DSA签名
package com.albedo.security; /** * DSA 加解密实现 */ public class DSAUtils extends Base { //字符编码 public static final String ALGORITHM = "DSA"; public static final String SIGN_ALGORITHM = "SHA1withDSA"; /** * DSA 验签 * * @param str 加密字符串 * @param publicKey 公钥 * @return 密文 * @throws Exception 加密过程中的异常信息 */ public static boolean verify(String sign, String str, String publicKey) throws Exception { return verify(sign, str, publicKey, ALGORITHM, SIGN_ALGORITHM); } /** * DSA 签名 * * @param str 加密字符串 * @param privateKey 私钥 * @return 铭文 * @throws Exception 解密过程中的异常信息 */ public static String sign(String str, String privateKey) throws Exception { return sign(str, privateKey, ALGORITHM, SIGN_ALGORITHM); } public static void main(String[] args) throws Exception { String publicKey = getPublicKey(ALGORITHM, 1024); String privateKey = getPrivateKey(ALGORITHM, 1024); String message = "我要测试DSA"; String sign = sign(message, privateKey); System.out.println(verify(sign, message, publicKey)); } }
基类实现
package com.albedo.security; import com.albedo.num.ByteUtils; import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.PrivateKey; import java.security.PublicKey; import java.security.Signature; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import java.util.Objects; class Base { static KeyPair keyPair; /** * 生成密钥实际方法,可以使用多种方式 * 一篇文档提供一下多种方式 * { "DSA", "SHA1withDSA", "1024" }, { "DSA", "SHA256withDSA", "1024" }, * { "DSA", "SHA256withDSA", "2048" }, { "RSA", "SHA256withRSA", "1024" }, * { "RSA", "SHA256withRSA", "2048" }, { "RSA", "SHA256withRSA", "3192" }, * { "RSA", "SHA512withRSA", "1024" }, { "RSA", "SHA512withRSA", "2048" }, * { "RSA", "SHA512withRSA", "3192" }, { "RSA", "MD5withRSA", "1024" }, * { "RSA", "MD5withRSA", "2048" }, * { "RSA", "MD5withRSA", "3192" }, { "EC", "SHA1withECDSA", "128" }, * { "EC", "SHA1withECDSA", "256" }, * { "EC", "SHA256withECDSA", "128" }, { "EC", "SHA256withECDSA", "256" }, * { "EC", "SHA512withECDSA", "128" }, { "EC", "SHA512withECDSA", "256" }, * * @param algorithm * @param bit * @return * @throws Exception */ protected static KeyPair createKey(String algorithm, int bit) throws Exception { KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(algorithm); keyPairGenerator.initialize(bit); KeyPair keyPair = keyPairGenerator.generateKeyPair(); return keyPair; } /** * 获取公钥 * * @return * @throws Exception */ public static String getPublicKey(String algorithm,int bit) throws Exception { if (Objects.isNull(keyPair)) { keyPair = createKey(algorithm,bit); } return ByteUtils.byteArr2HexStr(keyPair.getPublic().getEncoded()); } /** * 获取私钥 * * @return * @throws Exception */ public static String getPrivateKey(String algorithm,int bit) throws Exception { if (Objects.isNull(keyPair)) { keyPair = createKey(algorithm,bit); } return ByteUtils.byteArr2HexStr(keyPair.getPrivate().getEncoded()); } /** * 非对称加密签名 * @param str * @param privateKey * @param algorithm * @param signAlgorithm * @return * @throws Exception */ public static String sign(String str, String privateKey, String algorithm, String signAlgorithm) throws Exception { PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(ByteUtils.hexstr2ByteArr(privateKey)); KeyFactory keyFactory = KeyFactory.getInstance(algorithm); PrivateKey dsaPrivateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec); Signature signature = Signature.getInstance(signAlgorithm); signature.initSign(dsaPrivateKey); signature.update(str.getBytes()); return ByteUtils.byteArr2HexStr(signature.sign()); } /** * 非对称加密验证 * @param sign * @param str * @param publicKey * @param algorithm * @param signAlgorithm * @return * @throws Exception */ public static boolean verify(String sign, String str, String publicKey,String algorithm,String signAlgorithm) throws Exception { //base64编码的公钥 X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(ByteUtils.hexstr2ByteArr(publicKey)); KeyFactory keyFactory = KeyFactory.getInstance(algorithm); PublicKey dsaPublicKey = keyFactory.generatePublic(x509EncodedKeySpec); Signature signature = Signature.getInstance(signAlgorithm); signature.initVerify(dsaPublicKey); signature.update(str.getBytes()); return signature.verify(ByteUtils.hexstr2ByteArr(sign)); } }