加密工具类:
package group.hound.starter.core.util; import java.io.IOException; import java.io.InputStream; import java.io.UnsupportedEncodingException; import java.nio.charset.StandardCharsets; import java.security.*; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; import java.security.spec.InvalidKeySpecException; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import java.util.Base64; import javax.crypto.*; import javax.crypto.spec.SecretKeySpec; import org.apache.commons.codec.digest.DigestUtils; import org.springframework.util.StringUtils; import group.hound.starter.core.exception.ContentNotFoundSaltException; import group.hound.starter.core.exception.EncryptionException; /** * <p> * 加解密工具类 * </p> * * @author 废柴 2018/9/13 星期四 11:56 */ @SuppressWarnings("all") public class EncryptionUtils { private static final String DEFAULT_CHARSET = "UTF-8"; private EncryptionUtils() { } /** * MD5 非对称加密 */ public static class MD5 { /** * MD5 加密 * * @param content 加密内容 * @return 加密结果 */ public static String encrypt(String content) { return DigestUtils.md5Hex(content); } /** * MD5 加密 * * @param content 加密内容 * @return 加密结果 */ public static String encrypt(byte[] content) { return DigestUtils.md5Hex(content); } /** * MD5 加密 * * @param contentStream 加密内容 * @return 加密结果 */ public static String encrypt(InputStream contentStream) { try { return DigestUtils.md5Hex(contentStream); } catch (IOException e) { throw new EncryptionException("MD5 encrypt failed!", e); } } } /** * AES 对称加密 */ public static class AES { private static final String ALGORITHM = "AES"; /** * 生成秘钥 */ public static String generaterKey() { KeyGenerator keygen = null; try { keygen = KeyGenerator.getInstance(ALGORITHM); } catch (NoSuchAlgorithmException e) { throw new EncryptionException("AES generater Key failed!", e); } // 16 字节 == 128 bit keygen.init(128, new SecureRandom()); SecretKey secretKey = keygen.generateKey(); return Base64.getEncoder().encodeToString(secretKey.getEncoded()); } /** * 生成密钥 */ private static SecretKeySpec getSecretKeySpec(String secretKeyStr) { return new SecretKeySpec(Base64.getDecoder().decode(secretKeyStr), ALGORITHM); } /** * 加密 */ public static String encrypt(String content, String secretKey) { Key key = getSecretKeySpec(secretKey); try { // 创建密码器 Cipher cipher = Cipher.getInstance(ALGORITHM); // 初始化 cipher.init(Cipher.ENCRYPT_MODE, key); return Base64.getEncoder().encodeToString(cipher.doFinal(content.getBytes(DEFAULT_CHARSET))); } catch (Exception e) { throw new EncryptionException("AES encrypt failed!", e); } } /** * 解密 */ public static String decrypt(String content, String secretKey) { Key key = getSecretKeySpec(secretKey); try { Cipher cipher = Cipher.getInstance(ALGORITHM); cipher.init(Cipher.DECRYPT_MODE, key); return new String(cipher.doFinal(Base64.getDecoder().decode(content)), StandardCharsets.UTF_8); } catch (Exception e) { throw new EncryptionException("AES decrypt failed!", e); } } } @FunctionalInterface interface WithSalt { /** * 加盐 * * @param content 加密内容 * @param salt 盐 * @return 加盐密文 */ String withSalt(String content, String salt); } private static final WithSalt DEFAULT_WITH_SALT = new WithSalt() { @Override public String withSalt(String content, String salt) { return content + salt; } }; @FunctionalInterface interface WithoutSalt { /** * 加盐 * * @param content 加密内容 * @param salt 盐 * @return 加盐密文 */ String withoutSalt(String content, String salt); } private static final WithoutSalt DEFAULT_WITHOUT_SALT = new WithoutSalt() { @Override public String withoutSalt(String content, String salt) { if (!StringUtils.hasText(content)) { return content; } if (content.endsWith(salt)) { return content.substring(0, salt.length()); } throw new ContentNotFoundSaltException(content, salt); } }; /** * RSA 对称加密 */ public static class RSA { private static final String ALGORITHM = "RSA"; private static final String ALGORITHMS_SHA1 = "SHA1WithRSA"; /** * 生成秘钥对 * throw {@link NoSuchAlgorithmException} 找不到算法异常 * * @return first : 私钥/second : 公钥 */ public static Pair<String, String> generateKeyPair() { KeyPairGenerator keygen = null; try { keygen = KeyPairGenerator.getInstance(ALGORITHM); } catch (NoSuchAlgorithmException e) { throw new EncryptionException("RSA generate Key Pair failed!", e); } keygen.initialize(512, new SecureRandom()); // 生成密钥对 KeyPair keyPair = keygen.generateKeyPair(); return Pair.of(Base64.getEncoder().encodeToString(keyPair.getPrivate().getEncoded()), Base64.getEncoder().encodeToString(keyPair.getPublic().getEncoded())); } /** * 生成秘钥对 * * @param keySize 密钥大小 * throw {@link NoSuchAlgorithmException} 找不到算法异常 * @return first : 私钥/second : 公钥 */ public static Pair<String, String> generateKeyPair(int keySize) { KeyPairGenerator keygen = null; try { keygen = KeyPairGenerator.getInstance(ALGORITHM); } catch (NoSuchAlgorithmException e) { throw new EncryptionException("RSA generate Key Pair failed!", e); } keygen.initialize(keySize, new SecureRandom()); // 生成密钥对 KeyPair keyPair = keygen.generateKeyPair(); return Pair.of(Base64.getEncoder().encodeToString(keyPair.getPrivate().getEncoded()), Base64.getEncoder().encodeToString(keyPair.getPublic().getEncoded())); } /** * 获取公钥 * <p> * throw {@link InvalidKeySpecException} 无效的 Key Spec * throw {@link NoSuchAlgorithmException} 找不到算法异常 * * @param publicKey 公钥 * @return 公钥 */ public static RSAPublicKey getPublicKey(String publicKey) { try { return (RSAPublicKey) KeyFactory.getInstance(ALGORITHM).generatePublic(new X509EncodedKeySpec(Base64.getDecoder().decode(publicKey))); } catch (Exception e) { throw new EncryptionException("RSA get Public Key failed!", e); } } /** * 获取私钥 * <p> * throw {@link InvalidKeySpecException} 无效的 Key Spec * throw {@link NoSuchAlgorithmException} 找不到算法异常 * * @param privateKey 私钥 * @return 私钥 */ public static RSAPrivateKey getPrivateKey(String privateKey) { try { return (RSAPrivateKey) KeyFactory.getInstance(ALGORITHM).generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(privateKey))); } catch (Exception e) { throw new EncryptionException("RSA get Private Key failed!", e); } } /** * 私钥签名内容 * <p> * throw {@link InvalidKeySpecException} 无效的 Key Spec * throw {@link NoSuchAlgorithmException} 无效的 Key * throw {@link UnsupportedEncodingException} 不支持的编码 * throw {@link SignatureException} 签名异常 * throw {@link NoSuchAlgorithmException} 无效的算法 * * @param content 内容 * @param privateKey 私钥 * @return 私钥签名 */ public static String sign(String content, String privateKey) { try { Signature signature = Signature.getInstance(ALGORITHMS_SHA1); signature.initSign(getPrivateKey(privateKey)); signature.update(content.getBytes(DEFAULT_CHARSET)); return Base64.getEncoder().encodeToString(signature.sign()); } catch (Exception e) { throw new EncryptionException("RSA sign failed!", e); } } /** * 公钥校验签名 * <p> * throw {@link InvalidKeySpecException} 无效的 Key Spec * throw {@link NoSuchAlgorithmException} 无效的 Key * throw {@link UnsupportedEncodingException} 不支持的编码 * throw {@link SignatureException} 签名异常 * throw {@link NoSuchAlgorithmException} 无效的算法 * * @param content 内容 * @param sign 签名 * @param publicKey 公钥 * @return 是否匹配 */ public static boolean verify(String content, String sign, String publicKey) { try { Signature signature = Signature.getInstance(ALGORITHMS_SHA1); signature.initVerify(getPublicKey(publicKey)); signature.update(content.getBytes(DEFAULT_CHARSET)); return signature.verify(Base64.getDecoder().decode(sign)); } catch (Exception e) { throw new EncryptionException("RSA verify failed!", e); } } /** * 使用公钥或者私钥加密 * <p> * throw {@link InvalidKeyException} 无效的 Key * throw {@link UnsupportedEncodingException} 不支持的解码 * throw {@link BadPaddingException} 错误间隔异常 * throw {@link IllegalBlockSizeException} 无效块大小异常 * throw {@link NoSuchPaddingException} 无效的监间距异常 * throw {@link NoSuchAlgorithmException} 无效的算法 * * @param content 内容 * @param key 公钥或者私钥 * @return 密文 */ public static String encrypt(String content, Key key) { try { Cipher cipher = Cipher.getInstance(ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, key); return Base64.getEncoder().encodeToString(cipher.doFinal(content.getBytes(DEFAULT_CHARSET))); } catch (Exception e) { throw new EncryptionException("RSA encrypt failed!", e); } } /** * 使用公钥或者私钥解密 * <p> * throw {@link InvalidKeyException} 无效的 Key * throw {@link BadPaddingException} 错误间隔异常 * throw {@link IllegalBlockSizeException} 无效块大小异常 * throw {@link NoSuchPaddingException} 无效的监间距异常 * throw {@link NoSuchAlgorithmException} 无效的算法 * * @param content 内容 * @param key 公钥或者私钥 * @return 明文 */ public static String decrypt(String content, Key key) { try { Cipher cipher = Cipher.getInstance(ALGORITHM); cipher.init(Cipher.DECRYPT_MODE, key); return new String(cipher.doFinal(Base64.getDecoder().decode(content)), StandardCharsets.UTF_8); } catch (Exception e) { throw new EncryptionException("RSA decrypt failed!", e); } } /** * 使用公钥加盐加密 * * @param content 明文 * @param publicKey 公钥 * @return 密文 */ public static String encrypt(String content, String publicKey) { return RSA.encrypt(content, null, publicKey, null); } /** * 使用公钥加盐加密 * * @param content 明文 * @param key 盐 * @param publicKey 公钥 * @return 密文 */ public static String encrypt(String content, String key, String publicKey) { return RSA.encrypt(content, key, publicKey, DEFAULT_WITH_SALT); } /** * 使用公钥加盐加密 * * @param content 明文 * @param key 盐 * @param publicKey 公钥 * @param withSalt 明文加盐 * @return 密文 */ public static String encrypt(String content, String key, String publicKey, WithSalt withSalt) { return RSA.encrypt(withSalt != null ? withSalt.withSalt(content, key) : content, getPublicKey(publicKey)); } /** * 使用私钥解密去盐 * * @param content 密文 * @param privateKey 私钥 * @return 明文 */ public static String decrypt(String content, String privateKey) { return decrypt(content, null, privateKey, null); } /** * 使用私钥解密去盐 * * @param content 密文 * @param key 盐 * @param privateKey 私钥 * @return 明文 */ public static String decrypt(String content, String key, String privateKey) { return decrypt(content, key, privateKey, DEFAULT_WITHOUT_SALT); } /** * 使用私钥解密去盐 * * @param content 密文 * @param key 盐 * @param privateKey 私钥 * @param withoutSalt 解密内容去盐 * @return 明文 */ public static String decrypt(String content, String key, String privateKey, WithoutSalt withoutSalt) { return withoutSalt != null ? withoutSalt.withoutSalt(decrypt(content, getPrivateKey(privateKey)), key) : decrypt(content, getPrivateKey(privateKey)); } } /** * RSA2 对称加密 */ public static class RSA2 { private static final String ALGORITHMS_SHA256 = "SHA256WithRSA"; /** * 生成秘钥对 * <p> * throw {@link NoSuchAlgorithmException} 找不到算法异常 * * @return first : 私钥/second : 公钥 */ public static Pair<String, String> generateKeyPair() { return RSA.generateKeyPair(); } /** * 获取公钥 * <p> * throw {@link InvalidKeySpecException} 无效的 Key Spec * throw {@link NoSuchAlgorithmException} 找不到算法异常 * * @param publicKey 公钥 * @return 公钥 */ private static RSAPublicKey getPublicKey(String publicKey) { return RSA.getPublicKey(publicKey); } /** * 获取私钥 * <p> * throw {@link InvalidKeySpecException} 无效的 Key Spec * throw {@link NoSuchAlgorithmException} 找不到算法异常 * * @param privateKey 私钥 * @return 私钥 */ private static RSAPrivateKey getPrivateKey(String privateKey) { return RSA.getPrivateKey(privateKey); } /** * 私钥签名内容 * <p> * throw {@link InvalidKeySpecException} 无效的 Key Spec * throw {@link InvalidKeyException} 无效的 Key * throw {@link UnsupportedEncodingException} 不支持的编码 * throw {@link SignatureException} 签名异常 * throw {@link NoSuchAlgorithmException} 无效的算法 * * @param content 内容 * @param privateKey 私钥 * @return 私钥签名 */ public static String sign(String content, String privateKey) { try { Signature signature = Signature.getInstance(ALGORITHMS_SHA256); signature.initSign(getPrivateKey(privateKey)); signature.update(content.getBytes(DEFAULT_CHARSET)); return Base64.getEncoder().encodeToString(signature.sign()); } catch (Exception e) { throw new EncryptionException("RSA2 sign failed!", e); } } /** * 公钥校验签名 * <p> * throw {@link InvalidKeySpecException} 无效的 Key Spec * throw {@link InvalidKeyException} 无效的 Key * throw {@link UnsupportedEncodingException} 不支持的编码 * throw {@link SignatureException} 签名异常 * throw {@link NoSuchAlgorithmException} 无效的算法 * throw {@link NoSuchPaddingException} 无效的监间距异常 * * @param content 内容 * @param sign 签名 * @param publicKey 公钥 * @return 是否匹配 */ public static boolean verify(String content, String sign, String publicKey) { try { Signature signature = Signature.getInstance(ALGORITHMS_SHA256); signature.initVerify(getPublicKey(publicKey)); signature.update(content.getBytes(DEFAULT_CHARSET)); return signature.verify(Base64.getDecoder().decode(sign)); } catch (Exception e) { throw new EncryptionException("RSA2 verify failed!", e); } } /** * 使用公钥或者私钥加密 * <p> * throw {@link IllegalBlockSizeException} 无效块大小异常 * throw {@link InvalidKeyException} 无效的 Key * throw {@link UnsupportedEncodingException} 不支持的解码 * throw {@link BadPaddingException} 错误间隔异常 * throw {@link NoSuchAlgorithmException} 无效的算法 * throw {@link NoSuchPaddingException} 无效的监间距异常 * * @param content 内容 * @param key 公钥或者私钥 * @return 密文 */ public static String encrypt(String content, Key key) { return RSA.encrypt(content, key); } /** * 使用公钥或者私钥解密 * <p> * throw {@link IllegalBlockSizeException} 无效块大小异常 * throw {@link InvalidKeyException} 无效的 Key * throw {@link BadPaddingException} 错误间隔异常 * throw {@link NoSuchAlgorithmException} 无效的算法 * throw {@link NoSuchPaddingException} 无效的监间距异常 * * @param content 内容 * @param key 公钥或者私钥 * @return 明文 */ public static String decrypt(String content, Key key) { return RSA.decrypt(content, key); } } }