非对称加密算法之DH

一.概述

（1）非对称加密算法DH的加解密效率比较低，对要加密的数据长度有着苛刻的要求，这也就是效率换安全吧。

（2）虽然对称加密效率高，但密钥的传输需要另外的信道（方式），非对称加密通过构建本地密钥来解决密钥的传输问题。

二.加解密过程简析

1.发送方A构建密钥对，A公布公钥

2.接收方B根据A公布的公钥构建密钥对，B公布公钥

3.发送方A使用A构建的私钥+B公布的公钥对数据加密

4.接收方B使用B构建的私钥+A公布的公钥对数据解密

三.CODE SHOW

package com.sys.common;

import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.X509EncodedKeySpec;

import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;

import org.apache.commons.codec.binary.Base64;

public class test {

private static String src="DH加密算法";
public static void main(String[] args){
jdkDH();
}

public static void jdkDH(){
try {
//初始化发送方密钥
KeyPairGenerator senderKeyPairGenerator=KeyPairGenerator.getInstance("DH");
senderKeyPairGenerator.initialize(512);
KeyPair senderKeyPair=senderKeyPairGenerator.generateKeyPair();
PrivateKey sendPrivateKey=senderKeyPair.getPrivate();
byte[] senderPublicKeyEnc=senderKeyPair.getPublic().getEncoded();  //公布发送方公钥

//初始化接收方密钥 （需要使用发送方公布的公钥）
KeyFactory receiverKeyFactory=KeyFactory.getInstance("DH");
X509EncodedKeySpec x509EncodedKeySpec=new X509EncodedKeySpec(senderPublicKeyEnc);
PublicKey receiverPublicKey=receiverKeyFactory.generatePublic(x509EncodedKeySpec);
DHParameterSpec dhParameterSpec=((DHPublicKey)receiverPublicKey).getParams();
KeyPairGenerator receiverKeyPairGenerator=KeyPairGenerator.getInstance("DH");
receiverKeyPairGenerator.initialize(dhParameterSpec);
KeyPair receiverKeyPair=receiverKeyPairGenerator.generateKeyPair();
PrivateKey receiverPrivateKey=receiverKeyPair.getPrivate();
byte[] receiverPublicKeyEnc =receiverKeyPair.getPublic().getEncoded();  //公布接收方公钥

//发送方对数据加密 （发送发私钥+接收方公布的公钥）
KeyFactory senderKeyFactory=KeyFactory.getInstance("DH");
x509EncodedKeySpec=new X509EncodedKeySpec(receiverPublicKeyEnc);
PublicKey senderPublicKey=senderKeyFactory.generatePublic(x509EncodedKeySpec);
KeyAgreement senderKeyAgreement=KeyAgreement.getInstance("DH");
senderKeyAgreement.init(sendPrivateKey);
senderKeyAgreement.doPhase(senderPublicKey, true);
Cipher cipher=Cipher.getInstance("DES");
SecretKey senderDesKey=senderKeyAgreement.generateSecret("DES");
cipher.init(Cipher.ENCRYPT_MODE,senderDesKey);
byte[] result=cipher.doFinal(src.getBytes());
System.out.println("jdk dh encrypt:"+Base64.encodeBase64String(result));

//接收方对加密数据解密 （接收方私钥+发送方公布的公钥）
KeyAgreement receiverKeyAgreement = KeyAgreement.getInstance("DH");
receiverKeyAgreement.init(receiverPrivateKey);
receiverKeyAgreement.doPhase(receiverPublicKey, true);
SecretKey receiverDesKey=receiverKeyAgreement.generateSecret("DES");
cipher=Cipher.getInstance("DES");
cipher.init(Cipher.DECRYPT_MODE,receiverDesKey);
result=cipher.doFinal(result);
System.out.println("jdk dh encrypt:"+new String(result));

} catch (Exception e) {
e.printStackTrace();
}
}
}

四.输出结果