最近项目要求用rsa进行加密(老老实实用https它不香嘛,它不香嘛!),之前只用过别的,就临时抱了下佛脚,看了一下网上的教程,总结了一个比较简单的写法.
直接上代码:
显示RSA的公共类
package com.tungkong.sj.common.utils;
import java.security.KeyFactory;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
import org.apache.commons.codec.binary.Base64;
public class RSAUtils {
private static String PUB_KEY =
"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCG77PYUAcCpANyUmsHJfuDIia9FcITsuu9lnfbE2BbEwd4SOxP";
private static String PRIV_KEY =
"MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAIbvs9hQBwKkA3JSawcl+4MiJr0VwhOy672Wd9sTYFsTB3hI7E8EVPARZNn3976a2M/3soUQGiEaTDL5UcTkqhzKkG/Q7tiAR6/AyCm/HJhjS/XTgIH+TTKMIVXuVzsXFjlWAQqsyJdMiQyvW6QKdZW9qm9EJLogVyxP+SSM+B8NAgMBAAECgYEAhj0FH9dNghUE0MCpdS0WL/jTrRxuPQase6mrhyiZnUErF0EExf87OLE1MZr8voRx2UNEOBgyxmfREozyCfyqNg1OdGYEHSyuJ9wglkhq8GVYO8IzI29Mqej0MSp";
/*
* public static Map<Integer, String> genKeyPair() { Map<Integer, String> keyMap
* = new HashMap<Integer, String>(); // 用于封装随机产生的公钥与私钥 try { //
* KeyPairGenerator类用于生成公钥和私钥对,基于RSA算法生成对象 KeyPairGenerator keyPairGen =
* KeyPairGenerator.getInstance("RSA");
*
* // 初始化密钥对生成器,密钥大小为96-1024位 keyPairGen.initialize(1024, new SecureRandom());
*
* // 生成一个密钥对,保存在keyPair中 KeyPair keyPair = keyPairGen.generateKeyPair();
* RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate(); // 得到私钥
* RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); // 得到公钥
*
* // 得到公钥字符串 String publicKeyString = new
* String(Base64.encodeBase64(publicKey.getEncoded())); // 得到私钥字符串 String
* privateKeyString = new
* String(Base64.encodeBase64((privateKey.getEncoded()))); // 将公钥和私钥保存到Map
* keyMap.put(0, publicKeyString); // 0表示公钥 keyMap.put(1, privateKeyString); //
* 1表示私钥 } catch (Exception e) { return null; }
*
* return keyMap; }
*/
/**
* RSA公钥加密
*
* @param str
* 需要加密的字符串
* @param publicKey
* 公钥
* @return 公钥加密后的内容
*/
public static String encrypt(String str) {
String outStr = null;
try {
// base64编码的公钥
byte[] decoded = Base64.decodeBase64(PUB_KEY);
RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance("RSA")
.generatePublic(new X509EncodedKeySpec(decoded));
// RSA加密
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, pubKey);
outStr = Base64.encodeBase64String(cipher.doFinal(str.getBytes("UTF-8")));
} catch (Exception e) {
}
return outStr;
}
/**
* RSA私钥解密
*
* @param str
* 加密字符串
* @param privateKey
* 私钥
* @return 私钥解密后的内容
*/
public static String decrypt(String str) {
String outStr = null;
try {
// 64位解码加密后的字符串
byte[] inputByte = Base64.decodeBase64(str.getBytes("UTF-8"));
// base64编码的私钥
byte[] decoded = Base64.decodeBase64(PRIV_KEY);
RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decoded));
// RSA解密
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE, priKey);
outStr = new String(cipher.doFinal(inputByte));
} catch (Exception e) {
}
return outStr;
}
}
这里为了方便我就不用公钥和私钥自动生成了,直接贴了一个,注释的是自动生成
前台加密:
var pubkey ="MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCG77PYUAcCpANyUmsHJfuDIia9FcITsuu9lnfbE2BbEwd4SOxPBFTwEWTZ9/e+mtjP97KFEBohGkwy+VHE5KocypBv0O7YgEevwMgpvxyYY0v104CB/k0yjCFV7lc7FxY5VgEKrMiXTIkMr1ukCnWVvapvRCS6IFcsT/kkjPgfDQIDAQAB";
var encrypt = new JSEncrypt();
encrypt.setPublicKey(pubkey);
var password = encrypt.encrypt(vm.password);
后台解密:
Subject subject = ShiroUtils.getSubject();
//解密,因为编码传值时有空格出现
String password2 =password.replaceAll(" ", "+");
String mobileNo = RSAUtils.decrypt(password2);
这里注意一下因为base64加密后传值时会将+号变成空格,所以我们后台简单处理一下把空格还原,这里是个坑
公钥和私钥网上有很多生成的网站,随便找一个就可以