签名:
private static final BouncyCastleProvider PROVIDER = new BouncyCastleProvider();
public static String sign(String content, PrivateKey privateKey) throws Exception{
Signature signature = Signature.getInstance("SHA256withRSAandMGF1", PROVIDER);
signature.initSign(privateKey);
signature.update(content.getBytes("utf-8"));
byte[] signed = signature.sign();
return encodeBASE64(signed);
}
public static String encodeBASE64(byte[] bytes) throws Exception{
//BASE64Encoder b64=new BASE64Encoder();
//return b64.encode(bytes);
Base64 b64=new Base64();
String str=new String(b64.encodeBase64(bytes),"UTF8");
return str;
}
验签:
private static final BouncyCastleProvider PROVIDER = new BouncyCastleProvider();
public static boolean checkSign(String content, String sign, PublicKey publicKey, String signAlgorithm) throws Exception{
Signature signature = Signature.getInstance("SHA256withRSAandMGF1", PROVIDER);
signature.initVerify(publicKey);
signature.update(content.getBytes("utf-8"));
return signature.verify(decodeBASE64(sign));
}
注意:签名验签时候的签名算法要统一,此処的算法為sha256