1、导入依赖
<dependency>
<groupId>cn.hutool</groupId>
<artifactId>hutool-all</artifactId>
<version>5.7.7</version>
</dependency>
2、生成非对称密钥 通过 hutool工具类
/**
生成密钥对
**/
public void downloadEncrypt(HttpServletResponse response) {
KeyPair rsa = SecureUtil.generateKeyPair("RSA");
String outPublic = Base64.encode(rsa.getPublic().getEncoded());
String inPrivate = Base64.encode(rsa.getPrivate().getEncoded());
}
3、进行数据的加解密
AESUtils文件
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.crypto.*;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;
public class AesUtils {
private final static Logger logger = LoggerFactory.getLogger(AesUtils.class);
public static String encrypt(String secretKey,
String plainText) throws NoSuchPaddingException,
NoSuchAlgorithmException, InvalidKeyException,
BadPaddingException, IllegalBlockSizeException {
SecretKeySpec secretKeySpec = getKeySpec(secretKey);
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
byte[] cipherText = cipher.doFinal(plainText.getBytes(StandardCharsets.UTF_8));
return Base64.getEncoder().encodeToString(cipherText);
}
public static String decrypt(String secretKey,
String cipherText) throws NoSuchPaddingException,
NoSuchAlgorithmException, InvalidKeyException,
BadPaddingException, IllegalBlockSizeException {
SecretKeySpec secretKeySpec = getKeySpec(secretKey);
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec);
byte[] plainText = cipher.doFinal(Base64.getDecoder().decode(cipherText));
return new String(plainText, StandardCharsets.UTF_8);
}
static SecretKeySpec getKeySpec(String base64Key) {
return new SecretKeySpec(Base64.getDecoder().decode(base64Key), "AES");
}
/**
* 加密
*/
public static Map<String,String> doEncrypt(Object obj, String extraParams) {
String cipherText;
String rsaKey;
try {
KeyGenerator generator = KeyGenerator.getInstance("AES");
generator.init(128);
SecretKey key = generator.generateKey();
String base64Key = Base64.getEncoder().encodeToString(key.getEncoded());
cipherText = AesUtils.encrypt(base64Key, obj.toString()); //密文
rsaKey = RsaUtils.encrypt(extraParams, base64Key);
} catch (Exception e) {
LoggerUtil.info(logger,"encrypt failed"+ e+"origin param: " + obj.toString());
throw new RuntimeException("加密失败");
}
Map<String,String> encryptObj = new HashMap<>();
encryptObj.put("encryptKey",rsaKey);
encryptObj.put("encryptData",cipherText);
return encryptObj;
}
/**
* 加密
*/
public static String doDecrypt(String pwd,String encryptKey, String encryptData) {
String cipherText;
try {
String encrypt = RsaUtils.encrypt(pwd, encryptKey);
cipherText = AesUtils.encrypt(encrypt,encryptData);
} catch (Exception e) {
LoggerUtil.info(logger,"doDecrypt failed"+ e+"origin param: " + encryptKey+encryptData);
throw new RuntimeException("解密失败");
}
return cipherText;
}
}
RsaUtils 文件
import org.apache.commons.codec.DecoderException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import java.nio.charset.StandardCharsets;
import java.security.*;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
public class RsaUtils {
private static final String RSA = "RSA";
private static final String ALG = "RSA/ECB/PKCS1Padding";
/**
* 加密
* @param publicKeyForBase64
* @param plainText
* @return
*/
public static String encrypt(String publicKeyForBase64,
String plainText) throws NoSuchPaddingException,
NoSuchAlgorithmException,
IllegalBlockSizeException, BadPaddingException,
InvalidKeySpecException, InvalidKeyException {
PublicKey publicKey = loadPublicKey(publicKeyForBase64);
Cipher cipher = Cipher.getInstance(ALG);
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
return Base64.getEncoder()
.encodeToString(cipher.doFinal(plainText.getBytes(StandardCharsets.UTF_8)));
}
/**
* 解密
*/
public static String decrypt(String privateKeyForBase64,
String cipherText) throws NoSuchAlgorithmException,
InvalidKeySpecException, InvalidKeyException,
IllegalBlockSizeException, BadPaddingException,
NoSuchPaddingException, DecoderException {
PrivateKey privateKey = loadPrivateKey(privateKeyForBase64);
Cipher cipher = Cipher.getInstance(ALG);
cipher.init(Cipher.DECRYPT_MODE, privateKey);
byte[] bytes = cipher.doFinal(Base64.getDecoder().decode(cipherText));
return new String(bytes, StandardCharsets.UTF_8);
}
private static PublicKey loadPublicKey(String keyBase64) throws NoSuchAlgorithmException,
InvalidKeySpecException {
byte[] pubKey = Base64.getDecoder().decode(keyBase64);
X509EncodedKeySpec spec = new X509EncodedKeySpec(pubKey);
KeyFactory factory = KeyFactory.getInstance(RSA);
return factory.generatePublic(spec);
}
private static PrivateKey loadPrivateKey(String keyBase64) throws NoSuchAlgorithmException,
InvalidKeySpecException {
KeyFactory keyFactory = KeyFactory.getInstance(RSA);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(
Base64.getDecoder().decode(keyBase64));
return keyFactory.generatePrivate(keySpec);
}
测试数据加解密
import java.util.Map;
/**
* @Description: 数据加解密demo
*/
public class TestDemo {
public static void main(String[] args) {
cryptoData("123");
decrypt("key","Data");
}
/**
* 数据加密
* @param obj 数据体
* @return
*/
public static Map<String, String> cryptoData(Object obj){
Map<String, String> map = null;
try {
String json = JSON.toJSONString(obj);
map = AesUtils.doEncrypt(json,"公钥");
}catch (Exception e){
}
return map;
}
/**
* 数据解密
* @param encryptKey 密文key
* @param encryptData 密文data
* @return
*/
public static String decrypt(String encryptKey,String encryptData) {
try {
String decrypt = RsaUtils.decrypt("私钥", encryptKey);
return AesUtils.decrypt(decrypt, encryptData);
} catch (Exception e) {
return null;
}
}
4、文件加解密 对称 AES方式
加密之后的文件 会出现乱码 打不开的情况
加密密钥对 使用对称生成 128位 64 位 32位 密钥 进行文件加密
KeyGenerator generator = KeyGenerator.getInstance("AES");
generator.init(128);
SecretKey key = generator.generateKey();
String base64Key = Base64.getEncoder().encodeToString(key.getEncoded());
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.io.*;
public class FileAes {
// 加密类型,支持这三种DESede,Blowfish,AES
private static final String ENCRYPT_TYPE = "AES";
// 加密秘钥,长度为32字节
private static final String ENCRYPT_KEY = "mQbJILokBccRHUkS+XBk7A==";
/**
* 加密文件
* @param srcFileName 要加密的文件
* @param destFileName 加密后存放的文件名
* @param encryptKey 密钥
*/
public static boolean encryptFile(String srcFileName, String destFileName,String encryptKey) {
InputStream is = null;
OutputStream out = null;
CipherInputStream cis = null;
try {
is = new FileInputStream(srcFileName);
out = new FileOutputStream(destFileName);
Cipher cipher = Cipher.getInstance(ENCRYPT_TYPE);
SecretKey deskey = new SecretKeySpec(encryptKey.getBytes(), ENCRYPT_TYPE);
cipher.init(Cipher.ENCRYPT_MODE, deskey);
// 创建加密流
cis = new CipherInputStream(is, cipher);
byte[] buffer = new byte[1024];
int r;
while ((r = cis.read(buffer)) > 0) {
out.write(buffer, 0, r);
}
out.flush();
return true;
} catch (Exception e) {
e.printStackTrace();
return false;
} finally {
try {
if (cis != null) {cis.close();}
} catch (IOException e) {}
try {
if (is != null) {is.close();}
} catch (IOException e) {}
try {
if (out != null) {out.close();}
} catch (IOException e) {}
}
}
/**
* 解密文件
* @param srcFileName 要解密的文件
* @param destFileName 解密后存放的文件名
* @param decryptKey 密钥
*/
public static boolean decryptFile(String srcFileName, String destFileName,String decryptKey) {
InputStream is = null;
OutputStream out = null;
CipherOutputStream cos = null;
try {
is = new FileInputStream(srcFileName);
out = new FileOutputStream(destFileName);
SecretKey deskey = new SecretKeySpec(decryptKey.getBytes(), ENCRYPT_TYPE);
Cipher cipher = Cipher.getInstance(ENCRYPT_TYPE);
cipher.init(Cipher.DECRYPT_MODE, deskey);
// 创建解密流
cos = new CipherOutputStream(out, cipher);
byte[] buffer = new byte[1024];
int r;
while ((r = is.read(buffer)) > 0) {
cos.write(buffer, 0, r);
}
out.flush();
return true;
} catch (Exception e) {
e.printStackTrace();
return false;
} finally {
try {
if (cos != null) {cos.close();}
} catch (IOException e) {}
try {
if (is != null) {is.close();}
} catch (IOException e) {}
try {
if (out != null) {out.close();}
} catch (IOException e) {}
}
}
}