Bootstrap

工具类-06-RSA工具类(支持分段,验签) 


import com.google.common.collect.Maps;
import lombok.SneakyThrows;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.codec.binary.Base64;
import javax.crypto.Cipher;
import java.io.ByteArrayOutputStream;
import java.nio.charset.StandardCharsets;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Map;
import java.util.UUID;

/**
 * RSA 加解密工具类
 *
 * @author wangqinglong01
 */
@Slf4j
public class RSAUtil {

    private static final String RSA = "RSA";
    private static final String PRIVATE_KEY = "privateKey";
    private static final String PUBLIC_KEY = "publicKey";
    private static final String ALGORITHM = "MD5withRSA";

    private static final int ZERO = 0;

    /**
     * RSA最大加密明文大小
     */
    private static final int MAX_ENCRYPT_BLOCK = 117;

    /**
     * RSA最大解密密文大小
     */
    private static final int MAX_DECRYPT_BLOCK = 128;

    /**
     * 用于封装随机产生的公钥与私钥
     */
    private final static Map<String, String> KEY_MAP = Maps.newHashMap();


    /**
     * 获取公钥
     */
    public static String getPublicKey() {
        if (KEY_MAP.size() == ZERO) {
            genKeyPair();
        }
        return KEY_MAP.get(PUBLIC_KEY);
    }

    /**
     * 获取私钥
     */
    public static String getPriKey() {
        if (KEY_MAP.size() == ZERO) {
            genKeyPair();
        }
        return KEY_MAP.get(PRIVATE_KEY);
    }


    @SneakyThrows
    public static void genKeyPair() {
        // KeyPairGenerator类用于生成公钥和私钥对,基于RSA算法生成对象
        KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(RSA);
        // 初始化密钥对生成器,密钥大小为96-1024位
        keyPairGen.initialize(1024, new SecureRandom());
        // 生成一个密钥对,保存在keyPair中
        KeyPair keyPair = keyPairGen.generateKeyPair();
        // 得到私钥
        RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
        // 得到公钥
        RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
        String publicKeyString = new String(Base64.encodeBase64(publicKey.getEncoded()));
        // 得到私钥字符串
        String privateKeyString = new String(Base64.encodeBase64((privateKey.getEncoded())));
        // 将公钥和私钥保存到Map
        //0表示公钥
        KEY_MAP.put(PUBLIC_KEY, publicKeyString);
        //1表示私钥
        KEY_MAP.put(PRIVATE_KEY, privateKeyString);
    }

    /**
     * RSA公钥加密(字段长度不能超过117字节)
     *
     * @param str       加密字符串
     * @param publicKey 公钥
     * @return 密文
     * @throws Exception 加密过程中的异常信息
     */
    public static String encrypt(String str, String publicKey) throws Exception {
        //base64编码的公钥
        byte[] decoded = Base64.decodeBase64(publicKey);
        RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance(RSA).generatePublic(new X509EncodedKeySpec(decoded));
        //RSA加密
        Cipher cipher = Cipher.getInstance(RSA);
        cipher.init(Cipher.ENCRYPT_MODE, pubKey);
        return Base64.encodeBase64String(cipher.doFinal(str.getBytes(StandardCharsets.UTF_8)));
    }


    /**
     * RSA私钥解密(字段长度不能超过128字节)
     *
     * @param str        加密字符串
     * @param privateKey 私钥
     * @return 铭文
     * @throws Exception 解密过程中的异常信息
     */
    public static String decrypt(String str, String privateKey) throws Exception {
        //64位解码加密后的字符串
        byte[] inputByte = Base64.decodeBase64(str.getBytes(StandardCharsets.UTF_8));
        //base64编码的私钥
        byte[] decoded = Base64.decodeBase64(privateKey);
        RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance(RSA).generatePrivate(new PKCS8EncodedKeySpec(decoded));
        //RSA解密
        Cipher cipher = Cipher.getInstance(RSA);
        cipher.init(Cipher.DECRYPT_MODE, priKey);
        return new String(cipher.doFinal(inputByte));
    }



    /*==================================分段加解密==================================*/

    /**
     * RSA加密(分段)
     *
     * @param data   待加密数据
     * @param pubKey 公钥
     * @return 加密之后的数据
     */
    public static String encryptSegment(String data, String pubKey) throws Exception {
        KeyFactory keyFactory = KeyFactory.getInstance(RSA);
        byte[] decodedKey = Base64.decodeBase64(pubKey.getBytes());
        X509EncodedKeySpec keySpec = new X509EncodedKeySpec(decodedKey);
        PublicKey publicKey = keyFactory.generatePublic(keySpec);
        Cipher cipher = Cipher.getInstance(RSA);
        cipher.init(Cipher.ENCRYPT_MODE, publicKey);
        int inputLen = data.getBytes().length;
        ByteArrayOutputStream out = new ByteArrayOutputStream();
        int offset = ZERO;
        byte[] cache;
        int i = ZERO;
        // 对数据分段加密
        while (inputLen - offset > ZERO) {
            if (inputLen - offset > MAX_ENCRYPT_BLOCK) {
                cache = cipher.doFinal(data.getBytes(), offset, MAX_ENCRYPT_BLOCK);
            } else {
                cache = cipher.doFinal(data.getBytes(), offset, inputLen - offset);
            }
            out.write(cache, ZERO, cache.length);
            i++;
            offset = i * MAX_ENCRYPT_BLOCK;
        }
        byte[] encryptedData = out.toByteArray();
        out.close();
        // 获取加密内容使用base64进行编码,并以UTF-8为标准转化成字符串
        // 加密后的字符串
        return Base64.encodeBase64String(encryptedData);
    }

    /**
     * RSA解密(分段)
     *
     * @param data   待解密数据
     * @param priKey 私钥
     * @return 解密之后的数据
     */
    public static String decryptSegment(String data, String priKey) throws Exception {
        KeyFactory keyFactory = KeyFactory.getInstance(RSA);
        byte[] decodedKey = Base64.decodeBase64(priKey.getBytes());
        PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(decodedKey);
        PrivateKey privateKey = keyFactory.generatePrivate(keySpec);
        Cipher cipher = Cipher.getInstance(RSA);
        cipher.init(Cipher.DECRYPT_MODE, privateKey);
        byte[] dataBytes = Base64.decodeBase64(data);
        int inputLen = dataBytes.length;
        ByteArrayOutputStream out = new ByteArrayOutputStream();
        int offset = ZERO;
        byte[] cache;
        int i = ZERO;
        // 对数据分段解密
        while (inputLen - offset > ZERO) {
            if (inputLen - offset > MAX_DECRYPT_BLOCK) {
                cache = cipher.doFinal(dataBytes, offset, MAX_DECRYPT_BLOCK);
            } else {
                cache = cipher.doFinal(dataBytes, offset, inputLen - offset);
            }
            out.write(cache, ZERO, cache.length);
            i++;
            offset = i * MAX_DECRYPT_BLOCK;
        }
        byte[] decryptedData = out.toByteArray();
        out.close();
        // 解密后的内容
        return new String(decryptedData, StandardCharsets.UTF_8);
    }



    /*==================================验签==================================*/

    /**
     * 签名
     *
     * @param data       待签名数据
     * @param privateKey 私钥
     * @return 签名
     */
    public static String sign(String data, PrivateKey privateKey) throws Exception {
        byte[] keyBytes = privateKey.getEncoded();
        PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
        KeyFactory keyFactory = KeyFactory.getInstance(RSA);
        PrivateKey key = keyFactory.generatePrivate(keySpec);
        Signature signature = Signature.getInstance(ALGORITHM);
        signature.initSign(key);
        signature.update(data.getBytes());
        return new String(Base64.encodeBase64(signature.sign()));
    }

    /**
     * 验签
     *
     * @param srcData   原始字符串
     * @param publicKey 公钥
     * @param sign      签名
     * @return 是否验签通过
     */
    public static boolean verify(String srcData, PublicKey publicKey, String sign) throws Exception {
        byte[] keyBytes = publicKey.getEncoded();
        X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
        KeyFactory keyFactory = KeyFactory.getInstance(RSA);
        PublicKey key = keyFactory.generatePublic(keySpec);
        Signature signature = Signature.getInstance(ALGORITHM);
        signature.initVerify(key);
        signature.update(srcData.getBytes());
        return signature.verify(Base64.decodeBase64(sign.getBytes()));
    }







    public static void main(String[] args) {
        try {
           // 生成密钥对
            genKeyPair();
            // RSA加密
            StringBuilder builder = new StringBuilder();
            do {
                builder.append(UUID.randomUUID().toString());
            } while (builder.toString().length() <= 100);
            String data = builder.toString();
            System.out.println("data长度:" + data.length());

            //=========================使用分段加解密=========================
            String encryptSegment = encryptSegment(data, getPublicKey());
            System.out.println("加密后内容:" + encryptSegment);
            System.out.println("加密后内容长度:" + encryptSegment.length());
            // RSA解密
            String decryptSegment = decryptSegment(encryptSegment, getPriKey());
            System.out.println("解密后内容:" + decryptSegment);
            System.out.println("解密后内容长度:" + decryptSegment.length());

            //=========================使用常规的加解密=========================

            String encrypt = encrypt(data, getPublicKey());
            System.out.println("加密后内容:" + encrypt);
            System.out.println("加密后内容长度:" + encrypt.length());
            // RSA解密
            String decrypt = decrypt(encrypt, getPriKey());
            System.out.println("解密后内容:" + decrypt);
            System.out.println("解密后内容长度:" + decrypt.length());


        } catch (Exception e) {
            e.printStackTrace();
            System.out.print("加解密异常");
        }
    }
}

悦读

道可道,非常道;名可名,非常名。 无名,天地之始,有名,万物之母。 故常无欲,以观其妙,常有欲,以观其徼。 此两者,同出而异名,同谓之玄,玄之又玄,众妙之门。

最新收录
8款好用的电脑监控软件推荐?(一口气了解8款!)赶紧Get吧!
Node.js单点登录SSO详解:Session、JWT、CORS让登录更简单
电子技术基础(三)__电路分析基础__电容元件
操作系统5——输入输出系统
Hexo 初体验
C++文件操作
探索有趣的Android加载视图:LoadingView
【HarmonyOS NEXT开发】鸿蒙开发环境准备,ArkTS基础语法入门
python初体验
SpringBoot源码剖析(二)——监听器
;