wustrive2008 / aes-rsa-java Goto Github PK

View Code? Open in Web Editor NEW

363.0 26.0 235.0 41 KB

AES+RSA结合应用java示例

License: Apache License 2.0

Java 100.00%

java aes rsa encryption

aes-rsa-java's Introduction

aes-rsa-java AES+RSA结合应用java示例

介绍

随着Internet网的广泛应用，信息安全问题日益突出，以数据加密技术为核心的信息安全技术也得到了极大的发展。目前的数据加密技术根据加密密钥类型可分私钥加密（对称加密）系统和公钥加密（非对称加密）系统。对称加密算法是较传统的加密体制，通信双方在加/解密过程中使用他们共享的单一密钥，鉴于其算法简单和加密速度快的优点，目前仍然是主流的密码体制之一。最常用的对称密码算法是数据加密标准（DES）算法，但是由于DES密钥长度较短，已经不适合当今分布式开放网络对数据加密安全性的要求。最后，一种新的基于Rijndael算法对称高级数据加密标准AES取代了数据加密标准DES。非对称加密由于加/解密钥不同（公钥加密，私钥解密），密钥管理简单，也得到广泛应用。RSA是非对称加密系统最著名的公钥密码算法。

加解密流程

服务器端(server)和客户端(client)分别生成自己的密钥对
server和client分别交换自己的公钥
client生成AES密钥(aesKey)
client使用自己的RSA私钥(privateKey)对请求明文数据(params)进行数字签名
将签名加入到请求参数中，然后转换为json格式
client使用aesKey对json数据进行加密得到密文(data)
client使用sever的RSA公钥对aesKey进行加密(encryptkey)
分别将data和encryptkey作为参数传输给服务器端

服务器端进行请求响应时将上面流程反过来即可

文章详解

开放接口的安全验证方案(AES+RSA)

aes-rsa-java's People

Contributors

Stargazers

Watchers

Forkers

phantomes imdaqian lczgywzyy lulu002 wenzhucjy jibaro ouyangpeng code-hunter ruanshiji xiaomin0322 407390911 javagit youngcloud yocruzer 526669520 uniker zhengjiaai2008 jonyxq uilzzw f2006116 zhonghanwen haitunlianren 3250033959 kanexiang semtle xfzandysw huangleisir nnuujj pmtoam yunlongsoft yucheng82 niubangcha chinahewei dezhenglu xuqianjin-stars isyj hulog github-alens voidluffy chen3441251 reasoncai bosioer sasakimj xueyunlong123 xingganfengxing extfff nitrone notyvp weixiaozheqingfu smartbinbin zhangqx730 a251701981 losjuan slivertwo sanyaoking u11 ybcd eeliangsoft soso changpanzzp skyyan2000 aihua chncho mindahu maxwellgxz nail2008 dpcc2017 qdiankun madeng1998 dynl04d joe2loft dengjifu weric1018 zhuwenbin110 a578123875 liuguly sunerqi growthring lhgbird1206 ychen-yc earth-spirit icefoxs ygc87 dankeluo madahademeng hioln xiyumerry linzhixin93 xu222131 wuliaowei fff475803746 weileaisyai shawbin wofml dragon0609 qyx-git zhengweisk sytlzk liming1993101 hujun519191086

aes-rsa-java's Issues

Insecure Hash Functions

Hi there, we found that the following places using insecure hash functions:

/home/xwt/IdeaProjects/aes-rsa-java/src/main/java/com/wustrive/aesrsa/util/Digest.java:19: error: [algorithm.not.allowed] Algorithm: MD5 is not allowed by the current rules
			MessageDigest md = MessageDigest.getInstance("MD5");
			                                             ^
/home/xwt/IdeaProjects/aes-rsa-java/src/main/java/com/wustrive/aesrsa/util/Digest.java:33: error: [algorithm.not.allowed] Algorithm: MD5 is not allowed by the current rules
			MessageDigest md = MessageDigest.getInstance("MD5");
			                                             ^
/home/xwt/IdeaProjects/aes-rsa-java/src/main/java/com/wustrive/aesrsa/util/Digest.java:66: error: [algorithm.not.allowed] Algorithm: MD5 is not allowed by the current rules
			md = MessageDigest.getInstance("MD5");
			                               ^
/home/xwt/IdeaProjects/aes-rsa-java/src/main/java/com/wustrive/aesrsa/util/Digest.java:102: error: [algorithm.not.allowed] Algorithm: SHA is not allowed by the current rules
			md = MessageDigest.getInstance("SHA");
			                               ^
/home/xwt/IdeaProjects/aes-rsa-java/src/main/java/com/wustrive/aesrsa/util/Digest.java:132: error: [algorithm.not.allowed] Algorithm: SHA is not allowed by the current rules
			md = MessageDigest.getInstance("SHA");
			                               ^
/home/xwt/IdeaProjects/aes-rsa-java/src/main/java/com/wustrive/aesrsa/util/Digest.java:162: error: [algorithm.not.allowed] Algorithm: SHA1 is not allowed by the current rules
			MessageDigest md = MessageDigest.getInstance("SHA1");
			                                             ^
/home/xwt/IdeaProjects/aes-rsa-java/src/main/java/com/wustrive/aesrsa/util/EncryptionUtil.java:23: error: [algorithm.not.allowed] Algorithm: MD5 is not allowed by the current rules
            MessageDigest md = MessageDigest.getInstance("MD5");
                                                         ^
/home/xwt/IdeaProjects/aes-rsa-java/src/main/java/com/wustrive/aesrsa/util/EncryptionUtil.java:57: error: [algorithm.not.allowed] Algorithm: SHA-1 is not allowed by the current rules
            MessageDigest md = MessageDigest.getInstance("SHA-1");
                                                         ^