Rsa 非对称加密解密互通推荐使用三方包快捷方便
Legion of the Bouncy Castle Inc (github.com)
工具
通过代码生成或则使用openssl生成秘钥
推荐安装openssl
OpenSSL的github地址:GitHub - openssl/openssl: TLS/SSL and crypto library
mac电脑安装包推荐用:
brew Homebrew — The Missing Package Manager for macOS (or Linux)
windows电脑安装包
下载地址:Win32/Win64 OpenSSL Installer for Windows - Shining Light Productions
生成证书命令
生成私钥
openssl genrsa -out private.key 2048
生成一个X.509公钥证书文件
openssl req -new -x509 -key private.key -out publickey.cer -days 365
合并正式pfx文件(C# windows使用)
openssl pkcs12 -export -out certificate.pfx -inkey private.key -in publickey.cer
生成一个rsa公钥
openssl rsa -pubout -in private.key -out publickey.pem
使用场景
- 数据传输加密解密
- jwt生成令牌
- 其他接口使用
秘钥内容规范
- 公钥私钥都是使用base64字符串
- 通过公钥或私钥加密后的字符串也是base64
- 只有解密后的字符串明文
测试秘钥
私钥
String privateKey = "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC+hQZ0KLLp4gRcm7Kg2IFv6xzWxZ4Hdi4xIbCwHNt6zptCA17PC0pO01F2j5MzeWTdooCj3c+w3s2hVjtEL72AobdWNijvzm1xkGXNuh6oBncPCggxTYK379DrhcHelvdW8RGIwY6qkDftQrEPaobSIG3YT07J9G5vWHo78jnkTcyJtP1fwbZENDzRgiBZWRD0PgeLfL3E7wm5TJ7PORNuDLF+RraLChljAYLIlpRZR71I5eH8d6lmYyaPugn0QFTM9RemEv09TSXw80KSX6zuoP/RISJFPRG5BI050LVSzeA/iNKbU7qdn3CQ4GbemJJ5YDSzwl+d2uZc6ZIOjHDTAgMBAAECggEABY9LO2uOoQ2j8/HlOhVnXZU+X7QfovcbbPqfNdx5uTE7Tadchm09a2R2TZ/t+0QRIfiiiWWpMG+oD4u9KgW8oXrWp1DoS+s5vWUp22GRkHSz18ACsjGhXW3FqoHaQP0l1acuTE/dsnOH9kgKc7k3mv0wR241DeawrFYoJwSwFM31fdQjqjx389741f47GPP2Tp4oqNzzj2QyBSYREqAosulwDaB464cwpZ6+AcjcxCGTZtwlVO7xuUBDny6PxK8bA4eTjd8//j/BHCEgoi3zVd2lANQYYkTS33b6UUfNNB3ndDhfLalLth8AXuKoJZld13O96xazCbFdeOD6JlomyQKBgQDrtbveOJfGOsPeokvi6dNl5WfigRyhyhnrohbVdON6kZMJCHJt7u/1C2HAV134TUvSlUWDdLOXvShlbcRWC3w3NWfQkFkRvID3PQyk2YfKsNQtwdse9bRxrMZh9SE1bj+E0srkHE4NgtwZ7IVinQkR7xuntocqy8mKpBDOyM27aQKBgQDO63KHthq4PYTjG7oTg5e0N2ZFTARcc98I5TQESnD+g/pdjx/n9y0xay6RLfnS/uMmJHX6ZTGtG+EFVvE5qmft2qsu7kPPU5aGZOTXPTdBGmXV8fIfo7OS9U52MXYT0Jja+R0Mz2gCt3rsYBXPA5VVMelYVuYw0b8DvvGn/RZu2wKBgB+rAfugNNwAJzKxMWriKXHGOYfX+uXNxl+/Hjw9gRaFmnCbPuyALqMIjXCPDGQA1pALWBSKSFq5okTGU5uP3Xd5aGJAEodsgRM2k41OYI0d5tPi+LKXJlAje1/L1FNeZZBN1c6B8wajrziYa29NU9uh+WA2CMD6MjC7TDrMBcAJAoGAL8N5tIn8sPrCagpEcay2oAsJuIVLnGvC2DLQRw1H9/hPGrmnC8yqyfWL0kdim6nqlStlcF9bkDIXRzxCgqUrSGRpj3PAg2MwI+W2TVj8IDMPvssSsOsA0LN/YRkZwIkuP52xbvuRbs8buOSVJCwXlIro6lNk33ALP7ob3kM1onECgYEAlYzFDeeMHjPlVj5phoV3sQmCByAN9ruWkS56Y2Nwd2ZGSE1a9/stEWml0hcp3Bm6TSMYlf5kMy1LtOMj1b519jyflZo9wbUCqJ5T37NqLMuD5Zer7PcaxhTs0podUPCjZUEi0OTrnQmcepaiMylSE1M33ld4/nJsoJvrj1ILMBU=";
公钥
String publicKey = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoUGdCiy6eIEXJuyoNiBb+sc1sWeB3YuMSGwsBzbes6bQgNezwtKTtNRdo+TM3lk3aKAo93PsN7NoVY7RC+9gKG3VjYo785tcZBlzboeqAZ3DwoIMU2Ct+/Q64XB3pb3VvERiMGOqpA37UKxD2qG0iBt2E9OyfRub1h6O/I55E3MibT9X8G2RDQ80YIgWVkQ9D4Hi3y9xO8JuUyezzkTbgyxfka2iwoZYwGCyJaUWUe9SOXh/HepZmMmj7oJ9EBUzPUXphL9PU0l8PNCkl+s7qD/0SEiRT0RuQSNOdC1Us3gP4jSm1O6nZ9wkOBm3piSeWA0s8JfndrmXOmSDoxw0wIDAQAB";
JAVA代码
引入mvn包
<!-- https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk16 --> <dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcprov-jdk16</artifactId> <version>1.46</version> </dependency>
java 帮助类
import org.bouncycastle.crypto.AsymmetricBlockCipher; import org.bouncycastle.crypto.AsymmetricCipherKeyPair; import org.bouncycastle.crypto.KeyGenerationParameters; import org.bouncycastle.crypto.encodings.PKCS1Encoding; import org.bouncycastle.crypto.engines.RSAEngine; import org.bouncycastle.crypto.generators.RSAKeyPairGenerator; import org.bouncycastle.crypto.params.AsymmetricKeyParameter; import org.bouncycastle.crypto.params.RSAKeyGenerationParameters; import org.bouncycastle.crypto.params.RSAKeyParameters; import org.bouncycastle.crypto.util.PrivateKeyFactory; import org.bouncycastle.crypto.util.PublicKeyFactory; import org.bouncycastle.util.encoders.Base64; import java.math.BigInteger; import java.security.SecureRandom; import java.nio.charset.StandardCharsets; public class RSAUtil { public static String RSA_ALGORITHM = "RSA"; public static String UTF8 = "UTF-8"; public static class KeyStore { private String publicKey; private String privateKey; public String getPublicKey() { return publicKey; } public void setPublicKey(String publicKey) { this.publicKey = publicKey; } public String getPrivateKey() { return privateKey; } public void setPrivateKey(String privateKey) { this.privateKey = privateKey; } } /** * 创建公钥私钥 */ public static KeyStore createKeys() { try { AsymmetricCipherKeyPair keyPair = getAsymmetricCipherKeyPair(); RSAKeyParameters publicKey = (RSAKeyParameters) keyPair.getPublic(); RSAKeyParameters privateKey = (RSAKeyParameters) keyPair.getPrivate(); // 将公钥和私钥编码为Base64字符串