AES是對稱加密
RSA是非對稱加密
package com.activeclub.utils;
import org.apache.commons.codec.binary.Base64;
import org.springframework.beans.factory.annotation.Value;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import java.security.*;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
/**
* @author
* @date 2020/12/21 23:40
* @email
* @descript 加解密工具
*/
public class EncrytUtil {
@Value("${encry.salt:}")// ZJKTODO: 椒鹽噪聲待添加 2021/1/18 20:48
private String salt;//加密中的椒鹽
public static final String PUBLIC_KEY = "public_key";
public static final String PRIVATE_KEY = "private_key";
public static final String AES_ENCRY = "0";//對稱加密(默認)
public static final String PRIVATE_CIPHER_PUBLIC = "1";//私鑰加密\公鑰解密
public static final String PUBLIC_CIPHER_PRIVATE = "2";//公鑰加密\私鑰解密
private static final String RSA = "RSA";
private static final String AES = "AES";
/**
* 初始化
*
* @return 公鑰和私鑰的map
* @throws Exception 異常
*/
public Map<String, String> initKey() throws Exception {
KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(RSA);
keyPairGen.initialize(2048);
KeyPair keyPair = keyPairGen.generateKeyPair();
Map<String, String> keyMap = new HashMap<String, String>();
// 公鑰
keyMap.put(PUBLIC_KEY, Base64.encodeBase64String(keyPair.getPublic().getEncoded()));
// 私鑰
keyMap.put(PRIVATE_KEY, Base64.encodeBase64String(keyPair.getPrivate().getEncoded()));
return keyMap;
}
/**
* 生成密鑰對象(對稱加密)
*/
private SecretKey generateKey(byte[] key) throws Exception {
// 根據指定的 RNG 算法, 創建安全隨機數生成器
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
// 設置 密鑰key的字節數組 作為安全隨機數生成器的種子
random.setSeed(key);
// 創建 AES算法生成器
KeyGenerator gen = KeyGenerator.getInstance("AES");
// 初始化算法生成器
gen.init(128, random);
// 生成 AES密鑰對象, 也可以直接創建密鑰對象: return new SecretKeySpec(key, ALGORITHM);
return gen.generateKey();
}
/**
* 加密
*
* @param clearString 明文
* @param keyString 鑰
* @param encodeMode 加密模式:0私鑰加密\公鑰解密,1公鑰加密\私鑰解密
* @return 密文
* @throws Exception 異常
*/
public String Encode(String clearString, String encodeMode, String keyString) throws Exception {
byte[] keyByte = Base64.decodeBase64(keyString);
byte[] result;
KeyFactory keyFactory;
Cipher cipher;
if (StringUtil.isNotEmpty(encodeMode) && encodeMode.equals(PRIVATE_CIPHER_PUBLIC)) {
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(keyByte);
keyFactory = KeyFactory.getInstance(RSA);
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
cipher = Cipher.getInstance(RSA);
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
result = cipher.doFinal(clearString.getBytes());
} else if (StringUtil.isNotEmpty(encodeMode) && encodeMode.equals(PUBLIC_CIPHER_PRIVATE)) {
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(keyByte);
keyFactory = KeyFactory.getInstance(RSA);
PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
cipher = Cipher.getInstance(RSA);
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
result = cipher.doFinal(clearString.getBytes());
} else {
SecretKey secKey = generateKey(keyByte);
cipher = Cipher.getInstance(AES);
cipher.init(Cipher.ENCRYPT_MODE, secKey);
result = cipher.doFinal(clearString.getBytes());
}
return Base64.encodeBase64String(result);
}
/**
* 解密
*
* @param cipherString 密文
* @param keyString 鑰
* @param encodeMode 加密模式:0私鑰加密\公鑰解密,1公鑰加密\私鑰解密
* @return 明文
* @throws Exception 異常
*/
public String Decode(String cipherString, String encodeMode, String keyString) throws Exception {
byte[] cipherByte = Base64.decodeBase64(cipherString.getBytes());//密文
byte[] keyByte = Base64.decodeBase64(keyString);//鑰
byte[] result;
KeyFactory keyFactory;
Cipher cipher;
if (StringUtil.isNotEmpty(encodeMode) && encodeMode.equals(PRIVATE_CIPHER_PUBLIC)) {
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(keyByte);
keyFactory = KeyFactory.getInstance(RSA);
PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
cipher = Cipher.getInstance(RSA);
cipher.init(Cipher.DECRYPT_MODE, publicKey);
result = cipher.doFinal(cipherByte);
} else if (StringUtil.isNotEmpty(encodeMode) && encodeMode.equals(PUBLIC_CIPHER_PRIVATE)) {
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(keyByte);
keyFactory = KeyFactory.getInstance(RSA);
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
cipher = Cipher.getInstance(RSA);
cipher.init(Cipher.DECRYPT_MODE, privateKey);
result = cipher.doFinal(cipherByte);
} else {
SecretKey secKey = generateKey(keyByte);
cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, secKey);
result = cipher.doFinal(cipherByte);
}
return new String(result);
}
/**
* 樣例
*
* @param args
* @throws Exception
*/
public static void main(String[] args) throws Exception {
EncrytUtil encrytUtil = new EncrytUtil();
Map<String, String> map = encrytUtil.initKey();
String clear = "hello world! ";
String cipher1 = encrytUtil.Encode(clear, "0", "123456");
String cipher2 = encrytUtil.Encode(clear, "1", map.get(PRIVATE_KEY));
String cipher3 = encrytUtil.Encode(clear, "2", map.get(PUBLIC_KEY));
String clear1 = encrytUtil.Decode(cipher1, "0", "123456");
String clear2 = encrytUtil.Decode(cipher2, "1", map.get(PUBLIC_KEY));
String clear3 = encrytUtil.Decode(cipher3, "2", map.get(PRIVATE_KEY));
System.out.println();
}
}
詳情見Github:https://github.com/mufasa007/repository/blob/master/app-framework/app-framework-utils/src/main/java/com/activeclub/utils/EncrytUtil.java
