标签:私钥 blog trace throws main key tsig 公钥 security
package com.fabiao;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.binary.Hex;
public class RSA_sign_verify {
// 16进制公钥 有误
private static final String pubKey = "081890451974948292818100d1605dd1191e5fe8392892874914c2b0268c07a4540839814464a4c1a74bd90f0bb301d9fa22d2e8ef07a25fc77f985baec8c9e75f2f716a3d78aa0eda3412f973022fe8aa5f49b3e1c4fd43ecf79709aa4107dee541968798795ed32c706b3565d09ac4b6310203010001";
// 16进制私钥 有误
private static final String priKey = "50004820260308219789494949025c02010002818100d1649617494798905dd1191e5fe8392c2b0268c07a454083981446415689489014949aec8c9e75f2f716a3d78aa0eda3412f9736f8af1ff94c5caa5f49b3e1c4fd43ecf7974169874948bfwjhpwortjh09aa4107dee5ed32c706b3565d09ac4b631020301000102818061d646008f5c4234a182a2165e1c9306093f74b104a7732869a4ab35d24289952e932e4e5cd0b72f626096bce20c537f8a292bcb23cd03a607c34e19b7c4a2692650f8b9ae824cf026be8e9ec7b716e4ec6f62a8c8683d89dfd90ef210e1e7f4ba7efff0d8ccedb1346b2ea9123be9f32c67beb925d1b0e9cab674135d0c9481024100ff642ad49b155807eaf34f314a6d52e2ed3d40759c469e4a5a6ba0c77f8adc0446571dad828c00bfc4c4068038c7bfe9832a838c150add352d2c4e3bae3571fb024100d1e01f4716905cd045517ed4b981b7dc3d0c4d990b8ae8f77e2aa9242d11260ba9d40a27a1b03d6b106bad7990c47281537fb2f40a06b70f6890fe5abb9b6cc3024079b7417a6616fc077a004fa3cc36e223e8b122816ae375193692c8e38b73a07c2111efc0fbd0c1a2a3a250fed710cbf3fc614ca47c7adb0636eb40b5ccc707f5024077ab9d0a12e2a41999bcfb5dde9d09b28a18ced25a938d7d39b2a7995a1d321d6a6bde92748ea2a6bec937345f08b4e5eb2fa061a8a9e58de2a8f26fd813aab3024100f4cd7e54d0dcf2e2b62a5de1636a70182d588d3b";
public static final String SIGN_ALGORITHMS = "SHA1WithRSA";
public static void main(String[] args) throws Exception
{
//测试串
String str = "ab!@#$%^&*()_+12";
//签名
String signstr = sign(str, priKey);
//验签
boolean ret = verify(str, signstr, pubKey);
System.out.println("verify result=" + ret);
}
/*
* 输入参数 签名字符串,16进制私钥 输出参数 16进制的签名串 函数当中测试了enbase64 的 合成与解析
*/
public static String sign(String content, String privateKey) {
byte[] signed = null;
String str = null;
try {
// hex to str
byte[] str_to_hex = Hex.decodeHex(privateKey.toCharArray());
// str to encode 64
byte[] encodedKey = Base64.encodeBase64(str_to_hex);
// decode 64
byte[] decodedKey = Base64.decodeBase64(new String(encodedKey));
// str to byte
byte[] pckbyte = decodedKey;
PKCS8EncodedKeySpec priPKCS8 = new PKCS8EncodedKeySpec(pckbyte);
KeyFactory keyf = KeyFactory.getInstance("RSA");
PrivateKey priKey = keyf.generatePrivate(priPKCS8);
// sha256
MessageDigest md = MessageDigest.getInstance("SHA-256");
byte[] sha256Digest = md.digest(content.getBytes());
// sha1
java.security.Signature signature = java.security.Signature
.getInstance(SIGN_ALGORITHMS);
signature.initSign(priKey);
signature.update(sha256Digest);
signed = signature.sign();
// sign to 16进制字符串
str = Hex.encodeHexString(signed);
} catch (Exception e) {
e.printStackTrace();
}
return str;
}
/*
* 输入参数 需要验签字符串,签名字符串,16进制公钥 输出参数 是否成功验签 函数当中测试了enbase64 的 合成与解析
*/
public static boolean verify(String content, String sign, String publicKey) {
try {
// hex to str
byte[] str_to_hex = Hex.decodeHex(publicKey.toCharArray());
// str to encode 64
byte[] encodedKey1 = Base64.encodeBase64(str_to_hex);
// decode 64
byte[] decodedKey = Base64.decodeBase64(new String(encodedKey1)); // right
// str to byte
byte[] encodedKey = decodedKey;
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PublicKey pubKey = keyFactory
.generatePublic(new X509EncodedKeySpec(encodedKey));
// 对数据进行SHA-256签名
MessageDigest md = MessageDigest.getInstance("SHA-256");
byte[] sha256Digest = md.digest(content.getBytes());
System.out.println("function doCheck sha256="
+ Hex.encodeHexString(sha256Digest));
// 对数据进行SHA1签名
java.security.Signature signature = java.security.Signature
.getInstance(SIGN_ALGORITHMS);
signature.initVerify(pubKey);
signature.update(sha256Digest);
boolean bverify = signature
.verify(Hex.decodeHex(sign.toCharArray()));
return bverify;
} catch (Exception e) {
e.printStackTrace();
}
return false;
}
}
所需要的类库
标签:私钥 blog trace throws main key tsig 公钥 security
原文地址:http://www.cnblogs.com/yinhua405/p/6646599.html