数字签名(又称公钥数字签名)是一种类似写在纸上的普通的物理签名,但是使用了公钥加密领域的技术实现,用于鉴别数字信息的方法。关于数字签名的介绍,可以参见百度百科:http://baike.baidu.com/view/7626.htm。今天,我们就开始学习java中数字签名的使用。
项目结构如下:
DSA算法
一、 HuhxDSA.java
package com.huhx.security;import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.PrivateKey; import java.security.PublicKey; import java.security.Signature; import java.security.interfaces.DSAPrivateKey; import java.security.interfaces.DSAPublicKey; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec;import org.apache.commons.codec.binary.Hex;/*** writer: huhx*/ public class HuhxDSA {private final static String src = "http://www.cnblogs.com/huhx";public static void main(String[] args) {// 初始化签名try {KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DSA");keyPairGenerator.initialize(512);KeyPair keyPair = keyPairGenerator.generateKeyPair();DSAPublicKey dsaPublicKey = (DSAPublicKey) keyPair.getPublic();DSAPrivateKey dsaPrivateKey = (DSAPrivateKey) keyPair.getPrivate();// 执行签名PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(dsaPrivateKey.getEncoded());KeyFactory keyFactory = KeyFactory.getInstance("DSA");PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);Signature signature = Signature.getInstance("SHA1withDSA");signature.initSign(privateKey);signature.update(src.getBytes());byte[] result = signature.sign();System.out.println("jdk dsa sign: " + Hex.encodeHexString(result));// 验证签名X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(dsaPublicKey.getEncoded());keyFactory = KeyFactory.getInstance("DSA");PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);signature = Signature.getInstance("SHA1withDSA");signature.initVerify(publicKey);signature.update(src.getBytes());boolean bool = signature.verify(result);System.out.println("jdk dsa: " + bool);} catch (Exception e) {// TODO Auto-generated catch block e.printStackTrace();}} }
二、 运行结果如下:
jdk dsa sign: 302d0215009461ae45922c11159d3b6dc4c70eb0748763d23202146f5f9a5eedb36a760cf8b9b1d1d1fdc10636aafe jdk dsa: true
RSA算法
一、 HuhxRSA.java
package com.huhx.security;import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.PrivateKey; import java.security.PublicKey; import java.security.Signature; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec;import org.apache.commons.codec.binary.Hex;/*** writer: huhx*/ public class HuhxRSA {private final static String src = "http://www.cnblogs.com/huhx";public static void main(String[] args) {try {// 初始化签名KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");generator.initialize(512);KeyPair keyPair = generator.generateKeyPair();RSAPublicKey rsaPublicKey = (RSAPublicKey) keyPair.getPublic();RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) keyPair.getPrivate();// 执行签名PKCS8EncodedKeySpec encodedKeySpec = new PKCS8EncodedKeySpec(rsaPrivateKey.getEncoded());KeyFactory keyFactory = KeyFactory.getInstance("RSA");PrivateKey privateKey = keyFactory.generatePrivate(encodedKeySpec);Signature signature = Signature.getInstance("MD5withRSA");signature.initSign(privateKey);signature.update(src.getBytes());byte[] result = signature.sign();System.out.println("jdk rsa sign: " + Hex.encodeHexString(result));// 验证签名X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(rsaPublicKey.getEncoded());keyFactory = KeyFactory.getInstance("RSA");PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);signature = Signature.getInstance("MD5withRSA");signature.initVerify(publicKey);signature.update(src.getBytes());boolean bool = signature.verify(result);System.out.println("jdk rsa: " + bool);} catch (Exception e) {e.printStackTrace();}} }
二、 运行结果如下:
jdk rsa sign: 564dc7f96c85a7a42e579ae191997c892f234272d220e3f062cf52071e827164fadd52720b69704979fc11810bdbf92b01dd3f5f26a621ffe699ef601d08fb6c jdk rsa: true
ECDSA算法
一、 HuhxECDSA.java
package com.huhx.security;import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.PrivateKey; import java.security.PublicKey; import java.security.Signature; import java.security.interfaces.ECPrivateKey; import java.security.interfaces.ECPublicKey; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec;import org.apache.commons.codec.binary.Hex;/*** writer: huhx*/ public class HuhxECDSA {private final static String src = "mhttp://www.cnblogs.com/huhx";public static void main(String[] args) {try {// 初始化签名KeyPairGenerator generator = KeyPairGenerator.getInstance("EC");generator.initialize(256);KeyPair keyPair = generator.generateKeyPair();ECPublicKey ecPublicKey = (ECPublicKey) keyPair.getPublic();ECPrivateKey ecPrivateKey = (ECPrivateKey) keyPair.getPrivate();// 执行签名PKCS8EncodedKeySpec encodedKeySpec = new PKCS8EncodedKeySpec(ecPrivateKey.getEncoded());KeyFactory keyFactory = KeyFactory.getInstance("EC");PrivateKey privateKey = keyFactory.generatePrivate(encodedKeySpec);Signature signature = Signature.getInstance("SHA1withECDSA");signature.initSign(privateKey);signature.update(src.getBytes());byte[] result = signature.sign();System.out.println("jdk ecdsa sign: " + Hex.encodeHexString(result));// 验证签名X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(ecPublicKey.getEncoded());keyFactory = KeyFactory.getInstance("EC");PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);signature = Signature.getInstance("SHA1withECDSA");signature.initVerify(publicKey);signature.update(src.getBytes());boolean bool = signature.verify(result);System.out.println("jdk ecdsa: " + bool);} catch (Exception e) {e.printStackTrace();}} }
二、 运行结果如下:
jdk ecdsa sign: 30460221009b80596c51ccdf19c5e8e825aca6d85e549a30ee72a1e9b094f7b3a8c8b9310902210098e8dcc6ea932142d8cd9dd80c08fff7359f796571f8a973d3ca6e2dc0931904 jdk ecdsa: true
友情链接