0


若依ruoyi前端vue使用jsencrypt.js加密后端java进行RSA解密(前后端交互RSA加解密)

目录

  • 1、前后端RSA加解密实现思路
  • 2、前端
  • 3、后端

1、前后端RSA加解密实现思路

按照约定来说公钥一般用来加密,大家都可以获取得到,私钥用来解密,当然你也可以混着用,以下示例是前端通过加密,后端解密.

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ81AMIIBCgKCAQEA1+05vAf7m5NcLNLkRtsm
gp+QdzcW6MVdayGTGBJG0vUonkFJ1Zy4fKP//xg0nZdf8yrPf0LxtiVhK0CcZrFz
2heK3/RT4bWPvO5D+W93uf1lJYhj4huHza0TLaGen/25QQd65FLHy6CkGKtgYxlZx
FeJpONiX6QTOv1QvAVOi+sz+iNu2ODMLAYBMMTo269clFJHSzK2P6qAf1v5jhG6rh
cLOJDwFR/jeRnac/ZGyStKPPi4IsC8uvO6o8TmJ2B/CtfOTrAs710337M6YP2S1d
AP5pWZO936kNuatU4AJufTULQBOYclP0esFXCH3I8agU0zOYnIrpp0sJg9WrtL4ze
DQIDAQAB
-----END PUBLIC KEY-----

私钥

-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0B1AQEFAASCBKcwggSjAgEAAoIBAQDX7Tm8B/ubk1ws
0uRG2yaCn5B3NxboxV1rIZMYEkbS9SieQUnVnLh8o///GDSdl1/zKs9/QvG2JWEr
QJxmsXPaF4rf9FPhtY+87kP5b25/WUliGPiG4fNrRMtoZ6f/blBB3rkUsfLoKQYq
2BjGVnEV4mk42JfpBM6/VC18BU6L6zP6I244MwsBgEwxOjbr1yUUkdLMrY/qoB/W/
mOEbquFws4kPAVH+N5Gdpz9kbJK0o8+LgiwLy687qjxOYnYH8K185OsCzvXTffsz
pg/ZLV0A/mlZk73fqQ25q11QAm59NQtAE5hyU/R6wVcIfcjxqBTTM5iciumnSwmD1
au0vjN4NAgMBAA1ECggEAcjmXOiYK7yEEON4TTnxuIdmhRb+JyfdmVN78/lXky4JP
S3CES5FNcvoa2WqHovpKEswJ2muijFW30naqhhTHkY60s4Z/vT4b3Lk6kkBlds7X
6CIHjusGpy9MX12+XHyRzlaxGAaO1kulbJLGgF2IEyijuyOxMN6PNF2nRA9nfz5r
WqdPhpJgbcO0BRNdWlsriGMIdaEQs/4hvnNiggt9WnjREo2Obc5HPauwbx7ULQNu
XJ7Ur8uXwAkVFYcH+aHPx2T+ZQpkHCtTuG1e/DJY4+iaAZFJA+R9bcj/W5Iy+1XO
YWl0XJPH2bqsPloTvpcp3BovlXDdEFYyEn+SkmeJzQKBgQDzuqcR5mCDVynKXzkl
EIdQWBTFxBtSUa9CICNlvlP8GLFwq1dnoyhw91+Fz4VaZINGwsm2gvMqrMxA0TSR
wZqgWn7QNwFHmb+cU10YyKwaMRo6LjP5yE8hErDEhPWj1oIJwvZifsZVKdBspjvqO
1/1MX2bWCFIqJ3POz00u51f/uwKBgQDizDxmP9/bZqTpaIfOVZxLW7YG/e5EIIKW
GM0aJkatarBRzFBvUZ/VcVJhIta6ou98eW+TWrj2IOlUtO+Wkvwf3cmMU6DlEDKG
CxUreuo9h9GXeAb5ORrHCy9gZ37JM8tBD0LyzpCygndQLpyvZi5mZw0N2pZKIqOIN
BduLTWHI1wKBgQDb6MHtyKu0VeUDD8ADzVIKEC9N8Y+lSsaTJ2RI3N3yTGVtf2ux
uuk2ZDzwAzoTQTWhlwdhge3dx2PT5+9CxCi8Hmrle3vQGs1kQ2NwhT+jskIz1JRS
C79bFvKNR1d4qIaJKsiW7igBsZkAel1gnUmSq1GiNIfOOSKoqyq880fXGQKBgByh
LYq2y3p1xaGVSXd5hSZaKGtPiNFezT1HWjTP2iIwEpvwz8KNqkCWcpDChhq/UL4E
0lnmnOytEOdZg9kdK5uiW5cdqEyh3V/ll0sFPXdxwlbuqMim98NinRNtXSrm9+R5m
bju7IMsRwV/LNZTbs4MejBihJBNORmLgd2tpVEu3AoGAYtWz+TT8ZvDa9wDnMf85
vxWzCLlBNRhDhWrIKUu8INtooeMF0j7nm3L3gI2CXXh8xFOAFbeqvoEbX6/VR0SY
RxG562rjQs58hlzU0rYOm4Vh3ZIUd1UmHaxMj6PIgbmVZPB68T1KadqmzVV2YnCU
AzvNvgMYLBtak0/nB5HerYpM=
-----END PRIVATE KEY-----

2、前端

//安装好jsencrypt.js并引入(若依已经添加该组件)src/utils/jsencrypt.js
import JSEncrypt from 'jsencrypt/bin/jsencrypt.min'

//在你需要使用的地方引入组件,比如下面的加密
import { encrypt } from '@/utils/jsencrypt'

//...
//将表单中的用户名加密,根据submit提交到后端
const username = encrypt(userInfo.username);
//...

3、后端

/**
 * 登录方法
 * 
 * @param loginBody 登录信息
 * @return 结果
 */
@PostMapping("/login")
public AjaxResult login(@RequestBody LoginBody loginBody)
{
    //RSA解密
    //前提是RSA的公钥私钥是匹配的,另外这里可以使用私钥给字符串解密
    String username = RSAUtils.decryptRSADefault(RSAUtils.PRI_KEY, loginBody.getUsername());
    //...
}
    

/**
* RSA加解密工具类
*/
public class RSAUtils {

    //需要跟公钥配对
    public static final String PRI_KEY =
            "MIIBVAIBAD5ANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAqhHyZfSsYourNxaY\n" +
            "7Nt+Pr5grxkiA50efORdI5U5lsW79MmFnusUA355oaSXcLhu5xxB38SMSyP2KvuKN\n" +
            "PuH3o5wIDAQABAkAfoiLyL+Z4lf4Myxk6xUDgLaWGximj20CUf+5BKKnlrK+Ed8gA\n" +
            "kM0HqoTt2UZwA5E2MzS4EI2gjfQhz5X28uqxAiEA3wNFxfrCZlSZHb0gn2zDpWow\n" +
            "cSxQA5giCstxGUoOqlW8CIQDDOerGKH5OmCJ4Z21v+F25WaHYPxCFMvwxpcw99Ecv\n" +
            "DQIgIdhDTIqD2jfYjPTY8Jj3EDGPbH2HHuffvflECt3Ek60CIQCFRlCkHpi7hthh\n" +
            "YhovyloRYsM+5/0BzlEAuO0ktMQIgSPT3aFAgJYwKpqRYKlLDVcflZFCKY7u3\n" +
            "UP8iW5i1Qw0Y=";

    // 加密数据和秘钥的编码方式
    public static final String UTF_8 = "UTF-8";

    // 填充方式
    public static final String AES_ALGORITHM = "AES/CFB/PKCS5Padding";
    public static final String RSA_ALGORITHM = "RSA/ECB/PKCS1Padding";
    public static final String RSA_ALGORITHM_NOPADDING = "RSA";

    /**
     *  解密接收数据
     */
    public static String decryptReceivedData(PublicKey externalPublicKey, PrivateKey selfPrivateKey, String receiveData) throws InvalidKeyException, NoSuchPaddingException, NoSuchAlgorithmException, BadPaddingException, IllegalBlockSizeException, UnsupportedEncodingException, InvalidAlgorithmParameterException, DecoderException {

        @SuppressWarnings("unchecked")
        Map<String, String> receivedMap = (Map<String, String>) JSON.parse(receiveData);

        // receivedMap为请求方通过from urlencoded方式,请求过来的参数列表
        String inputSign = receivedMap.get("sign");

        // 用请求方提供的公钥验签,能配对sign,说明来源正确
        inputSign = decryptRSA(externalPublicKey, inputSign);

        // 校验sign是否一致
        String sign = sha256(receivedMap);
        if (!sign.equals(inputSign)) {
            // sign校验不通过,说明双方发送出的数据和对方收到的数据不一致
            System.out.println("input sign: " + inputSign + ", calculated sign: " + sign);
            return null;
        }

        // 解密请求方在发送请求时,加密data字段所用的对称加密密钥
        String key = receivedMap.get("key");
        String salt = receivedMap.get("salt");
        key = decryptRSA(selfPrivateKey, key);
        salt = decryptRSA(selfPrivateKey, salt);

        // 解密data数据
        String data = decryptAES(key, salt, receivedMap.get("data"));
        System.out.println("接收到的data内容:" + data);
        return data;
    }

    /**
     *  加密数据组织示例
     */
    public static String encryptSendData(PublicKey externalPublicKey, PrivateKey selfPrivateKey, JSONObject sendData) throws NoSuchAlgorithmException, InvalidKeySpecException,
            InvalidKeyException, NoSuchPaddingException, UnsupportedEncodingException, BadPaddingException,
            IllegalBlockSizeException, InvalidAlgorithmParameterException {

        // 随机生成对称加密的密钥和IV (IV就是加盐的概念,加密的偏移量)
        String aesKeyWithBase64 = genRandomAesSecretKey();
        String aesIVWithBase64 = genRandomIV();

        // 用接收方提供的公钥加密key和salt,接收方会用对应的私钥解密
        String key = encryptRSA(externalPublicKey, aesKeyWithBase64);
        String salt = encryptRSA(externalPublicKey, aesIVWithBase64);

        // 组织业务数据信息,并用上面生成的对称加密的密钥和IV进行加密
        System.out.println("发送的data内容:" + sendData.toJSONString());
        String cipherData = encryptAES(aesKeyWithBase64, aesIVWithBase64, sendData.toJSONString());

        // 组织请求的key、value对
        Map<String, String> requestMap = new TreeMap<String, String>();
        requestMap.put("key", key);
        requestMap.put("salt", salt);
        requestMap.put("data", cipherData);
        requestMap.put("source", "由接收方提供"); // 添加来源标识

        // 计算sign,并用请求方的私钥加签,接收方会用请求方发放的公钥验签
        String sign = sha256(requestMap);
        requestMap.put("sign", encryptRSA(selfPrivateKey, sign));

        // 注意:请务必以form urlencoded方式,否则base64转码后的个别字符可能会被转成空格,对方接收后将无法正常处理
        JSONObject json = new JSONObject();
        json.putAll(requestMap);
        return json.toString();
    }

    /**
     *  Description: 获取随机的对称加密的密钥
     */
    private static String genRandomAesSecretKey() throws NoSuchAlgorithmException, UnsupportedEncodingException,
            IllegalBlockSizeException, BadPaddingException, InvalidKeyException, NoSuchPaddingException {
        KeyGenerator keyGen = KeyGenerator.getInstance("AES");
        keyGen.init(128);
        SecretKey secretKey = keyGen.generateKey();
        String keyWithBase64 = Base64.encodeBase64(secretKey.getEncoded()).toString();

        return keyWithBase64;

    }

    private static String genRandomIV() {
        SecureRandom r = new SecureRandom();
        byte[] iv = new byte[16];
        r.nextBytes(iv);
        String ivParam = Base64.encodeBase64(iv)+"";
        return ivParam;
    }

    /**
     * 对称加密数据
     */
    private static String encryptAES(String keyWithBase64, String ivWithBase64, String plainText)
            throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException,
            BadPaddingException, UnsupportedEncodingException, InvalidAlgorithmParameterException {
        byte[] keyWithBase64Arry = keyWithBase64.getBytes();
        byte[] ivWithBase64Arry = ivWithBase64.getBytes();
        SecretKeySpec key = new SecretKeySpec(Base64.decodeBase64(keyWithBase64Arry), "AES");
        IvParameterSpec iv = new IvParameterSpec(Base64.decodeBase64(ivWithBase64Arry));

        Cipher cipher = Cipher.getInstance(AES_ALGORITHM);
        cipher.init(Cipher.ENCRYPT_MODE, key, iv);

        return Base64.encodeBase64(cipher.doFinal(plainText.getBytes(UTF_8))).toString();
    }

    /**
     * 对称解密数据
     */
    private static String decryptAES(String keyWithBase64, String ivWithBase64, String cipherText)
            throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException,
            BadPaddingException, UnsupportedEncodingException, InvalidAlgorithmParameterException {
        byte[] keyWithBase64Arry = keyWithBase64.getBytes();
        byte[] ivWithBase64Arry = ivWithBase64.getBytes();
        byte[] cipherTextArry = cipherText.getBytes();
        SecretKeySpec key = new SecretKeySpec(Base64.decodeBase64(keyWithBase64Arry), "AES");
        IvParameterSpec iv = new IvParameterSpec(Base64.decodeBase64(ivWithBase64Arry));

        Cipher cipher = Cipher.getInstance(AES_ALGORITHM);
        cipher.init(Cipher.DECRYPT_MODE, key, iv);
        return new String(cipher.doFinal(Base64.decodeBase64(cipherTextArry)), UTF_8);
    }

    /**
     * 非对称加密,根据公钥和原始内容产生加密内容
     */
    private static String encryptRSA(Key key, String plainText)
            throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, UnsupportedEncodingException,
            BadPaddingException, IllegalBlockSizeException, InvalidAlgorithmParameterException {
        Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
        cipher.init(Cipher.ENCRYPT_MODE, key);
        return Base64.encodeBase64(cipher.doFinal(plainText.getBytes(UTF_8))).toString();
    }

    /**
     * 根据私钥和加密内容产生原始内容
     */
    private static String decryptRSA(Key key, String content) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, DecoderException, BadPaddingException, IllegalBlockSizeException, UnsupportedEncodingException, InvalidAlgorithmParameterException {
        Cipher cipher = Cipher.getInstance(RSA_ALGORITHM);
        cipher.init(Cipher.DECRYPT_MODE, key);
        byte[] contentArry = content.getBytes();
        return new String(cipher.doFinal(Base64.decodeBase64(contentArry)), UTF_8);
    }

    /**
     * 计算sha256值
     *
     * @param paramMap
     * @return 签名后的所有数据,原始数据+签名
     */
    private static String sha256(Map<String, String> paramMap) {
        Map<String, String> params = new TreeMap<String, String>(paramMap);

        StringBuilder concatStr = new StringBuilder();
        for (Map.Entry<String, String> entry : params.entrySet()) {
            if ("sign".equals(entry.getKey())) {
                continue;
            }
            concatStr.append(entry.getKey() + "=" + entry.getValue() + "&");
        }

        return DigestUtils.md5Hex(concatStr.toString());
    }

    /**
     * 创建RSA的公钥和私钥示例 将生成的公钥和私钥用Base64编码后打印出来
     * @throws NoSuchAlgorithmException
     */
    public static void createKeyPairs() throws NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(2048);
        KeyPair keyPair = keyPairGenerator.generateKeyPair();
        RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
        RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
        System.out.println("公钥"+Base64.encodeBase64(publicKey.getEncoded()));
        System.out.println("私钥"+Base64.encodeBase64(privateKey.getEncoded()));
    }

    /**
     *  Description:默认的RSA解密方法 一般用来解密 参数 小数据
     */
    public static String decryptRSADefault(String privateKeyStr,String data) {
        try{
            KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM_NOPADDING);
            byte[] privateKeyArray = privateKeyStr.getBytes();
            byte[] dataArray = data.getBytes();
            PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKeyArray));
            PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);

            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM_NOPADDING);
            cipher.init(Cipher.DECRYPT_MODE, privateKey);
            return new String(cipher.doFinal(Base64.decodeBase64(dataArray)), UTF_8);
        }catch (Exception e){
            e.printStackTrace();
        }
        return "";
    }

    /**
     * 自测
     * @param args
     */
    public static void main(String[] args) {
        String password = "VzQuPo/OtqlYtDzx4nM9cctzbHir92FcSms9yF5aGVtGXVYOOnsjQR16QrgpLf5/V6Ma2Iuze8ioZmNJuqdcJw==";
        String result = RSAUtils.decryptRSADefault(PRI_KEY, password);
        System.out.println("password="+result);
    }
}

原有文章基础上补充加密方法

/**
     *  Description:默认的RSA加密方法 一般用来解密 参数 小数据【不好用】
     */
    public static String encryptRSADefault(String publicKeyStr,String data) {
        try{
            KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM_NOPADDING);
            byte[] publicKeyArray = publicKeyStr.getBytes();
            byte[] dataArray = data.getBytes();
            X509EncodedKeySpec rsaPublicKeySpec = new X509EncodedKeySpec(Base64.decodeBase64(publicKeyArray));
            PublicKey publicKey = keyFactory.generatePublic(rsaPublicKeySpec);

            Cipher cipher = Cipher.getInstance(RSA_ALGORITHM_NOPADDING);
            cipher.init(Cipher.ENCRYPT_MODE, publicKey);
            byte[] encryptedData = cipher.doFinal(data.getBytes(UTF_8));
            return Base64.encodeBase64String(encryptedData);
        }catch (Exception e){
            e.printStackTrace();
        }
        return "";
    }

    /**
     * RSA加密
     *
     * @param publicKeyStr 公钥字符串
     * @param data         要加密的数据
     * @return 加密后的Base64编码字符串
     * @throws NoSuchAlgorithmException
     * @throws InvalidKeySpecException
     * @throws Exception
     */
    public static String encryptRSA(String publicKeyStr, String data)
            throws NoSuchAlgorithmException, InvalidKeySpecException, Exception {
        KeyFactory keyFactory = KeyFactory.getInstance(RSA_ALGORITHM_NOPADDING);
        byte[] publicKeyArray = publicKeyStr.getBytes(UTF_8);
        X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(Base64.decodeBase64(publicKeyArray));
        PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);

        Cipher cipher = Cipher.getInstance(RSA_ALGORITHM_NOPADDING);
        cipher.init(Cipher.ENCRYPT_MODE, publicKey);
        byte[] encryptedData = cipher.doFinal(data.getBytes(UTF_8));
        return Base64.encodeBase64String(encryptedData);
    }

本文转载自: https://blog.csdn.net/xss12322/article/details/131420673
版权归原作者 洗刷先生 所有, 如有侵权,请联系我们删除。

“若依ruoyi前端vue使用jsencrypt.js加密后端java进行RSA解密(前后端交互RSA加解密)”的评论:

还没有评论