JAVA加密解密之DSA(Digital Signature Algorithm)算法
2016-12-02 22:45
295 查看
DSA算法简介
DSA-Digital Signature Algorithm是Schnorr和ElGamal签名算法的变种,被美国NIST作为DSS(DigitalSignature Standard)。简单的说,这是一种更高级的验证方式,用作数字签名。不单单只有公钥、私钥,还有数字签名。私钥加密生成数字签名,公钥验证数据及签名。如果数据和签名不匹配则认为验证失败!数字签名的作用就是校验数据在传输过程中不被修改。数字签名,是单向加密的升级!DSA算法实现
package com.jianggujin.codec; import java.security.KeyFactory; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.PrivateKey; import java.security.PublicKey; import java.security.Signature; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; /** * DSA * * @author jianggujin * */ public class HQDSA { private static HQDSA dsa = new HQDSA(); public static HQDSA getInstance() { return dsa; } private HQDSA() { } /** * DSA签名算法 * * @author jianggujin * */ public static enum HQDSASignatureAlgorithm { DSA("DSA"), SHA1withDSA("SHA1withDSA"), SHA224withDSA("SHA224withDSA"), SHA256withDSA("SHA256withDSA"); private String name; private HQDSASignatureAlgorithm(String name) { this.name = name; } public String getName() { return this.name; } } public static final String ALGORITHM = "DSA"; public byte[] sign(byte[] data, byte[] privateKey, HQDSASignatureAlgorithm signatureAlgorithm) throws Exception { return sign(data, privateKey, signatureAlgorithm.getName()); } public byte[] sign(byte[] data, byte[] privateKey, String signatureAlgorithm) throws Exception { PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(privateKey); KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM); PrivateKey priKey = keyFactory.generatePrivate(pkcs8KeySpec); Signature signature = Signature.getInstance(signatureAlgorithm); signature.initSign(priKey); signature.update(data); return signature.sign(); } public boolean verify(byte[] data, byte[] publicKey, byte[] sign, HQDSASignatureAlgorithm signatureAlgorithm) throws Exception { return verify(data, publicKey, sign, signatureAlgorithm.getName()); } public boolean verify(byte[] data, byte[] publicKey, byte[] sign, String signatureAlgorithm) throws Exception { X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicKey); KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM); PublicKey pubKey = keyFactory.generatePublic(keySpec); Signature signature = Signature.getInstance(signatureAlgorithm); signature.initVerify(pubKey); signature.update(data); return signature.verify(sign); } /** * 初始化密钥 * * @return */ public HQKeyPair initKey() throws Exception { return initKey(1024); } /** * 初始化密钥 * * @param keySize * @return */ public HQKeyPair initKey(int keySize) throws Exception { KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(ALGORITHM); keyPairGen.initialize(1024); KeyPair keyPair = keyPairGen.generateKeyPair(); return new HQKeyPair(keyPair); } }
测试代码:
import org.junit.Test; import com.jianggujin.codec.HQBase64; import com.jianggujin.codec.HQDSA; import com.jianggujin.codec.HQDSA.HQDSASignatureAlgorithm; import com.jianggujin.codec.HQKeyPair; public class DSATest { HQDSA dsa = HQDSA.getInstance(); HQBase64 base64 = HQBase64.getInstance(); @Test public void encode() throws Exception { byte[] data = "jianggujin".getBytes(); HQKeyPair keyPair = dsa.initKey(); HQDSASignatureAlgorithm[] algorithms = HQDSASignatureAlgorithm.values(); for (HQDSASignatureAlgorithm algorithm : algorithms) { System.err.println("========================================="); System.err.println(algorithm); byte[] sign = dsa.sign(data, keyPair.getPrivateKey(), algorithm); System.err.println("签名:" + base64.encodeToString(sign)); System.err.println("验签:" + dsa.verify(data, keyPair.getPublicKey(), sign, algorithm)); } } }
测试结果:
=========================================
DSA
签名:MC0CFQCRt2xFSIBJ/XSPHGYmSHhTOCjkwAIUSn8r6egiLg/d+Puq/AjE+IPGEvE=
验签:true
=========================================
SHA1withDSA
签名:MCwCFGOsJKBaGWXR5QA+YK3Z/QQ2li/LAhRQLQM3BFmM9B2jjyxrBUaO11xqVA==
验签:true
=========================================
SHA224withDSA
签名:MCwCFANthkgvsQ/zMFDUlkfMiv386bszAhRJCOvQI5LKRuvZdoyOOomNy2R7RA==
验签:true
=========================================
SHA256withDSA
签名:MCwCFH/IFt1WfO/y6cRAX2GHaA0PkqoSAhRVHgecDEVkXmuZwePvfeLuU/3lqA==
验签:true
相关文章推荐
- 第四十八篇:JAVA加密解密之DSA(Digital Signature Algorithm)算法
- 数据签名标准算法-DSA (Digital signature Algorithm DSA)
- DSA-Digital Signature Algorithm(Schnorr和ElGamal签名算法的变种)
- JAVA实现的AZDG加密-解密算法(附源程序)(lp)
- eclipse JAVA实现AES的加密和解密算法
- Java编程算法基础--加密与解密
- AES加密解密算法---java
- java RSA 加密解密算法 入门
- JAVA加密解密之常用签名算法
- JavaのMd5算法以及其他加密解密算法示例
- java,file,算法,加密解密,java源码
- Java RSA 加密解密算法 入门
- java RSA 加密解密算法 入门
- JAVA加密解密之PBE(Password Based Encryption)算法
- Java RSA 加密解密算法 入门
- 提供一个基于.NET SymmetricAlgorithm 类的、带私钥的加密/解密算法的包装类
- Digital Signature Algorithm(DSA)
- Java加密解密快速入门下篇【包括MD5、BASE64、DES、RSA等算法】
- Java简单的加密解密算法,使用异或运算
- Java加密解密快速入门上篇【包括MD5、BASE64、DES、RSA等算法】