安卓逆向 -- 算法基础(RSA)

Posted 2021-09-15 web安全工具库

一、非对称加密算法

1、对称加密算法中，加密和解密用到的密钥是一样的，而非对称加密算法，加密和解密的密钥是不一样的。非对称加密算法有公钥和私钥，公钥加密私钥解密。加密处理安全，但是性能极差，单次加密长度有限制。

2、填充方式：pkcs1padding，明文最大字节数为密钥字节数-11密文与密钥等长；NoPadding，明文最大字节数为密钥字节数，密文与密钥等长。

二、密钥对生成

密钥不是随便给的，需要特殊算法生成，可以在线生成：http://web.chacuo.net/netrsakeypair

三、Java版

public  static String  pubkey="MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClAtuZCNosKZMNyn90bCQl3qVdMniH4y9NGIcWNFBdmh" +        "DF3YeWEB+wLeGMw2h5PQtwJBz0G1mhRhCtF+Yx/DuuxDrYjjTsj9k4V5pgkpUbF+1z0C1sJDs6z/CPRVwRdwwJVymxdNfC" +        "mLZ9QtT6yMfZdZqIsh1fHHw599IMz3/9fQIDAQAB";public  static String prikey="MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAKUC25kI2iwpkw3Kf3RsJCXepV0yeIfjL" +        "00YhxY0UF2aEMXdh5YQH7At4YzDaHk9C3AkHPQbWaFGEK0X5jH8O67EOtiONOyP2ThXmmCSlRsX7XPQLWwkOzr" +        "P8I9FXBF3DAlXKbF018KYtn1C1PrIx9l1moiyHV8cfDn30gzPf/19AgMBAAECgYBsdzdwHdCDrQRb0Vr8ZUVRm" +        "0upuk5eTGjATbomT1bwYCBcX+ULMCgUP+R+Cci3wPeuzB44G25MQ2kczpPjEYEMrnf5BlzXB5QkOaWPVIETEJF" +        "lDIIUonvpvb8if1C6/GTqc6iQQEbMmFcV4DmeI282o/56SQp6ia9lPfIanNmS5QJBANq7YzIpCGOEC7Aq0o8es" +        "WTMp4xT/hYNH5hYexy9qIjTNB85jpxHtctHwnXD04YXky22hX/owVPFMSeNyxuYgcMCQQDBIEkFIZdbZZhMjSY" +        "c/UtCD+G2XKWe+r5Lkt8hZCo60P5KRta4+kYzcEwYVSn2zMNFCZwGKR0xGLyWDp2d5E+/AkEAnf4AlrjA0HEOqD" +        "8mPC6lX/PbiicZPwBXtAklVAtCcyJrYaqHcibyD1VUBxBd91uL+db+8vdCvamP6cwny1ULVQJBAIVw7GNaQX3KZ" +        "gBG6xXOwohj9t6Nh3ag5InNctVco30+WOYzqjvn2kfCiSGq/rLj6uyx5hevotcAs5WvhaLKVXsCQQDXdkUSR5p8" +        "NYRRv3+ovAnZVilMo+pAfaG+/SVphKoF43Mu2P3On+d6VzplLiRNsgGsLZB4t/sCyChdex3XwMrU";public static PublicKey getPublickKey(String key)throws Exception{    byte[] keyBytes= new BASE64Decoder().decodeBuffer(key);    X509EncodedKeySpec keys = new X509EncodedKeySpec(keyBytes);//实例化key    KeyFactory keyFactory = KeyFactory.getInstance("RSA");    PublicKey publicKey = keyFactory.generatePublic(keys);    return publicKey;}public static PrivateKey getPrivatekey(String key)throws Exception{    byte[] bytes = new BASE64Decoder().decodeBuffer(key);    PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(bytes);    KeyFactory keyFactory = KeyFactory.getInstance("RSA");    PrivateKey privateKey = keyFactory.generatePrivate(keySpec);    return privateKey;}public static byte[] encrypt(byte[] enstr)throws Exception{    PublicKey publickKey = getPublickKey(pubkey);    Cipher cipher = Cipher.getInstance("RSA/ECB/NoPadding");    cipher.init(Cipher.ENCRYPT_MODE,publickKey);    byte[] bytes = cipher.doFinal(enstr);    return bytes;}public static byte[] decrypt(byte[] destr)throws Exception{    PrivateKey privatekey = getPrivatekey(prikey);    Cipher cipht = Cipher.getInstance("RSA/ECB/NoPadding");    cipht.init(Cipher.DECRYPT_MODE,privatekey);    byte[] bytes= cipht.doFinal(destr);    return bytes;}public static void main(String[] args) throws Exception{    System.out.println("逆向有你");    String bs= "逆向有你a";    byte[] enby = encrypt(bs.getBytes(StandardCharsets.UTF_8));    System.out.println("RSA加密（字节）："+Arrays.toString(enby));    System.out.println("RSA加密（Hex）："+bytes2HexString(enby));    System.out.println("RSA加密（Base64）："+Base64.getEncoder().encodeToString(enby));    byte[] deby = decrypt(enby);    System.out.println("RSA解密（字节）："+new String(deby));}运行结果：RSA加密（字节）：[-95, 75, -84, -31, 54, 59, 9, -101, 58, 3, -127, -23, -108, -41, 67, 52, -17, -82, -67, -15, 21, -113, 20, 0, 93, 31, -81, -66, 86, 97, 41, 12, 24, -72, 18, -33, -102, -72, -3, -106, 13, 81, 15, 39, -87, -16, -40, -84, 123, -46, 108, 58, -73, 31, -52, -39, 66, 24, 57, 12, -43, -107, -65, 98, 33, -28, 120, 17, 1, -62, 63, 108, -46, 57, 43, -40, 113, -85, 15, 25, 29, 123, -68, 18, 27, 96, -27, -23, -1, 8, 119, 45, -10, 48, -53, -42, 63, 5, -34, 41, 83, -101, 74, -104, -16, 79, 93, 71, 105, -52, -16, -52, 5, -85, -52, -83, -11, 93, 7, -39, 23, 106, -53, -57, 42, -111, 68, -71]RSA加密（Hex）：A14BACE1363B099B3A0381E994D74334EFAEBDF1158F14005D1FAFBE5661290C18B812DF9AB8FD960D510F27A9F0D8AC7BD26C3AB71FCCD94218390CD595BF6221E4781101C23F6CD2392BD871AB0F191D7BBC121B60E5E9FF08772DF630CBD63F05DE29539B4A98F04F5D4769CCF0CC05ABCCADF55D07D9176ACBC72A9144B9RSA加密（Base64）：oUus4TY7CZs6A4HplNdDNO+uvfEVjxQAXR+vvlZhKQwYuBLfmrj9lg1RDyep8Nise9JsOrcfzNlCGDkM1ZW/YiHkeBEBwj9s0jkr2HGrDxkde7wSG2Dl6f8Idy32MMvWPwXeKVObSpjwT11HaczwzAWrzK31XQfZF2rLxyqRRLk=RSA解密（字节）：逆向有你a

四、JS版

var JSEncrypt = JSEncryptExports.JSEncrypt;function getEncrypt(password, publickey){    var jsEncrypt = new JSEncrypt();    jsEncrypt.setPublicKey(publickey);    return jsEncrypt.encrypt(password);//默认返回Base64格式}var publicKeyBase64 ="MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClAtuZCNosKZMNyn90bCQl3qVdMniH4y9NGIcWNFBdmhDF3YeWEB+wLeGMw2h5PQtwJBz0G1mhRhCtF+Yx/DuuxDrYjjTsj9k4V5pgkpUbF+1z0C1sJDs6z/CPRVwRdwwJVymxdNfCmLZ9QtT6yMfZdZqIsh1fHHw599IMz3/9fQIDAQAB";console.log(getEncrypt("逆向有你", publicKeyBase64));

禁止非法，后果自负

欢迎关注公众号：逆向有你

欢迎关注视频号：之乎者也吧