Spring-boot如何使用RSA加密

RSA加密

  • 一、什么是RSA加密?
  • 二、如何使用RSA
    • 1.生成私钥和公钥
    • 2.将生成的秘钥放到application.properties中
    • 3.前端请求公钥
    • 4.后端随机获取公钥给前端
    • 5.前端加密Ajax发送(登录为例)
    • 6.后端解密(登录为例)

一、什么是RSA加密?

RSA加密算法是一种非对称加密算法。
由后端生成公钥和私钥,公钥和私钥为一对一的关系。
将公钥传给前端,前端:公钥+value生成密文。
后端拿到密文时,取出私钥:密文 - 私钥 = value
通过这样的形式将传输内容保密。

Spring-boot如何使用RSA加密_第1张图片

二、如何使用RSA

1.生成私钥和公钥

exportKeys()可以生成公钥和私钥,为了避免运行时耗时生成秘钥,毕竟算法的东西,很吃cpu的。我的做法是先生成几对秘钥,需要时,随机获取就好了。

package com.kid.test;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.FileUtils;
import org.junit.Test;
import com.kid.util.RSA;
import java.io.File;
import java.util.Map;
/**
 * @ClassName RSATest
 * @Description TODO
 * @Autor T_Antry
 * @Date 2020/10/20 16:44
 * @Version 1.0
 */
public class RSATest {
    @Test
    public void exportKeys() throws Exception {
        Map<String, Object> keyMap = RSA.genKeyPair();
        //公钥
        String publicKey = RSA.getPublicKey(keyMap);
        //私钥
        String privateKey = RSA.getPrivateKey(keyMap);
        System.out.println("公钥:/n" + publicKey);
        System.out.println("私钥:/n" + privateKey);
    }
    @Test
    public void testDecryptEncrypt() throws Exception {
        // 公钥 可以放指定位置
        String publicKeyStr = FileUtils.readFileToString(new File("/data3/pem/publickey.pem"),"UTF-8");
        String privateKeyStr = FileUtils.readFileToString(new File("/data3/pem/privatekey.pem"),"UTF-8");
        String sign = "abcccccc";
        byte[] encryptSign = RSA.encryptByPublicKey(sign.getBytes(),publicKeyStr);
        String base64Sign = Base64.encodeBase64String(encryptSign);
        System.out.println("加密后的sign: "+base64Sign);
        //私钥解密
        byte[] decryptStr = RSA.decryptByPrivateKey(Base64.decodeBase64(base64Sign),privateKeyStr);
        System.out.println("解密后的sign: "+new String(decryptStr));
    }
}

2.将生成的秘钥放到application.properties中

public.key1=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUbrAGx2GtC8VMD+i/4FVjZn8d3eoonKPO0f33OENe06cK/rjMNqIgul2R4NvOiRqHY6WvBlv9nKj3WoU/LTZMxcPs4tdpP57ACQw135oe9afgvDs7iC7nJLbMI01FOz1Zr1ttrBy4VEnemfZiXXWs/wEZ00Nnjv4dMNfIVeXGBQIDAQAB
private.key1=MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJRusAbHYa0LxUwP6L/gVWNmfx3d6iico87R/fc4Q17Tpwr+uMw2oiC6XZHg286JGodjpa8GW/2cqPdahT8tNkzFw+zi12k/nsAJDDXfmh71p+C8OzuILucktswjTUU7PVmvW22sHLhUSd6Z9mJddaz/ARnTQ2eO/h0w18hV5cYFAgMBAAECgYBf/56VI8qGcsBtyzRLNLnFCftYw7e4AGbpUmMgyyC3acf1knzOht8gr6fouzcuQvoHamkz47cHNZUKNV9MVt9wlX7kELiAJjRb7JDgCNW5BPyujpoKmvmDbtoJ5a0d9CLDiw9s0G1x/uL/qQwEUx9WR5ZosYvA25SYGf111PQ9WQJBAN42gZbEB4I8DjJzLcYlRaxSP/m9IriMkLE+NmlBfKQrQqvN/lTF6pNMIOISyo1w3NZHIBmHRk3qes8ImwwqeI8CQQCrAFJUzkUbcflzqYQ3t4pUsOQbZ+ZQEwZHCK0dQrYKY5FbD/RJ4YilMLmlswZ6Svx/SKHZBJquU58CJIHdqxorAkBU+fcYlqJgdWLgfBdXHM3GFjYM5P0wIeD7RtU77yUhCsIWPVIzTPRlm8k/avw2lqB8+PoXiRmjljWckqfoQR2VAkEAnDRNAP7zjeCNOCSPjL3ydO6pUIeWkWrvfw/j4yi/VboiW4a1Zo/I3O0niL+CmU/KWxMkFTPpgHkOdUyX/L+BxQJAd/Z+4uyiJdsjWEUJHbrq/3UF/BBAzqsprtn/B6aZQYlSueBArTjPiLfMt8SQpp+JPAOw8F8vAw0vkT/Jt7YN1Q==
public.key2=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCK2aleN1psUoT71tOn1FubyJzXz+1MQOo8xWlsKFwGfZXAZ2iIsq2B2F7UQgDMkzQOqh95J2qacIPU87uL6pCYJOnyG+VT+XldbW5y1h3zOg/dub/pZnmUM1azcvlH1m5XcGdWbEeCL2nZ2lM2152Qhwo0F2YxTX21IKK8aoAtfwIDAQAB
private.key2=MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAIrZqV43WmxShPvW06fUW5vInNfP7UxA6jzFaWwoXAZ9lcBnaIiyrYHYXtRCAMyTNA6qH3knappwg9Tzu4vqkJgk6fIb5VP5eV1tbnLWHfM6D925v+lmeZQzVrNy+UfWbldwZ1ZsR4IvadnaUzbXnZCHCjQXZjFNfbUgorxqgC1/AgMBAAECgYAjPD8duKBKstoqaobFpT8mFk+u+IX4ftSyXUp2dvt7bi0taVB+uBENzVGrPaCkSYrBWeyouxbzYDAkP0HNrNXKU8tU2dxHQSxxHEqLeWnxZcmCqlAsggu5q/UXOQ0wIWfBmOA6Ub4CEB4mM9qJxGs3s40CdoUS73w4mtBhgYCcwQJBAO97KiwhrXbg0X+7HFN72Pd06WDszjeHaC7f2mp1ywNkMEyT3cr5JM/FXEGEsRopF3YFJWcSSF0zvfk738FZjWECQQCUbYY0rSzKjBLtwISU/ZXyVSAI7B9Z+yZ/CrmZQzQw/AmbRylbXvYZtYqC8+b+Sk9PGpt252H295DOQvH/RcbfAkAGQJHuSwbLVr1Bd3Ia393fQAcjx6rumjNnHeMG6oJdWU1FgorE1NJYNk/dSgiRpUb+hs3eLgUDoekwy5Zg5uShAkEAklLm20ddwNAWWQxRqA/WovAIhMNCpRJTASsxjUYTTbcqQUoGG22ib/XodvC76DSZuwIgAThZ+35T4wNcTqwbQQJAKXZCBUU8oB408hMOPe80ny1YKMSDG/EvXW0L6Wuf2Xa0oBn+602wGHc+nw6gYmKXEHzxvOqDPBwCRI+Klq48Yg==
public.key3=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCXD1CH6Lbw85cPp78PM/LkDrLZbjlwPkhd/9ZdzUq/3TSPykEoaElO8rN5KFp0vKl2dt+XQURAyDOvpwNfAYRQwKHRc2o4ozqPng6yTnliASU92KX0Yx6HXlmf2PimQyiLFSzyRBUv4Do/4Ef1TRH1pxFf6L5sl6u84F5Yz9HvMwIDAQAB
private.key3=MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJcPUIfotvDzlw+nvw8z8uQOstluOXA+SF3/1l3NSr/dNI/KQShoSU7ys3koWnS8qXZ235dBREDIM6+nA18BhFDAodFzajijOo+eDrJOeWIBJT3YpfRjHodeWZ/Y+KZDKIsVLPJEFS/gOj/gR/VNEfWnEV/ovmyXq7zgXljP0e8zAgMBAAECgYBxDa0fijMgMa4ksU50elSWCcogoDWso3BVqVst6K7A2TS1SJFrRGFZDJr1WhYYt/m8B0tfUCFcuni0RTJosCHth2NglQlH3BYpiKQJF7twjzklfGSw5V/oATNNn2Jc7Ovr8zIQZgFEafctj8yD93TfE4zywyrcP7+B+LRxjLbCAQJBAMUyG7ppUvbyB5/lVI4JGS/YQCqsmpykYjVS05PQq/CdcG0I1WFUt+bcE4/uNU4PQxRr6HMHonHGi2l2AKi7gBMCQQDEGzKmyeFYHZPmNPcOdIALqlSgWbxDvOzTtCu/9S5lCVMynG6Zlp4UXVco7EpZ/YcP2UBtFUjHAh7XM/Nu/PhhAkBAnE9rf5D4aorHABv5Qc/n1kIH+W/bPR0UfaPnParodp1cjFVlw51R3e/m69S5U9TVvxl1fx3hi30oO8qxfmXTAkBzHFfmCVhqBaqcFXjzljTXJBtaqHHW/R2ywu5vVfbuvcOFUMenBf8yivuvfMvD+Qp/phGoNjcrAbaisc7x1jHhAkEAsHe5ZyypPoj08wp+xEQKBiU11784wOyBwZ6XWqmYOqzatEmFiHrTXKW7mQyaPQUokzxrAtDbXESzV1H4EUzjfQ==
public.key4=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCuaZUCzzTqXCFnHsuoKzZRcbXgwMNo0PNScJmGpZn+o6oLa6hDnYkusn+gDEDd2QTTIUZZHyqz575kQXWM+Ttkk7yj6c/r4FnfVW1hFtgOx/UGTWMbJt+waMEF/jIiVNF/EoR4IL1X2PldmfJXJJ/9FMouP10N3MZjs6kpb+9J3QIDAQAB
private.key4=MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAK5plQLPNOpcIWcey6grNlFxteDAw2jQ81JwmYalmf6jqgtrqEOdiS6yf6AMQN3ZBNMhRlkfKrPnvmRBdYz5O2STvKPpz+vgWd9VbWEW2A7H9QZNYxsm37BowQX+MiJU0X8ShHggvVfY+V2Z8lckn/0Uyi4/XQ3cxmOzqSlv70ndAgMBAAECgYEAn2GqoyuZDoVsnOB+eUor1BdWfnGI4NL5WB+/nFTeudzz+oXB+TAP+ZVynV41NMYp64of0Ddz/X1L9i//bPkgtNCyZVn1lL+2h92hWU/doLEaonLfCzwZxc0OZYFfVH7P62wdSSXR0TL02ibuF2HizN7rOf7Wa3eqxKi7VNfkx2ECQQDe40mJvJIubE+5lq6rY5+gm/d61/YN0VRwwLK+JR01Ycp/cBT+2nvxJjxpfKZDbJ9HndJLpnqxxQzXBluo761lAkEAyFK2V1wqK0cVzu6GD8LcmMbPPGjp5g91TyVr/PdlP7L15OeghfrRYwWjNthLpSEX+SQhiQ+OsS/5OIxC83W/GQJAUCkKP6E0KcIGgkaxFy7DMC4nuWSGN737UnnbTwtmD9bVzzNuOaI2RSptO7r6yPD97/HQuihrpBesYIEG4iEhCQJAQetl8W10uvUTahr3pqwa53NUsq5becdQdRD9bisC+GktnXvTSQN2b71lLiETE23Gc8e9+VpTPF9rBX6ycWcn0QJBANuSsJeG7nQGnhit3w3Q3uhdxUHCnChluOQeVS2gHJd4oGY4hapFtRLBBIQFVheJXRqAnKXXiMLZjhLGnlz8uBA=
public.key5=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDF3SXMCRMfO4rsqWnDANZ6ibW9EjmksnVA3mR2kh02BOwvZV5Y5DThPckbFiYKvOO/Q715BNRfKYwcL3TQFaYYp4PO5nDDQQzQfgLSiVOC4dUTALw3p8jtg2KcE2efarzevEQcTbOGC+2TrdxvZfl1G3teM03Kbh6dfIIdSUUNwwIDAQAB
private.key5=MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMXdJcwJEx87iuypacMA1nqJtb0SOaSydUDeZHaSHTYE7C9lXljkNOE9yRsWJgq8479DvXkE1F8pjBwvdNAVphing87mcMNBDNB+AtKJU4Lh1RMAvDenyO2DYpwTZ59qvN68RBxNs4YL7ZOt3G9l+XUbe14zTcpuHp18gh1JRQ3DAgMBAAECgYBXyKnAQDZvoOcd4Hu/vFtrujUbUT6px1MmGITR5jl3ge+Xh424OmcLl3HlxonSMcOJU/B4BKCEJ9a1mohk2XX6qaSOZcN/KNQVuytQb5vZCCJrTY+eVX8q09QpWWKVB1X+ILInTf5qzOK3Gt1/9+U51EqZ5oQej6EGfGRdVViIYQJBAPcPPhj3I2f35/lzKJu1+bnr0eiiTj8f4Ai86TpQLwiySwt5tg/U+HFifJ8TBbyrP8EPaD5IbvePgE9ZpolBJ5UCQQDNBigdOjBGOqO1VDgc6SSt0KRNtmvzyy0UGehmqzFTZjOOjmNINVLLscJzOSt9PLmebIpJI5mgDK7TZbpjjSn3AkEAjvA9sDoEPRncF6G94+D0G9JJPvvwo2rwtn19vqQ3oiNtcbU4VY6VMxyVF3/s+MxndW5RlH9Z3FclGEO5K34LxQJAMwOsKZGX/3GJ2I2rJK5yXPmEWH3ioJfWkKDdreY88MaGX5tYYtg50MtbWfZItvHMMfpJ8mb0S9m8CofOeAThAwJBAKX0siSZIOninSiKxWf8i8LNMjhHJe6o/vp5qTOneOieibv0RYbHP/HFI0NXKoQhhSeU02JI7je9N1PRO0wdSbE=

3.前端请求公钥

//--------------加密
var publicKey;
var ind;
var encrypt = new JSEncrypt()
getPublcKey();
function getPublcKey() {
    $.ajax({
        url:'./getPublicKey.do',
        type:'post',
        data:{
        },
        dataType:'json',
        success:function(resp){
            if(resp.success){
                publicKey = resp.map.key;
                ind = resp.map.index;
                encrypt.setPublicKey(publicKey)
            }
            else
                layer.msg("获取公钥失败");
        }
    })
}

4.后端随机获取公钥给前端

package com.kid.handler;
import com.kid.dto.JsonMsg;
import com.kid.util.GetKey;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RestController;
import java.util.Random;
/**
 * @ClassName GetPublicKeyHandler
 * @Description 获取公钥
 * @Autor T_Antry
 * @Date 2020/10/20 21:52
 * @Version 1.0
 */
@RestController
public class GetPublicKeyHandler {
    @Autowired
    private GetKey getKey;
    @PostMapping("getPublicKey.do")
    public JsonMsg getPublicKey(){
        JsonMsg jm = new JsonMsg();
        Random rd = new Random();
        Integer index = rd.nextInt(5)+1;
        String key = getKey.getPublicKey(index);
        if(null==key)
        {
            jm.setSuccess(false);
            jm.setErrorCode(999999L);
        }
        else
        {
            jm.setSuccess(true);
            jm.getMap().put("key",key);
            jm.getMap().put("index",index);
        }
        return jm;
    }
}

一个封装好的,根据随机值index获取对应公钥和私钥的类,所以传公钥给前端时,把随机值一起传给前端。后面还需要这个随机的index获取私钥。

package com.kid.util;


import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

import java.util.HashMap;
import java.util.Map;

/**
 * @ClassName GetKey
 * @Description 获取秘钥
 * @Autor T_Antry
 * @Date 2020/10/20 21:14
 * @Version 1.0
 */
@Component
public class GetKey {
    /**
     * 公租坡手中的一串公钥
     */
    private static Map<Integer,String> publicMap ;
    /**
     * 公租婆手中的一串私钥
     */
    private static Map<Integer,String> privateMap ;
    /**
     * 从properties中获取公钥
     */
    @Value("${public.key1}")
    private  String publicKey1;
    @Value("${public.key2}")
    private  String publicKey2;
    @Value("${public.key3}")
    private  String publicKey3;
    @Value("${public.key4}")
    private  String publicKey4;
    @Value("${public.key5}")
    private  String publicKey5;
    /**
     * 从properties中获取私钥
     */
    @Value("${private.key1}")
    private  String privateKey1;
    @Value("${private.key2}")
    private  String privateKey2;
    @Value("${private.key3}")
    private  String privateKey3;
    @Value("${private.key4}")
    private  String privateKey4;
    @Value("${private.key5}")
    private  String privateKey5;

    /**
     * 通过编号获取公钥
     * @param i
     * @return
     */
    public  String getPublicKey(Integer i) {
        if(publicMap==null)
        {
            initPublic();
        }
        return publicMap.get(i);
    }

    /**
     * 通过编号获取私钥
     * @param i
     * @return
     */
    public  String getPrivateKey(Integer i) {
        if(privateMap==null)
        {
            initPrivate();
        }
        return privateMap.get(i);
    }

    /**
     * 初始化公钥
     */
    private void initPublic(){
        publicMap = new HashMap<>();
        publicMap.put(1,publicKey1);
        publicMap.put(2,publicKey2);
        publicMap.put(3,publicKey3);
        publicMap.put(4,publicKey4);
        publicMap.put(5,publicKey5);
    }

    /**
     * 初始化私钥
     */
    private void initPrivate(){
        privateMap = new HashMap<>();
        privateMap.put(1,privateKey1);
        privateMap.put(2,privateKey2);
        privateMap.put(3,privateKey3);
        privateMap.put(4,privateKey4);
        privateMap.put(5,privateKey5);
    }

}

没有JsonMsg,有的人可能看不懂

package com.kid.dto;

import com.kid.util.ErrorMsg;

import java.util.HashMap;
import java.util.Map;

/**
 * @ClassName JsonMsg
 * @Description TODO
 * @Autor TT
 * @Date 2020/9/7 23:48
 * @Version 1.0
 */
public class JsonMsg {
    /**
     * 是否正确
     */
    private Boolean success;
    /**
     * 错误代码
     */
    private Long errorCode;
    /**
     * 错误信息
     */
    private String errorMsg;

    private Long id;//判断成功还是失败,1代表成功,0代表失败
    private String message;//返回信息
    private String location;//返回路径(如果成功了跳转到什么路径上)
    private Map<String,Object> map = new HashMap<>();//如果需要分页携带什么数据下去

    public JsonMsg() {
    }

    public JsonMsg(Long id, String message, String location, Map<String, Object> map) {
        this.id = id;
        this.message = message;
        this.location = location;
        this.map = map;
    }

    public JsonMsg(Boolean success, Long errorCode, String errorMsg, Long id, String message, String location, Map<String, Object> map) {
        this.success = success;
        this.errorCode = errorCode;
        this.errorMsg = errorMsg;
        this.id = id;
        this.message = message;
        this.location = location;
        this.map = map;
    }

    public Long getId() {
        return id;
    }

    public void setId(Long id) {
        this.id = id;
    }

    public String getMessage() {
        return message;
    }

    public void setMessage(String message) {
        this.message = message;
    }

    public String getLocation() {
        return location;
    }

    public void setLocation(String location) {
        this.location = location;
    }

    public Map<String, Object> getMap() {
        return map;
    }

    public void setMap(Map<String, Object> map) {
        this.map = map;
    }

    public Boolean getSuccess() {
        return success;
    }

    public void setSuccess(Boolean success) {
        this.success = success;
    }

    public Long getErrorCode() {
        return errorCode;
    }

    public void setErrorCode(Long errorCode) {
        this.errorCode = errorCode;
        errorMsg = ErrorMsg.getMsg(errorCode);//根据错误代码获取错误内容,可不要!
    }

    public String getErrorMsg() {
        return errorMsg;
    }

    public void setErrorMsg(String errorMsg) {
        this.errorMsg = errorMsg;
    }
}

5.前端加密Ajax发送(登录为例)

注意要配合上面获取公钥后
var ind;
var encrypt = new JSEncrypt(); //new一个encrypt对象
var publicKey = resp.map.key;
encrypt.setPublicKey(publicKey)//且讲公钥设置到encrypt对象中
ind = resp.map.index;//存下对应的index,后端需要index找到对应的私钥

$.ajax({
        url:'./login.do',
        type:'post',
        data:{
            type:type,//登录类型随意,看需求
            account:JsonData.login,//这个是账号,随意
            pswd:encrypt.encrypt(JsonData.pwd),//加密
            index:ind,//一定要有才
            code:JsonData.code,
        },
        dataType:'json',
        success:function(resp){
            if(resp.success){
                    console.log('登录成功');
                    return;
            }
        }
    })

6.后端解密(登录为例)

    /**
     * 教师登录
     * @param req
     * @param resp
     */
     @PostMapping("login.do")
    private void teaLogin(HttpServletRequest req, HttpServletResponse resp,Integer index) {
        String userName = req.getParameter("account");//账号
        String userPswd = req.getParameter("pswd");//密码
        /**
         * 加密rsa
         */
        try {
            userPswd = new String(RSA.decryptByPrivateKey(Base64.decodeBase64(userPswd),getKey.getPrivateKey(index)));
            System.err.println(userPswd);//这个可以打印看到前段传来的密码
        } catch (Exception e) {
            e.printStackTrace();
        }
        String userCode = req.getParameter("code");//验证码
        String url = req.getRequestURI();
        System.out.println("url:"+url);
        System.out.println("教师登录");
        TTeacherInfo teacherInfo = teacherInfoService.login(userName,userPswd,url);//查询登录账号是否存在
        //验证验证码是否正确
        //如果查询到对应账号,生成session。否则,返回错误信息
        if(teacherInfo != null) {
            req.getSession().setAttribute("teacher", teacherInfo);
            Ajax.success(resp);//回复部分,可自定义
        }else{
            Ajax.error(resp,"账号密码错误");//回复部分,可自定义
        }
    }

我这边打印出解密后的值
Spring-boot如何使用RSA加密_第2张图片
溜了溜了,小明要睡觉了,喜欢就点歌赞吧。

你可能感兴趣的:(rsa,加密解密,java,spring,boot)