RSA前端加密后端解密

时间:2022-07-26 21:08:20

1. 准备工作

下载jar包

    https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk16 

加密解密工具类,引用到该包

网上下载三个js文件

  <script src="../print/js/rsa/RSA.js"></script>
  <script src="../print/js/rsa/BigInt.js"></script>
  <script src="../print/js/rsa/Barrett.js"></script>

2.开始具体工作


前端页面加密,rsaPublicKey是后端写的一个action,返回json对象,json中set了data属性,value为生成的公钥,比如:

f1c2a3f86fdf97e70906e0fa8de9a38c88f893a0a085820d4f50d8f31c545f94243bc373e8611a46203cb5f4d5381b73183912dfec80d04beca0c1e62c2007e3fe6a0f4090371c13beb48a47e1332cf6d1fd031fba4bbf24e1af4b7506aadabbab5d585ecd38ff1594239a1de3c1700b31f4055e7f4b33b1567fcb11132c57dd

var public_key ;
$(document).ready(function(){
    //填充操作日志
    $.post("/rsaPublicKey",{},function(data){
        if(data.status==200){//
            public_key = data.data;
        }else{
            alertErrorMsg("加载公钥失败");
        }
    });
});

通过getEncryptedStr方法,可以把前端value值加密后,获得加密字符串
function getEncryptedStr(str){
    setMaxDigits(130);
    var key = new RSAKeyPair("10001","",public_key);
    return encryptedString(key, encodeURIComponent(str));
}

前端加密完,把加密后的属性提交到后端,后端进行解密,参见下面工具类:

package RSA;

/**
 * 
 */


import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;


import javax.crypto.Cipher;



 
public class RSAUtil {

private static String RSAKeyStore = "C:/RSAKey.txt";
/**
* * 生成密钥对 *

* @return KeyPair *
* @throws EncryptException
*/
public static KeyPair generateKeyPair() throws Exception {
try {
KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA",
new org.bouncycastle.jce.provider.BouncyCastleProvider());
final int KEY_SIZE = 1024;// 没什么好说的了,这个值关系到块加密的大小,可以更改,但是不要太大,否则效率会低
keyPairGen.initialize(KEY_SIZE, new SecureRandom());
KeyPair keyPair = keyPairGen.generateKeyPair();

System.out.println(keyPair.getPrivate());
System.out.println(keyPair.getPublic());

saveKeyPair(keyPair);
return keyPair;
} catch (Exception e) {
throw new Exception(e.getMessage());
}
}


public static KeyPair getKeyPair() throws Exception {
FileInputStream fis = new FileInputStream(RSAKeyStore);
ObjectInputStream oos = new ObjectInputStream(fis);
KeyPair kp = (KeyPair) oos.readObject();
oos.close();
fis.close();
return kp;
}


public static void saveKeyPair(KeyPair kp) throws Exception {


FileOutputStream fos = new FileOutputStream(RSAKeyStore);
ObjectOutputStream oos = new ObjectOutputStream(fos);
// 生成密钥
oos.writeObject(kp);
oos.close();
fos.close();
}


/**
* * 生成公钥 *

* @param modulus *
* @param publicExponent *
* @return RSAPublicKey *
* @throws Exception
*/
public static RSAPublicKey generateRSAPublicKey(byte[] modulus,
byte[] publicExponent) throws Exception {
KeyFactory keyFac = null;
try {
keyFac = KeyFactory.getInstance("RSA",
new org.bouncycastle.jce.provider.BouncyCastleProvider());
} catch (NoSuchAlgorithmException ex) {
throw new Exception(ex.getMessage());
}


RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(new BigInteger(
modulus), new BigInteger(publicExponent));
try {
return (RSAPublicKey) keyFac.generatePublic(pubKeySpec);
} catch (InvalidKeySpecException ex) {
throw new Exception(ex.getMessage());
}
}


/**
* * 生成私钥 *

* @param modulus *
* @param privateExponent *
* @return RSAPrivateKey *
* @throws Exception
*/
public static RSAPrivateKey generateRSAPrivateKey(byte[] modulus,
byte[] privateExponent) throws Exception {
KeyFactory keyFac = null;
try {
keyFac = KeyFactory.getInstance("RSA",
new org.bouncycastle.jce.provider.BouncyCastleProvider());
} catch (NoSuchAlgorithmException ex) {
throw new Exception(ex.getMessage());
}


RSAPrivateKeySpec priKeySpec = new RSAPrivateKeySpec(new BigInteger(
modulus), new BigInteger(privateExponent));
try {
return (RSAPrivateKey) keyFac.generatePrivate(priKeySpec);
} catch (InvalidKeySpecException ex) {
throw new Exception(ex.getMessage());
}
}


/**
* * 加密 *

* @param key
*            加密的密钥 *
* @param data
*            待加密的明文数据 *
* @return 加密后的数据 *
* @throws Exception
*/
public static byte[] encrypt(PublicKey pk, byte[] data) throws Exception {
try {
Cipher cipher = Cipher.getInstance("RSA",
new org.bouncycastle.jce.provider.BouncyCastleProvider());
cipher.init(Cipher.ENCRYPT_MODE, pk);
int blockSize = cipher.getBlockSize();// 获得加密块大小,如:加密前数据为128个byte,而key_size=1024
// 加密块大小为127
// byte,加密后为128个byte;因此共有2个加密块,第一个127
// byte第二个为1个byte
int outputSize = cipher.getOutputSize(data.length);// 获得加密块加密后块大小
int leavedSize = data.length % blockSize;
int blocksSize = leavedSize != 0 ? data.length / blockSize + 1
: data.length / blockSize;
byte[] raw = new byte[outputSize * blocksSize];
int i = 0;
while (data.length - i * blockSize > 0) {
if (data.length - i * blockSize > blockSize)
cipher.doFinal(data, i * blockSize, blockSize, raw, i
* outputSize);
else
cipher.doFinal(data, i * blockSize, data.length - i
* blockSize, raw, i * outputSize);
// 这里面doUpdate方法不可用,查看源代码后发现每次doUpdate后并没有什么实际动作除了把byte[]放到
// ByteArrayOutputStream中,而最后doFinal的时候才将所有的byte[]进行加密,可是到了此时加密块大小很可能已经超出了
// OutputSize所以只好用dofinal方法。


i++;
}
return raw;
} catch (Exception e) {
throw new Exception(e.getMessage());
}
}


/**
* * 解密 *

* @param key
*            解密的密钥 *
* @param raw
*            已经加密的数据 *
* @return 解密后的明文 *
* @throws Exception
*/
public static byte[] decrypt(PrivateKey pk, byte[] raw) throws Exception {
try {
Cipher cipher = Cipher.getInstance("RSA",
new org.bouncycastle.jce.provider.BouncyCastleProvider());
cipher.init(cipher.DECRYPT_MODE, pk);
int blockSize = cipher.getBlockSize();
ByteArrayOutputStream bout = new ByteArrayOutputStream(64);
int j = 0;


while (raw.length - j * blockSize > 0) {
bout.write(cipher.doFinal(raw, j * blockSize, blockSize));
j++;
}
return bout.toByteArray();
} catch (Exception e) {
throw new Exception(e.getMessage());
}
}


/**
* * *

* @param args *
* @throws Exception
*/
public static void main(String[] args) throws Exception {
RSAPublicKey rsap = (RSAPublicKey) RSAUtil.generateKeyPair().getPublic();
String test = "hello world";
byte[] en_test = encrypt(getKeyPair().getPublic(), test.getBytes());
byte[] de_test = decrypt(getKeyPair().getPrivate(), en_test);
System.out.println(new String(de_test));
}
}

可以把生成的公钥和秘钥生成到txt文件,或者保存到数据库里,下面提供对象和blob流转换方法

private byte[] getObject2BlobBytes(Object obj){
try{
        ByteArrayOutputStream out = new ByteArrayOutputStream();
        ObjectOutputStream outputStream = new ObjectOutputStream(out);
        outputStream.writeObject(obj);
        byte[] bytes = out.toByteArray();
        outputStream.close();
        return bytes;
    }catch(Exception e){
logger.error(e.getMessage());
    }
return null;
}
private Object bytes2Object(byte[] bytes) throws IOException {
    ByteArrayInputStream inputStream = null;
    ObjectInputStream in = null;
    try{
        inputStream = new ByteArrayInputStream(bytes);
        in = new ObjectInputStream(inputStream);
        Object obj = in.readObject();
        return obj;
    }catch (Exception e){
logger.error(e.getMessage());
    }finally {
if(inputStream != null){
            inputStream.close();
        }
if(in != null){
            in.close();
        }
    }
return null;
}


如果在解密过程中,碰到 

RSA Bad Arguments问题:

可参见下面解决办法:

public final class HexUtil {
    /**
     * 16进制 To byte[]<br>
     * <font color='red'> fix byte[] en_pwd = new BigInteger(pwd, 16).toByteArray();bug</font>
     * 
     * @param hexString
     * @return byte[]
     */
    public static byte[] hexStringToBytes(String hexString) {
        if (hexString == null || hexString.equals("")) {
            return null;
        }
        hexString = hexString.toUpperCase();
        int length = hexString.length() / 2;
        char[] hexChars = hexString.toCharArray();
        byte[] d = new byte[length];
        for (int i = 0; i < length; i++) {
            int pos = i * 2;
            d[i] = (byte) (charToByte(hexChars[pos]) << 4 | charToByte(hexChars[pos + 1]));
        }
        return d;
    }


    /**
     * Convert char to byte
     * 
     * @param c char
     * @return byte
     */
    private static byte charToByte(char c) {
        return (byte) "0123456789ABCDEF".indexOf(c);
    }
}

标签:

相关文章