1,下载Cursor软件
2,左侧文件栏目新建一个first.java
3,在编辑区输入“//使用RSA公私钥实现JWT令牌的签名和验签”,并且连续输入两个回车(相当于调用Ctrl+K)
AI会自动生成代码,点击“Accept all” ,可以看到AI生成了一个JwtUtil的类,代码如下:
//使用RSA公私钥实现JWT令牌的签名和验签
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.util.Base64;
public class JwtUtil {
private static final String ALGORITHM = "RSA";
private static final String SIGNATURE_ALGORITHM = "SHA256withRSA";
public static String sign(String payload, String privateKeyStr) throws Exception {
byte[] payloadBytes = payload.getBytes();
byte[] privateKeyBytes = Base64.getDecoder().decode(privateKeyStr);
PrivateKey privateKey = KeyUtil.getPrivateKey(privateKeyBytes, ALGORITHM);
Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
signature.initSign(privateKey);
signature.update(payloadBytes);
byte[] signedBytes = signature.sign();
return Base64.getEncoder().encodeToString(signedBytes);
}
public static boolean verify(String payload, String signatureStr, String publicKeyStr) throws Exception {
byte[] payloadBytes = payload.getBytes();
byte[] signatureBytes = Base64.getDecoder().decode(signatureStr);
byte[] publicKeyBytes = Base64.getDecoder().decode(publicKeyStr);
PublicKey publicKey = KeyUtil.getPublicKey(publicKeyBytes, ALGORITHM);
Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
signature.initVerify(publicKey);
signature.update(payloadBytes);
return signature.verify(signatureBytes);
}
private static class KeyUtil {
static PrivateKey getPrivateKey(byte[] privateKeyBytes, String algorithm) throws Exception {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(algorithm);
keyPairGenerator.initialize(2048);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
return keyPair.getPrivate();
}
static PublicKey getPublicKey(byte[] publicKeyBytes, String algorithm) throws Exception {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(algorithm);
keyPairGenerator.initialize(2048);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
return keyPair.getPublic();
}
}
}
AI生成了一个sign函数根据参数字符串(JSON格式)和私有秘钥生成签名,verify根据共用秘钥和参数解密并验证签名有效性,KeyUtil内部类可以分别获取私有秘钥和公共秘钥
4,代码窗口输入//test 按Ctrl+K进入AI对话页面,连续回车两次,自动生成代码:
接收之后可以看到,生成了一个产生令牌和验证令牌有效性的代码:
public static String generateToken(String payload, String privateKeyStr) throws Exception {
String signature = sign(payload, privateKeyStr);
return Base64.getEncoder().encodeToString(payload.getBytes()) + "." + signature;
}
public static boolean verifyToken(String token, String publicKeyStr) throws Exception {
String[] parts = token.split("\\.");
if (parts.length != 2) {
return false;
}
String payload = new String(Base64.getDecoder().decode(parts[0]));
String signature = parts[1];
return verify(payload, signature, publicKeyStr);
}
可以直接用参数JSON字符串和私有秘钥直接生成token,传入token和公共秘钥可以验证token
5,代码窗口输入“//main函数测试”,按住"Ctrl+K",连续回车两次:
生成代码:
//main函数测试
public static void main(String[] args) throws Exception {
String payload = "hello world";
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ALGORITHM);
keyPairGenerator.initialize(2048);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
PrivateKey privateKey = keyPair.getPrivate();
PublicKey publicKey = keyPair.getPublic();
String privateKeyStr = Base64.getEncoder().encodeToString(privateKey.getEncoded());
String publicKeyStr = Base64.getEncoder().encodeToString(publicKey.getEncoded());
String token = generateToken(payload, privateKeyStr);
System.out.println("token: " + token);
boolean verifyResult = verifyToken(token, publicKeyStr);
System.out.println("verifyResult: " + verifyResult);
}
可以看到AI,帮我们生成了完整的RSA token加密解密的全流程代码。经过测试,我已经应用到了实际项目中了。
后续本人还在Cursor界面中调试运行了该段Java代码,下次再介绍。