Java實現數字簽名

時間 2019-11-30

標籤 java 實現數字簽名欄目 Java 简体版

原文原文鏈接

一數字簽名算法

　　帶有祕鑰(公鑰,私鑰)的消息摘要算法java

　　驗證數據完整性,認證數據來源,抗否定git

　　OSI參考模型算法

　　私鑰簽名,公鑰驗證apache

　　RSA,DSA,ECDSAide

二數字簽名算法RSA

經典算法

　　MD,SHA兩類加密

　　例子:jdkRSA 算法spa

 1 package com.dzj.rsa;
 2 
 3 import java.security.KeyFactory;
 4 import java.security.KeyPair;
 5 import java.security.KeyPairGenerator;
 6 import java.security.PrivateKey;
 7 import java.security.PublicKey;
 8 import java.security.Signature;
 9 import java.security.interfaces.RSAPrivateKey;
10 import java.security.interfaces.RSAPublicKey;
11 import java.security.spec.PKCS8EncodedKeySpec;
12 import java.security.spec.X509EncodedKeySpec;
13 
14 import org.apache.commons.codec.binary.Hex;
15 
16 public class RSA {
17     private static String src = "imooc security rsa";
18 
19     public static void main(String[] args) {
20         jdkRSA();
21     }
22 
23     public static void jdkRSA() {
24         try {
25             // 1 初始化密鑰
26             KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
27             keyPairGenerator.initialize(512);
28             KeyPair keyPair = keyPairGenerator.generateKeyPair();
29 
30             RSAPublicKey rsaPublicKey = (RSAPublicKey) keyPair.getPublic();
31             RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) keyPair.getPrivate();
32 
33             // 2 私鑰加密、公鑰解密——加密
34             // 用私鑰進行簽名
35             PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(rsaPrivateKey.getEncoded());
36 
37             KeyFactory keyFactory = KeyFactory.getInstance("RSA");
38             // 執行key的轉化
39             PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
40 
41             // 聲明一個簽名對象 使用JDK實現
42             Signature signature = Signature.getInstance("MD5withRSA");
43             signature.initSign(privateKey);
44             signature.update(src.getBytes());
45             byte[] sign = signature.sign();
46             System.out.println("私鑰加密、公鑰解密——加密:" + Hex.encodeHexString(sign));
47 
48             // 3私鑰加密、公鑰解密——解密
49             X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(rsaPublicKey.getEncoded());
50             keyFactory = KeyFactory.getInstance("RSA");
51             PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
52             // 建立簽名對象
53             signature = Signature.getInstance("MD5withRSA");
54             signature.initVerify(publicKey);
55             signature.update(src.getBytes());
56             boolean verify = signature.verify(sign);
57             System.out.println("私鑰加密、公鑰解密——解密:" + verify);
58 
59         } catch (Exception e) {
60             // TODO Auto-generated catch block
61             e.printStackTrace();
62         }
63 
64     }
65 
66 }

View Code

數字簽名算法----過程

三數字簽名算法DSA

　　DSS(Digital Signature Standard)數字簽名標準code

　　DSA(Digital Signature Algorithm)數字簽名算法對象

　　DSA僅包含數字簽名,沒有辦法進行加密通信blog

　　RSA即包括加解密,又包括數字簽名的算法

例子

 1 package com.dzj.dsa;
 2 
 3 import java.security.KeyFactory;
 4 import java.security.KeyPair;
 5 import java.security.KeyPairGenerator;
 6 import java.security.PrivateKey;
 7 import java.security.PublicKey;
 8 import java.security.Signature;
 9 import java.security.interfaces.DSAPrivateKey;
10 import java.security.interfaces.DSAPublicKey;
11 import java.security.spec.PKCS8EncodedKeySpec;
12 import java.security.spec.X509EncodedKeySpec;
13 
14 import org.apache.commons.codec.binary.Hex;
15 
16 public class DSA {
17 
18     private static String src = "imooc security dsa";
19 
20     public static void main(String[] args) {
21         jdkDSA();
22     }
23 
24     public static void jdkDSA() {
25         try {
26             // 1.初始化密鑰
27             KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DSA");
28             keyPairGenerator.initialize(512);
29             KeyPair keyPair = keyPairGenerator.generateKeyPair();
30             DSAPublicKey dsaPublicKey = (DSAPublicKey) keyPair.getPublic();
31             DSAPrivateKey dsaPrivateKey = (DSAPrivateKey) keyPair.getPrivate();
32 
33             // 2.執行簽名 私鑰進行簽名
34             PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(dsaPrivateKey.getEncoded());
35             KeyFactory keyFactory = KeyFactory.getInstance("DSA");
36             PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
37             Signature signature = Signature.getInstance("SHA1withDSA");
38             signature.initSign(privateKey);
39             signature.update(src.getBytes());
40             byte[] result = signature.sign();
41             System.out.println("jdk dsa sign : " + Hex.encodeHexString(result));
42 
43             // 3.驗證簽名
44             X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(dsaPublicKey.getEncoded());
45             keyFactory = KeyFactory.getInstance("DSA");
46             PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
47             signature = Signature.getInstance("SHA1withDSA");
48             signature.initVerify(publicKey);
49             signature.update(src.getBytes());
50             boolean bool = signature.verify(result);
51             System.out.println("jdk dsa verify : " + bool);
52         } catch (Exception e) {
53             e.printStackTrace();
54         }
55     }
56 
57 }

View Code

四數字簽名算法ECDSA　　

　　微軟

　　Ellipticc Curve Digital Signature Algorithm,橢圓曲線數字簽名算法

　　速度快,強度高,簽名短

　　例子:

 1 package com.dzj.ecdsa;
 2 
 3 import java.security.KeyFactory;
 4 import java.security.KeyPair;
 5 import java.security.KeyPairGenerator;
 6 import java.security.PrivateKey;
 7 import java.security.PublicKey;
 8 import java.security.Signature;
 9 import java.security.interfaces.ECPrivateKey;
10 import java.security.interfaces.ECPublicKey;
11 import java.security.spec.PKCS8EncodedKeySpec;
12 import java.security.spec.X509EncodedKeySpec;
13 
14 import org.apache.commons.codec.binary.Hex;
15 
16 public class ECDSA {
17     private static String src = "imooc security ecdsa";
18 
19     public static void main(String[] args) {
20 
21         jdkECDSA();
22 
23     }
24 
25     public static void jdkECDSA() {
26         try {
27             // 1 初始化密鑰
28             KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
29             keyPairGenerator.initialize(256);
30             KeyPair keyPair = keyPairGenerator.generateKeyPair();
31             ECPublicKey ecPublicKey = (ECPublicKey) keyPair.getPublic();
32             ECPrivateKey ecPrivateKey = (ECPrivateKey) keyPair.getPrivate();
33 
34             // 2 執行簽名
35             PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(ecPrivateKey.getEncoded());
36             KeyFactory keyFactory = KeyFactory.getInstance("EC");
37             PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
38             Signature signature = Signature.getInstance("SHA1withECDSA");
39             signature.initSign(privateKey);
40             signature.update(src.getBytes());
41             byte[] sign = signature.sign();
42             System.out.println("jdk ecdsa sign:" + Hex.encodeHexString(sign));
43 
44             // 3驗證
45             X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(ecPublicKey.getEncoded());
46             keyFactory = KeyFactory.getInstance("EC");
47             PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
48             signature = Signature.getInstance("SHA1withECDSA");
49             signature.initVerify(publicKey);
50             signature.update(src.getBytes());
51             boolean verify = signature.verify(sign);
52             System.out.println("jdk ecdsa verify:" + verify);
53         } catch (Exception e) {
54             // TODO Auto-generated catch block
55             e.printStackTrace();
56         }
57 
58     }
59 
60 }