最近因为一些原因需要用到rust的rsa库进行登录传输加密解密,但是由于官方文档给出的方法解释不太细致,且几乎没有相关的有用博客,导致走了很多弯路,因此写下这个复盘博客,希望可以帮到后来使用这个库的朋友。
基本逻辑:生成rsa公钥和私钥->前端用公钥加密并以字符串的形式传给后端->后端拿到字符串进行解密
直接上代码
use base64::prelude::*;
use rsa::pkcs1::DecodeRsaPrivateKey;
//use rsa::pkcs8::der::DecodePem;
use rsa::pkcs8::{DecodePrivateKey, DecodePublicKey};
//use rsa::pkcs1::DecodeRsaPrivateKey;
use rsa::{Pkcs1v15Encrypt, RsaPrivateKey, RsaPublicKey};
use rsa::{pkcs1::DecodeRsaPublicKey};
fn main() {
//公钥给前端使用
let pem = "
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6rwYLtmvZuOCohT4XZS6
/+VMbYOhUMnQANnVyIKocoAKq16q2HllMoOWDzECqDmIsM/0wozIzLfQ99gOfset
i002OBW/7PWUBGRsQvohMx0PG3l07P8Ny3JFmW1v2y4KVpXYSI2NoZA4MfubPz8z
Lie2pRAYt+ssHJ+kbl7totwW6Tf77LJn8FD6NxJKZ/iXkBMtKU27et0zU+DtFZb2
nHu7lAdbGpxMjR4brokx3eOT4CC+1DCK5Sz+VPtpmgEUEhGr1rmvIowMZKeuzojq
X/3EnuBVhCj4blbB8QK/eVODZYam7hmB+MLwcQ0ZAnvuK0wY9vatFtz8FYIfGasN
UQIDAQAB
-----END PUBLIC KEY-----
";
//私钥给后端使用
//格式一定要严格按照所给格式,不能乱用空格,否则报错
let pem2 ="
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDqvBgu2a9m44Ki
FPhdlLr/5Uxtg6FQydAA2dXIgqhygAqrXqrYeWUyg5YPMQKoOYiwz/TCjMjMt9D3
2A5+x62LTTY4Fb/s9ZQEZGxC+iEzHQ8beXTs/w3LckWZbW/bLgpWldhIjY2hkDgx
+5s/PzMuJ7alEBi36ywcn6RuXu2i3BbpN/vssmfwUPo3Ekpn+JeQEy0pTbt63TNT
4O0Vlvace7uUB1sanEyNHhuuiTHd45PgIL7UMIrlLP5U+2maARQSEavWua8ijAxk
p67OiOpf/cSe4FWEKPhuVsHxAr95U4NlhqbuGYH4wvBxDRkCe+4rTBj29q0W3PwV
gh8Zqw1RAgMBAAECggEALWdRlCpWE6Q5HenJeqxsmVe8d0hpOQu4OJnqEJ05QOCE
b85hZHriuKkcKvcTaP+r8WtgEAuUQYjimjYH47zy1AmMzb9jPs3nogvcpv3j0xOx
WuKc28Sf4fTKApnY83/Nzx6v1aTPuur++6gLyOmMGEblPLtG1Lhf8W9tqk2hUIk7
7TChDZAVsAlzn2QgNXvSHHoOb/T/w4q5qNFUMIIY52E45W/H1M2fkD/iDgiKDffO
/UQbqWbfwdRICKHUsyO62zByo6Tqz4tigcT/KHCeoQpnoHqOU4T48lFx9zMT/p9U
i9V55Gj9auRtpKUPeL7GGFpzAgtB7Hal9rT+VtE9QwKBgQD3QtIpByFIBNqufdDJ
VDqNqvZRuNxNVjrXp+iLID9K/2obDpAGb9vpjsSsd0ZRZXtoLaCCObUkZ+GhFUNq
O1wuWfW0YEc7S33GgGM2VcZThQmI01GG4fBZY7tyylgxHRK6XlBs9nnqTUJ5Aeam
TFTPkFcv/8iCBe1ei7UGqk3rJwKBgQDzB/AQECUbg8yTN3LO0zgdViuSJEoi/0tN
24yu8cW0KqHXzTHVuHHNFvphmJvNlofBnLqZ7wmCHznbq59fkYbG3PLX4tyrEEtK
bBuohDw7R0x4ubEaGa2CfXonUumKN2QShiVmSYQSA0BlzXdTe++q783vz84csWxK
LUeBbo3uxwKBgERCIhpJaZqkHGqHORgbNH7fb1hoHAkNgPj/1WZy5IYjtHr7ri7Y
unDjhM/HrZXS2hqMXf8VRzhhpRv+7rlo4a26D+ZXndJ0qKgf0UOysilkVJl9HMiL
nvpOWfT6fxYv3Heuia1K7aUM5wjYyX+nGtKiGi+aARRD5p9vGe5ZHWGJAoGAIo3Q
XhhNjlnw7kWF904kvlcQHtk2CT/PDyTWHdGWUIV3OV2dZkuxMn2/37x4+oQajTah
eV15Np0F9uux3z6rsP6dMIC66z+H1O8GB7G1dqAuiUOtoI5iExmQEqNBPTue6NtV
2fM96em4cEEEZERM0TsDRsN/BKldQjap4gc7+uUCgYEApXGjvIqSHHxLGjbKwS/A
jPzZDTm3IOv8z3nOQ1zlmXn9sFAfBZbYnN3Nv9SR38/c0fgibfBAxXSQ7ezSC+JG
Tm8wZcaF0eVoeIT0tAwXLhqg1QHeLabooVx4PsqsSqw1jDisL57qKcOo5ckceL9R
2wnNFq+N7orl5A1man+XKaw=
-----END PRIVATE KEY-----
";
//let mut rng = rand::thread_rng(); --官方文档在后端加密,解密,我们实际使用时只用私钥解密
//let public_key = RsaPublicKey::from_public_key_pem(&pem).unwrap();
let private_key = RsaPrivateKey::from_pkcs8_pem(&pem2).unwrap();//通过私钥,生成rsa定义的私钥结构体
//前端传到后端加密后的字符串格式的数据
let font_data =BASE64_STANDARD.decode(b"NnYaK9qmajH/qJktwcl57J8BGIpsXlD/q8vxJnGWPto31I+xLTICtExsIAPvFv+lvQVWdH4tI04D/ZRfholK5m/jSZuyyXWLywY9d4HQegx8Au0dm2EW17mkdhV7/8YDqks/CwCfLX3k4mMY5eNGT/x9hdQowTxN1tB42Za2UYMexIHmnHIu3AZVw4hSgf15J7xghzpLnikYgB3X/MYhUhXgermGPwMUOFxck6GK/nTbl9vvDIvYOCjAABE+WokulbZatJoHbuosvxv9qjI6M4r0VMn5nwC1qjw92mZuQRkMUA34gmWLYZW8sbb1VlPOVnUYJdkA0k9Su1twZYeqIw==").unwrap();
//let enc_data = public_key.encrypt(&mut rng, Pkcs1v15Encrypt, &data[..]).expect("failed to encrypt");
let dec_data = private_key.decrypt(Pkcs1v15Encrypt, &font_data).expect("failed to decrypt");
let dec_sta_str = String::from_utf8_lossy(&dec_data);
println!("解密后的字符串:{}",dec_sta_str);
}
代码可以直接运行,结束。
附几个rsa秘钥网站:https://www.toolhelper.cn/
https://www.lddgo.net/encrypt/rsakey
https://vhelper.pro/zh-cn/rsa-convert-key