RSA Asymmetric Encryption

In the real-world network, the development of Web application need to encrypt sensitive information, but the encryption can not be hasty, too simple. Once a loophole is drilled, it becomes an accident. Like a password.

Previously used asymmetric encryption did not record, this time again used, so record down.

RSA is the most influential public-key encryption algorithm, which is based on a very simple theory:
It is easy to multiply two large primes, but it is extremely difficult to factor the product, so you can expose the product as the encryption key, the public key, and the two large primes as private keys.
The public key is available for anyone to use, and the private key is owned by itself for decryption.

Process: The decryption person owns the private key and the public key generated by the private key calculation is published to the cryptographic person. Encryption is encrypted with the public key, and the cipher is sent to the decryption person, who decrypts the cipher with the private key to decode the ciphertext into plaintext.

Example:
To send the information to B for example,
First determine the role: A is the encryption, B is the decryption.
First by B randomly determine a key, called the key, the key is always kept in machine B and not sent out;
Then, the key is computed by another key, called a public key. The feature of this public key is that it is almost impossible to compute the private key that generates it.
Next through the network to the public key to a, a received the public key, the use of public key to encrypt the information ( here the encryption is not reversible ), and the ciphertext through the network sent to B,
Finally, B uses the known private key to decode the ciphertext.

The above is the work flow of the RSA algorithm.

code Implementation steps:

first, the background server generates the private key and the public key, and passes the public key to the foreground (before rendering the page requiring encrypted information):

/**
	 * Encrypted login precondition *
	 @param request
	 * @param mv
	 * @throws nosuchalgorithmexception/
	private void Passwordencodebefore (httpservletrequest request, Modelandview mv) throws NoSuchAlgorithmException {
		
		// Modelandview mv = new Modelandview ();
		
		/*********   Encryption Login  begin *********************/
		hashmap<string, object> map = Rsautils.getkeys ();
		Generate public and private keys
		rsapublickey PublicKey = (rsapublickey) map.get (rsautils.ras_key_public);
		Rsaprivatekey Privatekey = (rsaprivatekey) map.get (rsautils.ras_key_private);

		Request.getsession (). setattribute (Rsautils.ras_key_private, Privatekey);//private key saved in session, for decryption

		//Public key information saved on page, Used to encrypt
		String publickeyexponent = Publickey.getpublicexponent (). toString ();
		String publickeymodulus = Publickey.getmodulus (). toString ();

		Mv.addobject ("Publickeyexponent", publickeyexponent);
		Mv.addobject ("Publickeymodulus", publickeymodulus);

		/*********   Encrypted login end  *********************/
	}

The above code uses an RSA tool class to generate the public and private keys. Click to open link to download

A class is used in the tool class, bouncycastleprovider the jar package maven address is as follows:

<dependency>
			<groupId>org.bouncycastle</groupId>
			<artifactid>bcprov-jdk15on </artifactId>
			<version>1.47</version>
		</dependency>

second, the front page to obtain the background pass the public key information (JS)

Rsautils.setmaxdigits ();
var key = new Rsautils.getkeypair ("${publickeyexponent}", "", "${publickeymodulus}");
var password = $ (' Input[name=password] '). Val ();
JS inside is the reverse sequence of the string
var reversedpwd = Password.split (""). Reverse (). Join ("");
encrypted password
var encrypedpwd = rsautils.encryptedstring (KEY,REVERSEDPWD);

Here need to introduce a cryptographic JS, click on the open link to download

third, the front end of the encrypted ciphertext passed to the background, the background to decrypt

After the decryption of the password, password is submitted over the password
		rsaprivatekey privatekey = (rsaprivatekey) request.getsession (). getattribute ( Rsautils.ras_key_private);
		String password = rsautils.decryptbyprivatekey (password, privatekey);

The above is the whole realization process. Please correct me if you have any questions.