第四十八篇:JAVA加密解密之DSA(Digital Signature Algorithm)算法
DSA算法简介
DSA-Digital Signature Algorithm是Schnorr和ElGamal签名算法的变种,被美国NIST作为DSS(DigitalSignature Standard)。简单的说,这是一种更高级的验证方式,用作数字签名。不单单只有公钥、私钥,还有数字签名。私钥加密生成数字签名,公钥验证数据及签名。如果数据和签名不匹配则认为验证失败!数字签名的作用就是校验数据在传输过程中不被修改。数字签名,是单向加密的升级!
DSA算法实现
package com.jianggujin.codec;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
/**
* DSA
*
* @author jianggujin
*
*/
public class HQDSA
{
private static HQDSA dsa = new HQDSA();
public static HQDSA getInstance()
{
return dsa;
}
private HQDSA()
{
}
/**
* DSA签名算法
*
* @author jianggujin
*
*/
public static enum HQDSASignatureAlgorithm
{
DSA("DSA"), SHA1withDSA("SHA1withDSA"), SHA224withDSA("SHA224withDSA"), SHA256withDSA("SHA256withDSA");
private String name;
private HQDSASignatureAlgorithm(String name)
{
this.name = name;
}
public String getName()
{
return this.name;
}
}
public static final String ALGORITHM = "DSA";
public byte[] sign(byte[] data, byte[] privateKey, HQDSASignatureAlgorithm signatureAlgorithm) throws Exception
{
return sign(data, privateKey, signatureAlgorithm.getName());
}
public byte[] sign(byte[] data, byte[] privateKey, String signatureAlgorithm) throws Exception
{
PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(privateKey);
KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM);
PrivateKey priKey = keyFactory.generatePrivate(pkcs8KeySpec);
Signature signature = Signature.getInstance(signatureAlgorithm);
signature.initSign(priKey);
signature.update(data);
return signature.sign();
}
public boolean verify(byte[] data, byte[] publicKey, byte[] sign, HQDSASignatureAlgorithm signatureAlgorithm)
throws Exception
{
return verify(data, publicKey, sign, signatureAlgorithm.getName());
}
public boolean verify(byte[] data, byte[] publicKey, byte[] sign, String signatureAlgorithm) throws Exception
{
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicKey);
KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM);
PublicKey pubKey = keyFactory.generatePublic(keySpec);
Signature signature = Signature.getInstance(signatureAlgorithm);
signature.initVerify(pubKey);
signature.update(data);
return signature.verify(sign);
}
/**
* 初始化**
*
* @return
*/
public HQKeyPair initKey() throws Exception
{
return initKey(1024);
}
/**
* 初始化**
*
* @param keySize
* @return
*/
public HQKeyPair initKey(int keySize) throws Exception
{
KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(ALGORITHM);
keyPairGen.initialize(1024);
KeyPair keyPair = keyPairGen.generateKeyPair();
return new HQKeyPair(keyPair);
}
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
- 110
- 111
- 112
- 113
- 114
- 115
- 116
- 117
- 118
- 119
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
- 110
- 111
- 112
- 113
- 114
- 115
- 116
- 117
- 118
- 119
测试代码:
import org.junit.Test;
import com.jianggujin.codec.HQBase64;
import com.jianggujin.codec.HQDSA;
import com.jianggujin.codec.HQDSA.HQDSASignatureAlgorithm;
import com.jianggujin.codec.HQKeyPair;
public class DSATest
{
HQDSA dsa = HQDSA.getInstance();
HQBase64 base64 = HQBase64.getInstance();
@Test
public void encode() throws Exception
{
byte[] data = "jianggujin".getBytes();
HQKeyPair keyPair = dsa.initKey();
HQDSASignatureAlgorithm[] algorithms = HQDSASignatureAlgorithm.values();
for (HQDSASignatureAlgorithm algorithm : algorithms)
{
System.err.println("=========================================");
System.err.println(algorithm);
byte[] sign = dsa.sign(data, keyPair.getPrivateKey(), algorithm);
System.err.println("签名:" + base64.encodeToString(sign));
System.err.println("验签:" + dsa.verify(data, keyPair.getPublicKey(), sign, algorithm));
}
}
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
测试结果: =========================================
DSA
签名:MC0CFQCRt2xFSIBJ/XSPHGYmSHhTOCjkwAIUSn8r6egiLg/d+Puq/AjE+IPGEvE=
验签:true =========================================
SHA1withDSA
签名:MCwCFGOsJKBaGWXR5QA+YK3Z/QQ2li/LAhRQLQM3BFmM9B2jjyxrBUaO11xqVA==
验签:true =========================================
SHA224withDSA
签名:MCwCFANthkgvsQ/zMFDUlkfMiv386bszAhRJCOvQI5LKRuvZdoyOOomNy2R7RA==
验签:true =========================================
SHA256withDSA
签名:MCwCFH/IFt1WfO/y6cRAX2GHaA0PkqoSAhRVHgecDEVkXmuZwePvfeLuU/3lqA==
验签:true
上一篇: 利用sort对结构体进行排序
下一篇: golang对结构体排序,重写sort