美文网首页
AES+RSA加密联合使用

AES+RSA加密联合使用

作者: 司展超 | 来源:发表于2021-08-26 11:16 被阅读0次

    AES+RSA加密联合使用


    使用原因: 因为加密解密效率的问题

    使用方式前端:前端对需要加密的数据进性AES加密,然后使用自己RSA【公钥】对AES的密钥进行加密,然后将这两个加密后的数据传输给服务端。

    使用方式后端:后端拿到使用RSA加密后的AESkey密文,然后使用自己的RSA密钥进性解密,将解密出来的AES密钥,用它解密传输过来的参数。

    @SpringBootTest
    public class RSA_AES_TEST {
        String cardId = "440102198001021230";
    
        private static String RSA_PublicKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCJfXbIhoMOfPkaTk+pnf6WL3QXhF6TuDCqTsE3dhsZTX++VKP1dd/U2+iFhYt4Z1XGNiHEkSrZ3yt4K9CMXm+O9Cn1J61WWu5cOEk8NlGAliu/SDGwUYvdskBPeY8U6TpchROHsXiWFlmL7IeWWBWJtaXUBy2dJGiRCVrMB+GqEQIDAQAB";
        private static String RSA_priviteKey = "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAIl9dsiGgw58+RpOT6md/pYvdBeEXpO4MKpOwTd2GxlNf75Uo/V139Tb6IWFi3hnVcY2IcSRKtnfK3gr0Ixeb470KfUnrVZa7lw4STw2UYCWK79IMbBRi92yQE95jxTpOlyFE4exeJYWWYvsh5ZYFYm1pdQHLZ0kaJEJWswH4aoRAgMBAAECgYBqeHVG3huZWaASBfjc0hP3u7G8EG6pGCbfi/NGfriHhKNbAfKiP/Dgxpcu5vbVe7hJsVu+++fiJldkTRHH0c2zEJCR+5smJjp2yxzhEUltbqUjemi4zVBF3/GCwZs/jQ5Xlj5p7ymihYe2KVluVKO9VF+VdlXY7+ZVMB/RCGMnkQJBAN5MMR3IEJ8j5tz8XhYspUMd4hogBuFD2YQTCqS9wyvWC72bluAimwJWVqe2JJ43LeMULsvxSs/5NUDte2rvFl0CQQCeVbmbNZKkIBBkswcVe6Y2m1lgWVMCr1D3ujdnKTbc0rH/slT1QMQtBpWQHtwX7uI9oh2eFgEUHArdtB1wMv9FAkEAogsOXrRBEZCdMIeymh1vVq6I7Bxeh4TrIXCz+ITvqZu9MTki0T3ImvqO7nBC3yZAB+Dlf/rjWxlBbZPvvHKObQJAbkE7kfzoNCmvwK95y1fjEjtzLUiGKWRzeU3OrqNgdLyy/l7sEiwbb08abtVOZcwO9uQgw6iG773nQyLdLPgWEQJBAMZ0LI3mNYVRqYJLyZMSQ/fQZiiadMEFt23nKP7E+jFKwcfh2TV9lxtsAn0+kTomRtiap5gg+uJadXWvZde3yUs=";
        @Test
        public void 客户端() throws Exception {
            //1.客户端使用AES对敏感数据加密,使用RSA公钥对AES的私钥进性加密后传输
            String aesKey = AesUtil_02.getKey();
            System.out.println("aesKey:" + aesKey);//993oVxia17ZWk7gb
    
            // rsa加密aes公钥后字符串
            String RSA_enc_AES = RsaUtil_01.encrypt(aesKey, RsaUtil_01.getPublicKey(RSA_PublicKey));
            System.out.println("RSA_enc_AES:" + RSA_enc_AES);//需要传输的AES加密后的铭文
    
            String encrypt = AesUtil_02.encrypt(cardId, aesKey);
            System.out.println("AES加密后密文:" + encrypt);  //owTfsc39fSe1y+v7hvcp1w==
    
    
            //2.前端需要将这两个数据提交给后端。
        }
    
        @Test
        public void 服务端() throws Exception {
            final String aes_key = "V9O6gyoNu/DVzJtVDLvVhR0U/SFEJVHPgdWiknvoSUcbIgkp3zAObPAFVGD3QdrDS4CG3Mwhpoc8QOf6LwkvKHZqa9TgxVmHqbUs9E0wkPp4WQ4a6HDJwB/RzAbFMmHIICQXLLTtbQrCidx30K4zBoq8uDl7/i3ayR8T8juJ1hI=";
            final String content = "mDnq7KecNO+OuChf/inVCOG+E+cQ21OWM6qP9+4yzSc=";
            //1.服务端拿到密文,使用RSA密钥对AES密钥进性解密,后在使用AES密钥对密文进性解密。
            String decrypt = RsaUtil_01.decrypt(aes_key, RsaUtil_01.getPrivateKey(RSA_priviteKey));
            System.out.println("RSA解密AES后的AES密钥:" + decrypt);
    
            String 客户端明文 = AesUtil_02.decrypt(content, decrypt);
    
            System.out.println("明文:" + 客户端明文);
        }
    
        @Test
        public void getRsaKey() throws Exception {
            // 生成密钥对
            KeyPair keyPair = getKeyPair();
            RSA_priviteKey = new String(Base64.encodeBase64(keyPair.getPrivate().getEncoded()));
            RSA_PublicKey = new String(Base64.encodeBase64(keyPair.getPublic().getEncoded()));
            System.out.println("私钥:" + RSA_priviteKey);
            System.out.println("公钥:" + RSA_PublicKey);
        }
    }
    
    

    AES工具类

    public class AesUtil_02 {
        /**
         * 加密算法AES
         */
        private static final String KEY_ALGORITHM = "AES";
    
        /**
         * key的长度,Wrong key size: must be equal to 128, 192 or 256
         * 传入时需要16、24、36
         */
        private static final int KEY_LENGTH = 16 * 8;
    
        /**
         * 算法名称/加密模式/数据填充方式
         * 默认:AES/ECB/PKCS5Padding
         */
        private static final String ALGORITHMS = "AES/ECB/PKCS5Padding";
    
        /**
         * 后端AES的key,由静态代码块赋值
         */
        public static String key;
    
        /**
         * 不能在代码中创建
         * JceSecurity.getVerificationResult 会将其put进 private static final Map<Provider,Object>中,导致内存缓便被耗尽
         */
        private static final BouncyCastleProvider PROVIDER = new BouncyCastleProvider();
    
        static {
            key = getKey();
        }
    
        /**
         * 获取key
         */
        public static String getKey() {
            int length = KEY_LENGTH / 8;
            StringBuilder uid = new StringBuilder(length);
            //产生16位的强随机数
            Random rd = new SecureRandom();
            for (int i = 0; i < length; i++) {
                //产生0-2的3位随机数
                switch (rd.nextInt(3)) {
                    case 0:
                        //0-9的随机数
                        uid.append(rd.nextInt(10));
                        break;
                    case 1:
                        //ASCII在65-90之间为大写,获取大写随机
                        uid.append((char) (rd.nextInt(26) + 65));
                        break;
                    case 2:
                        //ASCII在97-122之间为小写,获取小写随机
                        uid.append((char) (rd.nextInt(26) + 97));
                        break;
                    default:
                        break;
                }
            }
            return uid.toString();
        }
    
        /**
         * 加密
         *
         * @param content    加密的字符串
         * @param encryptKey key值
         */
        public static String encrypt(String content, String encryptKey) throws Exception {
            //设置Cipher对象
            Cipher cipher = Cipher.getInstance(ALGORITHMS, PROVIDER);
            cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(encryptKey.getBytes(), KEY_ALGORITHM));
    
            //调用doFinal
            // 转base64
            return Base64.encodeBase64String(cipher.doFinal(content.getBytes(StandardCharsets.UTF_8)));
    
        }
    
        /**
         * 解密
         *
         * @param encryptStr 解密的字符串
         * @param decryptKey 解密的key值
         */
        public static String decrypt(String encryptStr, String decryptKey) throws Exception {
            //base64格式的key字符串转byte
            byte[] decodeBase64 = Base64.decodeBase64(encryptStr);
    
            //设置Cipher对象
            Cipher cipher = Cipher.getInstance(ALGORITHMS,PROVIDER);
            cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(decryptKey.getBytes(), KEY_ALGORITHM));
    
            //调用doFinal解密
            return new String(cipher.doFinal(decodeBase64));
        }
    }
    
    

    RSA工具类

    public class RsaUtil_01 {
        /**
         * RSA最大加密明文大小
         */
        private static final int MAX_ENCRYPT_BLOCK = 117;
    
        /**
         * RSA最大解密密文大小
         */
        private static final int MAX_DECRYPT_BLOCK = 128;
    
        /**
         * 获取密钥对
         * @return 密钥对
         */
        public static KeyPair getKeyPair() throws Exception {
            KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
            generator.initialize(1024);
            return generator.generateKeyPair();
        }
    
        /**
         * 获取私钥
         *
         * @param privateKey 私钥字符串
         * @return
         */
        public static PrivateKey getPrivateKey(String privateKey) throws Exception {
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            byte[] decodedKey = Base64.decodeBase64(privateKey.getBytes());
            PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(decodedKey);
            return keyFactory.generatePrivate(keySpec);
        }
    
        /**
         * 获取公钥
         *
         * @param publicKey 公钥字符串
         * @return
         */
        public static PublicKey getPublicKey(String publicKey) throws Exception {
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            byte[] decodedKey = Base64.decodeBase64(publicKey.getBytes());
            X509EncodedKeySpec keySpec = new X509EncodedKeySpec(decodedKey);
            return keyFactory.generatePublic(keySpec);
        }
    
        /**
         * RSA加密
         *
         * @param data 待加密数据
         * @param publicKey 公钥
         * @return
         */
        public static String encrypt(String data, PublicKey publicKey) throws Exception {
            Cipher cipher = Cipher.getInstance("RSA");
            cipher.init(Cipher.ENCRYPT_MODE, publicKey);
            int inputLen = data.getBytes().length;
            ByteArrayOutputStream out = new ByteArrayOutputStream();
            int offset = 0;
            byte[] cache;
            int i = 0;
            // 对数据分段加密
            while (inputLen - offset > 0) {
                if (inputLen - offset > MAX_ENCRYPT_BLOCK) {
                    cache = cipher.doFinal(data.getBytes(), offset, MAX_ENCRYPT_BLOCK);
                } else {
                    cache = cipher.doFinal(data.getBytes(), offset, inputLen - offset);
                }
                out.write(cache, 0, cache.length);
                i++;
                offset = i * MAX_ENCRYPT_BLOCK;
            }
            byte[] encryptedData = out.toByteArray();
            out.close();
            // 获取加密内容使用base64进行编码,并以UTF-8为标准转化成字符串
            // 加密后的字符串
            return new String(Base64.encodeBase64String(encryptedData));
        }
    
        /**
         * RSA解密
         *
         * @param data 待解密数据
         * @param privateKey 私钥
         * @return
         */
        public static String decrypt(String data, PrivateKey privateKey) throws Exception {
            Cipher cipher = Cipher.getInstance("RSA");
            cipher.init(Cipher.DECRYPT_MODE, privateKey);
            byte[] dataBytes = Base64.decodeBase64(data);
            int inputLen = dataBytes.length;
            ByteArrayOutputStream out = new ByteArrayOutputStream();
            int offset = 0;
            byte[] cache;
            int i = 0;
            // 对数据分段解密
            while (inputLen - offset > 0) {
                if (inputLen - offset > MAX_DECRYPT_BLOCK) {
                    cache = cipher.doFinal(dataBytes, offset, MAX_DECRYPT_BLOCK);
                } else {
                    cache = cipher.doFinal(dataBytes, offset, inputLen - offset);
                }
                out.write(cache, 0, cache.length);
                i++;
                offset = i * MAX_DECRYPT_BLOCK;
            }
            byte[] decryptedData = out.toByteArray();
            out.close();
            // 解密后的内容
            return new String(decryptedData, "UTF-8");
        }
    
        /**
         * 签名
         *
         * @param data 待签名数据
         * @param privateKey 私钥
         * @return 签名
         */
        public static String sign(String data, PrivateKey privateKey) throws Exception {
            byte[] keyBytes = privateKey.getEncoded();
            PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            PrivateKey key = keyFactory.generatePrivate(keySpec);
            Signature signature = Signature.getInstance("MD5withRSA");
            signature.initSign(key);
            signature.update(data.getBytes());
            return new String(Base64.encodeBase64(signature.sign()));
        }
    
        /**
         * 验签
         *
         * @param srcData 原始字符串
         * @param publicKey 公钥
         * @param sign 签名
         * @return 是否验签通过
         */
        public static boolean verify(String srcData, PublicKey publicKey, String sign) throws Exception {
            byte[] keyBytes = publicKey.getEncoded();
            X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            PublicKey key = keyFactory.generatePublic(keySpec);
            Signature signature = Signature.getInstance("MD5withRSA");
            signature.initVerify(key);
            signature.update(srcData.getBytes());
            return signature.verify(Base64.decodeBase64(sign.getBytes()));
        }
    
        public static void main(String[] args) {
            try {
                // 生成密钥对
                KeyPair keyPair = getKeyPair();
                String privateKey = new String(Base64.encodeBase64(keyPair.getPrivate().getEncoded()));
                String publicKey = new String(Base64.encodeBase64(keyPair.getPublic().getEncoded()));
                System.out.println("私钥:" + privateKey);
                System.out.println("公钥:" + publicKey);
                // RSA加密
                String data = "待加密的文字内容";
                String encryptData = encrypt(data, getPublicKey(publicKey));
                System.out.println("加密后内容:" + encryptData);
                // RSA解密
                String decryptData = decrypt(encryptData, getPrivateKey(privateKey));
                System.out.println("解密后内容:" + decryptData);
    
                // RSA签名
                String sign = sign(data, getPrivateKey(privateKey));
                // RSA验签
                boolean result = verify(data, getPublicKey(publicKey), sign);
                System.out.print("验签结果:" + result);
            } catch (Exception e) {
                e.printStackTrace();
                System.out.print("加解密异常");
            }
        }
    }
    
    

    相关文章

      网友评论

          本文标题:AES+RSA加密联合使用

          本文链接:https://www.haomeiwen.com/subject/izoyiltx.html