作用:验证数据完整性、认证数据来源、抗否认(OSI参考模型)
私钥签名,公钥验证
RSA 包含非对称算法和数字签名算法
实现代码:
//1.初始化密钥
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(512);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
RSAPublicKey rsaPublicKey = (RSAPublicKey) keyPair.getPublic();
RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) keyPair.getPrivate();
//执行签名
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(rsaPrivateKey.getEncoded());
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
Signature signature = Signature.getInstance("MD5withRSA");
signature.initSign(privateKey);
signature.update(str.getBytes());
byte[] result = signature.sign();
System.out.println("JDK RSA SIGN:" + Hex.encodeHexString(result));
//3.验证签名
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(rsaPublicKey.getEncoded());
keyFactory = keyFactory.getInstance("RSA");
PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
signature = Signature.getInstance("MD5withRSA");
signature.initVerify(publicKey);
signature.update(str.getBytes());
boolean falg = signature.verify(result);
System.out.println("JDK RSA VERIFY:"+falg);DSA DSS -- 数字签名标准 DSA仅包含数字签名
ECDSA 椭圆曲线数字签名算法,JDK1.7之后才有的内容
实现方式和RSA一致 只需将指定地方改为EC,再在首句加上Security.addProvider(new BouncyCastlePQCProvider());即可
JAVA加解密算法源码:http://download.csdn.net/detail/jacxuan/9774737
