java 非对称加密登录

1.后端生成公私密钥对
2.公钥给前端,前端用公钥给密码加密,登录的时候返回加密后的密码以及公钥
3.后端拿到前端返回的公钥,获取到对应的私钥,用私钥进行解密

import org.apache.commons.codec.binary.Base64;
import javax.crypto.Cipher;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;

public class RSAUtil {
    private static final String ALGORITHM_NAME = "RSA";

    /**
     * 生成秘钥对
     * @return
     * @throws NoSuchAlgorithmException
     */
    public static Map generateKeyPair(){
        KeyPairGenerator keyPairGen = null;
        try {
            keyPairGen = KeyPairGenerator.getInstance(ALGORITHM_NAME);
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        }
        keyPairGen.initialize(1024,new SecureRandom());
        KeyPair keyPair = keyPairGen.generateKeyPair();
        RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) keyPair.getPrivate();
        RSAPublicKey rsaPublicKey = (RSAPublicKey) keyPair.getPublic();
        String publicKey = new String(Base64.encodeBase64(rsaPublicKey.getEncoded()));
        String privateKey = new String(Base64.encodeBase64((rsaPrivateKey.getEncoded())));
        Map keyMap = new HashMap<>();
        keyMap.put("publicKey", publicKey);
        keyMap.put("privateKey", privateKey);
        return keyMap;
    }

    /**
     * 加密
     * @param string
     * @param publicKey
     * @return
     * @throws Exception
     */
    public static String encrypt(String string, String publicKey){
        byte[] decoded = Base64.decodeBase64(publicKey);
        RSAPublicKey pubKey = null;
        try {
            pubKey = (RSAPublicKey) KeyFactory.getInstance(ALGORITHM_NAME).generatePublic(new X509EncodedKeySpec(decoded));
            Cipher cipher = null;
            cipher = Cipher.getInstance(ALGORITHM_NAME);
            cipher.init(Cipher.ENCRYPT_MODE, pubKey);
            return Base64.encodeBase64String(cipher.doFinal(string.getBytes("UTF-8")));
        } catch (Exception e) {
            e.printStackTrace();
        }
        return "";
    }

    /**
     *解密
     * @param string
     * @param privateKey
     * @return
     * @throws Exception
     */
    public static String decrypt(String string, String privateKey){
        try {
            RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKey)));
            Cipher cipher = Cipher.getInstance(ALGORITHM_NAME);
            cipher.init(Cipher.DECRYPT_MODE, rsaPrivateKey);
            return new String(cipher.doFinal(Base64.decodeBase64(string)));
        } catch (Exception e) {
            e.printStackTrace();
        }
        return "";
    }
}
//生成公私钥,返回私钥,用啥存储对应关系都行,这里用的redis
@RequestMapping(value = "/publicKey", method = RequestMethod.GET)
	public Result publicKey(){
		Map map = RSAUtil.generateKeyPair();
		String publicKey = map.get("publicKey");
		String privateKey = map.get("privateKey");
		redisUtil.set(CommonConstant.PREFIX_RSA_KEY+publicKey,privateKey,60 * 3);
		return Result.OK(publicKey);
	}
//登录的时候传递加密后的密码的同时还需要传递回私钥,通过私钥获取对应的公钥
privateKey = redisUtil.get(CommonConstant.PREFIX_RSA_KEY+publicKey)
//公钥解密前端用私钥加密的密码
password = RSAUtil.decrypt(password, privateKeyObj.toString());

你可能感兴趣的:(java,开发语言)