Shulou(Shulou.com)06/02 Report--

How to implement encryption and digital signature in Java? I believe many inexperienced people don't know what to do about it. Therefore, this paper summarizes the causes and solutions of the problem. Through this article, I hope you can solve this problem.

Java encryption and digital signature

Message digest

This is a technique used in conjunction with message authentication codes to ensure message integrity. Mainly use one-way hash function algorithm

A widely used algorithm that can be used to verify the integrity of messages and to save them directly in text form through hash passwords.

There are MD4, MD5 and SHA-1. Java.security.MessageDigest provides a simple method of operation.

Private key encryption

Message digest can only check the integrity of messages, but one-way, plaintext messages can not be encrypted, if you want to encrypt plaintext messages

Other algorithms will be used, and to ensure confidentiality, we need to use private key cryptography to exchange private messages.

If you use private key encryption, you first need a key, and you can use javax.crypto.KeyGenerator to generate a key (java.security.Key)

It is then passed to an encryption tool (javax.crypto.Cipher), which uses the appropriate algorithm to encrypt

The main symmetry algorithms are: DES (the actual key only uses 56 bits), AES

/ / java project www.1b23.compublicclass PrivateKeyExample {publicstaticvoid main (String [] args) throws Exception {String source = "abcdefghijk"; byte [] plainText = source.getBytes ("UTF-8"); / / form a key KeyGenerator keyGen = KeyGenerator.getInstance ("AES") through KeyGenerator; keyGen.init; Key key = keyGen.generateKey (); printKey (key); byte [] result = encryption (plainText, key) System.out.println ("encrypted array size:" + result.length); System.out.println ("encrypted Base64 string" + Base64.encodeBytes (result)); byte [] newText = decryption (result, key); System.out.println ("decrypted string:" + new String (newText, "UTF-8") } publicstaticbyte [] encryption (byte [] plainText, Key key) throws Exception {/ / get a private encryption class Cipher,ECB is the encryption method, PKCS5Padding is the filling method Cipher cipher = Cipher.getInstance ("AES/ECB/PKCS5Padding"); / / use private encryption cipher.init (Cipher.ENCRYPT_MODE, key); byte [] cipherText = cipher.doFinal (plainText); return cipherText } publicstaticbyte [] decryption (byte [] source, Key key) throws Exception {/ / get a private encryption class Cipher,ECB is the encryption method, PKCS5Padding is the filling method Cipher cipher = Cipher.getInstance ("AES/ECB/PKCS5Padding"); / / use private encryption cipher.init (Cipher.DECRYPT_MODE, key); byte [] result = cipher.doFinal (source); return result } privatestaticvoid printKey (Key key) throws UnsupportedEncodingException {System.out.println ("Algorithm:" + key.getAlgorithm ()); byte [] bytes = key.getEncoded (); System.out.println ("Encoded:" + Base64.encodeBytes (bytes));}}

Public key encryption

Private key encryption requires a shared key, so how to pass the key? Under the web environment

Direct transmission is easy to hear, but fortunately there is the emergence of public key encryption. Public key encryption is also called asymmetric encryption.

Asymmetric algorithms use a pair of key pairs, a public key, a private key, and data encrypted with a public key.

Only the private key can be unlocked (can be used for encryption); at the same time, for data encrypted with the private key, only the public key can be unlocked (signed).

The main algorithm of public key is RSA.

/ / java project www.1b23.compublicclass PublicKeyExample {publicstaticvoid main (String [] args) throws Exception {String source = "abcdefghijk"; byte [] plainText = source.getBytes ("UTF-8"); / / generate key pair KeyPairGenerator keyGen = KeyPairGenerator.getInstance ("RSA"); keyGen.initialize (1024); KeyPair key = keyGen.generateKeyPair (); byte [] result = encryption (plainText, key) System.out.println ("encrypted array size:" + result.length); System.out.println ("encrypted Base64 string" + Base64.encodeBytes (result)); byte [] newText = decryption (result, key); System.out.println ("decrypted string:" + new String (newText, "UTF-8") } publicstaticbyte [] encryption (byte [] plainText, KeyPair keyPair) throws Exception {/ / get a Cipher class of RSA, using public encryption Cipher cipher = Cipher.getInstance ("RSA/ECB/PKCS1Padding"); cipher.init (Cipher.ENCRYPT_MODE, keyPair.getPublic ()); byte [] cipherText = cipher.doFinal (plainText); return cipherText } publicstaticbyte [] decryption (byte [] cipherText, KeyPair keyPair) throws Exception {/ / get a Cipher class of RSA, decrypt Cipher cipher = Cipher.getInstance ("RSA/ECB/PKCS1Padding") with private key; cipher.init (Cipher.DECRYPT_MODE, keyPair.getPrivate ()); byte [] newPlainText = cipher.doFinal (cipherText); return newPlainText;}}

Digital signature

A digital signature, which is the first level to determine the identity of the communicator who exchanged the message.

The above An encrypts the data using the public key and sends it to BMagneB to decrypt it with the private key to get the required data.

The question is, since they all use public key encryption, how to verify the message sent by A.

It is also mentioned above that the private key is unique, so A can use A's own private key for encryption.

Then B uses the public key of A to decrypt it; the principle of digital signature is based on this.

Usually in order to prove the authenticity of the sent data, the short message content is obtained by using the message digest.

The private key is then used for encryption, and the hash data is sent along with the message.

The general process is as follows:

1. Party A constructs the key pair, publishes the public key to Party B, and keeps the private key.

two。 Party A uses the private key to encrypt the data, then signs the encrypted data with the private key and sends it to Party B for signature and encrypted data.

3. Party B uses the public key and signature to verify whether the data to be decrypted is valid, and if the public key is effectively used to decrypt the data.

4. Party B uses the public key to encrypt the data and sends the encrypted data to Party A.

5. Party An obtains the encrypted data and decrypts it through the private key.

/ / java project www.1b23.compublic class DigitalSignatureExample {publicstaticvoid main (String [] args) throws Exception {String source = "abcdefghijk"; byte [] plainText = source.getBytes ("UTF-8"); System.out.println ("original string:" + source); System.out.println ("original data array length:" + plainText.length); / / form RSA public key pair KeyPairGenerator keyGen = KeyPairGenerator.getInstance ("RSA") KeyGen.initialize (1024); KeyPair key = keyGen.generateKeyPair (); / * encrypt with private key * / Cipher cipher = Cipher.getInstance ("RSA/ECB/PKCS1Padding"); cipher.init (Cipher.ENCRYPT_MODE, key.getPrivate ()); byte [] cipherText = cipher.doFinal (plainText); / / use private signature Signature sig = Signature.getInstance ("SHA1WithRSA") Sig.initSign (key.getPrivate ()); sig.update (cipherText); byte [] signature = sig.sign (); System.out.println ("signature array length:" + signature.length); / / using the public key to verify sig.initVerify (key.getPublic ()); sig.update (cipherText) Try {if (sig.verify (signature)) {System.out.println ("Digital signature verification passed"); / * use public key to decrypt * / cipher.init (Cipher.DECRYPT_MODE, key.getPublic ()); byte [] newPlainText = cipher.doFinal (cipherText) System.out.println ("decrypted string:" + new String (newPlainText, "UTF-8"));} else System.out.println ("Digital signature verification failed");} catch (SignatureException e) {System.out.println ("exception caught, digital signature verification failed") } after reading the above, have you mastered how to implement encryption and digital signature in Java? If you want to learn more skills or want to know more about it, you are welcome to follow the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.