java 非对称加密登录

ShenSJay

已于 2024-01-26 09:41:46 修改

阅读量659

点赞数

文章标签： java 开发语言

于 2022-12-05 11:17:45 首次发布

本文链接：https://blog.csdn.net/qq_32234855/article/details/128183395

版权

1.后端生成公私密钥对
2.公钥给前端，前端用公钥给密码加密，登录的时候返回加密后的密码以及公钥
3.后端拿到前端返回的公钥，获取到对应的私钥，用私钥进行解密

import org.apache.commons.codec.binary.Base64;
import javax.crypto.Cipher;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;

public class RSAUtil {
    private static final String ALGORITHM_NAME = "RSA";

    /**
     * 生成秘钥对
     * @return
     * @throws NoSuchAlgorithmException
     */
    public static Map<String, String> generateKeyPair(){
        KeyPairGenerator keyPairGen = null;
        try {
            keyPairGen = KeyPairGenerator.getInstance(ALGORITHM_NAME);
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        }
        keyPairGen.initialize(1024,new SecureRandom());
        KeyPair keyPair = keyPairGen.generateKeyPair();
        RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) keyPair.getPrivate();
        RSAPublicKey rsaPublicKey = (RSAPublicKey) keyPair.getPublic();
        String publicKey = new String(Base64.encodeBase64(rsaPublicKey.getEncoded()));
        String privateKey = new String(Base64.encodeBase64((rsaPrivateKey.getEncoded())));
        Map<String, String> keyMap = new HashMap<>();
        keyMap.put("publicKey", publicKey);
        keyMap.put("privateKey", privateKey);
        return keyMap;
    }

    /**
     * 加密
     * @param string
     * @param publicKey
     * @return
     * @throws Exception
     */
    public static String encrypt(String string, String publicKey){
        byte[] decoded = Base64.decodeBase64(publicKey);
        RSAPublicKey pubKey = null;
        try {
            pubKey = (RSAPublicKey) KeyFactory.getInstance(ALGORITHM_NAME).generatePublic(new X509EncodedKeySpec(decoded));
            Cipher cipher = null;
            cipher = Cipher.getInstance(ALGORITHM_NAME);
            cipher.init(Cipher.ENCRYPT_MODE, pubKey);
            return Base64.encodeBase64String(cipher.doFinal(string.getBytes("UTF-8")));
        } catch (Exception e) {
            e.printStackTrace();
        }
        return "";
    }

    /**
     *解密
     * @param string
     * @param privateKey
     * @return
     * @throws Exception
     */
    public static String decrypt(String string, String privateKey){
        try {
            RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKey)));
            Cipher cipher = Cipher.getInstance(ALGORITHM_NAME);
            cipher.init(Cipher.DECRYPT_MODE, rsaPrivateKey);
            return new String(cipher.doFinal(Base64.decodeBase64(string)));
        } catch (Exception e) {
            e.printStackTrace();
        }
        return "";
    }
}

//生成公私钥，返回公钥，用啥存储对应关系都行，这里用的redis
@RequestMapping(value = "/publicKey", method = RequestMethod.GET)
	public Result<String> publicKey(){
		Map<String, String> map = RSAUtil.generateKeyPair();
		String publicKey = map.get("publicKey");
		String privateKey = map.get("privateKey");
		redisUtil.set(CommonConstant.PREFIX_RSA_KEY+publicKey,privateKey,60 * 3);
		return Result.OK(publicKey);
	}

//登录的时候传递加密后的密码的同时还需要传递回公钥，通过公钥获取对应的私钥
privateKey = redisUtil.get(CommonConstant.PREFIX_RSA_KEY+publicKey)
//私钥解密前端用公钥加密的密码
password = RSAUtil.decrypt(password, privateKeyObj.toString());