2. Java
  3. 第四十八篇:JAVA加密解密之DSA(Digital Signature Algorithm)算法

第四十八篇:JAVA加密解密之DSA(Digital Signature Algorithm)算法

xiaoxiao2021-02-28  152

DSA算法简介

DSA-Digital Signature Algorithm是Schnorr和ElGamal签名算法的变种,被美国NIST作为DSS(DigitalSignature Standard)。简单的说,这是一种更高级的验证方式,用作数字签名。不单单只有公钥、私钥,还有数字签名。私钥加密生成数字签名,公钥验证数据及签名。如果数据和签名不匹配则认为验证失败!数字签名的作用就是校验数据在传输过程中不被修改。数字签名,是单向加密的升级!

DSA算法实现

package com.jianggujin.codec; import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.PrivateKey; import java.security.PublicKey; import java.security.Signature; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; /** * DSA * * @author jianggujin * */ public class HQDSA { private static HQDSA dsa = new HQDSA(); public static HQDSA getInstance() { return dsa; } private HQDSA() { } /** * DSA签名算法 * * @author jianggujin * */ public static enum HQDSASignatureAlgorithm { DSA("DSA"), SHA1withDSA("SHA1withDSA"), SHA224withDSA("SHA224withDSA"), SHA256withDSA("SHA256withDSA"); private String name; private HQDSASignatureAlgorithm(String name) { this.name = name; } public String getName() { return this.name; } } public static final String ALGORITHM = "DSA"; public byte[] sign(byte[] data, byte[] privateKey, HQDSASignatureAlgorithm signatureAlgorithm) throws Exception { return sign(data, privateKey, signatureAlgorithm.getName()); } public byte[] sign(byte[] data, byte[] privateKey, String signatureAlgorithm) throws Exception { PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(privateKey); KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM); PrivateKey priKey = keyFactory.generatePrivate(pkcs8KeySpec); Signature signature = Signature.getInstance(signatureAlgorithm); signature.initSign(priKey); signature.update(data); return signature.sign(); } public boolean verify(byte[] data, byte[] publicKey, byte[] sign, HQDSASignatureAlgorithm signatureAlgorithm) throws Exception { return verify(data, publicKey, sign, signatureAlgorithm.getName()); } public boolean verify(byte[] data, byte[] publicKey, byte[] sign, String signatureAlgorithm) throws Exception { X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicKey); KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM); PublicKey pubKey = keyFactory.generatePublic(keySpec); Signature signature = Signature.getInstance(signatureAlgorithm); signature.initVerify(pubKey); signature.update(data); return signature.verify(sign); } /** * 初始化密钥 * * @return */ public HQKeyPair initKey() throws Exception { return initKey(1024); } /** * 初始化密钥 * * @param keySize * @return */ public HQKeyPair initKey(int keySize) throws Exception { KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(ALGORITHM); keyPairGen.initialize(1024); KeyPair keyPair = keyPairGen.generateKeyPair(); return new HQKeyPair(keyPair); } } 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119

测试代码:

import org.junit.Test; import com.jianggujin.codec.HQBase64; import com.jianggujin.codec.HQDSA; import com.jianggujin.codec.HQDSA.HQDSASignatureAlgorithm; import com.jianggujin.codec.HQKeyPair; public class DSATest { HQDSA dsa = HQDSA.getInstance(); HQBase64 base64 = HQBase64.getInstance(); @Test public void encode() throws Exception { byte[] data = "jianggujin".getBytes(); HQKeyPair keyPair = dsa.initKey(); HQDSASignatureAlgorithm[] algorithms = HQDSASignatureAlgorithm.values(); for (HQDSASignatureAlgorithm algorithm : algorithms) { System.err.println("========================================="); System.err.println(algorithm); byte[] sign = dsa.sign(data, keyPair.getPrivateKey(), algorithm); System.err.println("签名:" + base64.encodeToString(sign)); System.err.println("验签:" + dsa.verify(data, keyPair.getPublicKey(), sign, algorithm)); } } } 12345678910111213141516171819202122232425262728 12345678910111213141516171819202122232425262728

测试结果:  =========================================  DSA  签名:MC0CFQCRt2xFSIBJ/XSPHGYmSHhTOCjkwAIUSn8r6egiLg/d+Puq/AjE+IPGEvE=  验签:true  =========================================  SHA1withDSA  签名:MCwCFGOsJKBaGWXR5QA+YK3Z/QQ2li/LAhRQLQM3BFmM9B2jjyxrBUaO11xqVA==  验签:true  =========================================  SHA224withDSA  签名:MCwCFANthkgvsQ/zMFDUlkfMiv386bszAhRJCOvQI5LKRuvZdoyOOomNy2R7RA==  验签:true  =========================================  SHA256withDSA  签名:MCwCFH/IFt1WfO/y6cRAX2GHaA0PkqoSAhRVHgecDEVkXmuZwePvfeLuU/3lqA==  验签:true

转载请注明原文地址: https://www.6miu.com/read-28853.html

技术

最新回复(0)