网站开发所需要的条件湖南网络优化
一、问题描述
1.背景
大家都知道,在日常项目开发过程中,数据的传输安全一直都是值得重视的问题,当然了市面上解决此类办法的技术也有很多,本项目在提供给第三方使用是数据以及校验第三方传递的参数,采用常用的RSA公私钥加解密的方式进行数据安全传输。
1.2RSA工具类
普通版
此工具类包含公私钥生成,及加解密方法
package com.juhe.gjj.util;import cn.hutool.json.JSONUtil;
import com.alibaba.fastjson.JSON;
import org.apache.tomcat.util.codec.binary.Base64;import javax.crypto.Cipher;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;import static cn.hutool.crypto.SmUtil.sm3;/*** @author kiki* @date 2024/2/26* @description*/
public class RsaUtil {//用于封装随机产生的公钥与私钥private static Map<Integer, String> keyMap = new HashMap<Integer, String>();/*** 随机生成密钥对* @throws NoSuchAlgorithmException*/public static void genKeyPair() throws NoSuchAlgorithmException {// KeyPairGenerator类用于生成公钥和私钥对,基于RSA算法生成对象KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA");// 初始化密钥对生成器,密钥大小为96-1024位keyPairGen.initialize(1024,new SecureRandom());// 生成一个密钥对,保存在keyPair中KeyPair keyPair = keyPairGen.generateKeyPair();// 得到私钥RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();//得到公钥RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();String publicKeyString = new String(Base64.encodeBase64(publicKey.getEncoded()));// 得到私钥字符串String privateKeyString = new String(Base64.encodeBase64((privateKey.getEncoded())));// 将公钥和私钥保存到Map(0表示公钥,1表示私钥)keyMap.put(0,publicKeyString);keyMap.put(1,privateKeyString);}/*** RSA公钥加密** @param str* 加密字符串* @param publicKey* 公钥* @return 密文* @throws Exception* 加密过程中的异常信息*/public static String encrypt(String str, String publicKey) throws Exception{//base64编码的公钥byte[] decoded = Base64.decodeBase64(publicKey);RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(decoded));//RSA加密Cipher cipher = Cipher.getInstance("RSA");cipher.init(Cipher.ENCRYPT_MODE, pubKey);String outStr = Base64.encodeBase64String(cipher.doFinal(str.getBytes("UTF-8")));return outStr;}/*** RSA私钥解密** @param str* 加密字符串* @param privateKey* 私钥* @return 铭文* @throws Exception* 解密过程中的异常信息*/public static String decrypt(String str, String privateKey) throws Exception{//64位解码加密后的字符串byte[] inputByte = Base64.decodeBase64(str.getBytes("UTF-8"));//base64编码的私钥byte[] decoded = Base64.decodeBase64(privateKey);RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decoded));//RSA解密Cipher cipher = Cipher.getInstance("RSA");cipher.init(Cipher.DECRYPT_MODE, priKey);String outStr = new String(cipher.doFinal(inputByte));return outStr;}public static String getEncryptedStr(Long timestamp, String systemCode, String secretKey){String syncSign = "";syncSign = sm3(systemCode + timestamp + secretKey);Map map = new HashMap();map.put("timestamp", timestamp);map.put("syncSign", syncSign);String content = JSONUtil.toJsonStr(map);return BizSmUtil.sm4DoEncrypt(secretKey, content);}public static void main(String[] args) throws Exception{//生成公钥和私钥genKeyPair();//加密字符串//String message = "df723820";String publicKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCT/NMk9W1pi5O6vHWbZ1nH8idxynONUEpUYf8N0rJ3MP5I7mAHN6LM+cCd/z3JR2ofE0naq3pv5hfJnYHmK/ujhflmRPwDY4thNOKE8IHVJazAunW9HXczA5abK8RSGcGvKCl7C35zFOfBod1ksYFLIzKBEXBhtkiH/qGnEaYnhwIDAQAB";String privateKey = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJP80yT1bWmLk7q8dZtnWcfyJ3HKc41QSlRh/w3Ssncw/kjuYAc3osz5wJ3/PclHah8TSdqrem/mF8mdgeYr+6OF+WZE/ANji2E04oTwgdUlrMC6db0ddzMDlpsrxFIZwa8oKXsLfnMU58Gh3WSxgUsjMoERcGG2SIf+oacRpieHAgMBAAECgYA4lvSS7HsTYjlyrgB3FbViXToyLE21mx9hVzv2KDzwkT6b2vPDrsXFhjfe8yzIXFO7YF/ci7g9NAqioWV8BBOsZNA8FelZkdOcNkLzS0jXlWvh74U0/bkrg+3TR+lvYbqw4eC7pBzn+mXJeN5RUbtDIvTq8BnceUNxgr3t6C4mCQJBAOJJn406uFfjc4M3pRf0hIw2+cAxI+GzkxZxEVk/fuIIz/4fPkWdqlqwbLbd5BkmlJKPI3WB0/wa2FlcJOQAh4UCQQCnaz6Mof0+5zXioG3NaotISUwTb7tKjc8riW3wGCoQhrMCRDPgkIC9GWSFGDiMNoCGZu8xtRPmp971vctrVdKbAkEA4FqgbzTl6nWfZFy6Obr748zp5+yQp8kULy7hRXxXv6F/HnQ5mGoOqaW7077B1VHUAk8al/mlhJHVKRvbk5cWxQJAIBpxgRgi7qf5bj6jL4upr6/WdbesK2yr+EY/HZYUotyhgOLBK+OpvBkdbGQrm79rv9oHLfnyGf3AxFCjrC5l1wJAUhqQnmKyIo2tTONEtRW2nFd7nHCZ3nm4G8Mh+dP0m14m5By9coWKU9uFhLuq+L+VpEFLjIx1Dg8qiYRLdQQH+Q==";HashMap<String, Object> mp = new HashMap<>();mp.put("createtime1","12344444445");mp.put("createtime2","12344444445");mp.put("createtime3","12344444445");mp.put("createtime4","12344444445");mp.put("createtime5","12344444445");mp.put("createtime6","12344444445");mp.put("createtime7","12344444445");mp.put("createtime8","12344444445");mp.put("createtime9","12344444445");mp.put("createtime19","12344444445");mp.put("createtime12","12344444445");mp.put("createtime23","12344444445");mp.put("createtime81","12344444445");mp.put("createtime91","12344444445");String message = JSON.toJSONString(mp);System.out.println("随机生成的公钥为:" + publicKey);System.out.println("随机生成的私钥为:" + privateKey);String messageEn = encrypt(message,publicKey);System.out.println(message + "\t加密后的字符串为:" + messageEn);String messageDe = decrypt(messageEn,privateKey);System.out.println("还原后的字符串为:" + messageDe);
// TokenVO tokenVO = JSON.parseObject(messageDe, TokenVO.class);
// System.out.println(tokenVO);}
}但是上述处理公私钥的方式,如果加密字符串data过长,则会导致Data must not be longer than 117 bytes的异常
1.3RSAUtil升级
原理是采用分段加解密,如此解决,当然了如果要加密的原始数据过长,这样的效率也是很低的
package com.juhe.gjj.util;import com.alibaba.fastjson.JSON;
import lombok.extern.slf4j.Slf4j;
import org.apache.tomcat.util.codec.binary.Base64;import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import java.io.UnsupportedEncodingException;
import java.security.KeyFactory;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;/*** @author kiki* @date 2024/2/29* @description*/
@Slf4j
public class RsaExpandUtil {public static final String publicKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCT/NMk9W1pi5O6vHWbZ1nH8idxynONUEpUYf8N0rJ3MP5I7mAHN6LM+cCd/z3JR2ofE0naq3pv5hfJnYHmK/ujhflmRPwDY4thNOKE8IHVJazAunW9HXczA5abK8RSGcGvKCl7C35zFOfBod1ksYFLIzKBEXBhtkiH/qGnEaYnhwIDAQAB";public static final String privateKey = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJP80yT1bWmLk7q8dZtnWcfyJ3HKc41QSlRh/w3Ssncw/kjuYAc3osz5wJ3/PclHah8TSdqrem/mF8mdgeYr+6OF+WZE/ANji2E04oTwgdUlrMC6db0ddzMDlpsrxFIZwa8oKXsLfnMU58Gh3WSxgUsjMoERcGG2SIf+oacRpieHAgMBAAECgYA4lvSS7HsTYjlyrgB3FbViXToyLE21mx9hVzv2KDzwkT6b2vPDrsXFhjfe8yzIXFO7YF/ci7g9NAqioWV8BBOsZNA8FelZkdOcNkLzS0jXlWvh74U0/bkrg+3TR+lvYbqw4eC7pBzn+mXJeN5RUbtDIvTq8BnceUNxgr3t6C4mCQJBAOJJn406uFfjc4M3pRf0hIw2+cAxI+GzkxZxEVk/fuIIz/4fPkWdqlqwbLbd5BkmlJKPI3WB0/wa2FlcJOQAh4UCQQCnaz6Mof0+5zXioG3NaotISUwTb7tKjc8riW3wGCoQhrMCRDPgkIC9GWSFGDiMNoCGZu8xtRPmp971vctrVdKbAkEA4FqgbzTl6nWfZFy6Obr748zp5+yQp8kULy7hRXxXv6F/HnQ5mGoOqaW7077B1VHUAk8al/mlhJHVKRvbk5cWxQJAIBpxgRgi7qf5bj6jL4upr6/WdbesK2yr+EY/HZYUotyhgOLBK+OpvBkdbGQrm79rv9oHLfnyGf3AxFCjrC5l1wJAUhqQnmKyIo2tTONEtRW2nFd7nHCZ3nm4G8Mh+dP0m14m5By9coWKU9uFhLuq+L+VpEFLjIx1Dg8qiYRLdQQH+Q==";/*** RSA公钥加密** @param str 加密字符串* @param publicKey 公钥* @return 密文* @throws Exception 加密过程中的异常信息*/public static String encrypt(String str, String publicKey) throws Exception {log.info("|RSA公钥加密前的数据|str:{}|publicKey:{}", str, publicKey);//base64编码的公钥byte[] decoded = Base64.decodeBase64(publicKey);RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(decoded));//RSA加密Cipher cipher = Cipher.getInstance("RSA");cipher.init(Cipher.ENCRYPT_MODE, pubKey);//当长度过长的时候,需要分割后加密 117个字节byte[] resultBytes = getMaxResultEncrypt(str, cipher);String outStr = Base64.encodeBase64String(resultBytes);log.info("|公钥加密后的数据|outStr:{}", outStr);return outStr;}private static byte[] getMaxResultEncrypt(String str, Cipher cipher) throws IllegalBlockSizeException, BadPaddingException {byte[] inputArray = str.getBytes();int inputLength = inputArray.length;log.info("|加密字节数|inputLength:{}", inputLength);// 最大加密字节数,超出最大字节数需要分组加密int MAX_ENCRYPT_BLOCK = 117;// 标识int offSet = 0;byte[] resultBytes = {};byte[] cache = {};while (inputLength - offSet > 0) {if (inputLength - offSet > MAX_ENCRYPT_BLOCK) {cache = cipher.doFinal(inputArray, offSet, MAX_ENCRYPT_BLOCK);offSet += MAX_ENCRYPT_BLOCK;} else {cache = cipher.doFinal(inputArray, offSet, inputLength - offSet);offSet = inputLength;}resultBytes = Arrays.copyOf(resultBytes, resultBytes.length + cache.length);System.arraycopy(cache, 0, resultBytes, resultBytes.length - cache.length, cache.length);}return resultBytes;}/*** RSA私钥解密** @param str 加密字符串* @param privateKey 私钥* @return 铭文* @throws Exception 解密过程中的异常信息*/public static String decrypt(String str, String privateKey) throws Exception {log.info("|RSA私钥解密前的数据|str:{}|privateKey:{}", str, privateKey);//64位解码加密后的字符串byte[] inputByte = Base64.decodeBase64(str.getBytes("UTF-8"));//base64编码的私钥byte[] decoded = Base64.decodeBase64(privateKey);RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decoded));//RSA解密Cipher cipher = Cipher.getInstance("RSA");cipher.init(Cipher.DECRYPT_MODE, priKey);
// String outStr = new String(cipher.doFinal(inputByte));//当长度过长的时候,需要分割后解密 128个字节String outStr = new String(getMaxResultDecrypt(str, cipher));log.info("|RSA私钥解密后的数据|outStr:{}", outStr);return outStr;}private static byte[] getMaxResultDecrypt(String str, Cipher cipher) throws IllegalBlockSizeException, BadPaddingException, UnsupportedEncodingException {byte[] inputArray = Base64.decodeBase64(str.getBytes("UTF-8"));int inputLength = inputArray.length;log.info("|解密字节数|inputLength:{}", inputLength);// 最大解密字节数,超出最大字节数需要分组加密int MAX_ENCRYPT_BLOCK = 128;// 标识int offSet = 0;byte[] resultBytes = {};byte[] cache = {};while (inputLength - offSet > 0) {if (inputLength - offSet > MAX_ENCRYPT_BLOCK) {cache = cipher.doFinal(inputArray, offSet, MAX_ENCRYPT_BLOCK);offSet += MAX_ENCRYPT_BLOCK;} else {cache = cipher.doFinal(inputArray, offSet, inputLength - offSet);offSet = inputLength;}resultBytes = Arrays.copyOf(resultBytes, resultBytes.length + cache.length);System.arraycopy(cache, 0, resultBytes, resultBytes.length - cache.length, cache.length);}return resultBytes;}public static void main(String[] args) throws Exception{//加密字符串//String message = "df723820";String publicKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCT/NMk9W1pi5O6vHWbZ1nH8idxynONUEpUYf8N0rJ3MP5I7mAHN6LM+cCd/z3JR2ofE0naq3pv5hfJnYHmK/ujhflmRPwDY4thNOKE8IHVJazAunW9HXczA5abK8RSGcGvKCl7C35zFOfBod1ksYFLIzKBEXBhtkiH/qGnEaYnhwIDAQAB";String privateKey = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJP80yT1bWmLk7q8dZtnWcfyJ3HKc41QSlRh/w3Ssncw/kjuYAc3osz5wJ3/PclHah8TSdqrem/mF8mdgeYr+6OF+WZE/ANji2E04oTwgdUlrMC6db0ddzMDlpsrxFIZwa8oKXsLfnMU58Gh3WSxgUsjMoERcGG2SIf+oacRpieHAgMBAAECgYA4lvSS7HsTYjlyrgB3FbViXToyLE21mx9hVzv2KDzwkT6b2vPDrsXFhjfe8yzIXFO7YF/ci7g9NAqioWV8BBOsZNA8FelZkdOcNkLzS0jXlWvh74U0/bkrg+3TR+lvYbqw4eC7pBzn+mXJeN5RUbtDIvTq8BnceUNxgr3t6C4mCQJBAOJJn406uFfjc4M3pRf0hIw2+cAxI+GzkxZxEVk/fuIIz/4fPkWdqlqwbLbd5BkmlJKPI3WB0/wa2FlcJOQAh4UCQQCnaz6Mof0+5zXioG3NaotISUwTb7tKjc8riW3wGCoQhrMCRDPgkIC9GWSFGDiMNoCGZu8xtRPmp971vctrVdKbAkEA4FqgbzTl6nWfZFy6Obr748zp5+yQp8kULy7hRXxXv6F/HnQ5mGoOqaW7077B1VHUAk8al/mlhJHVKRvbk5cWxQJAIBpxgRgi7qf5bj6jL4upr6/WdbesK2yr+EY/HZYUotyhgOLBK+OpvBkdbGQrm79rv9oHLfnyGf3AxFCjrC5l1wJAUhqQnmKyIo2tTONEtRW2nFd7nHCZ3nm4G8Mh+dP0m14m5By9coWKU9uFhLuq+L+VpEFLjIx1Dg8qiYRLdQQH+Q==";HashMap<String, Object> mp = new HashMap<>();mp.put("createtime1","12344444445");mp.put("createtime2","12344444445");mp.put("createtime3","12344444445");mp.put("createtime4","12344444445");mp.put("createtime5","12344444445");mp.put("createtime6","12344444445");mp.put("createtime7","12344444445");mp.put("createtime8","12344444445");mp.put("createtime9","12344444445");mp.put("createtime19","12344444445");mp.put("createtime12","12344444445");mp.put("createtime23","12344444445");mp.put("createtime81","12344444445");mp.put("createtime91","12344444445");String message = JSON.toJSONString(mp);String messageEn = encrypt(message,publicKey);System.out.println(message + "\n加密后的字符串为:" + messageEn);String messageDe = decrypt(messageEn ,privateKey);System.out.println("还原后的字符串为:" + messageDe);}
}