数字签名算法（RSA、DSA、ECDSA）

数字签名--带有密钥（公钥、私钥）的消息摘要算法，验证数据的完整性、来源和抗否认。

私钥签名，公钥验证

以下demo包含加签和验签的过程，供参考。JDK提供支持，无需导包

 

1、RSA（经典，在消息摘要算法中同样使用）

import org.apache.commons.codec.binary.Hex;

import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;

/**
 * @Author Rhine
 * @Date 2019/1/18 23:29
 **/
public class ImoocRSA2 {
    private static String src="security rsa";

    public static void main(String[] args) {
        jdkRSA();
    }

    public static void jdkRSA(){
        try {
            //1.初始化密钥
            KeyPairGenerator keyPairGenerator=KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(512);
            KeyPair keyPair=keyPairGenerator.genKeyPair();
            RSAPublicKey rsaPublicKey= (RSAPublicKey) keyPair.getPublic();
            RSAPrivateKey rsaPrivateKey= (RSAPrivateKey) keyPair.getPrivate();

            //2.执行签名
            PKCS8EncodedKeySpec pkcs8EncodedKeySpec=new PKCS8EncodedKeySpec(rsaPrivateKey.getEncoded());
            KeyFactory keyFactory=KeyFactory.getInstance("RSA");
            PrivateKey privateKey=keyFactory.generatePrivate(pkcs8EncodedKeySpec);

            Signature signature=Signature.getInstance("MD5withRSA");
            signature.initSign(privateKey);
            signature.update(src.getBytes());
            byte[] result=signature.sign();
            System.out.println("jdk rsa sign: "+ Hex.encodeHexString(result));

            //3.验证签名
            X509EncodedKeySpec x509EncodedKeySpec=new X509EncodedKeySpec(rsaPublicKey.getEncoded());
            keyFactory=KeyFactory.getInstance("RSA");
            PublicKey publicKey=keyFactory.generatePublic(x509EncodedKeySpec);
            signature=Signature.getInstance("MD5withRSA");
            signature.initVerify(publicKey);
            signature.update(src.getBytes());
            boolean bool=signature.verify(result);
            System.out.println("jdk rsa verify: "+ bool);

        }catch (Exception e){

        }
    }
}

 

2、DSA

import org.apache.commons.codec.binary.Hex;

import java.security.*;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.DSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;

/**
 * @Author Rhine
 * @Date 2019/1/18 23:37
 **/
public class jdkDSA {

    private static String src="security dsa";

    public static void main(String[] args) {
        jdkDSA();
    }

    public static void jdkDSA(){
        try {
            //1.初始化密钥
            KeyPairGenerator keyPairGenerator=KeyPairGenerator.getInstance("DSA");
            keyPairGenerator.initialize(512);
            KeyPair keyPair=keyPairGenerator.genKeyPair();
            DSAPublicKey dsaPublicKey= (DSAPublicKey) keyPair.getPublic();
            DSAPrivateKey dsaPrivateKey= (DSAPrivateKey) keyPair.getPrivate();

            //2.执行签名
            PKCS8EncodedKeySpec pkcs8EncodedKeySpec=new PKCS8EncodedKeySpec(dsaPrivateKey.getEncoded());
            KeyFactory keyFactory=KeyFactory.getInstance("DSA");
            PrivateKey privateKey=keyFactory.generatePrivate(pkcs8EncodedKeySpec);

            Signature signature=Signature.getInstance("SHA1withDSA");
            signature.initSign(privateKey);
            signature.update(src.getBytes());
            byte[] result=signature.sign();
            System.out.println("jdk dsa sign: "+ Hex.encodeHexString(result));

            //3.验证签名
            X509EncodedKeySpec x509EncodedKeySpec=new X509EncodedKeySpec(dsaPublicKey.getEncoded());
            keyFactory=KeyFactory.getInstance("DSA");
            PublicKey publicKey=keyFactory.generatePublic(x509EncodedKeySpec);
            signature=Signature.getInstance("SHA1withDSA");
            signature.initVerify(publicKey);
            signature.update(src.getBytes());
            boolean bool=signature.verify(result);
            System.out.println("jdk dsa verify: "+ bool);


        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

 

3、ECDSA

import org.apache.commons.codec.binary.Hex;

import java.security.*;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;

/**
 * @Author Rhine
 * @Date 2019/1/18 23:44
 **/
public class ImoocECDSA {

    private static String src="security ecdsa";

    public static void main(String[] args) {
        jdkECDSA();
    }

    public static void jdkECDSA(){
        try {
            //1.初始化密钥
            KeyPairGenerator keyPairGenerator=KeyPairGenerator.getInstance("EC");
            keyPairGenerator.initialize(256);
            KeyPair keyPair=keyPairGenerator.genKeyPair();
            ECPublicKey ecPublicKey= (ECPublicKey) keyPair.getPublic();
            ECPrivateKey ecPrivateKey= (ECPrivateKey) keyPair.getPrivate();

            //2.执行签名
            PKCS8EncodedKeySpec pkcs8EncodedKeySpec=new PKCS8EncodedKeySpec(ecPrivateKey.getEncoded());
            KeyFactory keyFactory=KeyFactory.getInstance("EC");
            PrivateKey privateKey=keyFactory.generatePrivate(pkcs8EncodedKeySpec);

            Signature signature=Signature.getInstance("SHA1withECDSA");
            signature.initSign(privateKey);
            signature.update(src.getBytes());
            byte[] result=signature.sign();
            System.out.println("jdk ecdsa sign: "+ Hex.encodeHexString(result));

            //3.验证签名
            X509EncodedKeySpec x509EncodedKeySpec=new X509EncodedKeySpec(ecPublicKey.getEncoded());
            keyFactory=KeyFactory.getInstance("EC");
            PublicKey publicKey=keyFactory.generatePublic(x509EncodedKeySpec);
            signature=Signature.getInstance("SHA1withECDSA");
            signature.initVerify(publicKey);
            signature.update(src.getBytes());
            boolean bool=signature.verify(result);
            System.out.println("jdk ecdsa verify: "+ bool);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}