非对称加密算法

对称加密算法在加密和解密时使用的是同一个秘钥,像DES只有一个密钥。相当于只有一把钥匙，如果这把钥匙丢了，数据也就不安全了。
而非对称加密算法需要两个密钥来进行数据加密和数字签名，像RSA、DSA
数字签名的意义在于，对传输过来的数据进行校验。确保数据在传输工程中不被修改。
其流程分析： 1.甲方构建密钥对儿，将公钥公布给乙方，将私钥保留。 
   2.甲方使用私钥加密数据，然后用私钥对加密后的数据签名，发送给乙方签名以及加密后的数据 

 3.乙方使用公钥来验证待解密数据是否有效

public class AsyEncry {public static void main(String[] args) {// TODO Auto-generated method stubMap<String, Object> generateKeyPair = generateKeyPair();PublicKey publicKey1 = (PublicKey) generateKeyPair.get("publicKey");PrivateKey privateKey1 = (PrivateKey) generateKeyPair.get("privateKey");String publicKey = Base64.encodeBase64String(publicKey1.getEncoded());String privateKey = Base64.encodeBase64String(privateKey1.getEncoded());String encodeData = "124396";String sign = usingEncodeDatacreateSign(encodeData, privateKey);System.out.println("签名的数据是：" + sign);boolean checkSign = usingEncodeDataVerifySign(encodeData, publicKey,sign);System.out.println("签名判断是：" + checkSign);}private static boolean usingEncodeDataVerifySign(String encodeData,String publicKey, String sign) {// TODO Auto-generated method stubbyte[] decodeKey = Base64.decodeBase64(publicKey);boolean check = false;try {X509EncodedKeySpec keySpec = new X509EncodedKeySpec(decodeKey);KeyFactory keyFactory = KeyFactory.getInstance("RSA");PublicKey pubKey = keyFactory.generatePublic(keySpec);Signature signature = Signature.getInstance("MD5withRSA");signature.initVerify(pubKey);signature.update(encodeData.getBytes());byte[] h = sign.getBytes();byte[] ha = Base64.decodeBase64(sign);check = signature.verify(ha);} catch (Exception e) {// TODO Auto-generated catch blocke.printStackTrace();}return check;}private static String usingEncodeDatacreateSign(String encodeData,String privateKey) {// TODO Auto-generated method stubbyte[] decodeKey = Base64.decodeBase64(privateKey);byte[] signByte = null;try {PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(decodeKey);KeyFactory keyFactory = KeyFactory.getInstance("RSA");PrivateKey priKey = keyFactory.generatePrivate(pkcs8KeySpec);Signature signature = Signature.getInstance("MD5withRSA");signature.initSign(priKey);signature.update(encodeData.getBytes());signByte = signature.sign();} catch (Exception e) {e.printStackTrace();}String a = Base64.encodeBase64String(signByte);return a;}private static Map<String, Object> generateKeyPair() {Map<String, Object> KeyPairMap = new HashMap<String, Object>();try {KeyPairGenerator keyPairCreater = KeyPairGenerator.getInstance("RSA");keyPairCreater.initialize(1024);KeyPair keyPair = keyPairCreater.generateKeyPair();PublicKey publicKey = keyPair.getPublic();PrivateKey privateKey = keyPair.getPrivate();KeyPairMap.put("publicKey", publicKey);KeyPairMap.put("privateKey", privateKey);} catch (Exception e) {// TODO Auto-generated catch blocke.printStackTrace();}return KeyPairMap;}}

常见的数字签名算法： MD2withRSA, MD5withRSA, SHA1withRSA

用私钥进行数据签名的步骤：

 1. 实例化签名对象，传入算法Signature.getInstance("签名算法");
 2. 初始化签名对象，传入私钥signature.initVerify(私钥);
 3. 使用指定的字节数组更新要签名的数据 signature.update(加密数据);
 4. 进行签名 signature.sign()

用公钥验证签名的步骤：

 1. 实例化签名对象，传入算法Signature.getInstance("签名算法");
 2. 初始化签名对象，传入公钥signature.initVerify(公钥);
 3. 使用指定的字节数组更新要签名的数据 signature.update(加密数据);
 4. 验证签名signature.verify（第三方传入的签名）