密码技术学习(7.2)-在Java中的使用数字签名算法

文章目录

RSA（经典数字签名算法）

RSASignCoder

RSASignCoderTest

DSA（数字签名标准算法）

DSACoder

DSACoderTest

ECDSA（椭圆曲线数字签名算法）

ECDSACoder

ECDSACoderTest

参考资料

本系列其他文章

---

RSA（经典数字签名算法）

RSA数字签名算法主要可分为MD系列和SHA系列两大类。MD系列主要包括MD2withRSA和MD5withRSA；SHA系列主要包括SHA1withRSA、SHA224withRSA、SHA256withRSA、SHA384withRSA和SHA512withRSA。 
RSA数字签名生成的签名长度与密钥长度相同。

RSASignCoder

import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;

/**
 * RSA 数字签名
 * 
 * @author shaozuo
 * @date 2018/08/08
 */
public class RSASignCoder {
    public static final String ALGORITHM_NAME = "RSA";

    private RSASignCoder() {

    }

    private static final String SIGNATURE_ALGORITHM = "MD5WithRSA";

    private static final int KEY_SIZE = 512;
    private static final String PUBLIC_KEY = "public_key";
    private static final String PRIVATE_KEY = "private_key";

    /**
     * 初始化公钥
     * 
     * @return Map 密钥map
     * @throws Exception
     */
    public static Map<String, Object> initKey() throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ALGORITHM_NAME);
        keyPairGenerator.initialize(KEY_SIZE);
        KeyPair keyPair = keyPairGenerator.generateKeyPair();

        RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
        RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();

        Map<String, Object> keyMap = new HashMap<>();
        keyMap.put(PUBLIC_KEY, publicKey);
        keyMap.put(PRIVATE_KEY, privateKey);
        return keyMap;
    }

    public static byte[] getPrivateKey(Map<String, Object> keyMap) {
        Key key = (Key) keyMap.get(PRIVATE_KEY);
        return key.getEncoded();
    }

    public static byte[] getPublicKey(Map<String, Object> keyMap) {
        Key key = (Key) keyMap.get(PUBLIC_KEY);
        return key.getEncoded();
    }

    /**
     * 签名
     * 
     * @param data
     *            待签名数据
     * @param encodedPriviteKey
     *            私钥
     * @return byte[] 签名数据
     * @throws GeneralSecurityException
     */
    public static byte[] sign(byte[] data, byte[] encodedPriviteKey)
            throws GeneralSecurityException {
        PKCS8EncodedKeySpec encodedKeySpec = new PKCS8EncodedKeySpec(encodedPriviteKey);
        KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM_NAME);
        PrivateKey privateKey = keyFactory.generatePrivate(encodedKeySpec);
        Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
        signature.initSign(privateKey);
        signature.update(data);
        return signature.sign();
    }

    /**
     * 校验
     * 
     * @param data
     *            待校验数据
     * @param encodedPublicKey
     *            公钥
     * @param sign
     *            数字签名
     * @return boolean 校验是否通过
     * @throws GeneralSecurityException
     */
    public static boolean verfiy(byte[] data, byte[] encodedPublicKey, byte[] sign)
            throws GeneralSecurityException {
        X509EncodedKeySpec encodedKeySpec = new X509EncodedKeySpec(encodedPublicKey);
        KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM_NAME);
        PublicKey publicKey = keyFactory.generatePublic(encodedKeySpec);
        Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
        signature.initVerify(publicKey);
        signature.update(data);