Java实现数字签名

Posted 呦,名字不赖嘛

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Java实现数字签名相关的知识,希望对你有一定的参考价值。

一 数字签名算法

  带有秘钥(公钥,私钥)的消息摘要算法

  验证数据完整性,认证数据来源,抗否认

  OSI参考模型

  私钥签名,公钥验证

  RSA,DSA,ECDSA

二 数字签名算法RSA

经典算法

  MD,SHA两类

   例子:jdkRSA 算法

 1 package com.dzj.rsa;
 2 
 3 import java.security.KeyFactory;
 4 import java.security.KeyPair;
 5 import java.security.KeyPairGenerator;
 6 import java.security.PrivateKey;
 7 import java.security.PublicKey;
 8 import java.security.Signature;
 9 import java.security.interfaces.RSAPrivateKey;
10 import java.security.interfaces.RSAPublicKey;
11 import java.security.spec.PKCS8EncodedKeySpec;
12 import java.security.spec.X509EncodedKeySpec;
13 
14 import org.apache.commons.codec.binary.Hex;
15 
16 public class RSA {
17     private static String src = "imooc security rsa";
18 
19     public static void main(String[] args) {
20         jdkRSA();
21     }
22 
23     public static void jdkRSA() {
24         try {
25             // 1 初始化密钥
26             KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
27             keyPairGenerator.initialize(512);
28             KeyPair keyPair = keyPairGenerator.generateKeyPair();
29 
30             RSAPublicKey rsaPublicKey = (RSAPublicKey) keyPair.getPublic();
31             RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) keyPair.getPrivate();
32 
33             // 2 私钥加密、公钥解密——加密
34             // 用私钥进行签名
35             PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(rsaPrivateKey.getEncoded());
36 
37             KeyFactory keyFactory = KeyFactory.getInstance("RSA");
38             // 执行key的转化
39             PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
40 
41             // 声明一个签名对象 使用JDK实现
42             Signature signature = Signature.getInstance("MD5withRSA");
43             signature.initSign(privateKey);
44             signature.update(src.getBytes());
45             byte[] sign = signature.sign();
46             System.out.println("私钥加密、公钥解密——加密:" + Hex.encodeHexString(sign));
47 
48             // 3私钥加密、公钥解密——解密
49             X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(rsaPublicKey.getEncoded());
50             keyFactory = KeyFactory.getInstance("RSA");
51             PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
52             // 创建签名对象
53             signature = Signature.getInstance("MD5withRSA");
54             signature.initVerify(publicKey);
55             signature.update(src.getBytes());
56             boolean verify = signature.verify(sign);
57             System.out.println("私钥加密、公钥解密——解密:" + verify);
58 
59         } catch (Exception e) {
60             // TODO Auto-generated catch block
61             e.printStackTrace();
62         }
63 
64     }
65 
66 }
View Code

数字签名算法----过程

三 数字签名算法DSA

  DSS(Digital Signature Standard)数字签名标准

  DSA(Digital Signature Algorithm)数字签名算法

  DSA仅包含数字签名,没有办法进行加密通讯

  RSA即包括加解密,又包括数字签名的算法

例子

 1 package com.dzj.dsa;
 2 
 3 import java.security.KeyFactory;
 4 import java.security.KeyPair;
 5 import java.security.KeyPairGenerator;
 6 import java.security.PrivateKey;
 7 import java.security.PublicKey;
 8 import java.security.Signature;
 9 import java.security.interfaces.DSAPrivateKey;
10 import java.security.interfaces.DSAPublicKey;
11 import java.security.spec.PKCS8EncodedKeySpec;
12 import java.security.spec.X509EncodedKeySpec;
13 
14 import org.apache.commons.codec.binary.Hex;
15 
16 public class DSA {
17 
18     private static String src = "imooc security dsa";
19 
20     public static void main(String[] args) {
21         jdkDSA();
22     }
23 
24     public static void jdkDSA() {
25         try {
26             // 1.初始化密钥
27             KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DSA");
28             keyPairGenerator.initialize(512);
29             KeyPair keyPair = keyPairGenerator.generateKeyPair();
30             DSAPublicKey dsaPublicKey = (DSAPublicKey) keyPair.getPublic();
31             DSAPrivateKey dsaPrivateKey = (DSAPrivateKey) keyPair.getPrivate();
32 
33             // 2.执行签名 私钥进行签名
34             PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(dsaPrivateKey.getEncoded());
35             KeyFactory keyFactory = KeyFactory.getInstance("DSA");
36             PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
37             Signature signature = Signature.getInstance("SHA1withDSA");
38             signature.initSign(privateKey);
39             signature.update(src.getBytes());
40             byte[] result = signature.sign();
41             System.out.println("jdk dsa sign : " + Hex.encodeHexString(result));
42 
43             // 3.验证签名
44             X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(dsaPublicKey.getEncoded());
45             keyFactory = KeyFactory.getInstance("DSA");
46             PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
47             signature = Signature.getInstance("SHA1withDSA");
48             signature.initVerify(publicKey);
49             signature.update(src.getBytes());
50             boolean bool = signature.verify(result);
51             System.out.println("jdk dsa verify : " + bool);
52         } catch (Exception e) {
53             e.printStackTrace();
54         }
55     }
56 
57 }
View Code

 

四 数字签名算法ECDSA  

  微软

  Ellipticc Curve Digital Signature Algorithm,椭圆曲线数字签名算法

  速度快,强度高,签名短

  例子:

 1 package com.dzj.ecdsa;
 2 
 3 import java.security.KeyFactory;
 4 import java.security.KeyPair;
 5 import java.security.KeyPairGenerator;
 6 import java.security.PrivateKey;
 7 import java.security.PublicKey;
 8 import java.security.Signature;
 9 import java.security.interfaces.ECPrivateKey;
10 import java.security.interfaces.ECPublicKey;
11 import java.security.spec.PKCS8EncodedKeySpec;
12 import java.security.spec.X509EncodedKeySpec;
13 
14 import org.apache.commons.codec.binary.Hex;
15 
16 public class ECDSA {
17     private static String src = "imooc security ecdsa";
18 
19     public static void main(String[] args) {
20 
21         jdkECDSA();
22 
23     }
24 
25     public static void jdkECDSA() {
26         try {
27             // 1 初始化密钥
28             KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
29             keyPairGenerator.initialize(256);
30             KeyPair keyPair = keyPairGenerator.generateKeyPair();
31             ECPublicKey ecPublicKey = (ECPublicKey) keyPair.getPublic();
32             ECPrivateKey ecPrivateKey = (ECPrivateKey) keyPair.getPrivate();
33 
34             // 2 执行签名
35             PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(ecPrivateKey.getEncoded());
36             KeyFactory keyFactory = KeyFactory.getInstance("EC");
37             PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
38             Signature signature = Signature.getInstance("SHA1withECDSA");
39             signature.initSign(privateKey);
40             signature.update(src.getBytes());
41             byte[] sign = signature.sign();
42             System.out.println("jdk ecdsa sign:" + Hex.encodeHexString(sign));
43 
44             // 3验证
45             X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(ecPublicKey.getEncoded());
46             keyFactory = KeyFactory.getInstance("EC");
47             PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
48             signature = Signature.getInstance("SHA1withECDSA");
49             signature.initVerify(publicKey);
50             signature.update(src.getBytes());
51             boolean verify = signature.verify(sign);
52             System.out.println("jdk ecdsa verify:" + verify);
53         } catch (Exception e) {
54             // TODO Auto-generated catch block
55             e.printStackTrace();
56         }
57 
58     }
59 
60 }
View Code

 

以上是关于Java实现数字签名的主要内容,如果未能解决你的问题,请参考以下文章

# Java 常用代码片段

# Java 常用代码片段

java 代码片段

LockSupport.java 中的 FIFO 互斥代码片段

JavaScript笔试题(js高级代码片段)

手写数字识别——基于全连接层和MNIST数据集