南宁网站建站,施工企业负责人每月带班时间不少于,可以在几个 网站备案,国外优秀的设计网站之前写过一篇java实现AES对称加密解密在对密码加密传输的场景下 RSA非对称加密解密可能会更加适合。原理就是后台生成一对公钥和私钥#xff0c;公钥给前端用来加密#xff0c;后台用私钥去解密#xff0c;保证了传输过程中就算被截获也避免密码泄露。下面是代码#xff1a…之前写过一篇java实现AES对称加密解密在对密码加密传输的场景下 RSA非对称加密解密可能会更加适合。原理就是后台生成一对公钥和私钥公钥给前端用来加密后台用私钥去解密保证了传输过程中就算被截获也避免密码泄露。下面是代码package com.zhaohy.app.utils;import java.io.BufferedReader;import java.io.ByteArrayOutputStream;import java.io.File;import java.io.FileInputStream;import java.io.FileOutputStream;import java.io.IOException;import java.io.InputStream;import java.io.InputStreamReader;import java.io.OutputStream;import java.security.KeyFactory;import java.security.KeyPair;import java.security.KeyPairGenerator;import java.security.PrivateKey;import java.security.PublicKey;import java.security.Signature;import java.security.spec.PKCS8EncodedKeySpec;import java.security.spec.X509EncodedKeySpec;import javax.crypto.Cipher;import javax.crypto.CipherInputStream;import org.apache.commons.codec.binary.Base64;import org.bouncycastle.jce.provider.BouncyCastleProvider;public class RSAUtil {/*** RSA最大加密明文大小*/private static final int MAX_ENCRYPT_BLOCK 117;/*** RSA最大解密密文大小*/private static final int MAX_DECRYPT_BLOCK 128;/*** 获取密钥对** return 密钥对*/public static KeyPair getKeyPair() throws Exception {KeyPairGenerator generator KeyPairGenerator.getInstance(RSA);generator.initialize(1024);return generator.generateKeyPair();}/*** 获取私钥** param privateKey 私钥字符串* return*/public static PrivateKey getPrivateKey(String privateKey) throws Exception {KeyFactory keyFactory KeyFactory.getInstance(RSA);byte[] decodedKey Base64.decodeBase64(privateKey.getBytes());PKCS8EncodedKeySpec keySpec new PKCS8EncodedKeySpec(decodedKey);return keyFactory.generatePrivate(keySpec);}/*** 获取公钥** param publicKey 公钥字符串* return*/public static PublicKey getPublicKey(String publicKey) throws Exception {KeyFactory keyFactory KeyFactory.getInstance(RSA);byte[] decodedKey Base64.decodeBase64(publicKey.getBytes());X509EncodedKeySpec keySpec new X509EncodedKeySpec(decodedKey);return keyFactory.generatePublic(keySpec);}/*** RSA加密** param data 待加密数据* param publicKey 公钥* return*/public static String encrypt(String data, PublicKey publicKey) throws Exception {Cipher cipher Cipher.getInstance(RSA);cipher.init(Cipher.ENCRYPT_MODE, publicKey);int inputLen data.getBytes().length;ByteArrayOutputStream out new ByteArrayOutputStream();int offset 0;byte[] cache;int i 0;// 对数据分段加密while (inputLen - offset 0) {if (inputLen - offset MAX_ENCRYPT_BLOCK) {cache cipher.doFinal(data.getBytes(), offset, MAX_ENCRYPT_BLOCK);} else {cache cipher.doFinal(data.getBytes(), offset, inputLen - offset);}out.write(cache, 0, cache.length);i;offset i * MAX_ENCRYPT_BLOCK;}byte[] encryptedData out.toByteArray();out.close();// 获取加密内容使用base64进行编码,并以UTF-8为标准转化成字符串// 加密后的字符串return new String(Base64.encodeBase64String(encryptedData));}/*** RSA解密** param data 待解密数据* param privateKey 私钥* return*/public static String decrypt(String data, PrivateKey privateKey) throws Exception {Cipher cipher Cipher.getInstance(RSA);cipher.init(Cipher.DECRYPT_MODE, privateKey);byte[] dataBytes Base64.decodeBase64(data);int inputLen dataBytes.length;ByteArrayOutputStream out new ByteArrayOutputStream();int offset 0;byte[] cache;int i 0;// 对数据分段解密while (inputLen - offset 0) {if (inputLen - offset MAX_DECRYPT_BLOCK) {cache cipher.doFinal(dataBytes, offset, MAX_DECRYPT_BLOCK);} else {cache cipher.doFinal(dataBytes, offset, inputLen - offset);}out.write(cache, 0, cache.length);i;offset i * MAX_DECRYPT_BLOCK;}byte[] decryptedData out.toByteArray();out.close();// 解密后的内容return new String(decryptedData, UTF-8);}/*** 签名** param data 待签名数据* param privateKey 私钥* return 签名*/public static String sign(String data, PrivateKey privateKey) throws Exception {byte[] keyBytes privateKey.getEncoded();PKCS8EncodedKeySpec keySpec new PKCS8EncodedKeySpec(keyBytes);KeyFactory keyFactory KeyFactory.getInstance(RSA);PrivateKey key keyFactory.generatePrivate(keySpec);Signature signature Signature.getInstance(MD5withRSA);signature.initSign(key);signature.update(data.getBytes());return new String(Base64.encodeBase64(signature.sign()));}/*** 验签** param srcData 原始字符串* param publicKey 公钥* param sign 签名* return 是否验签通过*/public static boolean verify(String srcData, PublicKey publicKey, String sign) throws Exception {byte[] keyBytes publicKey.getEncoded();X509EncodedKeySpec keySpec new X509EncodedKeySpec(keyBytes);KeyFactory keyFactory KeyFactory.getInstance(RSA);PublicKey key keyFactory.generatePublic(keySpec);Signature signature Signature.getInstance(MD5withRSA);signature.initVerify(key);signature.update(srcData.getBytes());return signature.verify(Base64.decodeBase64(sign.getBytes()));}/*** 文件解密** param publicKeyStr* param srcFileName* param destFileName*/public static void decryptFileBig(String publicKeyStr, String srcFileName, String destFileName) {Cipher cipher null;InputStream is null;OutputStream out null;try {X509EncodedKeySpec encodedKey new X509EncodedKeySpec(Base64.decodeBase64(publicKeyStr));KeyFactory keyf KeyFactory.getInstance(RSA);PublicKey pubKey keyf.generatePublic(encodedKey);cipher Cipher.getInstance(RSA, new BouncyCastleProvider());cipher.init(Cipher.DECRYPT_MODE, pubKey);File f new File(srcFileName);is new FileInputStream(f);out new FileOutputStream(destFileName);int blockSize cipher.getBlockSize();int size Integer.valueOf(String.valueOf(f.length()));byte[] decryptByte new byte[size];is.read(decryptByte);//分别对各块数据进行解密int j 0;while ((decryptByte.length - j * blockSize) 0) {out.write(cipher.doFinal(decryptByte, j * blockSize, blockSize));j;}} catch (Exception e) {System.out.println(e);} finally {if (null ! out) {try {out.close();} catch (IOException e) {e.printStackTrace();}}if (null ! is) {try {is.close();} catch (IOException e) {e.printStackTrace();}}}}/*** 加密大文件* param privateKeyStr* param srcFileName* param destFileName*/public static void encryptFileBig(String privateKeyStr, String srcFileName, String destFileName) {if (privateKeyStr null) {new Exception(加密私钥为空, 请设置);}Cipher cipher null;InputStream is null;OutputStream out null;CipherInputStream cis null;try {// 使用默认RSAPKCS8EncodedKeySpec priPKCS8 new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKeyStr));KeyFactory keyf KeyFactory.getInstance(RSA);PrivateKey priKey keyf.generatePrivate(priPKCS8);cipher Cipher.getInstance(RSA, new BouncyCastleProvider());cipher.init(Cipher.ENCRYPT_MODE, priKey);int blockSize cipher.getBlockSize();is new FileInputStream(srcFileName);File f new File(srcFileName);int size Integer.valueOf(String.valueOf(f.length()));byte[] encryptByte new byte[size];is.read(encryptByte);out new FileOutputStream(destFileName);int outputBlockSize cipher.getOutputSize(encryptByte.length);int leavedSize encryptByte.length % blockSize;int blocksNum leavedSize 0 ? encryptByte.length / blockSize : encryptByte.length / blockSize 1;byte[] cipherData new byte[blocksNum * outputBlockSize];for (int i 0; i blocksNum; i) {if ((encryptByte.length - i * blockSize) blockSize) {cipher.doFinal(encryptByte, i * blockSize, blockSize, cipherData,i * outputBlockSize);} else {cipher.doFinal(encryptByte, i * blockSize, encryptByte.length - i * blockSize,cipherData, i * outputBlockSize);}}out.write(cipherData);} catch (Exception e) {System.out.println(e);} finally {if (null ! cis) {try {cis.close();} catch (IOException e) {e.printStackTrace();}}if (null ! is) {try {is.close();} catch (IOException e) {e.printStackTrace();}}if (null ! out) {try {out.close();} catch (IOException e) {e.printStackTrace();}}}}/*** RSA文件签名** param filePath* param privateKey* param encode* return*/public static String signFile(String filePath, String privateKey, String encode) {FileInputStream fis null;InputStreamReader isr null;BufferedReader bfr null;try {PKCS8EncodedKeySpec priPKCS8 new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKey));KeyFactory keyf KeyFactory.getInstance(RSA);PrivateKey priKey keyf.generatePrivate(priPKCS8);java.security.Signature signature java.security.Signature.getInstance(SHA1WithRSA);signature.initSign(priKey);fis new FileInputStream(new File(filePath));isr new InputStreamReader(fis, encode);bfr new BufferedReader(isr);String lineTxt ;while (!AppFrameworkUtil.isBlank(lineTxt bfr.readLine())) {signature.update(lineTxt.getBytes(encode));}byte[] signed signature.sign();String ret new String(Base64.encodeBase64(signed));System.out.println(signed: ret);return ret;} catch (Exception e) {System.out.println(e);} finally {if (bfr ! null) {try {bfr.close();} catch (IOException e) {}}if (isr ! null) {try {isr.close();} catch (IOException e) {}}if (fis ! null) {try {fis.close();} catch (IOException e) {}}}return null;}/*** RSA文件验签名检查* param content 待签名数据* param sign 签名值* param publicKey 分配给开发商公钥* param encode 字符集编码* return 布尔值*/public static boolean doCheckFile(String filePath, String sign, String publicKey, String encode) {FileInputStream fis null;InputStreamReader isr null;BufferedReader bfr null;try {KeyFactory keyFactory KeyFactory.getInstance(RSA);byte[] encodedKey Base64.decodeBase64(publicKey);PublicKey pubKey keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));java.security.Signature signature java.security.Signature.getInstance(SHA1WithRSA);signature.initVerify(pubKey);fis new FileInputStream(new File(filePath));isr new InputStreamReader(fis, UTF-8);bfr new BufferedReader(isr);String lineTxt ;while (!AppFrameworkUtil.isBlank(lineTxt bfr.readLine())) {signature.update(lineTxt.getBytes(encode));}boolean bverify signature.verify(Base64.decodeBase64(sign));return bverify;} catch (Exception e) {System.out.println(e);} finally {if (bfr ! null) {try {bfr.close();} catch (IOException e) {}}if (isr ! null) {try {isr.close();} catch (IOException e) {}}if (fis ! null) {try {fis.close();} catch (IOException e) {}}}return false;}public static void main(String[] args) {try {// 生成密钥对KeyPair keyPair getKeyPair();String privateKey new String(Base64.encodeBase64(keyPair.getPrivate().getEncoded()));String publicKey new String(Base64.encodeBase64(keyPair.getPublic().getEncoded()));System.out.println(私钥: privateKey);System.out.println(公钥: publicKey);// RSA加密String data 123秘密啊;String encryptData encrypt(data, getPublicKey(publicKey));System.out.println(加密后内容: encryptData);// RSA解密String decryptData decrypt(encryptData, getPrivateKey(privateKey));System.out.println(解密后内容: decryptData);// RSA签名String sign sign(data, getPrivateKey(privateKey));System.out.println(sign sign);// RSA验签boolean result verify(data, getPublicKey(publicKey), sign);System.out.println(验签结果: result);/****大文件加签验签****///加签验签String fileSign signFile(/home/zhaohy/Documents/test.doc, privateKey, UTF-8);System.out.println(fileSign fileSign);boolean checkFileBoolean doCheckFile(/home/zhaohy/Documents/test.doc, fileSign, publicKey, UTF-8);System.out.println(大文件校验签名结果 checkFileBoolean);//加密解密encryptFileBig(privateKey, /home/zhaohy/Documents/test.txt, /home/zhaohy/Documents/test.dat);decryptFileBig(publicKey, /home/zhaohy/Documents/test.dat, /home/zhaohy/Documents/test1.txt);} catch (Exception e) {e.printStackTrace();System.out.print(加解密异常);}}}运行结果私钥:MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBALpLjdbsu172ftiv3eUC/JghSSzNRlp8p9Ilr8XlK/gl3gaPFFo1BAHWWyb9MhoTdE5BvES6E/eW5gVKby8olLa6ILbh9UYif0SKWca7pTt2nqn2Cd8v29/94ZF9iyMoime3wuS7QxJEHG7qCqps7KVNtP/4/628lq1jB6B3DrPAgMBAAECgYBUtCGrxTt0dBM8psn3ZKJA8XF6A2OnpOIRNL109zxEucL3rHqOgWhvBW2wjpMHNC0/n7fgb9LAUkYHxc5D3OmwXAhvgRzDmMTeoaikrLeJpxX9NQ4TU3CFcL9YabQrjB6yMgfbmmA0B/odxpzIZd6ypHq91ogI/rfP4McaX7NwQJBAO9Qm4SoOn/0SzfOEPjnIyLkDqW2kFRJvc/4Z0H/yPOIjytHhe6hQQ8KHT2azOPSeAWbjb152a5Rp/E8da/8CQQDHSKDBSGZuN/Qyk1eGJ80T9GSQI0oYQfZcHYNUkAKrWceHISL5jMrUXWHSlKjFC5E7RsqQKMn72xisrlLcXExAkEA7YAB11VdOT8opulNtAxfgNvA92RelhQDsAoPTVBRrkQ0xzSXBh6sD93/8ZpdnLHTlv94RLPSAt1jRpcoXxvD4QJBALtv00uYVkdqt3NuZE8ZVmlmp7KQpnQJN4HLpi2HZBbm2tVdVHEVfJzbrCuNiWO0KohvYAzRYJFTlNSuLd93rECQDcgPHh0qBOW22ggxiqpfbLIURvPAT9urp8NuTM0K0rW3mC2me55yPSDQ7jL1t9vwYkfahc0GUl1V1Cq/449AHU公钥:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6S43W7Lte9n7Yr93lAvyYIUkszUZafKfSJa/F5Sv4Jd4GjxRaNQQB1lsm/TIaE3ROQbxEuhP3luYFSm8vKJS2uiC24fVGIn9EilnGu6U7dp6p9gnfL9vf/eGRfYvsjKIpnt8Lku0MSRBxu6gqqbOylTbT/PtvJatYwegdw6zwIDAQAB加密后内容:R7GqGE2r51PmJAt3wtKhsbqfFzeobvzqFlAp8Tv03HkevsUF2a/ZO7Sn53cKGwXIkOkDQN0S/pk/Eacd8Wk1wXKTKx57eSaQJFv/HQ5nDUfvtMWIg0IcHNmHyNBfDPVe/MiMkKf23/a/EyEfCQEzsCQyHLyHoTg34a1SNXTLs解密后内容:123秘密啊signp8JR0aserak6iPltfAJx/mlvlp5Ox5NcpvRo7R1rxDItekMhyF82RVizgMqsmEBpWzW9Qkxm6AWzjzErXhR7u4KhxEO7euTHC9NGJ0TAtDKqtAsfFaZi8ZyY4MkHnSCFZVMcWMR3GhZ8ALJGe/lSstNSEp8H9lQE8u2o2oYiiw验签结果:truesigned:aavuNSCwaT2jZ6XrlAbSJNLBDalkWZ1t0tnQnveUw3exlpcvRu0xotAlrW0V4voLLeRydLgIjwCwq1YxqFyKcYlOuORzorlmihjSXBZf0GZoJIlTIaUZ8/TJVCRFObFnnEQ8QAbRs4b7AB6nv1A2bxMeKulS0OTPxSkSFTdMfileSignaavuNSCwaT2jZ6XrlAbSJNLBDalkWZ1t0tnQnveUw3exlpcvRu0xotAlrW0V4voLLeRydLgIjwCwq1YxqFyKcYlOuORzorlmihjSXBZf0GZoJIlTIaUZ8/TJVCRFObFnnEQ8QAbRs4b7AB6nv1A2bxMeKulS0OTPxSkSFTdM大文件校验签名结果true可以看到加密解密成功,里面最后加密解密文件自测只对txt或html等文本文件有效doc或者excel加密文件后解密出来的东西乱码。
