JDK 6只支持MD2withRSA, MD5withRSA, SHA1withRSA
其他的如SHA512withRSA需要第三方包支持,如BC(bouncy castle)
--20151126 更正:JDK 7已经可以支持SHA256withRSA和SHA512withRSA了
JDK的密钥长度默认仍是1024
1 package jdbc.pro.lin;
2
3 import java.security.InvalidKeyException;
4 import java.security.NoSuchAlgorithmException;
5 import java.security.PrivateKey;
6 import java.security.PublicKey;
7 import java.security.Signature;
8 import java.security.SignatureException;
9 import java.util.Map;
10
11 import jdbc.pro.lin.MyRSA;
12
13 /**
14 * RSA数字签名,借用MyRSA中的算法,不再重复
15 * 数字签名遵循“私钥签名,公钥验签”原则,因为私钥是个人身份认证
16 * @author Kinsley
17 *
18 */
19 public class MySignature {
20
21 /** 数字签名算法。JDK只提供了MD2withRSA, MD5withRSA, SHA1withRSA,其他的算法需要第三方包才能支持 */
22 public static final String SIGNATURE_ALGORITHM = "SHA1withRSA";
23
24 public static final String PLAIN_TEXT = "MANUTD is the greatest club in the world";
25 public static void main(String[] args)
26 {
27 //建立两套公私钥对
28 Map<String, byte[]> keyMap1 = MyRSA.generateKeyBytes();
29 PublicKey publicKey1 = MyRSA.restorePublicKey(keyMap1.get(MyRSA.PUBLIC_KEY));
30 PrivateKey privateKey1 = MyRSA.restorePrivateKey(keyMap1.get(MyRSA.PRIVATE_KEY));
31
32 Map<String, byte[]> keyMap2 = MyRSA.generateKeyBytes();
33 PublicKey publicKey2 =MyRSA.restorePublicKey(keyMap2.get(MyRSA.PUBLIC_KEY));
34 PrivateKey privateKey2 =MyRSA.restorePrivateKey(keyMap2.get(MyRSA.PRIVATE_KEY));
35
36 /** 假设现在A签名后向B发送消息
37 * A用B的公钥进行加密
38 * 用自己A的私钥进行签名
39 */
40 byte[] encodedText = MyRSA.RSAEncode(publicKey2, PLAIN_TEXT.getBytes());
41 byte[] signature = sign(privateKey1, PLAIN_TEXT.getBytes());
42
43 /**
44 * 现在B收到了A的消息,进行两步操作
45 * 用B的私钥解密得到明文
46 * 将明文和A的公钥进行验签操作
47 */
48
49 byte[] decodedText = MyRSA.RSADecode(privateKey2, encodedText).getBytes();
50 System.out.println("Decoded Text: " + new String(decodedText));
51
52 System.out.println("Signature is " + verify(publicKey1, signature, decodedText));
53 }
54
55 /**
56 * 签名,三步走
57 * 1. 实例化,传入算法
58 * 2. 初始化,传入私钥
59 * 3. 签名
60 * @param key
61 * @param plainText
62 * @return
63 */
64 public static byte[] sign(PrivateKey privateKey, byte[] plainText)
65 {
66 try {
67 //实例化
68 Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
69
70 //初始化,传入私钥
71 signature.initSign(privateKey);
72
73 //更新
74 signature.update(plainText);
75
76 //签名
77 return signature.sign();
78
79 } catch (NoSuchAlgorithmException | InvalidKeyException | SignatureException e) {
80 // TODO Auto-generated catch block
81 e.printStackTrace();
82 }
83
84 return null;
85 }
86
87 /**
88 * 验签,三步走
89 * 1. 实例化,传入算法
90 * 2. 初始化,传入公钥
91 * 3. 验签
92 * @param publicKey
93 * @param signatureVerify
94 * @param plainText
95 * @return
96 */
97 public static boolean verify(PublicKey publicKey, byte[] signatureVerify, byte[] plainText )
98 {
99 try {
100 //实例化
101 Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
102
103 //初始化
104 signature.initVerify(publicKey);
105
106 //更新
107 signature.update(plainText);
108
109 //验签
110 return signature.verify(signatureVerify);
111 } catch (NoSuchAlgorithmException | InvalidKeyException | SignatureException e) {
112 // TODO Auto-generated catch block
113 e.printStackTrace();
114 }
115
116 return false;
117 }
118 }
