nimbus-jose-jwt库简单使用
- 对称密钥签名
- 非对称密钥对
- 公私钥与字符串互相转换
- 生成密钥对
- 公私钥转字符串
- 字符串转公私钥
- 公钥字符串转公钥对象
- 私钥字符串转私钥对象
maven坐标
<dependency><groupId>com.nimbusds</groupId><artifactId>nimbus-jose-jwt</artifactId><version>9.37.3</version>
</dependency>
对称密钥签名
密钥长度有限制。需大于等于 对应算法所需的密钥长度。
256 / 8
354 / 8
512 / 8
String macKey = "d^d&4mpSz^Pd@JyKYQR=AZhm7PQzQKgsSY*";JWSSigner signer = new MACSigner(macKey);JWTClaimsSet claimsSet = new JWTClaimsSet.Builder().subject("zs").claim("role", "admin").build();SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), claimsSet);signedJWT.sign(signer);String jwtString = signedJWT.serialize();System.out.println("Generated JWT: " + jwtString);JWSVerifier verifier = new MACVerifier(macKey);SignedJWT parsedJWT = SignedJWT.parse(jwtString);if (parsedJWT.verify(verifier)) {System.out.println("JWT verification successful.");System.out.println("Subject: " + parsedJWT.getJWTClaimsSet().getSubject());System.out.println("Role: " + parsedJWT.getJWTClaimsSet().getClaim("role"));} else {System.out.println("JWT verification failed.");}
非对称密钥对
包括生成RSA密钥对
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(2048);
KeyPair keyPair = keyPairGenerator.generateKeyPair();RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();JWSSigner signer = new RSASSASigner(privateKey);
JWSVerifier verifier = new RSASSAVerifier(publicKey);
// 测试生效时间,到了哪个时刻才能使用
Date date = Date.from(LocalDateTime.now().plusYears(1).atZone(ZoneId.of("Asia/Shanghai")).toInstant());
JWTClaimsSet claimsSet = new JWTClaimsSet.Builder().subject("zs").claim("role", "admin").notBeforeTime(date).build();SignedJWT signedJWT = new SignedJWT(new JWSHeader.Builder(JWSAlgorithm.RS256).keyID("kid").build(), claimsSet);
signedJWT.sign(signer);String jwtString = signedJWT.serialize();
System.out.println("Generated JWT: " + jwtString);// Verify the JWT token
SignedJWT parsedJWT = SignedJWT.parse(jwtString);if (parsedJWT.verify(verifier)) {// 校验通过后,可以取出生效时间与当前时刻比较,判断是否可以使用Date notBeforeTime = parsedJWT.getJWTClaimsSet().getNotBeforeTime();System.out.println("JWT verification successful.");System.out.println("Subject: " + parsedJWT.getJWTClaimsSet().getSubject());System.out.println("Role: " + parsedJWT.getJWTClaimsSet().getClaim("role"));
} else {System.out.println("JWT verification failed.");
}
公私钥与字符串互相转换
生成密钥对
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(2048);
KeyPair keyPair = keyPairGenerator.generateKeyPair();RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
公私钥转字符串
Base64.getEncoder().encodeToString(key.getEncoded());
字符串转公私钥
公钥字符串转公钥对象
byte[] keyBytes = Base64.getDecoder().decode(keyString);
X509EncodedKeySpec spec = new X509EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
return keyFactory.generatePublic(spec);
私钥字符串转私钥对象
byte[] keyBytes = Base64.getDecoder().decode(keyString);
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
return keyFactory.generatePrivate(spec);
之对象模型)
/Windows-C++ 云备份项目(结项,项目总结))
)
修复 洗水印)
什么是RSI,原理和炒股实操)
)