Springboot整合JwtHelper实现非对称加密
目录
- 一、生成公私钥对
- 二、利用私钥生产token
- 三、利用公钥解密token
- 四、将String类型的公钥转换成RSAPublicKey对象
- 五、将String类型的私钥转换成RSAPrivateKey对象
一、生成公私钥对
提供两种方法,一种基于命令行中的Keytool工具生成,一种是基于SpringSecurity中的KeyPairGenerator类生成,现实现第二种方式:
// 加密算法 private static final String KEY_ALGORITHM = "RSA"; // 公钥key private static final String PUB_KEY="publicKey"; // 私钥key private static final String PRI_KEY="privateKey"; public static Map<String,String> generateKey() throws NoSuchAlgorithmException { Map<String,String> keyMap=new HashMap<>(); KeyPairGenerator instance = KeyPairGenerator.getInstance(KEY_ALGORITHM); KeyPair keyPair = instance.generateKeyPair(); PrivateKey privateKey = keyPair.getPrivate(); PublicKey publicKey = keyPair.getPublic(); //Base64 编码 byte[] privateKeyEncoded = privateKey.getEncoded(); String privateKeyStr = Base64.encodeBase64String(privateKeyEncoded); byte[] publicKeyEncoded = publicKey.getEncoded(); String publicKeyStr=Base64.encodeBase64String(publicKeyEncoded); keyMap.put(PUB_KEY,publicKeyStr); keyMap.put(PRI_KEY,privateKeyStr); return keyMap; }
二、利用私钥生产token
// 加密算法 private static final String KEY_ALGORITHM = "RSA"; // 公钥key private static final String PUB_KEY="publicKey"; // 私钥key private static final String PRI_KEY="privateKey"; // GenerateKey Key=new GenerateKey(); // 利用私钥生产token public static Map<String,String> generateToken(UserDetails userDetails) throws NoSuchAlgorithmException, InvalidKeySpecException { GenerateKey Key=new GenerateKey(); RSAPrivateKey privateKey = null; RSAPublicKey publicKey=null; String token=null; Map<String, String> map=new HashMap<>(); Map<String, String> keyMap = Key.generateKey(); privateKey=getPrivateKey(keyMap.get(PRI_KEY)); Map<String,String> tokenMap=new HashMap<>(); tokenMap.put("userName",userDetails.getUsername()); // 使用私钥加密 token = JwtHelper.encode(JSON.toJSONString(tokenMap), new RsaSigner(privateKey)).getEncoded(); map.put("token",token); map.put("publicKey",keyMap.get(PUB_KEY)); return map; }
三、利用公钥解密token
public static String parseToken(String token,String publicKey) throws NoSuchAlgorithmException, InvalidKeySpecException { Jwt jwt=null; RSAPublicKey rsaPublicKey; rsaPublicKey=getPublicKey(publicKey); jwt=JwtHelper.decodeAndVerify(token, new RsaVerifier(rsaPublicKey) ); String claims= jwt.getClaims(); return claims; }
四、将String类型的公钥转换成RSAPublicKey对象
/** * 得到公钥 * * @param publicKey * 密钥字符串(经过base64编码) * @throws Exception */ public static RSAPublicKey getPublicKey(String publicKey) throws NoSuchAlgorithmException, InvalidKeySpecException { // 通过X509编码的Key指令获得公钥对象 KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(Base64.decodeBase64(publicKey)); RSAPublicKey key = (RSAPublicKey) keyFactory.generatePublic(x509KeySpec); return key; }
五、将String类型的私钥转换成RSAPrivateKey对象
/** * 得到私钥pkcs8 * * @param privateKey * 密钥字符串(经过base64编码) * @throws Exception */ public static RSAPrivateKey getPrivateKey(String privateKey) throws NoSuchAlgorithmException, InvalidKeySpecException { // 通过PKCS#8编码的Key指令获得私钥对象 KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(privateKey)); RSAPrivateKey key = (RSAPrivateKey) keyFactory.generatePrivate(pkcs8KeySpec); return key; }
到此这篇关于Springboot整合JwtHelper实现非对称加密的文章就介绍到这了,更多相关Springboot JwtHelper非对称加密内容请搜索我们以前的文章或继续浏览下面的相关文章希望大家以后多多支持我们!
赞 (0)