如果你对数字签名还不熟悉,请先阅读《数字签名简介》,《Java的数字签名和数字证书》
如果你对如何生成
keystore文件或
数字证书文件请先阅读该文。
package com.robin.Signature;
import java.io.BufferedInputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
public class SignatureDemo{
public SignatureDemo()
{
init();
Sender sender=new Sender();
sender.doWork();
Receiver receiver=new Receiver();
receiver.doWork();
}
void init() {
}
Message sendingMsg;
void sendMsg(Message sendMsg)
{
sendingMsg=sendMsg;
System.out.println("sending Message");
}
Message getReceivedMsg()
{
System.out.println("receiving Message");
return sendingMsg;
}
class Sender {
private final static String
keyStorePath = "
robin.keystore";
private final static String
keyStorePassword = "
GL2009";
private final static String
privateKeyPassword = "
gl2009";
private final static String
keyStoreAlias = "
robin";
// belong to sender,it is only visible to sender
private PrivateKey privateKey;
Signature sign;
Sender()
{
init();
}
private void init() {
KeyStore keyStore = null;
try {
keyStore = KeyStore.getInstance("JKS");
}
catch (KeyStoreException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
FileInputStream is = null;
try {
is = new FileInputStream(keyStorePath);
}
catch (FileNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
BufferedInputStream bis= new BufferedInputStream(is);
try {
//读取KeyStore文件
keyStore.load(bis, keyStorePassword.toCharArray());
}
catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
catch (CertificateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
try {
//读取私钥
privateKey =
(PrivateKey) keyStore.getKey(keyStoreAlias, privateKeyPassword.toCharArray());
}
catch (UnrecoverableKeyException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
catch (KeyStoreException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
X509Certificate cert=null;
try {
cert = (X509Certificate)keyStore.getCertificate("robin");
}
catch (KeyStoreException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return;
}
try {
//从数字证书中取得签名算法
sign = Signature.getInstance(cert.getSigAlgName());
}
catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
void doWork() {
String words = "This is robin.How are you?";
SecretMessage msg = new SecretMessage(words.getBytes());
//对消息体进行加密
msg.
crypt(
privateKey);
try {
// 设置加密散列码用的私钥
sign.initSign(privateKey);
}
catch (InvalidKeyException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
try {
// 设置散列算法的输入
sign.update(msg.getBody());
}
catch (SignatureException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
byte data[] = null;
try {
// 进行散列,对产生的散列码进行加密并返回
data =
sign.sign();
}
catch (SignatureException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
// 把加密后散列码(即签名)加到消息中
msg.setSignature(data);
// 发送消息
sendMsg(msg);
}
}//end Sender
class Receiver {
public PublicKey
publicKey;
Signature
sign;
public X509Certificate
certificate;
final static String certName = "
robin.crt";
Receiver()
{
init();
}
private void init()
{
CertificateFactory certificatefactory = null;
try {
certificatefactory = CertificateFactory.getInstance("X.509");
}
catch (CertificateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
FileInputStream fin = null;
try {
fin = new FileInputStream(certName);
}
catch (FileNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
try {
certificate = (X509Certificate) certificatefactory
.generateCertificate(fin);
}
catch (CertificateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
publicKey=
certificate.getPublicKey();
try {
//从证书中取得签名算法
sign = Signature.getInstance(
certificate.getSigAlgName()
);
}
catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
void doWork() {
// 收到消息
SecretMessage msg = (SecretMessage)getReceivedMsg();
try {
// 设置解密散列码用的公钥。
sign.initVerify(publicKey);
}
catch (InvalidKeyException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
try {
// 设置散列算法的输入
sign.update(msg.getBody());
}
catch (SignatureException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
try {
/*
* 进行散列计算,比较计算所得散列码是否和解密的散列码是否一致。 一致则验证成功,否则失败
*/
if (
sign.verify(
msg.getSignature()
)) {
System.out.println("数字签名验证成功!");
} else {
System.out.println("数字签名验证失败!");
}
}
catch (SignatureException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
//对消息体进行解密
msg.decrypt(publicKey);
System.out.println("I just get a message:"+new String(msg.getBody()));
}
}// end Receiver
}