时间:2017年4月13日星期四
说明:本文部分内容均来自慕课网。@慕课网:http://www.imooc.com
教学示例源码:https://github.com/zccodere/s...
个人学习源码:https://github.com/zccodere/s...
第一章:概述
1-1 数字签名算法概述
数字签名算法
签名-安全性,抗否认性
数字签名:带有密钥(公钥、私钥)的消息摘要算法
验证数据完整性、认证数据来源、抗否认
OSI参考模型
私钥签名、公钥验证
RSA、DSA、ECDSA
第二章:RSA算法
2-1 数字签名算法RSA
数字签名算法:RSA
经典算法
MD、SHA两类算法实现:
代码演示:
package com.myimooc.security.rsa2;
import org.apache.commons.codec.binary.Hex;
import java.security.*;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
/**
* RSA数字签名算法演示
* Created by ZC on 2017/4/13.
*/
public class DemoRSA {
/** 待加密字符串 */
private static String src="imooc security rsa";
public static void main(String[] args)throws Exception{
jdkRSA();
}
/** 使用 JDK 实现 RSA 数字签名 */
public static void jdkRSA() throws Exception{
// 1.初始化密钥
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(512);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
RSAPublicKey rsaPublicKey = (RSAPublicKey)keyPair.getPublic();
RSAPrivateKey rsaPrivateKey = (RSAPrivateKey)keyPair.getPrivate();
// 2.执行签名
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(rsaPrivateKey.getEncoded());
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
Signature signature = Signature.getInstance("MD5withRSA");
signature.initSign(privateKey);
signature.update(src.getBytes());
byte[] result = signature.sign();
System.out.println("jdk ras sign:"+ Hex.encodeHexString(result));
// 3.验证签名
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(rsaPublicKey.getEncoded());
keyFactory = KeyFactory.getInstance("RSA");
PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
signature = Signature.getInstance("MD5withRSA");
signature.initVerify(publicKey);
signature.update(src.getBytes());
boolean bool = signature.verify(result);
System.out.println("jdk rsa verify:"+bool);
}
}
流程演示:
第三章:DSA算法
3-1 数字签名算法DSA
数字签名算法:DSA
DSS(Digital Signature Standard)数字签名标准
DSA(Digital Signature Algorithm)数字签名算法
DSA仅包含数字签名算法实现:
代码演示:
package com.myimooc.security.dsa;
import org.apache.commons.codec.binary.Hex;
import java.security.*;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.DSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
/**
* DSA数字签名算法演示
* Created by ZC on 2017/4/13.
*/
public class DemoDSA {
/** 待加密字符串 */
private static String src="imooc security dsa";
public static void main(String[] args)throws Exception{
jdkDSA();
}
/** 使用 JDK 实现 DSA 数字签名 */
public static void jdkDSA() throws Exception{
// 1.初始化密钥
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DSA");
keyPairGenerator.initialize(512);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
DSAPublicKey dsaPublicKey = (DSAPublicKey)keyPair.getPublic();
DSAPrivateKey dsaPrivateKey = (DSAPrivateKey)keyPair.getPrivate();
// 2.执行签名
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(dsaPrivateKey.getEncoded());
KeyFactory keyFactory = KeyFactory.getInstance("DSA");
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
Signature signature = Signature.getInstance("SHA1withDSA");
signature.initSign(privateKey);
signature.update(src.getBytes());
byte[] result = signature.sign();
System.out.println("jdk dsa sign:"+ Hex.encodeHexString(result));
// 3.验证签名
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(dsaPublicKey.getEncoded());
keyFactory = KeyFactory.getInstance("DSA");
PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
signature = Signature.getInstance("SHA1withDSA");
signature.initVerify(publicKey);
signature.update(src.getBytes());
boolean bool = signature.verify(result);
System.out.println("jdk dsa verify:"+bool);
}
}
流程演示:
第四章:ECDSA算法
4-1 数字签名算法ECDSA
数字签名算法:ECDSA
微软:安装office或系统需提供的序列号就是ECDSA算法
Elliptic Curve Digital Signature Algorithm,椭圆曲线数字签名算法
速度快、强度高、签名短算法实现:
代码演示:
package com.myimooc.security.ecdsa;
import org.apache.commons.codec.binary.Hex;
import java.security.*;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
/**
* ECDSA数字签名算法演示
* Created by ZC on 2017/4/13.
*/
public class DemoECDSA {
/** 待加密字符串 */
private static String src="imooc security ecdsa";
public static void main(String[] args)throws Exception{
jdkECDSA();
}
/** 使用 JDK 实现 ECDSA 数字签名 */
public static void jdkECDSA() throws Exception{
// 1.初始化密钥
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
keyPairGenerator.initialize(256);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
ECPublicKey ecPublicKey = (ECPublicKey)keyPair.getPublic();
ECPrivateKey ecPrivateKey = (ECPrivateKey)keyPair.getPrivate();
// 2.执行签名
PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(ecPrivateKey.getEncoded());
KeyFactory keyFactory = KeyFactory.getInstance("EC");
PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
Signature signature = Signature.getInstance("SHA1withECDSA");
signature.initSign(privateKey);
signature.update(src.getBytes());
byte[] result = signature.sign();
System.out.println("jdk ecdsa sign:"+ Hex.encodeHexString(result));
// 3.验证签名
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(ecPublicKey.getEncoded());
keyFactory = KeyFactory.getInstance("EC");
PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
signature = Signature.getInstance("SHA1withECDSA");
signature.initVerify(publicKey);
signature.update(src.getBytes());
boolean bool = signature.verify(result);
System.out.println("jdk ecdsa verify:"+ bool);
}
}
流程演示:
第五章:小结
5-1 数字签名算法总结
数字签名算法:回顾
签名
数字签名:带有密钥(公钥、使用)的消息摘要算法
验证数据完整性、认证数据来源、抗否认
OSI参考模型
私钥签名、公钥验证
RSA、DSA、ECDSA
java
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。