Java Asymmetric Encryption Algorithm dh
Next, we analyze the DH encryption algorithm, an encryption algorithm based on key agreement protocol.
DH
Diffie-Hellman algorithm (DH algorithm), key agreement protocol. It is an idea proposed by Diffie and Hellman, the founders of public key cryptosystems. Simply put, it allows two users to exchange information on a public medium to generate a "consistent" key that can be shared. In other words, Party A generates a pair of keys (public key, private key), and Party B generates Party B's key pair (public key, private key) according to Party A's public key. Taking this as the baseline, as the basis for the confidentiality of data transmission, both parties use the same symmetric encryption algorithm to construct a local secret key (SecretKey) to encrypt the data. In this way, after exchanging the local key (SecretKey) algorithm, Party A and Party B disclose their own public keys, encrypt data using the other party's public key and the private key just generated, and can use the other party's public key and their own private key to pair the data at the same time. decrypt. Not only the A and B parties, but also can be extended to multi-party shared data communication, thus completing the secure communication of network interactive data! The algorithm is derived from the Chinese Congruence Theorem - Chinese Remainder Theorem.
Process analysis:
1. Party A builds a key pair, publishes the public key to Party B, and keeps the private key; both parties agree on a data encryption algorithm; Party B builds a key pair through Party A's public key, and publishes the public key to Party A , keep the private key.
2. Party A uses the private key, Party B's public key, and the agreed data encryption algorithm to construct a local key, then encrypts the data with the local key, and sends the encrypted data to Party B; Party B uses the private key, Party A's public key, and the agreed data to encrypt The algorithm builds the local key and then decrypts the data with the local key.
3. Party B uses the private key, Party A's public key, and the agreed data encryption algorithm to construct a local key, then encrypts the data with the local key, and sends the encrypted data to Party A; Party A uses the private key, Party B's public key, and the agreed data The encryption algorithm builds the local key, and then decrypts the data with the local key.
The implementation through java code is as follows: Coder class see Java encryption technology (1)
Java代码 收藏代码
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;
/**
* DH安全编码组件
*
* @author Liang Dong
* @version 1.0
* @since 1.0
*/
public abstract class DHCoder extends Coder {
public static final String ALGORITHM = "DH";
/**
* Default key bytes
*
* <pre>
* DH
* Default Keysize 1024
* Keysize must be a multiple of 64, ranging from 512 to 1024 (inclusive).
* </pre>
*/
private static final int KEY_SIZE = 1024;
/**
* A symmetric encryption algorithm pair is required under DH encryption Data encryption, here we use DES, other symmetric encryption algorithms can also be used.
*/
public static final String SECRET_ALGORITHM = "DES";
private static final String PUBLIC_KEY = "DHPublicKey";
private static final String PRIVATE_KEY = "DHPrivateKey";
/**
* 初始化甲方密钥
*
* @return
* @throws Exception
*/
public static Map<String, Object> initKey() throws Exception {
KeyPairGenerator keyPairGenerator = KeyPairGenerator
.getInstance(ALGORITHM);
keyPairGenerator.initialize(KEY_SIZE);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
// 甲方公钥
DHPublicKey publicKey = (DHPublicKey) keyPair.getPublic();
// 甲方私钥
DHPrivateKey privateKey = (DHPrivateKey) keyPair.getPrivate();
Map<String, Object> keyMap = new HashMap<String, Object>(2);
keyMap.put(PUBLIC_KEY, publicKey);
keyMap.put(PRIVATE_KEY, privateKey);
return keyMap;
}
/**
* 初始化乙方密钥
*
* @param key
* 甲方公钥
* @return
* @throws Exception
*/
public static Map<String, Object> initKey(String key) throws Exception {
// 解析甲方公钥
byte[] keyBytes = decryptBASE64(key);
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM);
PublicKey pubKey = keyFactory.generatePublic(x509KeySpec);
// 由甲方公钥构建乙方密钥
DHParameterSpec dhParamSpec = ((DHPublicKey) pubKey).getParams();
KeyPairGenerator keyPairGenerator = KeyPairGenerator
.getInstance(keyFactory.getAlgorithm());
keyPairGenerator.initialize(dhParamSpec);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
// 乙方公钥
DHPublicKey publicKey = (DHPublicKey) keyPair.getPublic();
// 乙方私钥
DHPrivateKey privateKey = (DHPrivateKey) keyPair.getPrivate();
Map<String, Object> keyMap = new HashMap<String, Object>(2);
keyMap.put(PUBLIC_KEY, publicKey);
keyMap.put(PRIVATE_KEY, privateKey);
return keyMap;
}
/**
* encryption<br>
*
* @param data
* Data to be encrypted
* @param publicKey
* Party A's public key
* @param privateKey
* Party B's private key
* @return
* @throws Exception
*/
public static byte[] encrypt(byte[] data, String publicKey,
String privateKey) throws Exception {
// Generate local key
SecretKey secretKey = getSecretKey(publicKey, privateKey);
// data encryption
Cipher cipher = Cipher.getInstance(secretKey.getAlgorithm());
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
return cipher.doFinal(data);
}
/* *
* Decrypt<br>
*
* @param data
* The data to be decrypted
* @param publicKey
* Party B's public key
* @param privateKey
* Party B's private key
* @return
* @throws Exception
*/
public static byte[] decrypt(byte[] data, String publicKey,
String privateKey) throws Exception {
// Generate local key
SecretKey secretKey = getSecretKey(publicKey, privateKey);
// Data decrypt
Cipher cipher = Cipher.getInstance(secretKey.getAlgorithm());
cipher.init(Cipher.DECRYPT_MODE, secretKey) ;
return cipher.doFinal(data);
}
/**
* build key
*
* @param publicKey
* public key
* @param privateKey
* private key
* @return
* @throws Exception
*/
private static SecretKey getSecretKey(String publicKey, String privateKey)
throws Exception {
// 初始化公钥
byte[] pubKeyBytes = decryptBASE64(publicKey);
KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM);
X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(pubKeyBytes);
PublicKey pubKey = keyFactory.generatePublic(x509KeySpec);
// 初始化私钥
byte[] priKeyBytes = decryptBASE64(privateKey);
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(priKeyBytes);
Key priKey = keyFactory.generatePrivate(pkcs8KeySpec);
KeyAgreement keyAgree = KeyAgreement.getInstance(keyFactory
.getAlgorithm());
keyAgree.init(priKey);
keyAgree.doPhase(pubKey, true);
// 生成本地密钥
SecretKey secretKey = keyAgree.generateSecret(SECRET_ALGORITHM);
return secretKey;
}
/**
* 取得私钥
*
* @param keyMap
* @return
* @throws Exception
*/
public static String getPrivateKey(Map<String, Object> keyMap)
throws Exception {
Key key = (Key) keyMap.get(PRIVATE_KEY);
return encryptBASE64(key.getEncoded());
}
/**
* 取得公钥
*
* @param keyMap
* @return
* @throws Exception
*/
public static String getPublicKey(Map<String, Object> keyMap)
throws Exception {
Key key = (Key) keyMap.get(PUBLIC_KEY);
return encryptBASE64(key.getEncoded());
}
}
and then give A test class:
Java code Collection code
import static org.junit.Assert.*;
import java.util.Map;
import org.junit.Test;
/**
*
* @author Liang Dong
* @version 1.0
* @since 1.0
* /
public class DHCoderTest {
@Test
public void test() throws Exception {
// Generate Party A's key pair
Map<String, Object> aKeyMap = DHCoder.initKey();
String aPublicKey = DHCoder.getPublicKey(aKeyMap);
String aPrivateKey = DHCoder.getPrivateKey(aKeyMap);
System.err.println("Party A's public key:\r" + aPublicKey);
System.err.println("Party A's private key:\r" + aPrivateKey);
// Generate a local key pair from Party A's public key
Map<String, Object> bKeyMap = DHCoder.initKey(aPublicKey);
String bPublicKey = DHCoder.getPublicKey(bKeyMap);
String bPrivateKey = DHCoder.getPrivateKey(bKeyMap);
System.err.println("Party B's public key:\r" + bPublicKey);
System.err.println("Party B's private key:\ r" + bPrivateKey);
String aInput = "abc ";
System.err.println("Original: " + aInput);
// Construct ciphertext
byte[] from Party A's public key and Party B's private key aCode = DHCoder.encrypt(aInput.getBytes(), aPublicKey,
bPrivateKey);
// Decrypt byte[] by Party B's public key and Party A's private key
aDecode = DHCoder.decrypt(aCode, bPublicKey, aPrivateKey);
String aOutput = (new String(aDecode));
System.err.println("Decrypt: " + aOutput) ;
assertEquals(aInput, aOutput);
System.err.println(" ===============Inverse encryption and decryption================ == ");
String bInput = "def ";
System.err.println("Original: " + bInput);
// Construct ciphertext
byte[] from Party B's public key and Party A's private key bCode = DHCoder.encrypt(bInput . getBytes(), bPublicKey,
aPrivateKey);
// Decrypted by Party A's public key and Party B's private key
byte[] bDecode = DHCoder.decrypt(bCode, aPublicKey, bPrivateKey);
String bOutput = (new String(bDecode));
System.err.println("Decrypt : "+ bOutput); the
assertEquals (bInput, bOutput);
}
}
console output:
console collection Code Code
Party public Key:
MIHfMIGXBgkqhkiG9w0BAwEwgYkCQQD8poLOjhLKuibvzPcRDlJtsHiwXt7LzR60ogjzrhYXrgHz
W5Gkfm32NBPF4S7QiZvNEyrNUNmRUb3EPuc3WS4XAkBnhHGyepz0TukaScUUfbGpqvJE8FpDTWSG
kx0tFCcbnjUDC3H9c9oXkGmzLik1Yw4cIGI1TQ2iCmxBblC + eUykAgIBgANDAAJAdAWBVmIzqcko
Ej6qFjLDL2 + Y3FPq1iRbnOyOpDj71yKaK1K FhTv04B0zy4DKcvAASV7 + / + bgqdmffRkqrQ Gv0W ==
Party private key:
MIHRAgEAMIGXBgkqhkiG9w0BAwEwgYkCQQD8poLOjhLKuibvzPcRDlJtsHiwXt7LzR60ogjzrhYX
rgHzW5Gkfm32NBPF4S7QiZvNEyrNUNmRUb3EPuc3WS4XAkBnhHGyepz0TukaScUUfbGpqvJE8FpD
TWSGkx0tFCcbnjUDC3H9c9oXkGmzLik1Yw4cIGI1TQ2iCmxBblC+eUykAgIBgAQyAjACJRfy1LyR
eHyD+4Hfb+xR0uoIGR1oL9i9Nk6g2AAuaDPgEVWHn+QXID13yL/uDos=
乙方公钥:
MIHfMIGXBgkqhkiG9w0BAwEwgYkCQQD8poLOjhLKuibvzPcRDlJtsHiwXt7LzR60ogjzrhYXrgHz
W5Gkfm32NBPF4S7QiZvNEyrNUNmRUb3EPuc3WS4XAkBnhHGyepz0TukaScUUfbGpqvJE8FpDTWSG
kx0tFCcbnjUDC3H9c9oXkGmzLik1Yw4cIGI1TQ2iCmxBblC+eUykAgIBgANDAAJAVEYSfBA+I9nr
dWw3OBv475C+eBrWBBYqt0m6/eu4ptuDQHwV4MmUtKAC2wc2nNrdb1wmBhY1X8RnWkJ1XmdDbQ==
乙方私钥:
MIHSAgEAMIGXBgkqhkiG9w0BAwEwgYkCQQD8poLOjhLKuibvzPcRDlJtsHiwXt7LzR60ogjzrhYX
rgHzW5Gkfm32NBPF4S7QiZvNEyrNUNmRUb3EPuc3WS4XAkBnhHGyepz0TukaScUUfbGpqvJE8FpD
TWSGkx0tFCcbnjUDC3H9c9oXkGmzLik1Yw4cIGI1TQ2iCmxBblC + eUykAgIBgAQzAjEAqaZiCdXp
2iNpdBlHRaO9ir70wo2n32xNlIzIX19VLSPCDdeUWkgRv4CEj / 8K + / YD
description: abc
decryption: abc
=============== turn cryptographic ================ ==
Original: def
Decryption: def
As I said, both parties can encrypt the data sent to the other party after obtaining the other party's public key, and can also decrypt the received data, achieving the purpose of data security communication!
Java encryption technology (5) - the origin of asymmetric encryption algorithm DH
Guess you like
Origin http://10.200.1.11:23101/article/api/json?id=326751120&siteId=291194637
Recommended
Ranking