这是百度百科对(对称加密丶非对称加密)的解释:

(1)对称加密算法在加密和解密时使用的是同一个秘钥。

(2)非对称加密算法需要两个密钥来进行加密和解密,这两个秘钥是公开密钥(public key,简称公钥)和私有密钥(private key,简称私钥)。

处理的思路:
(1)服务端利用RSA创建一对公私钥,服务端存储私钥,将公钥给客户端
(2)每次请求前,将明文数据利用公钥进行加密,然后将密文传递给服务端
(3)服务端拿到密文,利用私钥进行解密,得到明文数据,然后进行业务处理

1.引入jarbao

<dependency><groupId>io.jsonwebtoken</groupId><artifactId>jjwt</artifactId><version>0.9.1</version></dependency><dependency><groupId>com.auth0</groupId><artifactId>jwks-rsa</artifactId><version>0.9.0</version></dependency>
<dependency><groupId>commons-io</groupId><artifactId>commons-io</artifactId><version>2.4</version></dependency><dependency><groupId>org.apache.commons</groupId><artifactId>commons-lang3</artifactId></dependency>

2.创建自定义注解

package com.othp.core.config;import java.lang.annotation.*;
import org.springframework.web.bind.annotation.Mapping;@Target({ElementType.METHOD,ElementType.TYPE})
@Retention(RetentionPolicy.RUNTIME)
@Mapping
@Documented
public @interface RsaParameter {/*** 入参是否解密,默认解密*/boolean inDecode() default true;/*** 出参是否加密,默认加密*/boolean outEncode() default false;}

3.加入增强控制器

package com.othp.core.advice;import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Type;
import org.apache.commons.io.IOUtils;
import org.springframework.core.MethodParameter;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpInputMessage;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdvice;import com.othp.core.config.RsaParameter;
import com.othp.core.util.RSAEncrypt;import lombok.extern.slf4j.Slf4j;@Slf4j
@ControllerAdvice(basePackages = {"com.othp.mine.controller","com.othp.mine.controller"})
public class RsaDecodeRequestBodyAdvice implements RequestBodyAdvice {@Overridepublic boolean supports(MethodParameter methodParameter, Type targetType,Class<? extends HttpMessageConverter<?>> converterType) {// TODO Auto-generated method stubreturn true;}@Overridepublic HttpInputMessage beforeBodyRead(HttpInputMessage inputMessage, MethodParameter methodParameter, Type targetType,Class<? extends HttpMessageConverter<?>> converterType) throws IOException {try {boolean encode = false;if (methodParameter.getMethod().isAnnotationPresent(RsaParameter.class)) {//获取注解配置的包含和去除字段RsaParameter serializedField = methodParameter.getMethodAnnotation(RsaParameter.class);//入参是否需要解密encode = serializedField.inDecode();}if (encode) {log.info("对方法method :【" + methodParameter.getMethod().getName() + "】返回数据进行解密");return new MyHttpInputMessage(inputMessage);}else{return inputMessage;}} catch (Exception e) {e.printStackTrace();log.error("对方法method :【" + methodParameter.getMethod().getName() + "】返回数据进行解密出现异常:"+e.getMessage());return inputMessage;}}@Overridepublic Object afterBodyRead(Object body, HttpInputMessage inputMessage, MethodParameter parameter, Type targetType,Class<? extends HttpMessageConverter<?>> converterType) {return body;}@Overridepublic Object handleEmptyBody(Object body, HttpInputMessage inputMessage, MethodParameter parameter,Type targetType, Class<? extends HttpMessageConverter<?>> converterType) {return body;}class MyHttpInputMessage implements HttpInputMessage {private HttpHeaders headers;private InputStream body;public MyHttpInputMessage(HttpInputMessage inputMessage) throws Exception {this.headers = inputMessage.getHeaders();String content = IOUtils.toString(inputMessage.getBody(),"utf-8");this.body = IOUtils.toInputStream(RSAEncrypt.rsaDecrypt(content));}@Overridepublic InputStream getBody() throws IOException {return body;}@Overridepublic HttpHeaders getHeaders() {return headers;}}}

4.加入RSA工具类

package com.othp.core.util;import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;import javax.crypto.Cipher;import com.fasterxml.jackson.databind.util.JSONPObject;public class RSAEncrypt {private static Map<Integer, String> keyMap = new HashMap<Integer, String>();  //用于封装随机产生的公钥与私钥//公钥private static String publicKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxkIbCWY8re71Fwmf4ehTl+6xuvFSbEuE7ZumXMlOkvWdSVatiTNnrX29I33uAicp19XJAwZSy2hKUPkoSmqzyZ9Si+fi3h1ZGD31WtSVxiAGgkmclVjIiuph2v8kjc/knzZgzLQaPX5E5SkFKPK+9bWJ+2Fkrx3ulSBxAeqWTuQIDAQAB";//私钥private static String privateKey = "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBALGQhsJZjyt7vUXCZ/h6FOX7rG68VJsS4Ttm6ZcyU6S9Z1JVq2JM2etfb0jfe4CJynX1ckDBlLLaEpQ+ShKarPJn1KL5+LeHVkYPfVa1JXGIAaCSZyVWMiK6mHa/ySNz+SfNmDMtBo9fkTlKQUo8r71tYn7YWSvHe6VIHEB6pZO5AgMBAAECgYBJuOHai2if+y4oaoDUb4uBuS5sg5D1Ga+eBCpz9hc4TNM7IgqYM6Q+z07bCL60LYF73D5lmHnukBAqsHn8o2+uPBl202/Mg9j3VGD3BVfcjXOeNmtbdGRbK8qR/AG33WoUC41DqXG5teXQ1bqbzgIhd/o8c3beLGkS6kNjhOXCiQJBAOCcgRgeRSetiZMFCBzXEqds0Zk7rOUyjFGUA6ANsHZQbiZYYqXWuvetbLcjdYmSW5H92+FsVZDSIq7kGQzk9y8CQQDKYOsF+a7MEQaSyJ84olmiRyL9OCxBW0Qkgi81mZSbAQ4zKEN42rYYhpzEFSRYNltYbqlr5UaheOnGtw4nwumXAkEApHWziGdRl3XXT9DVWdiYjgJ9jcdGFyPl3i2UYfLkDB1kKat5v5f0mjlfatEJ1MtXRRQtlWbvV/Sk9I2LUgesfQJAft4a93f6uDrEIChciChegHiP2qXoOGB6a1ihN7y7iCA1QqSvB4g0N1PL2rBWRGZvBRT6aIUmrfsaslP3L73kqQJBAJ0GwkZTKLEMTzObpKWooYP/UE8kdTf6FMrL0BJohZ1DMQ33hdLr+qO9MM4wU9HtI+MjBKzOg4FvQwe1TlNLH/Q=";public static void main(String[] args) throws Exception {//生成公钥和私钥genKeyPair();//加密字符串//        String message = "{\"name\":\"1\",\"password\":\"2\"}";String message = "{\r\n" + "  \"feedbackContent\": \"string\",\r\n" + "  \"feedbackId\": \"string\",\r\n" + "  \"feedbackPicture\": \"string\",\r\n" + "  \"userId\": \"123\",\r\n" + "  \"userType\": \"1\"\r\n" + "}";
//      System.out.println("随机生成的公钥为:" + keyMap.get(0));
//      System.out.println("随机生成的私钥为:" + keyMap.get(1));System.out.println("\t加密前的字符串为:" + message);
//      String messageEn = encrypt(message);String messageEn = rsaEncrypt(message);System.out.println("\t加密后的字符串为:" + messageEn);
//      String messageDe = decrypt(messageEn);String messageDe = rsaDecrypt(messageEn);System.out.println("\t还原后的字符串为:" + messageDe);}/** * 随机生成密钥对 * @throws NoSuchAlgorithmException */  public static void genKeyPair() throws NoSuchAlgorithmException {  // KeyPairGenerator类用于生成公钥和私钥对,基于RSA算法生成对象  KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA");  // 初始化密钥对生成器,密钥大小为96-1024位  keyPairGen.initialize(1024,new SecureRandom());  // 生成一个密钥对,保存在keyPair中  KeyPair keyPair = keyPairGen.generateKeyPair();  RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();   // 得到私钥  RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();  // 得到公钥  String publicKeyString = new String(Base64.getEncoder().encodeToString(publicKey.getEncoded()));  // 得到私钥字符串  String privateKeyString = new String(Base64.getEncoder().encodeToString(privateKey.getEncoded()));  // 将公钥和私钥保存到MapkeyMap.put(0,publicKeyString);  //0表示公钥keyMap.put(1,privateKeyString);  //1表示私钥} /** * RSA公钥加密 *  * @param str *            加密字符串* @param publicKey *            公钥 * @return 密文 * @throws Exception *             加密过程中的异常信息 */  public static String encrypt(String str) throws Exception{//base64编码的公钥byte[] decoded = Base64.getDecoder().decode(publicKey);RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(decoded));//RSA加密Cipher cipher = Cipher.getInstance("RSA");cipher.init(Cipher.ENCRYPT_MODE, pubKey);String outStr = Base64.getEncoder().encodeToString(cipher.doFinal(str.getBytes("UTF-8")));return outStr;}/** * RSA私钥解密*  * @param str *            加密字符串* @param privateKey *            私钥 * @return 铭文* @throws Exception *             解密过程中的异常信息 */  public static String decrypt(String str) throws Exception{//64位解码加密后的字符串byte[] inputByte = Base64.getDecoder().decode(str.getBytes("UTF-8"));//base64编码的私钥byte[] decoded = Base64.getDecoder().decode(privateKey);  RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decoded));  //RSA解密Cipher cipher = Cipher.getInstance("RSA");cipher.init(Cipher.DECRYPT_MODE, priKey);String outStr = new String(cipher.doFinal(inputByte));return outStr;}//加密长度不超过117Byte,解密长度不超过128Byte//解密public static String rsaDecrypt(String input) {String result = "";try {// 将Base64编码后的公钥转换成PublicKey对象byte[] decoded = Base64.getDecoder().decode(privateKey);RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decoded));  // 加密Cipher cipher = Cipher.getInstance("RSA");cipher.init(Cipher.DECRYPT_MODE, priKey);byte[] inputArray = Base64.getDecoder().decode(input.getBytes("UTF-8"));int inputLength = inputArray.length;// 最大加密字节数,超出最大字节数需要分组加密int MAX_ENCRYPT_BLOCK = 128;// 标识int offSet = 0;byte[] resultBytes = {};byte[] cache = {};while (inputLength - offSet > 0) {if (inputLength - offSet > MAX_ENCRYPT_BLOCK) {cache = cipher.doFinal(inputArray, offSet, MAX_ENCRYPT_BLOCK);offSet += MAX_ENCRYPT_BLOCK;} else {cache = cipher.doFinal(inputArray, offSet, inputLength - offSet);offSet = inputLength;}resultBytes = Arrays.copyOf(resultBytes, resultBytes.length + cache.length);System.arraycopy(cache, 0, resultBytes, resultBytes.length - cache.length, cache.length);}result = new String(resultBytes);} catch (Exception e) {System.out.println("rsaEncrypt error:" + e.getMessage());result = input;}return result;}//加密长度不超过117Byte,解密长度不超过128Byte//加密public static String rsaEncrypt(String input) {String result = "";try {// 将Base64编码后的公钥转换成PublicKey对象byte[] buffer = Base64.getDecoder().decode(publicKey);KeyFactory keyFactory = KeyFactory.getInstance("RSA");X509EncodedKeySpec keySpec = new X509EncodedKeySpec(buffer);PublicKey publicKey = keyFactory.generatePublic(keySpec);// 加密Cipher cipher = Cipher.getInstance("RSA");cipher.init(Cipher.ENCRYPT_MODE, publicKey);byte[] inputArray = input.getBytes();int inputLength = inputArray.length;// 最大加密字节数,超出最大字节数需要分组加密int MAX_ENCRYPT_BLOCK = 117;// 标识int offSet = 0;byte[] resultBytes = {};byte[] cache = {};while (inputLength - offSet > 0) {if (inputLength - offSet > MAX_ENCRYPT_BLOCK) {cache = cipher.doFinal(inputArray, offSet, MAX_ENCRYPT_BLOCK);offSet += MAX_ENCRYPT_BLOCK;} else {cache = cipher.doFinal(inputArray, offSet, inputLength - offSet);offSet = inputLength;}resultBytes = Arrays.copyOf(resultBytes, resultBytes.length + cache.length);System.arraycopy(cache, 0, resultBytes, resultBytes.length - cache.length, cache.length);}result = Base64.getEncoder().encodeToString(resultBytes);} catch (Exception e) {System.out.println("rsaEncrypt error:" + e.getMessage());}return result;}}

5.直接在需要加密的controller上加注解

 @RequestMapping(value = "/saveFeedbackInfo", method = RequestMethod.POST)@RsaParameterpublic ResponseResult<Boolean> saveFeedbackInfo(@RequestBody @Validated SJ0408_01_BO bo) {Boolean result = sj0408_01_Service.saveFeedbackInfo(bo);return ResponseResult.success(result);}

加密处理只对requestBody进行加密,特殊处理过,不加密也能执行。

6.有个简易的处理

弊端:Cipher提供加解密API,其中RSA非对称加密解密内容长度是有限制的,加密长度不超过117Byte,解密长度不超过128Byte,报错如下:javax.crypto.IllegalBlockSizeException: Data must not be longer than 117 bytes。
一、引入jar包

<dependency>  <groupId>cn.shuibo</groupId>  <artifactId>rsa-encrypt-body-spring-boot</artifactId>  <version>1.0.1.RELEASE</version>
</dependency>

二、启动类Application中添加@EnableSecurity注解
三、在application.yml或者application.properties中添加RSA公钥及私钥

rsa:encrypt:open: true # 是否开启加密 true  or  false    showLog: true # 是否打印加解密log true  or  false    publicKey: # RSA公钥    privateKey: # RSA私钥

四、在controller方法上加
@Encrypt 返回值进行加密
@Decrypt 传过来的加密参数解密

Springboot+RSA非对称加密相关推荐

  1. RSA非对称加密和解密(同时生成密钥)

    RSA非对称加密和解密(同时生成密钥) 准备jar包 bcprov-jdk16-1.46.jar commons-codec-1.15.jar 获取jar地址:https://mvnrepositor ...

  2. JSON 接口如何实现 RSA 非对称加密与签名

    代码地址如下: http://www.demodashi.com/demo/14000.html 一.概述 1. 数字签名的作用:保证数据完整性,机密性和发送方角色的不可抵赖性,加密与签字结合时,两套 ...

  3. CryptoAPI与openssl RSA非对称加密解密(PKCS1 PADDING)交互

    (以下代码中都只做测试用,有些地方没有释放内存...这个自己解决下) 1.RSA非对称的,首先提供一个供测试用的证书和私钥的数据 1)pem格式的证书和私钥(公私钥是对应的)的base64编码 [cp ...

  4. php利用openssl实现RSA非对称加密签名

    来源:http://www.webiji.com/archives/412 php利用openssl实现RSA非对称加密签名 1. 先用php生成一对公钥和私钥 $res = openssl_pkey ...

  5. Atitit RSA非对称加密原理与解决方案

    Atitit RSA非对称加密原理与解决方案 1.1. 一.一点历史 1 1.2. 八.加密和解密 2 1.3. 二.基于RSA的消息传递机制  3 1.4. 基于rsa的授权验证机器码 4 1.5. ...

  6. java rsa 117_java实现RSA非对称加密解密

    之前写过一篇java实现AES对称加密解密 在对密码加密传输的场景下 RSA非对称加密解密可能会更加适合. 原理就是后台生成一对公钥和私钥,公钥给前端用来加密,后台用私钥去解密,保证了传输过程中就算被 ...

  7. 前后端数据加密传输 RSA非对称加密

    任务需求:要求登陆时将密码加密之后再进行传输到后端. 经过半天查询摸索折腾,于是有了如下成果: 加密方式:RSA非对称加密. 实现方式:公钥加密,私钥解密. 研究进度:javascript与java端 ...

  8. 微信小程序RSA非对称加密。

    因公司做的产品为金融项目,所以对数据安全性有很高要求,因为项目中的数据都会通过3DES 对称加密,和RSA非对称加密进行数据传输. 在这里先简单介绍一下什么是对称加密和非对称加密 对称加密:对称加密采 ...

  9. 数据加密 RSA非对称加密篇

    先把代码贴上来,理论后续补充,暂时可先参考数据加密 总篇 package com.jlpay.partner.utils;import android.util.Base64;import java. ...

最新文章

  1. android中getMeasuredHeigh()为0的问题
  2. 批量删除注册表特定键值的小技巧
  3. Lock/Unlock Account - Active Directory
  4. linux定时任务之crontab
  5. 和华为hr电话面试的反思
  6. 在PowerDesigner中设置字段唯一约束 --相当于unique
  7. MyBatis-学习笔记10【10.JNDI扩展知识】
  8. Http协议中的方法
  9. bug的一生:如何体现测试专业度?
  10. 自学Python八 爬虫大坑之网页乱码
  11. java 网络请求 生成本地图片
  12. RN开发系列<2>--基本调试
  13. WinRAR备份技巧 - imsoft.cnblogs
  14. VS2015 Visual Assist X破解版安装、禁用、卸载方法
  15. 06540计算机网络2018年自考真题,自考06540计算机网络基本原理复习资料二
  16. 服务器管理软件LuManager2.0.99发布,含智能优化
  17. 苹果电脑系统太卡如何彻底清理内存?
  18. BLDC在3D风扇屏(全息风扇屏原理)上的应用----Trinamic(TMC)解决方案
  19. 学会在Android Studio里使用列表视图制作通讯录
  20. 三年java现在还是菜的不行_你java开发几年还是那么菜是因为你没有做到这些

热门文章

  1. ceph1--ceph基础/搭建ceph高可用集群
  2. 利用 eutils 实现自动下载序列文件(python实现)
  3. 生物信息学习--nr/nt 数据库(总+子)构建
  4. 《文明3》全攻略之设置篇
  5. 强化学习PARL——5. 基于连续动作空间上方法求解RL及大作业
  6. json rpgmv 加密_RPGMakerMV探秘01-文件结构
  7. 关闭 centos7 的滴滴声
  8. 一次手机木马的清除记录(手机刷机)
  9. matlab命令行窗口显示长度设置_设置命令行窗口输出显示格式 | MATLAB format| MathWork...
  10. 日语中di,ti,du,这些如何用片假名打出来