RSA密码加密

auth-service/src/main/java/com/hungraim/ltc/controller/AuthController.java

 package com.hungraim.ltc.controller;
 
+import com.hungraim.ltc.util.CsoftSecurityUtil;
 import com.hungraim.ltc.util.Result;
 import lombok.AllArgsConstructor;
 import lombok.SneakyThrows;
@@ -24,6 +25,9 @@ public class AuthController {
   @PostMapping("/token")
   @SneakyThrows
   public Result<OAuth2AccessToken> postAccessToken(Principal principal, @RequestParam Map<String, String> parameters)  {
+    String password = parameters.get("password");
+    String decrypt = CsoftSecurityUtil.decrypt(password);
+    parameters.put("password", decrypt);
     OAuth2AccessToken oAuth2AccessToken = tokenEndpoint.postAccessToken(principal, parameters).getBody();
     return Result.success(oAuth2AccessToken);
   }

auth-service/src/main/java/com/hungraim/ltc/controller/PublicKeyController.java

 package com.hungraim.ltc.controller;
 
+import com.hungraim.ltc.util.CsoftSecurityUtil;
+import com.hungraim.ltc.util.Result;
 import com.nimbusds.jose.jwk.JWKSet;
 import com.nimbusds.jose.jwk.RSAKey;
 import lombok.AllArgsConstructor;
+import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -30,4 +33,14 @@ public class PublicKeyController {
     return new JWKSet(key).toJSONObject();
   }
 
+  /**
+   * 获取公钥
+   * @return
+   */
+  @GetMapping("/genKeyPair")
+  public Result<String> genKeyPair() {
+    Map keyMap = CsoftSecurityUtil.genKeyPair();
+    return Result.success(keyMap.get(0).toString());
+  }
+
 }

auth-service/src/main/java/com/hungraim/ltc/gateway/config/WebSecurityConfig.java

@@ -27,7 +27,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
       .authorizeRequests().requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll()
       .and()
       .authorizeRequests()
-      .antMatchers("/getPublicKey","/oauth/logout").permitAll()
+      .antMatchers("/getPublicKey","/oauth/logout","/genKeyPair").permitAll()
       .anyRequest().authenticated();
   }
 

common/common-core/src/main/java/com/hungraim/ltc/util/CsoftSecurityUtil.java

+package com.hungraim.ltc.util;
+
+import java.nio.charset.StandardCharsets;
+import java.security.InvalidKeyException;
+import java.security.KeyFactory;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+import java.util.HashMap;
+import java.util.Map;
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import org.apache.commons.codec.binary.Base64;
+
+/**
+  *  @Description: 通用加密工具 RSA+ASE+SHA256(非对称加密（对称秘钥），对称加密数据，Sha256消息摘要，RSA签名)
+  *  @author
+  *  @version 1.0
+  */
+public class CsoftSecurityUtil {
+    private static Map<Integer, String> keyMap = new HashMap<>(); // 用于封装随机产生的公钥与私钥
+
+    public static void main(String[] args) {
+        //生成公钥和私钥
+        genKeyPair();
+        //加密字符串
+        String message = "df723820";
+        System.out.println("随机生成的公钥为:" + keyMap.get(0));
+        System.out.println("随机生成的私钥为:" + keyMap.get(1));
+        String messageEn = encrypt(message, keyMap.get(0));
+        System.out.println("加密后的字符串为:" + messageEn);
+        String messageDe = decrypt(messageEn);
+        System.out.println("还原后的字符串为:" + messageDe);
+    }
+
+    //随机生成密钥对
+    public static Map genKeyPair() {
+        // KeyPairGenerator类用于生成公钥和私钥对，基于RSA算法生成对象
+        KeyPairGenerator keyPairGen = null;
+
+        try {
+            keyPairGen = KeyPairGenerator.getInstance("RSA");
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+        }
+
+        // 初始化密钥对生成器，密钥大小为96-1024位
+        assert keyPairGen != null;
+        keyPairGen.initialize(1024, new SecureRandom());
+        // 生成一个密钥对，保存在keyPair中
+        KeyPair keyPair = keyPairGen.generateKeyPair();
+        RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();   // 得到私钥
+        RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();  // 得到公钥
+        String publicKeyString = new String(Base64.encodeBase64(publicKey.getEncoded()));
+        // 得到私钥字符串
+        String privateKeyString = new String(Base64.encodeBase64((privateKey.getEncoded())));
+        // 将公钥和私钥保存到Map
+        keyMap.put(0, publicKeyString);  //0表示公钥
+        keyMap.put(1, privateKeyString);  //1表示私钥
+
+        return keyMap;
+    }
+
+    /** RSA公钥加密
+     * @param str  加密字符串
+     * @param publicKey  公钥
+     * @return  密文
+     */
+    public static String encrypt(String str, String publicKey) {
+        //base64编码的公钥
+        byte[] decoded = Base64.decodeBase64(publicKey);
+        RSAPublicKey pubKey = null;
+        String outStr = null;
+
+        try {
+            pubKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(decoded));
+            Cipher cipher = Cipher.getInstance("RSA");
+            cipher.init(Cipher.ENCRYPT_MODE, pubKey);
+            outStr = Base64.encodeBase64String(cipher.doFinal(str.getBytes(StandardCharsets.UTF_8)));
+        } catch (InvalidKeySpecException | BadPaddingException | IllegalBlockSizeException | InvalidKeyException | NoSuchPaddingException | NoSuchAlgorithmException e) {
+            e.printStackTrace();
+        }
+        //RSA加密
+        return outStr;
+    }
+
+    /**  RSA私钥解密
+     * @param str   加密字符串
+     * @return  铭文
+     */
+    public static String decrypt(String str) {
+        //64位解码加密后的字符串
+        byte[] inputByte = Base64.decodeBase64(str.getBytes(StandardCharsets.UTF_8));
+        //base64编码的私钥
+        byte[] decoded = Base64.decodeBase64(keyMap.get(1));
+        RSAPrivateKey priKey = null;
+        //RSA解密
+        Cipher cipher = null;
+        String outStr = null;
+
+        try {
+            priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decoded));
+            cipher = Cipher.getInstance("RSA");
+            cipher.init(Cipher.DECRYPT_MODE, priKey);
+            outStr = new String(cipher.doFinal(inputByte));
+        } catch (InvalidKeySpecException | NoSuchAlgorithmException | NoSuchPaddingException | BadPaddingException | IllegalBlockSizeException | InvalidKeyException e) {
+            e.printStackTrace();
+        }
+        return outStr;
+    }
+   
+}
\ No newline at end of file