Dazed and confused by Java Security & BouncyCastle

2019-03-09 02:58发布

站内文章 / Java
52 0 0

问题:

I've been trying to make sense of the BouncyCastle cryptography APIs for Java. Unfortunately, I'm finding Java cryptography in general to be so obscured by service provider interfaces and jargon that I can't wrap my head around what anything actually does. I've tried reading the necessary documentation repeatedly but it just stays incomprehensible, introducing many concepts far beyond what I think should be needed.

All I really want is a class that does the following:

public class KeyPair {
    public byte[] public;
    public byte[] private;
}

public class RSACrypto {
    public static KeyPair generateRSAKeyPair() { /*implementation*/}
    public static byte[] encrypt(byte[] data, byte[] publicKey) { /*impl*/}
    public static byte[] decrypt(byte[] encryptedData, byte[] privateKey) { /*impl*/ }
}

Apologies if this is an incredibly complicated question to ask as "all I really want". Any pointers on where to read up on Java cryptography and BouncyCastle are very welcome. Any overviews of how the Java crypto systems actually are laid out are extremely welcome.

回答1:

import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;

import javax.crypto.Cipher;

public class RSACrypto
{

  /* A 1024-bit key will encrypt messages up to 117 bytes long. */
  private static final int KEY_SIZE = 1024;

  private static final String XFORM = 
    "RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING";

  public static KeyPair generateRSAKeyPair()
    throws GeneralSecurityException
  {
    KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA");
    gen.initialize(KEY_SIZE);
    return gen.generateKeyPair();
  }

  public static byte[] encrypt(byte[] plaintext, PublicKey pub)
    throws GeneralSecurityException
  {
    Cipher cipher = Cipher.getInstance(XFORM);
    cipher.init(Cipher.ENCRYPT_MODE, pub);
    return cipher.doFinal(plaintext);
  }

  public static byte[] decrypt(byte[] ciphertext, PrivateKey pvt)
    throws GeneralSecurityException
  {
    Cipher cipher = Cipher.getInstance(XFORM);
    cipher.init(Cipher.DECRYPT_MODE, pvt);
    return cipher.doFinal(ciphertext);
  }

  public static void main(String... argv)
    throws Exception
  {
    KeyPair pair = RSACrypto.generateRSAKeyPair();
    byte[] plaintext = "A short secret message.".getBytes("UTF-8");
    byte[] ciphertext = RSACrypto.encrypt(plaintext, pair.getPublic());
    byte[] recovered = RSACrypto.decrypt(ciphertext, pair.getPrivate());
    System.out.println(new String(recovered, "UTF-8"));
  }

}


回答2:

hmm, have you tried the O'Reilly book on Java Cryptography? (can't vouch for it personally)



回答3:

import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;

import javax.crypto.Cipher;

public class RsaCrypto {

    private static final int KEY_SIZE = 3072;
    private static final String TRANSFORMATION = "RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING";

    public static KeyPair generateRSAKeyPair() {
        try {
            KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA");
            gen.initialize(KEY_SIZE);
            java.security.KeyPair p = gen.generateKeyPair();
            KeyPair pair = new KeyPair();
            pair.privateKey = p.getPrivate().getEncoded();
            pair.publicKey = p.getPublic().getEncoded();
            return pair;
        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }

    }

    public static byte[] encrypt(byte[] data, byte[] publicKey) {
        X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(publicKey);
        try {
            KeyFactory kf = KeyFactory.getInstance("RSA");
            PublicKey pk = kf.generatePublic(publicKeySpec);
            Cipher rsa = Cipher.getInstance(TRANSFORMATION);
            rsa.init(Cipher.ENCRYPT_MODE, pk);
            return rsa.doFinal(data);
        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

    public static byte[] decrypt(byte[] encryptedData, byte[] privateKey) {
        try {
            PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(privateKey);
            RSAPrivateKey pk = (RSAPrivateKey) KeyFactory.getInstance("RSA")
                    .generatePrivate(privSpec);

            Cipher rsaCipher = Cipher.getInstance(TRANSFORMATION);
            rsaCipher.init(Cipher.DECRYPT_MODE, pk);
            return rsaCipher.doFinal(encryptedData);

        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

}


标签: java cryptography rsa bouncycastle jce
举报

收藏的人(0)

Ta的文章 更多文章
登录 后发表评论
0条评论
还没有人评论过~