文章16 | 阅读 7017 | 点赞0
DSA-Digital Signature Algorithm是Schnorr和ElGamal签名算法的变种,被美国NIST作为DSS(DigitalSignature Standard)。简单的说,这是一种更高级的验证方式,用作数字签名。不单单只有公钥、私钥,还有数字签名。私钥加密生成数字签名,公钥验证数据及签名。如果数据和签名不匹配则认为验证失败!数字签名的作用就是校验数据在传输过程中不被修改。数字签名,是单向加密的升级!
package com.jianggujin.codec;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import com.jianggujin.codec.util.JCodecException;
/** * DSA-Digital Signature Algorithm * 是Schnorr和ElGamal签名算法的变种,被美国NIST作为DSS(DigitalSignature * Standard)。简单的说,这是一种更高级的验证方式,用作数字签名。不单单只有公钥、私钥,还有数字签名。私钥加密生成数字签名,公钥验证数据及签名。 * 如果数据和签名不匹配则认为验证失败!数字签名的作用就是校验数据在传输过程中不被修改。数字签名,是单向加密的升级! * * @author jianggujin * */
public class JDSA {
public static final String ALGORITHM = "DSA";
/** * DSA签名算法 * * @author jianggujin * */
public static enum JDSASignatureAlgorithm {
SHA1withDSA, SHA224withDSA, SHA256withDSA;
public String getName() {
return this.name();
}
}
/** * 初始化密钥 * * @return */
public static KeyPair initKey() {
return initKey(1024);
}
/** * 初始化密钥 * * @param keySize * @return */
public static KeyPair initKey(int keySize) {
try {
KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(ALGORITHM);
keyPairGen.initialize(keySize);
return keyPairGen.generateKeyPair();
} catch (Exception e) {
throw new JCodecException(e);
}
}
/** * 签名 * * @param data * @param privateKey * @param signatureAlgorithm * @return */
public static byte[] sign(byte[] data, byte[] privateKey, String signatureAlgorithm) {
try {
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(privateKey);
KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM);
PrivateKey priKey = keyFactory.generatePrivate(pkcs8KeySpec);
Signature signature = Signature.getInstance(signatureAlgorithm);
signature.initSign(priKey);
signature.update(data);
return signature.sign();
} catch (Exception e) {
throw new JCodecException(e);
}
}
/** * 验签 * * @param data * @param publicKey * @param sign * @param signatureAlgorithm * @return */
public static boolean verify(byte[] data, byte[] publicKey, byte[] sign, String signatureAlgorithm) {
try {
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicKey);
KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM);
PublicKey pubKey = keyFactory.generatePublic(keySpec);
Signature signature = Signature.getInstance(signatureAlgorithm);
signature.initVerify(pubKey);
signature.update(data);
return signature.verify(sign);
} catch (Exception e) {
throw new JCodecException(e);
}
}
}
测试代码:
package com.jianggujin.codec.test;
import java.io.File;
import java.security.KeyPair;
import org.junit.Test;
import com.jianggujin.codec.JBase64;
import com.jianggujin.codec.JBase64.JEncoder;
import com.jianggujin.codec.JDSA;
import com.jianggujin.codec.JDSA.JDSASignatureAlgorithm;
public class DSATest {
String str = "jianggujin";
File file = new File(getClass().getSimpleName() + ".dat");
@Test
public void test() throws Exception {
System.out.println("原串:" + str);
JEncoder encoder = JBase64.getEncoder();
KeyPair keyPair = JDSA.initKey();
byte[] keyPairPrivate = keyPair.getPrivate().getEncoded();
byte[] keyPairPublic = keyPair.getPublic().getEncoded();
System.out.println("私钥:" + encoder.encodeToString(keyPairPrivate, "UTF-8"));
System.out.println("公钥:" + encoder.encodeToString(keyPairPublic, "UTF-8"));
for (JDSASignatureAlgorithm algorithm : JDSASignatureAlgorithm.values()) {
System.out.println("-----------------------------------------");
System.out.println("签名算法:" + algorithm.getName());
byte[] signed = JDSA.sign(str.getBytes(), keyPairPrivate, algorithm.getName());
System.out.println("签名:" + encoder.encodeToString(signed, "UTF-8"));
boolean verify = JDSA.verify(str.getBytes(), keyPairPublic, signed, algorithm.getName());
System.out.println("验签:" + verify);
}
}
}
测试结果:
原串:jianggujin
私钥:MIIBSwIBADCCASwGByqGSM44BAEwggEfAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9EAMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RSAHHAhUAl2BQjxUjC8yykrmCouuEC/BYHPUCgYEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1UlZAFMO/7PSSoEFgIUeCsXTr9h606CofNraKffXd3nHi8=
公钥:MIIBtzCCASwGByqGSM44BAEwggEfAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9EAMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RSAHHAhUAl2BQjxUjC8yykrmCouuEC/BYHPUCgYEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1UlZAFMO/7PSSoDgYQAAoGAVR7OIh6cezSQ282OrAX0MKPg+/WAoU/EJolDkvwQe8reR+8NLgIWY9PcEXimjnSoDJJq+ajaLtNCdlPO6/pqzDoA1QnmMxw70lOKDhYdjLuIUXrk6JsucI45fa8b8AD5pym0Ou+NdmanHKvd8cBpeCbVUkRoS/q0AO6i99xyZoE=
—————————————–
签名算法:SHA1withDSA
签名:MC0CFQCRPEpZoudVU+dpWNzMW9Y4ncW0GQIUQDlnzgSyGxMNbYzGRgMv+Rknn5Y=
验签:true
—————————————–
签名算法:SHA224withDSA
签名:MCwCFCmSv84K1uhZoSJP4rNTHN4Xa3dfAhQX5KrtkfaW2zo+fN6QdNALfaD2Og==
验签:true
—————————————–
签名算法:SHA256withDSA
签名:MCwCFHJS9SE5rTOsvBmxxn6ESSJ5OIlSAhQsTNk1XeSoucD2avzNKN8vSNAJqg==
验签:true
版权说明 : 本文为转载文章, 版权归原作者所有 版权申明
原文链接 : https://blog.csdn.net/jianggujin/article/details/53440060
内容来源于网络,如有侵权,请联系作者删除!