© 版权声明:本文为博主原创文章,转载请注明出处
实例
1.项目结构
2.pom.xml
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion> <groupId>org.security</groupId> <artifactId>DigitalSignature</artifactId> <version>0.0.1-SNAPSHOT</version> <packaging>jar</packaging> <properties> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> </properties> <dependencies> <!-- junit --> <dependency> <groupId>junit</groupId> <artifactId>junit</artifactId> <version>4.12</version> <scope>test</scope> </dependency> <!-- commons-codec --> <dependency> <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> <version>1.10</version> </dependency> </dependencies> </project>
3.RSA.java
package org.security.rsa;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
public class RSA {
private static final String str = "Digital signature algorithm RSA MD5WithRSA";
private static final String SECURITY = "RSA";// 加密方式
private static final String ALGORITHM = "MD5withRSA";// 加密算法
private static final String PUBLIC_KEY = "RSAPublicKey";// 公钥
private static final String PRIVATE_KEY = "RSAPrivateKey";// 秘钥
public static void main(String[] args) {
System.out.println("==========初始化密钥信息==========");
Map<String, Object> map = RSA.init();
System.out.println("=========密钥信息初始化成功=========");
byte[] private_key = RSA.getPrivateKey(map);
System.out.println("=============私钥为=============
" + Base64.encodeBase64String(private_key));
byte[] public_key = RSA.getPublicKey(map);
System.out.println("=============公钥为=============
" + Base64.encodeBase64String(public_key));
byte[] bs = RSA.sign(private_key);
System.out.println("=============签名为=============
" + Base64.encodeBase64String(bs));
boolean result = RSA.verify(public_key, bs);
System.out.println("===========签名验证结果===========
" + result);
}
/**
* 初始化密钥
*
* @return
*/
private static Map<String, Object> init() {
Map<String, Object> map = null;
try {
// 生成实现指定算法的KeyPairGenerator对象,用于生成密钥对
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(SECURITY);
keyPairGenerator.initialize(1024);// 初始化密钥长度
KeyPair keyPair = keyPairGenerator.generateKeyPair();// 生成密钥对
RSAPublicKey rsaPublicKey = (RSAPublicKey) keyPair.getPublic();// 获取公钥
RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) keyPair.getPrivate();// 获取私钥
// 保存到map中
map = new HashMap<String, Object>();
map.put(PUBLIC_KEY, rsaPublicKey);
map.put(PRIVATE_KEY, rsaPrivateKey);
} catch (Exception e) {
e.printStackTrace();
}
return map;
}
/**
* 用私钥生成签名
*
* @param privateKey
* 私钥字节数组
* @return
*/
private static byte[] sign(byte[] privateKey) {
byte[] signByte = null;
try {
// 根据给定的编码密钥创建一个新的PKCS8EncodedKeySpec对象,指定PKCS#8标准为密钥规范管理的编码格式
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(privateKey);
// 实例化密钥工厂对象,将密钥转换成密钥规范
KeyFactory keyFactory = KeyFactory.getInstance(SECURITY);
// 根据提供的密钥规范生成私钥对象
PrivateKey key = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
// 实例化实现指定签名算法的Signature对象
Signature signature = Signature.getInstance(ALGORITHM);
// 根据私钥对象初始化签名对象
signature.initSign(key);
// 使用指定的byte数组更新要签名或验证的数据
signature.update(str.getBytes());
// 返回所有已更新数据的签名字节
signByte = signature.sign();
} catch (Exception e) {
e.printStackTrace();
}
return signByte;
}
/**
* 用公钥验证签名
*
* @param publicKey
* 公钥字节数组
* @param signByte
* 签名字节数组
* @return
*/
public static boolean verify(byte[] publicKey, byte[] signByte) {
boolean result = false;
try {
// 根据给定的编码密钥创建一个新的X509EncodedKeySpec对象
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(publicKey);
// 实例化密钥工厂对象,将密钥转换成密钥规范
KeyFactory keyFactory = KeyFactory.getInstance(SECURITY);
// 根据提供的密钥规范生成公钥对象
PublicKey key = keyFactory.generatePublic(x509EncodedKeySpec);
// 实例化实现指定签名算法的Signature对象
Signature signature = Signature.getInstance(ALGORITHM);
// 根据公钥对象初始化用于验证的对象
signature.initVerify(key);
// 使用指定的byte数组更新要签名或验证的数据
signature.update(str.getBytes());
// 验证传入的签名
result = signature.verify(signByte);
} catch (Exception e) {
e.printStackTrace();
}
return result;
}
/**
* 获取私钥
*
* @param map
* 密钥map集合
* @return
*/
public static byte[] getPrivateKey(Map<String, Object> map) {
RSAPrivateKey key = (RSAPrivateKey) map.get(PRIVATE_KEY);
return key.getEncoded();
}
/**
* 获取私钥
*
* @param map
* 密钥map集合
* @return
*/
public static byte[] getPublicKey(Map<String, Object> map) {
RSAPublicKey key = (RSAPublicKey) map.get(PUBLIC_KEY);
return key.getEncoded();
}
}
4.效果预览
==========初始化密钥信息========== =========密钥信息初始化成功========= =============私钥为============= MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAIsbpXWv1jJ/8sLNPC9dWqBmXhyx7MFT3XwyxY9uO1mLJr1biL2hytY+rFeGL+EChxlnCSS4H8M17fVP7nh5Kk5FP7sTqp3hewp9PLpKFsytP5T3urQYbQ5QtKvH4oaUk4Uu8IJ1Bc0cTNvxeSulvMMzxk+wuVEdxfO3tBLUWmjdAgMBAAECgYBQxVO0Ws3PcrVdYNeyVM07V1UL6k+jDXQMGlrV5lZ1rrNmvZBPM3NYJPnitBp21wXkvQv1Eyf2LAkoKCo6L3hdMPXpe19OgFdIHm13kV7rfZNxxGE+3ZFv5EW6O6dC7dK1fUXlAdi1Yvl3nVQx+3e2h+7CTW/fVxb9AH14IjO24QJBAL6b+aGt1v5iH0yAHG2OV30B/0hzW1ImVOu4Kx6lgobVcQkwkUVu00gkI5p7Xs/RYtmVIzR9PoYKrDCE5qGNVGUCQQC61KJnIXZsHfDnaQcq3vsFa7SzDzfKgXxHCBIGhJlLiWFisq4wWhPOO7ADOOz5lyl8TGDGyYTaJJBDGx7hWk8ZAkADUAynnbDV3Pi0SKm10bp9hrJcHP0iUV46donxT2kUVNNRGJH9xe5QG6iuv6QnMnloVKo2+FJE3Byf/z9O4XjtAkBEzColefAGrhvYyxcllUiwXVIEIdV0j6v46CLjHY7pfuRKmOuFyJXEerw844h3/E79g46bhPeT8KTi4SjE6SF5AkBn37pDFVp8mabYzDaEuoUB+WoAfLwPlNA+KQHFHoDzHEjRXvXbfObRViB5/qKkNNQiVXEfcugsA6IDlOGQezED =============公钥为============= MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCLG6V1r9Yyf/LCzTwvXVqgZl4csezBU918MsWPbjtZiya9W4i9ocrWPqxXhi/hAocZZwkkuB/DNe31T+54eSpORT+7E6qd4XsKfTy6ShbMrT+U97q0GG0OULSrx+KGlJOFLvCCdQXNHEzb8XkrpbzDM8ZPsLlRHcXzt7QS1Fpo3QIDAQAB =============签名为============= ODGCnrrBV/1SXfB65SHYWbdgNAuY8QbfAzWGeRscMhGCudfQk9cnLzHVQkhlC9eXruTvjQqQSmBNLmGdegUlAh+bPi/EkqReidD0efsLSy4FQSJIdmFVW6Xl3FuAqzIqidPLPFk0rFDK/DJzGVQtUYm5rKDap0zKMxe/P3/6bbs= ===========签名验证结果=========== true