Shulou(Shulou.com)06/01 Report--

This article mainly introduces how Springboot integrates JwtHelper to achieve asymmetric encryption, which has a certain reference value. Interested friends can refer to it. I hope you will gain a lot after reading this article.

First, generate public and private key pairs

Two methods are provided, one is based on the Keytool tool generation in the command line, the other is based on the KeyPairGenerator class generation in SpringSecurity, and now the second way is implemented:

/ / encryption algorithm private static final String KEY_ALGORITHM = "RSA"; / / Public key key private static final String PUB_KEY= "publicKey"; / / Private key key private static final String PRI_KEY= "privateKey"; public static Map generateKey () throws NoSuchAlgorithmException {Map keyMap=new HashMap (); KeyPairGenerator instance = KeyPairGenerator.getInstance (KEY_ALGORITHM); KeyPair keyPair = instance.generateKeyPair (); PrivateKey privateKey = keyPair.getPrivate () PublicKey publicKey = keyPair.getPublic (); / / Base64 code byte [] privateKeyEncoded = privateKey.getEncoded (); String privateKeyStr = Base64.encodeBase64String (privateKeyEncoded); byte [] publicKeyEncoded = publicKey.getEncoded (); String publicKeyStr=Base64.encodeBase64String (publicKeyEncoded); keyMap.put (PUB_KEY,publicKeyStr); keyMap.put (PRI_KEY,privateKeyStr); return keyMap Use private key to produce token / / encryption algorithm private static final String KEY_ALGORITHM = "RSA"; / / public key key private static final String PUB_KEY= "publicKey"; / / private key key private static final String PRI_KEY= "privateKey"; / / GenerateKey Key=new GenerateKey (); / / use private key to produce token public static Map generateToken (UserDetails userDetails) throws NoSuchAlgorithmException, InvalidKeySpecException {GenerateKey Key=new GenerateKey (); RSAPrivateKey privateKey = null RSAPublicKey publicKey=null; String token=null; Map map=new HashMap (); Map keyMap = Key.generateKey (); privateKey=getPrivateKey (keyMap.get (PRI_KEY)); Map tokenMap=new HashMap (); tokenMap.put ("userName", userDetails.getUsername ()); / / encrypt token= JwtHelper.encode (JSON.toJSONString (tokenMap), new RsaSigner (privateKey)) with private key. GetEncoded () Map.put ("token", token); map.put ("publicKey", keyMap.get (PUB_KEY)); return map;} III. Decrypting tokenpublic static String parseToken (String token,String publicKey) throws NoSuchAlgorithmException, InvalidKeySpecException {Jwt jwt=null; RSAPublicKey rsaPublicKey; rsaPublicKey=getPublicKey (publicKey); jwt=JwtHelper.decodeAndVerify (token, new RsaVerifier (rsaPublicKey)); String claims= jwt.getClaims (); return claims Convert the String type public key into RSAPublicKey object / * to get the public key * * @ param publicKey * key string (encoded by base64) * @ throws Exception * / public static RSAPublicKey getPublicKey (String publicKey) throws NoSuchAlgorithmException, and InvalidKeySpecException {/ / obtain the public key object KeyFactory keyFactory = KeyFactory.getInstance (KEY_ALGORITHM) through the X509 encoded Key instruction X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec (Base64.decodeBase64 (publicKey)); RSAPublicKey key = (RSAPublicKey) keyFactory.generatePublic (x509KeySpec); return key Convert String private key to RSAPrivateKey object / * to get private key pkcs8 * * @ param privateKey * key string (encoded by base64) * @ throws Exception * / public static RSAPrivateKey getPrivateKey (String privateKey) throws NoSuchAlgorithmException InvalidKeySpecException {/ / obtain the private key object KeyFactory keyFactory = KeyFactory.getInstance (KEY_ALGORITHM) through the Key instruction encoded by PKCS#8 PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec (Base64.decodeBase64 (privateKey)); RSAPrivateKey key = (RSAPrivateKey) keyFactory.generatePrivate (pkcs8KeySpec); return key;} Thank you for reading this article carefully. I hope the article "how Springboot integrates JwtHelper to achieve asymmetric encryption" shared by the editor will be helpful to you. At the same time, I hope you will support us and pay attention to the industry information channel. More related knowledge is waiting for you to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.