jwt 简介(java)
提示:jwt的相关概念,基本原理,常用命令及java实现。
一、openssl生成密钥对
生成私钥
openssl genrsa -out privatekey.pem 2048
生成公钥
openssl genrsa -out privatekey.pem 2048
privatekey.pem
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAwLH3uWZ9Y5kn5+hSV2hcUrArmUDWjHhFuAWOhBZQgsg2yabf
......
ytTGE0j3mjQDA8NzRinHqkgGpOrM6dbo4MnfddAOkYGFwx959xIYv9o=
-----END RSA PRIVATE KEY-----
publickey.pem
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLH3uWZ9Y5kn5+hSV2hc
......
AddsYG2Xt+IB3KWzqfRYMZTWKoQ0cMPyc3KZWL3u0JZKjly/IX9vzKJkZyh9zGgF
0wIDAQAB
-----END PUBLIC KEY-----
pem的三种格式
PKCS#1 PEM (-----BEGIN RSA PRIVATE KEY-----)
PKCS#8 PEM (-----BEGIN PRIVATE KEY-----)
PKCS#8 DER (binary)
openssl pkcs8 -in key.pem -topk8 -nocrypt -out pk8key.pem
二、java读取并使用密钥进行加解密
package com.example.demo;
import javax.crypto.Cipher;
import java.io.*;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.Base64;
public class RSADemo {
private static final String PKCS_1_PEM_HEADER = "-----BEGIN RSA PRIVATE KEY-----";
private static final String PKCS_1_PEM_FOOTER = "-----END RSA PRIVATE KEY-----";
private static final String PKCS_8_PEM_HEADER = "-----BEGIN PRIVATE KEY-----";
private static final String PKCS_8_PEM_FOOTER = "-----END PRIVATE KEY-----";
private static final String PUBLIC_HEADER = "-----BEGIN PUBLIC KEY-----";
private static final String PUBLIC_FOOTER = "-----END PUBLIC KEY-----";
private static final String privateKeyPath = "src/main/resources/static/privatekey.txt";
private static final String publicKeyPath = "src/main/resources/static/publickey.txt";
public static String readFile(String path) throws IOException {
BufferedReader fis =