Java实现数字签名

来源：互联网发布：阿里云数据分析编辑：程序博客网时间：2024/05/21 09:33

数字签名算法概述

签名：具有安全性和抗否认性

数字签名--带有密钥（公钥、私钥）的消息摘要算法

验证数据完整性、认证数据来源、抗否认

OSI参考模型

私钥签名、公钥验证

RSA、DSA、EDSA

数字签名算法--RSA

经典算法

MD、RSA

例子

import java.security.KeyFactory;import java.security.KeyPair;import java.security.KeyPairGenerator;import java.security.PrivateKey;import java.security.PublicKey;import java.security.Signature;import java.security.interfaces.RSAPrivateKey;import java.security.interfaces.RSAPublicKey;import java.security.spec.PKCS8EncodedKeySpec;import java.security.spec.X509EncodedKeySpec;import org.apache.commons.codec.binary.Hex;public class TestRSA {    public static String src = "待加密字符串";    public static void main(String[] args) {        jdkRSA();    }    public static void jdkRSA() {      try {          // 1、初始化密钥  KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");  keyPairGenerator.initialize(512);  KeyPair keyPair = keyPairGenerator.generateKeyPair();  RSAPublicKey rsaPublicKey = (RSAPublicKey) keyPair.getPublic();  RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) keyPair.getPrivate();  // 2、执行签名  PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(rsaPrivateKey.getEncoded());  KeyFactory keyFactory = KeyFactory.getInstance("RSA");  PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);  Signature signature = Signature.getInstance("MD5withRSA");  signature.initSign(privateKey);  signature.update(src.getBytes());  byte[] result = signature.sign();  System.out.println("jdk rsa sign:" + Hex.encodeHexString(result));  // 3、验证签名  X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(rsaPublicKey.getEncoded());  keyFactory = keyFactory.getInstance("RSA");  PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);  signature = Signature.getInstance("MD5withRSA");  signature.initVerify(publicKey);  signature.update(src.getBytes());  boolean bool = signature.verify(result);  System.out.println("jdk rsa verify:" + bool);} catch (Exception e) {    e.printStackTrace();}}}

数字签名算法--DSA

DSS(Digital Signature Standard) 数字签名标准

DSA(Digital Signature Algorithm) 数字签名算法

DSA仅包含数字签名

import java.security.KeyFactory;import java.security.KeyPair;import java.security.KeyPairGenerator;import java.security.PrivateKey;import java.security.PublicKey;import java.security.Signature;import java.security.interfaces.DSAPrivateKey;import java.security.interfaces.DSAPublicKey;import java.security.spec.PKCS8EncodedKeySpec;import java.security.spec.X509EncodedKeySpec;import org.apache.commons.codec.binary.Hex;public class TestDSA {public static String src = "待加密字符串";/** * @param args */public static void main(String[] args) {jdkDSA();}public static void jdkDSA(){try {//1、初始化密钥KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DSA");keyPairGenerator.initialize(512);KeyPair keyPair = keyPairGenerator.generateKeyPair();DSAPublicKey dsaPublicKey = (DSAPublicKey) keyPair.getPublic();DSAPrivateKey dsaPrivateKey = (DSAPrivateKey) keyPair.getPrivate();//2、执行签名PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(dsaPrivateKey.getEncoded());KeyFactory keyFactory = KeyFactory.getInstance("DSA");PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);Signature signature = Signature.getInstance("SHA1withDSA");signature.initSign(privateKey);signature.update(src.getBytes());byte[] result = signature.sign();System.out.println("jdk dsa sign:" + Hex.encodeHexString(result));//3、验证签名X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(dsaPublicKey.getEncoded());keyFactory = keyFactory.getInstance("DSA");PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);signature = Signature.getInstance("SHA1withDSA");signature.initVerify(publicKey);signature.update(src.getBytes());boolean bool = signature.verify(result);System.out.println("jdk dsa verify:" + bool);} catch (Exception e) {e.printStackTrace();}}}

数字签名算法--ECDSA

微软

Elliptic Curve Digital Signature Algorithm,椭圆曲线数字签名算法

速度快，强度高，签名短

import java.security.KeyFactory;import java.security.KeyPair;import java.security.KeyPairGenerator;import java.security.PrivateKey;import java.security.PublicKey;import java.security.Signature;import java.security.interfaces.ECPrivateKey;import java.security.interfaces.ECPublicKey;import java.security.spec.PKCS8EncodedKeySpec;import java.security.spec.X509EncodedKeySpec;import org.apache.commons.codec.binary.Hex;public class TestECDSA {public static String src = "待加密字符串";public static void main(String[] args) {jskECDSA();}public static void jskECDSA() {try {//1、初始化密钥KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");keyPairGenerator.initialize(256);KeyPair keyPair = keyPairGenerator.generateKeyPair();ECPublicKey ecPublicKey =  (ECPublicKey) keyPair.getPublic();ECPrivateKey ecPrivateKey = (ECPrivateKey) keyPair.getPrivate();//2、执行签名PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(ecPrivateKey.getEncoded());KeyFactory keyFactory = KeyFactory.getInstance("EC");PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);Signature signature = Signature.getInstance("SHA1withECDSA");signature.initSign(privateKey);signature.update(src.getBytes());byte[] result = signature.sign();System.out.println("jdk ecdsa sign:" + Hex.encodeHexString(result));//3、验证签名X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(ecPublicKey.getEncoded());keyFactory = keyFactory.getInstance("EC");PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);signature = Signature.getInstance("SHA1withECDSA");signature.initVerify(publicKey);signature.update(src.getBytes());boolean bool = signature.verify(result);System.out.println("jdk dsa verify:" + bool);} catch (Exception e) {e.printStackTrace();}}}

参考引用

慕课网

阅读全文

0 0