DSA签名

说明:
DSA为非对称加密,非对称加密指加密与解密所使用的密钥不同,分为公钥和私钥,DSA还有数字签名。例如:app发起支付时,使用私钥(私钥一般放服务器用时获取)对订单串生成签名,然后将订单串与签名一起传给服务器,服务器使用公钥和订单串进行签名校验,返回true表示校验通过,否则订单信息就是伪造的。

import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.DSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;

public class DsaMain {
	private static final String algorithm = "DSA";
	public static void main(String[] args) throws NoSuchAlgorithmException, InvalidKeyException, InvalidKeySpecException, SignatureException {
		Map mapKey=getKey();
		for (String key : mapKey.keySet()) {
			System.out.println(key+":"+mapKey.get(key));
		}
		String sign=encrypt("123456",mapKey.get("privateKey"));
		boolean bool=checkKey(sign,"123456",mapKey.get("publicKey"));
		System.out.println(bool);
	}
	
	public static boolean checkKey(String sign,String param,String publicKey) throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, SignatureException {
		KeyFactory keyFactory = KeyFactory.getInstance("DSA");
		byte[] encodedPub = decoder(publicKey);
		X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(encodedPub);
		PublicKey pub = keyFactory.generatePublic(pubSpec);
		Signature signature = Signature.getInstance("SHA256WithDSA");
		signature.initVerify(pub);
		signature.update(param.getBytes());
		boolean check=signature.verify(decoder(sign));
		return check;
	}
	
	public static String encrypt(String param,String privateKey) throws NoSuchAlgorithmException, InvalidKeySpecException, SignatureException, InvalidKeyException{
		KeyFactory keyFactory = KeyFactory.getInstance("DSA");
		byte[] encodedPri = decoder(privateKey);
		PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(encodedPri);
		PrivateKey pri = keyFactory.generatePrivate(spec);
		Signature signature = Signature.getInstance("SHA256WithDSA");
		signature.initSign(pri);
		signature.update(param.getBytes());
		return encoder(signature.sign());
	}

    public static Map getKey() throws NoSuchAlgorithmException{
    	KeyPairGenerator keygen = KeyPairGenerator.getInstance(algorithm);
        KeyPair keys = keygen.genKeyPair();
        Map keyMap=new HashMap();
        keyMap.put("publicKey",getPublicKey(keys));
        keyMap.put("privateKey",getPrivateKey(keys));
        return keyMap;
    }
    /**
	 * 生成公钥
	 */
    public static String getPublicKey(KeyPair keys) {
        DSAPublicKey publicKey = (DSAPublicKey) keys.getPublic();
        return encoder(publicKey.getEncoded());
    }
    /**
	 * 生成私钥
	 */
    public static String getPrivateKey(KeyPair keys) {
    	DSAPrivateKey privateKey = (DSAPrivateKey) keys.getPrivate();
    	return encoder(privateKey.getEncoded());
    }
    
    public static byte[] decoder(String str){
    	Base64.Decoder decoder = Base64.getDecoder();
		return decoder.decode(str);
    }
    
    public static String encoder(byte[] src){
    	final Base64.Encoder encoder = Base64.getEncoder();
		return encoder.encodeToString(src);
    }
}

你可能感兴趣的:(其他)