数字签名（2）：DSA

来源：互联网发布：学生怒骂日本记者知乎编辑：程序博客网时间：2024/06/06 19:53

一.DSA :

Digital Signature Algorithm (DSA)是Schnorr和ElGamal签名算法的变种，被美国NIST作为DSfS(DigitalSignature Standard)。

二.模型

三.具体的算法，实现方，秘钥长度

算法密钥长度默认长度签名长度实现的方SHA1withDSA512-65536
（64的整数倍）1024同密钥JDKSHA224withDSA同上1024同密钥BCSHA256withDSA...1024同密钥BCSHA384withDSA...1024同密钥BCSHA512withDSA...1024同密钥BC

四.具体的代码实现（java）：

import java.security.InvalidKeyException;import java.security.KeyFactory;import java.security.KeyPair;import java.security.KeyPairGenerator;import java.security.NoSuchAlgorithmException;import java.security.PrivateKey;import java.security.PublicKey;import java.security.Signature;import java.security.SignatureException;import java.security.interfaces.DSAPrivateKey;import java.security.interfaces.DSAPublicKey;import java.security.spec.InvalidKeySpecException;import java.security.spec.PKCS8EncodedKeySpec;import java.security.spec.X509EncodedKeySpec;import org.apache.commons.codec.binary.Base64;public class DSA {static String src = "欧阳草帽";public static void main(String[] args) throws Exception {// TODO Auto-generated method stub// 获取公钥、私钥  KeyPair keyPair = getKeyPair();DSAPublicKey dsaPublicKey = getRSPublicKey(keyPair);DSAPrivateKey dsaPrivateKey = getESAPrivateKey(keyPair);byte [] publicKeyEnc = dsaPublicKey.getEncoded();   // 公钥byte [] privateKeyEnc = dsaPrivateKey.getEncoded(); //私钥//执行签名 byte[] result = sign(privateKeyEnc);System.out.println("签名后的数据："+Base64.encodeBase64String(result));//验证签名boolean ok = verify(publicKeyEnc, result);System.out.println("签名验证的结果：" + ok);}/** * 验证签名 * @param publicKeyEnc * @param result * @return * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException * @throws InvalidKeyException * @throws SignatureException */public static boolean verify(byte[] publicKeyEnc, byte[] result)throws NoSuchAlgorithmException, InvalidKeySpecException,InvalidKeyException, SignatureException {X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(publicKeyEnc);KeyFactory keyFactory = KeyFactory.getInstance("DSA");PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);Signature signature = Signature.getInstance("SHA1withDSA");signature.initVerify(publicKey);signature.update(src.getBytes());boolean ok = signature.verify(result);  // 验证结果 return ok;}/** * 执行签名 * @param privateKeyEnc * @return * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException * @throws InvalidKeyException * @throws SignatureException */public static byte[] sign(byte[] privateKeyEnc)throws NoSuchAlgorithmException, InvalidKeySpecException,InvalidKeyException, SignatureException {KeyFactory keyFactory = KeyFactory.getInstance("DSA");PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(privateKeyEnc);PrivateKey priKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);//构建签名 Signature signature = Signature.getInstance("SHA1withDSA");signature.initSign(priKey);signature.update(src.getBytes());byte [] result = signature.sign();   // 签名后的数据信息return result;}/** * 生成私钥 * @param keyPair * @return */public static DSAPrivateKey getESAPrivateKey(KeyPair keyPair) {DSAPrivateKey dsaPrivateKey = (DSAPrivateKey) keyPair.getPrivate();return dsaPrivateKey;}/** * 生成公钥 * @param keyPair * @return */public static DSAPublicKey getRSPublicKey(KeyPair keyPair) {DSAPublicKey dsaPublicKey = (DSAPublicKey) keyPair.getPublic();return dsaPublicKey;}/** * 生成秘钥对的材料  * @return * @throws NoSuchAlgorithmException */private static KeyPair getKeyPair() throws NoSuchAlgorithmException {KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DSA");keyPairGenerator.initialize(512);KeyPair keyPair = keyPairGenerator.generateKeyPair();return keyPair;}}

输出结果：

签名后的数据：MC0CFCNn2mkuMmv61IbezkNhK2DRvPKxAhUAjmh0dBZinEg+kg5e6bMwNqFmx+M=
签名验证的结果：true

阅读全文

0 0