三方敏感信息加密
收藏使用场景
对于三方活动的敏感信息,需加密后再传输,如报名者姓名、手机号等信息。
加密算法
采用 PKCS#1 v1.5 填充的 RSA 非对称加密算法。
公钥
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeSZkm8TC5/Fmu9g21en ChhMaZ5SOclr+EHonEZ/KO2rTkP92kCH43buzcHGKGpfls4ESIIwW7VlgVysTOqq ulMbiADjiMjGTdmgKFH1rMyJYiCQFMtJ2/8cFq68ce5yKWlJswpnWkU4UKvZgwrv DoBleoaAv0NpgvMNEixn8nWOdXu1JTLwp19vPVcdVWBypbBxuD/D++skfKFt5rZp H44MNeL7tcuy4oS6dYyW9oHKu8wfoIvdBUEjeChkm9rY1RQIpR66vNoXBHDZsnxM nz1C7ucom03YhWh4uxCi+AQOSKvImgEQpOX8QuhKd3KDBZTlAUFmECnttRc05o1B UQIDAQAB -----END PUBLIC KEY-----
代码示例
Java
import javax.crypto.Cipher; import java.security.*; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import java.util.Base64; public class RSAEncryptionPKCS1 { /** * 使用 PKCS#1 v1.5 填充进行 RSA 加密 * @param publicKey 公钥 * @param plaintext 明文 * @return 加密后的字节数组 */ public static byte[] encryptPKCS1v15(PublicKey publicKey, byte[] plaintext) { try { Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding"); cipher.init(Cipher.ENCRYPT_MODE, publicKey); return cipher.doFinal(plaintext); } catch (Exception e) { throw new RuntimeException("加密失败", e); } } /** * 从 Base64 编码的字符串加载公钥 * @param publicKeyBase64 Base64 编码的公钥 * @return PublicKey 对象 */ public static PublicKey loadPublicKeyFromBase64(String publicKeyBase64) { try { byte[] keyBytes = Base64.getDecoder().decode(publicKeyBase64); X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); return keyFactory.generatePublic(keySpec); } catch (Exception e) { throw new RuntimeException("公钥加载失败", e); } } /** * 从 PEM 格式字符串加载公钥 * @param publicKeyPem PEM 格式的公钥 * @return PublicKey 对象 */ public static PublicKey loadPublicKeyFromPem(String publicKeyPem) { try { // 移除 PEM 文件的头部和尾部 String publicKeyPEM = publicKeyPem .replace("-----BEGIN PUBLIC KEY-----", "") .replace("-----END PUBLIC KEY-----", "") .replace("-----BEGIN RSA PUBLIC KEY-----", "") .replace("-----END RSA PUBLIC KEY-----", "") .replaceAll("\\s", ""); // 移除所有空白字符 return loadPublicKeyFromBase64(publicKeyPEM); } catch (Exception e) { throw new RuntimeException("PEM 公钥加载失败", e); } } public static void main(String[] args) { try { // 公钥 String publicKeyPem = "-----BEGIN PUBLIC KEY-----\n" + "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeSZkm8TC5/Fmu9g21en\n" + "ChhMaZ5SOclr+EHonEZ/KO2rTkP92kCH43buzcHGKGpfls4ESIIwW7VlgVysTOqq\n" + "ulMbiADjiMjGTdmgKFH1rMyJYiCQFMtJ2/8cFq68ce5yKWlJswpnWkU4UKvZgwrv\n" + "DoBleoaAv0NpgvMNEixn8nWOdXu1JTLwp19vPVcdVWBypbBxuD/D++skfKFt5rZp\n" + "H44MNeL7tcuy4oS6dYyW9oHKu8wfoIvdBUEjeChkm9rY1RQIpR66vNoXBHDZsnxM\n" + "nz1C7ucom03YhWh4uxCi+AQOSKvImgEQpOX8QuhKd3KDBZTlAUFmECnttRc05o1B\n" + "UQIDAQAB\n" + "-----END PUBLIC KEY-----"; // 加载公钥 PublicKey publicKey = loadPublicKeyFromPem(publicKeyPem); // 要加密的字符串 String plaintext = "Hello, RSA PKCS#1 v1.5 Encryption!"; // 加密 byte[] ciphertext = encryptPKCS1v15(publicKey, plaintext.getBytes()); System.out.println("原始数据: " + plaintext); String EncodeText = Base64.getEncoder().encodeToString(ciphertext); // 传输这个EncodeText System.out.println("加密后的数据 (Base64): " + EncodeText); } catch (Exception e) { e.printStackTrace(); } } }
Golang
import ( "crypto/rand" "crypto/rsa" "crypto/x509" "encoding/base64" "encoding/pem" "fmt" "log" ) // 从 PEM 格式字符串加载公钥 func loadPublicKey(publicKeyPEM string) (*rsa.PublicKey, error) { block, _ := pem.Decode([]byte(publicKeyPEM)) if block == nil { return nil, fmt.Errorf("failed to parse PEM block containing the public key") } pub, err := x509.ParsePKIXPublicKey(block.Bytes) if err != nil { // 尝试解析 PKCS1 格式的公钥 pub, err = x509.ParsePKCS1PublicKey(block.Bytes) if err != nil { return nil, fmt.Errorf("failed to parse public key: %v", err) } } rsaPub, ok := pub.(*rsa.PublicKey) if !ok { return nil, fmt.Errorf("not an RSA public key") } return rsaPub, nil } // 使用 PKCS#1 v1.5 填充进行 RSA 加密 func encryptPKCS1v15(publicKey *rsa.PublicKey, plaintext []byte) ([]byte, error) { ciphertext, err := rsa.EncryptPKCS1v15(rand.Reader, publicKey, plaintext) if err != nil { return nil, err } return ciphertext, nil } func main() { // 您的公钥字符串(PEM 格式) publicKeyPEM := `-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeSZkm8TC5/Fmu9g21en ChhMaZ5SOclr+EHonEZ/KO2rTkP92kCH43buzcHGKGpfls4ESIIwW7VlgVysTOqq ulMbiADjiMjGTdmgKFH1rMyJYiCQFMtJ2/8cFq68ce5yKWlJswpnWkU4UKvZgwrv DoBleoaAv0NpgvMNEixn8nWOdXu1JTLwp19vPVcdVWBypbBxuD/D++skfKFt5rZp H44MNeL7tcuy4oS6dYyW9oHKu8wfoIvdBUEjeChkm9rY1RQIpR66vNoXBHDZsnxM nz1C7ucom03YhWh4uxCi+AQOSKvImgEQpOX8QuhKd3KDBZTlAUFmECnttRc05o1B UQIDAQAB -----END PUBLIC KEY-----` // 加载公钥 publicKey, err := loadPublicKey(publicKeyPEM) if err != nil { log.Fatal("公钥加载失败:", err) } // 要加密的字符串 plaintext := "Hello, RSA PKCS#1 v1.5 Encryption!" // 使用 PKCS#1 v1.5 填充进行加密 ciphertext, err := encryptPKCS1v15(publicKey, []byte(plaintext)) if err != nil { log.Fatal("加密失败:", err) } // 使用Base64编码后传输 EncodeText := base64.StdEncoding.EncodeToString(ciphertext) fmt.Printf("Base64:%v\n", EncodeText) }
