RSA加密问题（jsencrypt加密 java解密）

最新推荐文章于 2024-05-20 15:57:22 发布

u010457492

最新推荐文章于 2024-05-20 15:57:22 发布

阅读量1.6w

点赞数 1

分类专栏： java 文章标签： Rsa jsencrypt

本文链接：https://blog.csdn.net/u010457492/article/details/78331549

版权

java 专栏收录该内容

2 篇文章 0 订阅

订阅专栏

我这篇博文就是记录我这2天来踩过的坑，为相关相同需求的朋友提供点帮助。

参考文章
http://blog.csdn.net/libraryhu/article/details/50821791

https://github.com/dqmmpb/rsa-demo

https://github.com/travist/jsencrypt -> issue

首先要了解到rsa加密后的byte数组类型需要base64加密才能变成String类型；解密的时候也是需要经过base64处理。同理，js这边rsa加密也是一样的，但是使用jsencrypt.js库人就不需要了，因为库里面会自动用base64处理。其次使用rsa处理的明文不能超过公钥的长度，公钥达到1024就属于安全了，如果用2048会是解密的时间变长，所以就用1024。但是这样就需要把所传的参数分段处理，注意使用slice （js）方法。最后就是上代码了。

<!DOCTYPE html>
<html>
<head>
	<title></title>
	<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
	<script type="text/javascript" src="jquery.min.js"></script>
	<script type="text/javascript" src="base64.js"></script><!-- jsencrpyt lib 下的库 -->
	<script type="text/javascript" src="jsencrypt.min.js"></script>
</head>
<body>
<button id="one" style="width:200px;height:200px;"></button>
<button id="two" style="width:200px;height:200px;"></button>
</body>
	<script type="text/javascript">
	var token;

	//尽量长yidia
	var sRequestData = "在这样雨雪交加的日子里，如果没有什么紧要事，人们宁愿一整天足不出户。因此，县城的大街小巷倒也比平时少了许多嘈杂。";
	$(function () {
		$("#one").on("click", function() {
			 $.post("http://192.168.102.136:8080/mxpp-web/servlet/user/getTokenServlet",{},function(result){
   				 token = result.token;
  			 	console.log(token);
  			 });
		});

		$("#two").on("click", function() {
			 var encrypt = new JSEncrypt();
	         encrypt.setPublicKey(token);
	         var arr=Array();
			 var arr1=Array();
			 var str = "";

			  var byteData = str2UTF8(sRequestData);

			  if(byteData.length > 128) {
				 var arr=Array();
			     var arr1=Array();
			     for(var i=0;i<sRequestData.length;i+=37){ //约定好的用37就算中文也不会超过长度
			     	arr.push(sRequestData.slice(i,i+37)); //slice比substring更好
			     }
			     console.log(arr);
			     for(var i in arr){
			     	arr1.push(encrypt.encrypt(arr[i]));
			        console.log(arr[i]);
			     }
			     str=arr1.join(',');
			  } else {
			  	str = encrypt.encrypt(sRequestData);
			  }
	        
			 $.post("http://192.168.102.136:8080/mxpp-web/servlet/user/test",{jsonStr:str, token:token},function(result){
			 	debugger;
   				 token = result.token;
  			 });
		});
	});

	function str2UTF8(str){  
	    var bytes = new Array();   
	    var len,c;  
	    len = str.length;  
	    for(var i = 0; i < len; i++){  
	        c = str.charCodeAt(i);  
	        if(c >= 0x010000 && c <= 0x10FFFF){  
	            bytes.push(((c >> 18) & 0x07) | 0xF0);  
	            bytes.push(((c >> 12) & 0x3F) | 0x80);  
	            bytes.push(((c >> 6) & 0x3F) | 0x80);  
	            bytes.push((c & 0x3F) | 0x80);  
	        }else if(c >= 0x000800 && c <= 0x00FFFF){  
	            bytes.push(((c >> 12) & 0x0F) | 0xE0);  
	            bytes.push(((c >> 6) & 0x3F) | 0x80);  
	            bytes.push((c & 0x3F) | 0x80);  
	        }else if(c >= 0x000080 && c <= 0x0007FF){  
	            bytes.push(((c >> 6) & 0x1F) | 0xC0);  
	            bytes.push((c & 0x3F) | 0x80);  
	        }else{  
	            bytes.push(c & 0xFF);  
	        }  
	    }  
	    return bytes;  
	}  

	</script>
</html>



import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;

import javax.crypto.Cipher;

import org.bouncycastle.jce.provider.BouncyCastleProvider;

import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;

/**
 * rsa加密
 * 此类主要针对于jsencrypt.js给明文加密，server端java解密
 * @author liangjiawei
 *
 */
@SuppressWarnings("restriction")
public class RSAUtil {
	public static final Provider provider = new BouncyCastleProvider();

	private static final String PUBLIC_KEY = "RSAPublicKey";

	private static final String PRIVATE_KEY = "RSAPrivateKey";

	private static final String charSet = "UTF-8";
	
	public static final String KEY_ALGORITHM = "RSA";

	// 种子,改变后,生成的密钥对会发生变化
	//private static final String seedKey = "seedKey";

	/**
     * RSA最大加密明文大小
     */
    private static final int MAX_ENCRYPT_BLOCK = 117;
    
    /**
     * RSA最大解密密文大小
     */
    private static final int MAX_DECRYPT_BLOCK = 128;
	
	/**
	 * 生成密钥对(公钥和私钥)
	 * @return
	 * @throws Exception
	 */
	public static synchronized Map<String, Object> generateKeyPair() throws Exception {
		KeyPairGenerator kpg = KeyPairGenerator.getInstance(KEY_ALGORITHM, provider);
		kpg.initialize(1024, new SecureRandom());//seedKey.getBytes()
		KeyPair keyPair = kpg.generateKeyPair();
		RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
		RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
		Map<String, Object> keyMap = new HashMap<String, Object>(2);
		keyMap.put(PUBLIC_KEY, publicKey);
		keyMap.put(PRIVATE_KEY, privateKey);
		return keyMap;
	}

	public static PublicKey getPublicRSAKey(String modulus, String exponent)
			throws Exception {
		RSAPublicKeySpec spec = new RSAPublicKeySpec(
				new BigInteger(modulus, 16), new BigInteger(exponent, 16));
		KeyFactory kf = KeyFactory.getInstance(KEY_ALGORITHM, provider);
		return kf.generatePublic(spec);
	}

	/**
	 * 获取公钥
	 * @param key base64加密后的公钥
	 * @return
	 * @throws Exception
	 */
	public static PublicKey getPublicRSAKey(String key) throws Exception {
		X509EncodedKeySpec x509 = new X509EncodedKeySpec(decryptBase64(key));
		KeyFactory kf = KeyFactory.getInstance(KEY_ALGORITHM, provider);
		return kf.generatePublic(x509);
	}

	/**
	 * 获取私钥
	 * @param key base64加密后的私钥
	 * @return
	 * @throws Exception
	 */
	public static PrivateKey getPrivateRSAKey(String key) throws Exception {
		PKCS8EncodedKeySpec pkgs8 = new PKCS8EncodedKeySpec(decryptBase64(key));
		KeyFactory kf = KeyFactory.getInstance(KEY_ALGORITHM, provider);
		return kf.generatePrivate(pkgs8);
	}

	/**
	 * 加密
	 * @param input 明文
	 * @param publicKey 公钥
	 * @return
	 * @throws Exception
	 */
	public static byte[] encrypt(String input, PublicKey publicKey)
			throws Exception {
		Cipher cipher = Cipher.getInstance("RSA/None/PKCS1Padding", provider);
	    cipher.init(Cipher.ENCRYPT_MODE, publicKey);
	    byte[] re = cipher.doFinal(input.getBytes(charSet));
	    return re;
	}

	/**
	 * 解密
	 * @param encrypted 
	 * @param privateKey
	 * @return
	 * @throws Exception
	 */
	public static byte[] decrypt(byte[] encrypted, PrivateKey privateKey)
			throws Exception {
		Cipher cipher = Cipher.getInstance("RSA/None/PKCS1Padding", provider);
	    cipher.init(Cipher.DECRYPT_MODE, privateKey);
	    byte[] re = cipher.doFinal(encrypted);
	    return re;
	}
	/**
	 * base64加密
	 * @param key
	 * @return
	 * @throws Exception
	 */
	public static byte[] decryptBase64(String key) throws Exception {
		return (new BASE64Decoder()).decodeBuffer(key);
	}
	
	/**
	 * base64解密
	 * @param key
	 * @return
	 * @throws Exception
	 */
	public static String encryptBase64(byte[] key) throws Exception {
		return (new BASE64Encoder()).encodeBuffer(key);
	}
	
	public static String getPrivateKey(Map<String, Object> keyMap)
            throws Exception {
        Key key = (Key) keyMap.get(PRIVATE_KEY);
        return encryptBase64(key.getEncoded());
    }

    public static String getPublicKey(Map<String, Object> keyMap)
            throws Exception {
        Key key = (Key) keyMap.get(PUBLIC_KEY);
        return encryptBase64(key.getEncoded());
    }
    
    /**
     * 分段解密
     * @param jsonEncryptStr 密文 格式 base64(rsa(明文)),base64(rsa(明文)),base64(rsa(明文))
     * @param privateKey base64加密后的秘钥
     * @return
     * @throws Exception
     */
    public static String segmentdecrypt(String jsonEncryptStr, String privateKey) throws Exception {
    	String jsonStr = "";
    	String[] str = jsonEncryptStr.split(",");
		if(str !=null && str.length > 0) {
			int inputLen = str.length;
	        ByteArrayOutputStream out = new ByteArrayOutputStream();
	        byte[] cache;
	        int i = 0;
	        // 对数据分段解密
	        while (inputLen - 1 >= 0) {
	        	byte[] bt = RSAUtil.decryptBase64(str[i]);
	            cache = RSAUtil.decrypt(bt, RSAUtil.getPrivateRSAKey(privateKey));
	            out.write(cache, 0, cache.length);
	            i++;
	            inputLen--;
	        }
	        
	        
	        byte[] decryptedData = out.toByteArray();
	        out.close();
	        jsonStr = new String(decryptedData);
		}
		return jsonStr;
    }
}

//生成公钥私钥
		try {
			Map<String, Object> map = RSAUtil.generateKeyPair();
			String publicKey = RSAUtil.getPublicKey(map);
			String privateKey = RSAUtil.getPrivateKey(map);
			
			ICacheClient client = WebContextHolder.getCacheClient();
			client.set(publicKey, privateKey);
			
			comRes.setRetCode(GetTokenRes.OPT_RESULT_SUCCESS);
			comRes.setToken(publicKey);
		} catch (Exception e) {
			log.error(DataTypeConstant.MOD_CODE_SUBTYPE16, "getTokenServlet", "用户生成公钥接口异常.", e);
			comRes.setErrMsg("用户TOKEN生成失败！");
		}
		
		String jsonResult = JSON.toJSONString(comRes, SerializerFeature.WriteMapNullValue, 
				SerializerFeature.WriteNullStringAsEmpty, SerializerFeature.WriteNullNumberAsZero);
		
		return writeAjaxResponse(jsonResult);

ICacheClient client = WebContextHolder.getCacheClient();
			String privateKey = client.get(token);
			jsonStr = RSAUtil.segmentdecrypt(jsonEncryptStr, privateKey);

u010457492

关注

1
点赞
踩
9

收藏

觉得还不错? 一键收藏
5
评论
RSA加密问题（jsencrypt加密 java解密）

我这篇博文就是记录我这2天来踩过的坑，为相关相同需求的朋友提供点帮助。参考文章http://blog.csdn.net/libraryhu/article/details/50821791https://github.com/dqmmpb/rsa-demohttps://github.com/travist/jsencrypt -> issue首先
复制链接

扫一扫