void run() throws Exception {
Security.addProvider(new com.sun.crypto.provider.SunJCE());
System.out.println("ALICE: 产生 DH 对 ...");
KeyPairGenerator aliceKpairGen = KeyPairGenerator.getInstance("DH");
aliceKpairGen.initialize(512);
KeyPair aliceKpair = aliceKpairGen.generateKeyPair(); //生成时间长
// 张三(Alice)生成公共密钥 alicePubKeyEnc 并发送给李四(Bob) ,
//比如用文件方式,socket.....
byte[] alicePubKeyEnc = aliceKpair.getPublic().getEncoded();
//bob接收到alice的编码后的公钥,将其解码
KeyFactory bobKeyFac = KeyFactory.getInstance("DH");
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec (alicePubKeyEnc);
PublicKey alicePubKey = bobKeyFac.generatePublic(x509KeySpec);
System.out.println("alice公钥bob解码成功");
// bob必须用相同的参数初始化的他的DH KEY对,所以要从Alice发给他的公开密钥,
//中读出参数,再用这个参数初始化他的 DH key对
//从alicePubKye中取alice初始化时用的参数
DHParameterSpec dhParamSpec = ((DHPublicKey)alicePubKey).getParams();
KeyPairGenerator bobKpairGen = KeyPairGenerator.getInstance("DH");
bobKpairGen.initialize(dhParamSpec);
KeyPair bobKpair = bobKpairGen.generateKeyPair();
System.out.println("BOB: 生成 DH key 对成功");
KeyAgreement bobKeyAgree = KeyAgreement.getInstance("DH");
bobKeyAgree.init(bobKpair.getPrivate());
System.out.println("BOB: 初始化本地key成功");
//李四(bob) 生成本地的密钥 bobDesKey
bobKeyAgree.doPhase(alicePubKey, true);
SecretKey bobDesKey = bobKeyAgree.generateSecret("DES");
System.out.println("BOB: 用alice的公钥定位本地key,生成本地DES密钥成功");
// Bob生成公共密钥 bobPubKeyEnc 并发送给Alice,
//比如用文件方式,socket.....,使其生成本地密钥
byte[] bobPubKeyEnc = bobKpair.getPublic().getEncoded();
System.out.println("BOB向ALICE发送公钥");
// alice接收到 bobPubKeyEnc后生成bobPubKey
// 再进行定位,使aliceKeyAgree定位在bobPubKey
KeyFactory aliceKeyFac = KeyFactory.getInstance("DH");
x509KeySpec = new X509EncodedKeySpec(bobPubKeyEnc);
PublicKey bobPubKey = aliceKeyFac.generatePublic(x509KeySpec);
System.out.println("ALICE接收BOB公钥并解码成功");
;
KeyAgreement aliceKeyAgree = KeyAgreement.getInstance("DH");
aliceKeyAgree.init(aliceKpair.getPrivate());
System.out.println("ALICE: 初始化本地key成功");
aliceKeyAgree.doPhase(bobPubKey, true);
// 张三(alice) 生成本地的密钥 aliceDesKey
SecretKey aliceDesKey = aliceKeyAgree.generateSecret("DES");
System.out.println("ALICE: 用bob的公钥定位本地key,并生成本地DES密钥");
if (aliceDesKey.equals(bobDesKey)) System.out.println("张三和李四的密钥相同");
//现在张三和李四的本地的deskey是相同的所以,完全可以进行发送加密,接收后解密,达到
//安全通道的的目的
/*
* bob用bobDesKey密钥加密信息
*/
Cipher bobCipher = Cipher.getInstance("DES");
bobCipher.init(Cipher.ENCRYPT_MODE, bobDesKey);
String bobinfo= "这是李四的机密信息";
System.out.println("李四加密前原文:"+bobinfo);
byte[] cleartext =bobinfo.getBytes();
byte[] ciphertext = bobCipher.doFinal(cleartext);
/*
* alice用aliceDesKey密钥解密
*/
Cipher aliceCipher = Cipher.getInstance("DES");
aliceCipher.init(Cipher.DECRYPT_MODE, aliceDesKey);
byte[] recovered = aliceCipher.doFinal(ciphertext);
System.out.println("alice解密bob的信息:"+(new String(recovered)));
if (!java.util.Arrays.equals(cleartext, recovered))
throw new Exception("解密后与原文信息不同");
System.out.println("解密后相同");
}
}</CODE>
</PRE></TD></TR></TBODY></TABLE><BR><BR>
<P><A id=3 name=3><SPAN
class=atitle2>第3章小结</SPAN></A><BR>在加密术中生成密钥对时,密钥对的当然是越长越好,但费时也越多,请从中从实际出发选取合适的长度,大部分例码中的密钥是每次运行就从新生成,在实际的情况中是生成后在一段时间保存在文件中,再次运行直接从文件中读入,从而加快速度。当然定时更新和加强密钥保管的安全性也是必须的。</P><!-- Make author heading singular or plural as needed -->
<TABLE border=0 cellPadding=0 cellSpacing=0 width="100%">
<TBODY>
<TR>
<TD><A id=author1 name=author1><SPAN class=atitle2>关于作者</SPAN></A>
<BR>王辉,具有八年的编程及系统管理经验,所使用的语言为C和Java
编程语言。目前在深圳一家公司做程序员,使用C和JAVA为DB2数据库编程.可通过 <A
href="http://www-900.ibm.com/developerWorks/cn/java/l-security/ddxxkk@21cn.com">ddxxkk@21cn.com</A>
联系。</TD></TR></TBODY></TABLE></TD>
<TD width=10><IMG alt="" border=0 height=1
src="JAVA上加密算法的实现用例.files/c.gif" width=10></TD></TR></TBODY></TABLE><!-- END PAPER BODY --><BR clear=all><IMG
alt="" border=0 height=10 src="JAVA上加密算法的实现用例.files/c.gif" width=100><BR>
<TABLE border=0 cellPadding=0 cellSpacing=0 width="100%">
<TBODY>
<TR>
<TD align=right width="100%"><A
href="http://www-900.ibm.com/developerWorks/cn/java/l-security/index.shtml#top">到页首</A></TD>
<TD width=5><IMG alt="" border=0 height=1 src="JAVA上加密算法的实现用例.files/c.gif"
width=5></TD></TR>
<TR vAlign=top>
<TD bgColor=#000000 colSpan=2><IMG alt="" border=0 height=1
src="JAVA上加密算法的实现用例.files/c.gif" width=100></TD></TR>
<TR vAlign=top>
<TD bgColor=#ffffff colSpan=2><IMG alt="" border=0 height=8
src="JAVA上加密算法的实现用例.files/c.gif" width=100></TD></TR></TBODY></TABLE>
<TABLE border=0 cellPadding=10 cellSpacing=0 width="100%">
<TBODY>
<TR vAlign=top>
<TD>
<FORM action=/developerWorks/cn/cnratings.nsf/RateArticle?CreateDocument
method=post><INPUT name=ArticleTitle type=hidden value=JAVA上加密算法的实现用例>
<INPUT name=Zone type=hidden value=Java> <INPUT name=RedirectURL
type=hidden value=/developerWorks/cn/thankyou/feedback-java.html> <A
id=rating name=rating><B>您对这篇文章的看法如何?</B></A>
<TABLE border=0 cellPadding=0 cellSpacing=0 width=600>
<TBODY>
<TR>
<TD colSpan=5><IMG alt="" border=0 height=8
src="JAVA上加密算法的实现用例.files/c.gif" width=100></TD></TR>
<TR vAlign=top>
<TD width="16%"><INPUT name=Rating type=radio value=5>真棒!(5)</TD>
<TD width="20%"><INPUT name=Rating type=radio value=4>好材料 (4)</TD>
<TD width="24%"><INPUT name=Rating type=radio value=3>一般;尚可 (3)</TD>
<TD width="22%"><INPUT name=Rating type=radio value=2>需提高 (2)</TD>
<TD width="18%"><INPUT name=Rating type=radio value=1>太差!
(1)</TD></TR></TBODY></TABLE><BR><B>建议?</B><BR><TEXTAREA cols=60 name=Comments rows=5 wrap=virtual></TEXTAREA><BR><BR><INPUT type=submit value=提交反馈意见></FORM></TD></TR>
<TR vAlign=top>
<TD bgColor=#ffffff><IMG alt="" border=0 height=8
src="JAVA上加密算法的实现用例.files/c.gif" width=100></TD></TR></TBODY></TABLE>
<TABLE border=0 cellPadding=0 cellSpacing=0 width="100%">
<TBODY>
<TR>
<TD align=right>(c) Copyright IBM Corp. 2001, (c) Copyright IBM China
2001, All Right Reserved</TD></TR>
<TR vAlign=top>
<TD class=bbg height=21> <A class=mainlink
href="http://www-900.ibm.com/developerWorks/cn/cgi-bin/click.cgi?url=www-900.ibm.com/cn/ibm/index.shtml&origin=dwhead">关于
IBM</A><SPAN class=divider> | </SPAN><A
class=mainlink
href="http://www-900.ibm.com/developerWorks/cn/cgi-bin/click.cgi?url=www-900.ibm.com/cn/ibm/privacy/index.shtml&origin=dwhead">隐私条约</A><SPAN
class=divider> | </SPAN><A class=mainlink
href="http://www-900.ibm.com/developerWorks/cn/cgi-bin/click.cgi?url=www-900.ibm.com/cn/ibm/legal/index.shtml&origin=dwhead">法律条款</A><SPAN
class=divider> | </SPAN><A class=mainlink
href="http://www-900.ibm.com/developerWorks/cn/cgi-bin/click.cgi?url=www-900.ibm.com/cn/ibm/contact/index.shtml&origin=dwhead">联系
IBM</A></TD></TR></TBODY></TABLE>
<SCRIPT language=JavaScript1.2 src="JAVA上加密算法的实现用例.files/stats.js"
type=text/javascript></SCRIPT>
<NOSCRIPT><IMG alt="" border=0 height=1
src="E:\wuyan\毕业设计\论文资料\JAVA上加密算法的实现用例.files\c(1).gif" width=1></NOSCRIPT>
</A></BODY></HTML>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -