不在类初始化时就生成 Cipher。

pom.xml

@@ -1,7 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <project xmlns="http://maven.apache.org/POM/4.0.0"
-    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
 
     <groupId>xyz.zhouxy.plusone</groupId>
@@ -18,6 +17,7 @@
         <guava.version>32.0.1-jre</guava.version>
         <google-jsr305.version>3.0.2</google-jsr305.version>
         <joda-time.version>2.12.5</joda-time.version>
+        <jbcrypt.version>0.4</jbcrypt.version>
     </properties>
 
     <dependencies>
@@ -52,6 +52,14 @@
             <optional>true</optional>
         </dependency>
 
+        <dependency>
+            <groupId>org.mindrot</groupId>
+            <artifactId>jbcrypt</artifactId>
+            <version>${jbcrypt.version}</version>
+        </dependency>
+
+        <!-- test use only -->
+
         <dependency>
             <groupId>ch.qos.logback</groupId>
             <artifactId>logback-classic</artifactId>

src/main/java/xyz/zhouxy/plusone/commons/security/Hashers.java

@@ -0,0 +1,60 @@
+package xyz.zhouxy.plusone.commons.security;
+
+import com.google.common.hash.Hasher;
+import com.google.common.hash.Hashing;
+
+/**
+ * <p>
+ * 使用摘要算法推荐使用 guava 的 hash 包。
+ * </p>
+ * <p>
+ * 密码加密推荐使用 {@link org.mindrot.jbcrypt.BCrypt}。
+ * </p>
+ */
+public class Hashers {
+
+    /**
+     * 返回 guava 的 {@link Hasher}
+     */
+    public static Hasher sha256() {
+        return Hashing.sha256().newHasher();
+    }
+
+    /**
+     * 返回 guava 的 {@link Hasher}
+     */
+    public static Hasher sha384() {
+        return Hashing.sha384().newHasher();
+    }
+
+    /**
+     * 返回 guava 的 {@link Hasher}
+     */
+    public static Hasher sha512() {
+        return Hashing.sha512().newHasher();
+    }
+
+    /**
+     * 返回 guava 的 {@link Hasher}
+     * 
+     * @deprecated 该算法已弃用
+     */
+    @Deprecated
+    public static Hasher sha1() {
+        return Hashing.sha1().newHasher();
+    }
+
+    /**
+     * 返回 guava 的 {@link Hasher}
+     * 
+     * @deprecated 该算法已弃用
+     */
+    @Deprecated
+    public static Hasher md5() {
+        return Hashing.md5().newHasher();
+    }
+
+    private Hashers() {
+        throw new IllegalStateException("Utility class");
+    }
+}

src/main/java/xyz/zhouxy/plusone/commons/security/RSA.java

@@ -0,0 +1,93 @@
+package xyz.zhouxy.plusone.commons.security;
+
+import java.math.BigInteger;
+import java.nio.charset.StandardCharsets;
+import java.security.GeneralSecurityException;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+
+import javax.crypto.Cipher;
+
+import com.google.common.annotations.Beta;
+
+/**
+ * RSA 非对称加密。
+ */
+@Beta
+public class RSA {
+    private static final int DEFAULT_KEY_SIZE = 2048;
+    public static final String NAME = "RSA";
+    private static final String TRANSFORMATION = "RSA/ECB/OAEPWithSHA-256AndMGF1Padding";
+
+    private final PublicKey publicKey;
+    private final PrivateKey privateKey;
+
+    private RSA(final PublicKey publicKey, final PrivateKey privateKey) {
+        this.publicKey = publicKey;
+        this.privateKey = privateKey;
+    }
+
+    public static RSA of(final PublicKey publicKey, final PrivateKey privateKey) {
+        return new RSA(publicKey, privateKey);
+
+    }
+
+    public static RSA of(final KeyPair keyPair) {
+        return new RSA(keyPair.getPublic(), keyPair.getPrivate());
+
+    }
+
+    public static RSA withKeySize(int keySize) {
+        try {
+            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(NAME);
+            keyPairGenerator.initialize(keySize);
+            final KeyPair keyPair = keyPairGenerator.generateKeyPair();
+            return new RSA(keyPair.getPublic(), keyPair.getPrivate());
+        } catch (NoSuchAlgorithmException e) {
+            throw new SecurityException(e);
+        }
+    }
+
+    public static RSA withDefaultKeySize() {
+        return withKeySize(DEFAULT_KEY_SIZE);
+    }
+
+    public PrivateKey getPrivateKey() {
+        return privateKey;
+    }
+
+    public PublicKey getPublicKey() {
+        return publicKey;
+    }
+
+    public byte[] encrypt(byte[] input) throws GeneralSecurityException {
+        Cipher encryptModeCipher = Cipher.getInstance(TRANSFORMATION);
+        encryptModeCipher.init(Cipher.ENCRYPT_MODE, publicKey);
+        return encryptModeCipher.doFinal(input);
+    }
+
+    public byte[] encrypt(String input) throws GeneralSecurityException {
+        return encrypt(input.getBytes(StandardCharsets.UTF_8));
+    }
+
+    public String encryptToString(String input) throws GeneralSecurityException {
+        return new BigInteger(1, encrypt(input)).toString(16);
+    }
+
+    public byte[] decrypt(byte[] input) throws GeneralSecurityException {
+        Cipher decryptModeCipher = Cipher.getInstance(TRANSFORMATION);
+        decryptModeCipher.init(Cipher.DECRYPT_MODE, privateKey);
+        return decryptModeCipher.doFinal(input);
+    }
+
+    public byte[] decrypt(String input) throws GeneralSecurityException {
+        return decrypt(new BigInteger(input, 16).toByteArray());
+    }
+
+    public String decryptToString(String input) throws GeneralSecurityException {
+        return new String(decrypt(input));
+    }
+}