JDK 6只支持MD2withRSA, MD5withRSA, SHA1withRSA
其他的如SHA512withRSA需要第三方包支持,如BC(bouncy castle)
--20151126 更正:JDK 7已经可以支持SHA256withRSA和SHA512withRSA了
JDK的密钥长度默认仍是1024
1 package jdbc.pro.lin; 2 3 import java.security.InvalidKeyException; 4 import java.security.NoSuchAlgorithmException; 5 import java.security.PrivateKey; 6 import java.security.PublicKey; 7 import java.security.Signature; 8 import java.security.SignatureException; 9 import java.util.Map; 10 11 import jdbc.pro.lin.MyRSA; 12 13 /** 14 * RSA数字签名,借用MyRSA中的算法,不再重复 15 * 数字签名遵循“私钥签名,公钥验签”原则,因为私钥是个人身份认证 16 * @author Kinsley 17 * 18 */ 19 public class MySignature { 20 21 /** 数字签名算法。JDK只提供了MD2withRSA, MD5withRSA, SHA1withRSA,其他的算法需要第三方包才能支持 */ 22 public static final String SIGNATURE_ALGORITHM = "SHA1withRSA"; 23 24 public static final String PLAIN_TEXT = "MANUTD is the greatest club in the world"; 25 public static void main(String[] args) 26 { 27 //建立两套公私钥对 28 Map<String, byte[]> keyMap1 = MyRSA.generateKeyBytes(); 29 PublicKey publicKey1 = MyRSA.restorePublicKey(keyMap1.get(MyRSA.PUBLIC_KEY)); 30 PrivateKey privateKey1 = MyRSA.restorePrivateKey(keyMap1.get(MyRSA.PRIVATE_KEY)); 31 32 Map<String, byte[]> keyMap2 = MyRSA.generateKeyBytes(); 33 PublicKey publicKey2 =MyRSA.restorePublicKey(keyMap2.get(MyRSA.PUBLIC_KEY)); 34 PrivateKey privateKey2 =MyRSA.restorePrivateKey(keyMap2.get(MyRSA.PRIVATE_KEY)); 35 36 /** 假设现在A签名后向B发送消息 37 * A用B的公钥进行加密 38 * 用自己A的私钥进行签名 39 */ 40 byte[] encodedText = MyRSA.RSAEncode(publicKey2, PLAIN_TEXT.getBytes()); 41 byte[] signature = sign(privateKey1, PLAIN_TEXT.getBytes()); 42 43 /** 44 * 现在B收到了A的消息,进行两步操作 45 * 用B的私钥解密得到明文 46 * 将明文和A的公钥进行验签操作 47 */ 48 49 byte[] decodedText = MyRSA.RSADecode(privateKey2, encodedText).getBytes(); 50 System.out.println("Decoded Text: " + new String(decodedText)); 51 52 System.out.println("Signature is " + verify(publicKey1, signature, decodedText)); 53 } 54 55 /** 56 * 签名,三步走 57 * 1. 实例化,传入算法 58 * 2. 初始化,传入私钥 59 * 3. 签名 60 * @param key 61 * @param plainText 62 * @return 63 */ 64 public static byte[] sign(PrivateKey privateKey, byte[] plainText) 65 { 66 try { 67 //实例化 68 Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM); 69 70 //初始化,传入私钥 71 signature.initSign(privateKey); 72 73 //更新 74 signature.update(plainText); 75 76 //签名 77 return signature.sign(); 78 79 } catch (NoSuchAlgorithmException | InvalidKeyException | SignatureException e) { 80 // TODO Auto-generated catch block 81 e.printStackTrace(); 82 } 83 84 return null; 85 } 86 87 /** 88 * 验签,三步走 89 * 1. 实例化,传入算法 90 * 2. 初始化,传入公钥 91 * 3. 验签 92 * @param publicKey 93 * @param signatureVerify 94 * @param plainText 95 * @return 96 */ 97 public static boolean verify(PublicKey publicKey, byte[] signatureVerify, byte[] plainText ) 98 { 99 try { 100 //实例化 101 Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM); 102 103 //初始化 104 signature.initVerify(publicKey); 105 106 //更新 107 signature.update(plainText); 108 109 //验签 110 return signature.verify(signatureVerify); 111 } catch (NoSuchAlgorithmException | InvalidKeyException | SignatureException e) { 112 // TODO Auto-generated catch block 113 e.printStackTrace(); 114 } 115 116 return false; 117 } 118 }
分类: Java 加解密方法