使用java 进行数字签名
签名算法有:
MD5withRSA
SHA1withRSA
SHA256withRSA
代码如下:
package com.common.enu;
/***
* 签名算法.
* @author huangwei
* @since 2013-10-28
*/
public enum SignatureAlgorithm {
SIGNATURE_ALGORITHM_MD5withRSA("MD5withRSA"),
SIGNATURE_ALGORITHM_SHA1withRSA("SHA1withRSA"),
SIGNATURE_ALGORITHM_SHA256withRSA("SHA256withRSA");
private final String value;
//构造器默认也只能是private, 从而保证构造函数只能在内部使用
private SignatureAlgorithm(String value) {
this.value = value;
}
public String getValue() {
return value;
}
}
/**
* use private key sign
*
* @param message
* data encrypted
* @param key
* @return
* @throws Exception
*/
public static byte[] sign(String message, PrivateKey key,
SignatureAlgorithm algorithm) throws Exception {
return SystemUtil.sign(message.getBytes(SystemUtil.CHARSET_ISO88591),
key, algorithm);
}
/**
* use private key sign
*
* @param message
* @param key
* @return
* @throws Exception
*/
public static byte[] sign(byte[] message, PrivateKey key,
SignatureAlgorithm algorithm) throws Exception {
Signature signetcheck = Signature.getInstance(algorithm.getValue());
signetcheck.initSign(key);
signetcheck.update(message);
return signetcheck.sign();
}
/**
* use public key verify sign
*
* @param message
* @param signStr
* @return
* @throws Exception
*/
public static boolean verifySign(byte[] message, byte[] signBytes,
PublicKey key, SignatureAlgorithm algorithm) throws Exception {
if (message == null || signBytes == null || key == null) {
return false;
}
Signature signetcheck = Signature.getInstance(algorithm.getValue());
signetcheck.initVerify(key);
signetcheck.update(message);
return signetcheck.verify(signBytes);
}
public static boolean verifySign(byte[] message, String signStr,
PublicKey key, SignatureAlgorithm algorithm) throws Exception {
byte[] signBytes = toBytes(signStr);
return verifySign(message, signBytes, key, algorithm);
}
/***
* convert byte array to hex(16) bit string
*
* @param byte[]
* @return hex(16) bit string
*/
public static String toHexString(byte[] b) {
StringBuilder sb = new StringBuilder(b.length * 2);
for (int i = 0; i < b.length; i++) {
sb.append(HEXCHAR[(b[i] & 0xf0) >>> 4]);
sb.append(HEXCHAR[b[i] & 0x0f]);
}
return sb.toString();
}
测试:
@Test
public void test_sign() throws Exception {
String message = "whuang3";
SignatureAlgorithm algorithm = SignatureAlgorithm.SIGNATURE_ALGORITHM_SHA256withRSA;
//进行签名
byte[] signResult = SystemUtil.sign(message, privateKey, algorithm);
System.out.println("sign result hex:" + SystemUtil.toHexString(signResult));
//校验签名
boolean isSuccess=SystemUtil.verifySign(message.getBytes(SystemUtil.CHARSET_ISO88591),
signResult, publicKey, algorithm);
System.out.println("sign1 :"+isSuccess);
Assert.assertEquals(isSuccess, true);
}
参考:http://security.group.iteye.com/group/wiki/2280-Non-symmetric-encryption-Digital-Signature
工具类com.common.util.SystemUtil 见附件