码迷,mamicode.com
首页 > 其他好文 > 详细

数字签名

时间:2018-07-08 16:44:01      阅读:190      评论:0      收藏:0      [点我收藏+]

标签:iges   api   签名   也会   完整   class   key   spl   摘要算法   

数字签名原理

数字签名是发送者通过摘要算法将正文生成摘要,并通过秘钥对摘要进行加密生成数字签名。接收方在接收到数字签名后通过秘钥对应的公钥进行解析出数字摘要,并对接收到的正文转换为数字摘要,并与解析出来的数字摘要进行对比,判断正文的完整性。其他人员无法冒充柱子签名。因为他们没有发送者的秘钥,并且内容不同生成的摘要也会不同,所以其他人员在篡改正文后,与数字签名无法形成对应,从而保证了数据的完整性。

数字签名的过程图如下:

技术分享图片

数字签名校验如下图:

技术分享图片

MD5withRSA

 MD5withRSA的算法实现

	//获取秘钥对
    public static KeyPair getKeyPair() throws Exception{ KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA"); keyPairGenerator.initialize(1024); return keyPairGenerator.generateKeyPair(); } //获取公钥 public static PublicKey getpublicKey() throws Exception{ Key key = getKeyPair().getPublic(); byte[] bytes = key.getEncoded(); byte[] bytesbase64 = Base64.encodeBase64(bytes); X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(bytesbase64); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); PublicKey publicKeynew = keyFactory.generatePublic(x509KeySpec); return publicKeynew; }     //获取私钥 public static PrivateKey getprivateKey() throws Exception{ Key key = getKeyPair().getPublic(); byte[] bytes = key.getEncoded(); byte[] bytesbase64 = Base64.encodeBase64(bytes); PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(bytesbase64); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec); return privateKey; } //对正文进行数字签名 private static byte[] sign(byte[] content, PrivateKey privateKey) throws Exception{ MessageDigest md = MessageDigest.getInstance("MD5"); byte[] bytes = md.digest(content); Cipher cipher = Cipher.getInstance("RSA"); cipher.init(Cipher.ENCRYPT_MODE, privateKey); return cipher.doFinal(bytes); }
    //对正文进行数字签名认证 private static boolean verify(byte[] content,PublicKey publicKey, byte[] sign) throws Exception{ MessageDigest md = MessageDigest.getInstance("MD5"); byte[] bytes = md.digest(content); Cipher cipher = Cipher.getInstance("RSA"); cipher.init(Cipher.DECRYPT_MODE, publicKey); byte[] signbyte = cipher.doFinal(bytes); byte[] base64 = Base64.encodeBase64(bytes); byte[] base64new = Base64.encodeBase64(bytes); if(base64.equals(base64new)){ return true; }else{ return false; } }

通过Signature API实现MD5withRSA算法

	private static byte[] signnew(byte[] content, PrivateKey privateKey) throws Exception{
		Signature signature = Signature.getInstance("MD5withRSA");
		signature.initSign(privateKey);
		signature.update(content);
		return signature.sign();
	}
	private static boolean verifynew(byte[] content, PublicKey publicKey, byte[] sign) throws Exception{
		Signature signature = Signature.getInstance("MD5withRSA");
		signature.initVerify(publicKey);
		signature.update(content);
		return signature.verify(sign);
	}

SHA1withRSA

 通过SHA1和RSA实现数字签名

	private static byte[] signsha(byte[] content,PrivateKey privateKey) throws Exception{
		MessageDigest md = MessageDigest.getInstance("SHA1");
		byte[] bytes = md.digest(content);
		Cipher cipher = Cipher.getInstance("RSA");
		cipher.init(Cipher.ENCRYPT_MODE, privateKey);
		return cipher.doFinal(bytes);
	}
	
	private static boolean verifysha(byte[] content,byte[] bytesha, PublicKey publicKey) throws Exception{
		MessageDigest md = MessageDigest.getInstance("SHA1");
		byte[] bytes = md.digest(content);
		Cipher cipher = Cipher.getInstance("RSA");
		cipher.init(Cipher.DECRYPT_MODE, publicKey);
		byte[] byteshanew = cipher.doFinal(bytesha);
		byte[] bytebase64 = Base64.encodeBase64(bytes);
		byte[] bytebase64new = Base64.encodeBase64(byteshanew);
		if(bytebase64.equals(bytebase64new)){
			return true;
		}else {
			return false;
		}
	}

通过Signature API实现SHA1withRSA算法

	private static byte[] signShawithRSA(byte[] content,PrivateKey privateKey) throws Exception{
		Signature signature = Signature.getInstance("SHA1withRSA");
		signature.initSign(privateKey);
		signature.update(content);
		return signature.sign();
	}
	
	private static boolean verifyShawithRSA(byte[] content,byte[] bytersa,PublicKey publicKey) throws Exception{
		Signature signature = Signature.getInstance("SHA1withRSA");
		signature.initVerify(publicKey);
		signature.update(content);
		return signature.verify(bytersa);
	}

数字签名

标签:iges   api   签名   也会   完整   class   key   spl   摘要算法   

原文地址:https://www.cnblogs.com/youzhongmin/p/9260869.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!