使用java 进行数字签名

阅读更多

使用java 进行数字签名

签名算法有:

MD5withRSA

SHA1withRSA

SHA256withRSA

代码如下:

package com.common.enu;
/***
 * 签名算法.
 * @author huangwei
 * @since 2013-10-28
 */
public enum SignatureAlgorithm {
	SIGNATURE_ALGORITHM_MD5withRSA("MD5withRSA"),
	SIGNATURE_ALGORITHM_SHA1withRSA("SHA1withRSA"),
	SIGNATURE_ALGORITHM_SHA256withRSA("SHA256withRSA");
	
	private final String value;

    //构造器默认也只能是private, 从而保证构造函数只能在内部使用
	private SignatureAlgorithm(String value) {
        this.value = value;
    }
    
    public String getValue() {
        return value;
    }
}

/**
	 * use private key sign
	 * 
	 * @param message
	 *            data encrypted
	 * @param key
	 * @return
	 * @throws Exception
	 */
	public static byte[] sign(String message, PrivateKey key,
			SignatureAlgorithm algorithm) throws Exception {
		return SystemUtil.sign(message.getBytes(SystemUtil.CHARSET_ISO88591),
				key, algorithm);
	}

/**
	 * use private key sign 
	 * 
	 * @param message
	 * @param key
	 * @return
	 * @throws Exception
	 */
	public static byte[] sign(byte[] message, PrivateKey key,
			SignatureAlgorithm algorithm) throws Exception {
		Signature signetcheck = Signature.getInstance(algorithm.getValue());
		signetcheck.initSign(key);
		signetcheck.update(message);
		return signetcheck.sign();
	}
/**
	 * use public key verify sign
	 * 
	 * @param message
	 * @param signStr
	 * @return
	 * @throws Exception
	 */
	public static boolean verifySign(byte[] message, byte[] signBytes,
			PublicKey key, SignatureAlgorithm algorithm) throws Exception {
		if (message == null || signBytes == null || key == null) {
			return false;
		}
		Signature signetcheck = Signature.getInstance(algorithm.getValue());
		signetcheck.initVerify(key);
		signetcheck.update(message);
		return signetcheck.verify(signBytes);
	}
public static boolean verifySign(byte[] message, String signStr,
			PublicKey key, SignatureAlgorithm algorithm) throws Exception {
		byte[] signBytes = toBytes(signStr);
		return verifySign(message, signBytes, key, algorithm);
	}
/***
	 * convert byte array to hex(16) bit string
	 * 
	 * @param byte[]
	 * @return hex(16) bit string
	 */
	public static String toHexString(byte[] b) {
		StringBuilder sb = new StringBuilder(b.length * 2);
		for (int i = 0; i < b.length; i++) {
			sb.append(HEXCHAR[(b[i] & 0xf0) >>> 4]);
			sb.append(HEXCHAR[b[i] & 0x0f]);
		}
		return sb.toString();
	}

 测试:

@Test
	public void test_sign() throws Exception {
		String message = "whuang3";
		SignatureAlgorithm algorithm = SignatureAlgorithm.SIGNATURE_ALGORITHM_SHA256withRSA;
//进行签名
		byte[] signResult = SystemUtil.sign(message, privateKey, algorithm);
		System.out.println("sign result hex:" + SystemUtil.toHexString(signResult));
//校验签名
		boolean isSuccess=SystemUtil.verifySign(message.getBytes(SystemUtil.CHARSET_ISO88591),
				signResult, publicKey, algorithm);
		System.out.println("sign1 :"+isSuccess);
		Assert.assertEquals(isSuccess, true);
	}

 参考:http://security.group.iteye.com/group/wiki/2280-Non-symmetric-encryption-Digital-Signature

工具类com.common.util.SystemUtil 见附件

 

  • SystemUtil.zip (16.1 KB)
  • 下载次数: 21

你可能感兴趣的:(sign,签名,数字签名,验证签名,校验签名)