The following is an example of how to use the security hashing algorithm (HAMS) in Java to hash messages and use RSA to encrypt hash codes to implement digital signatures. If you are not familiar with digital signatures, read 《
Introduction to digital signaturesAnd java digital signature and digital certificate rsa_demo.java File Import Java. security. invalidkeyexception; import Java. security. keypair; import Java. security. keypairgenerator; import Java. security. nosuchalgorithmexception; import Java. security. privatekey; import Java. security. publickey; import Java. security. signature; import Java. security. signatureexception; public class rsa_demo {rsa_demo () {Init ();} private void Init () {prepare (); dosender Work (); doreceiverwork ();} // share by sender and receiversignature Sign = NULL; // belong to sender, it visible to sender and receiverpublickey publickey = NULL; // belong to sender, it is only visible to senderprivatekey privatekey; private void prepare () {keypairgenerator keygen = NULL; try {// instantiate the public key/private key pair generator of an RSA algorithm keygen = keypairgenerator. getinstance ("RSA");} catch (nosuchalgorithmexception e) {// todo auto-Genera Ted catch blocke. printstacktrace ();} int keysize = 1024; // set the length of the public key/private key pair keygen. initialize (keysize); // generate a public key of the RSA algorithm/private key keypair = keygen. generatekeypair (); privatekey = keypair. getprivate (); publickey = keypair. getpublic (); try {// instantiate a signature that is hashed by the Sha algorithm and encrypted by the RSA algorithm. sign = signature. getinstance ("sha1withrsa");} catch (nosuchalgorithmexception e) {// todo auto-generated catch blocke. printstacktrace () ;}} Void Do Senderwork () {string words = "This is Robin. How are you? "; Message MSG = new message (words. getbytes (); try {// set the private key sign for encryption hash code. initsign (privatekey);} catch (invalidkeyexception e) {// todo auto-generated catch blocke. printstacktrace ();}
Try {// set the input sign of the hash algorithm. update (MSG. getbody ();} catch (signatureexception e) {// todo auto-generated catch blocke. printstacktrace ();} byte data [] = NULL; try {// hash, encrypt the generated hash code, and return data = sign. sign ();} catch (signatureexception e) {// todo auto-generated catch blocke. printstacktrace ();} // Add the encrypted Hash (Signature) to the Message MSG. setsignature (data); // send the message sendmsg (MSG);} message sendingmsg; void sendmsg (Message sendmsg) {sendingmsg = Sen Dmsg; system. out. println ("sending message");} void doreceiverwork () {// message MSG = getreceivedmsg (); try {// set the public key used to decrypt the hash code. Sign. initverify (publickey);} catch (invalidkeyexception E1) {// todo auto-generated catch blocke1.printstacktrace ();} Try {// set the input sign of the hash algorithm. update (MSG. getbody ();} catch (signatureexception e) {// todo auto-generated catch blocke. printstacktrace ();} Try {/* for hash calculation, and compare whether the calculated hash code is consistent with the decrypted hash code. * If they are consistent, the verification succeeds. Otherwise, the verification fails. */If (sign. Verify (msg. getsignature () {system. Out. println ("the digital signature is successfully verified! ");} Else {system. Out. println (" Digital Signature Verification Failed! ") ;}} Catch (signatureexception e) {// todo auto-generated catch blocke. printstacktrace () ;}} message getreceivedmsg () {system. out. println ("processing ing message"); Return sendingmsg ;}} class message {private byte [] body; private byte [] signature; message (byte data []) {body = data;} byte [] getbody () {return body;} byte [] getsignature () {return signature;} void setsignature (byte data []) {Signature = data ;}} if RSA is used as a digital signature The encryption algorithm has multiple options for the message digest algorithm, including sha1, md2, MD5, and so on. In this case, only signature. getinstance ("sha1withrsa") is changed to signature. getinstance ("md2withrsa") and signature. getinstance ("md5withrsa ")