RSA__ algorithm for digital Signature algorithm

I. Overview

1, the digital Signature algorithm can be regarded as a message digest algorithm with a key, and this key includes the public and private keys. He's a combination of asymmetric encryption algorithms and message digest algorithms.

2, the digital Signature algorithm is the public Key Infrastructure (PKI), as well as many network security mechanism Foundation

3, the digital Signature algorithm has the anti-repudiation function

4, follow the "private key signature, public key authentication" rule

5, the common digital Signature algorithm has RSA/DSA/ECDSA

6, JAVA6 support to achieve the DSA algorithm, the partial RSA algorithm needs Bouncycastle support, the most cow ECDSA algorithm (Microsoft to do the operating system serial number of the one) completely need bouncycastle support

Second, model analysis

1, party A constructs the key pair (public key + private key), announces the public key to the party B

2, party A uses the private key to sign the data, and then "signature + data" sent to party B

3, Party B use public key + digital signature verification data

Third, Code Analysis

Package com.ca.test; Import Java.security.Key; Import Java.security.KeyFactory; Import Java.security.KeyPair; Import Java.security.KeyPairGenerator; Import Java.security.PrivateKey; Import Java.security.PublicKey; Import Java.security.Signature; Import Java.security.interfaces.RSAPrivateKey; Import Java.security.interfaces.RSAPublicKey; Import Java.security.spec.PKCS8EncodedKeySpec; Import Java.security.spec.X509EncodedKeySpec; Import Java.util.HashMap; Import Java.util.Map; Import org.apache.commons.codec.binary.Base64; /** * Classic Digital Signature Algorithm RSA * Digital Signature * @author KONGQZ * * */public class Rsacoder {//digital signature, key algorithm public static final String Key_algorit Hm= "RSA"; /** * Digital Signature * Signature/verification algorithm */public static final String signature_algorithm= "Md5withrsa"; /** * RSA key length, the default key length of the RSA algorithm is 1024 * The key length must be a multiple of 64, between 512 and 65,536 bits * */private static final int key_size=512; Public key private static final String public_key= "Rsapublickey"; Private keys private static final String private_key= "Rsaprivatekey"; /** * Initialization Key pair * @return MapParty A's key MAP */public static map<string,object> Initkey () throws exception{//Instantiate key generator Keypairgenerator Keypairgener Ator=keypairgenerator.getinstance (Key_algorithm); Initialize the key generator keypairgenerator.initialize (key_size); Generate key pair KeyPair keypair=keypairgenerator.generatekeypair (); Party a public key Rsapublickey publickey= (Rsapublickey) keypair.getpublic (); Party a private key Rsaprivatekey privatekey= (Rsaprivatekey) keypair.getprivate (); Store the key in the Map map<string,object> keymap=new hashmap<string,object> (); Keymap.put (Public_key, PublicKey); Keymap.put (Private_key, Privatekey); return keymap; /** * Signature * @param data to be signed * @param privatekey key * @return byte[] Digital Signature * */public static byte[] sign (byte[) data,byte [] Privatekey throws exception{//obtain private key Pkcs8encodedkeyspec pkcs8keyspec=new Pkcs8encodedkeyspec (Privatekey); Keyfactory keyfactory=keyfactory.getinstance (Key_algorithm); Generate private key Privatekey prikey=keyfactory.generateprivate (PKCS8KEYSPEC); Instantiate Signature Signature Signature = Signature.getinstaNCE (Signature_algorithm); Initialization of Signature signature.initsign (Prikey); Update signature.update (data); return Signature.sign (); /** * Verify Digital signature * @param data to be validated * @param publickey public key * @param sign Digital signature * @return Boolean validation successfully returns TRUE, Failure returns false * * */PU Blic static Boolean verify (Byte[] data,byte[] publickey,byte[sign) throws exception{//Convert public key material//materialized key factory Keyfactory Keyfa Ctory=keyfactory.getinstance (Key_algorithm); Initializes the public key//keying material conversion X509encodedkeyspec x509keyspec=new X509encodedkeyspec (PublicKey); Generating public key PublicKey pubkey=keyfactory.generatepublic (X509KEYSPEC); Instantiate Signature Signature Signature = signature.getinstance (signature_algorithm); Initialization of Signature signature.initverify (PubKey); Update signature.update (data); Verify return signature.verify (sign); /** * Obtain private key * @param keymap key Map * @return byte[] Private key * */public static byte[] Getprivatekey (map<string,object> ke Ymap) {Key key= (key) Keymap.get (Private_key); return key.getencoded ();/** * Obtain public key * @param keymap key map * @return byte[] Public Key * */public static byte[] Getpublickey (map<string,object> keymap) throws exception{Key key= (key) Keymap.get (public_ KEY); return key.getencoded (); /** * @param args * @throws Exception/public static void main (string[] args) throws Exception {//Initialize key//generate key pair MAP&L T String,object> Keymap=rsacoder.initkey (); Public key byte[] Publickey=rsacoder.getpublickey (KEYMAP); Private key byte[] Privatekey=rsacoder.getprivatekey (KEYMAP); SYSTEM.OUT.PRINTLN ("Public key:/n" +base64.encodebase64string (PublicKey)); SYSTEM.OUT.PRINTLN ("Private key:/n" +base64.encodebase64string (Privatekey)); System.out.println ("================ key pair is constructed, party A will announce the public key to party B, and begin the transmission of encrypted data ============="); String str= "RSA digital Signature Algorithm"; System.out.println ("Original:" +str); Party a encrypts the data byte[] Sign=rsacoder.sign (Str.getbytes (), Privatekey); SYSTEM.OUT.PRINTLN ("Generating Signature:" +base64.encodebase64string (sign)); Verify Signature Boolean status=rsacoder.verify (Str.getbytes (), PublicKey, sign); System.out.println ("state:" +status+ "/n/n"); The console output: Public key: Mfwwdqyjkozihvcnaqebbqadswawsajbajxmcnntawunib5UMMQI2VCAQ/RCPOFONLGHBVHDATRH glekz2z/pit1rxrmbdrxab50lonyguovocieojqu4b8caweaaq== private key: miibvqibadanbgkqhkig9w0baqefaascat8wgge7ageaakealezyc1npzsejvm4wxajzuicr+si+ gWieUYcFWENq1EcYsSRnbP8+ jpvhguyf1hebvnqug1gzq684kj44mptghwidaqabakbuau3f5yo/q7gme+ 6yjcectsmj1wjvaynke52n44eaahkfmbpmhwdcrgo0cnzasixdpeb1inynbnv1ornu/alz aiea/ Itqvvxeyfjayfvi38oxfnneqpbmipjv3xlyzes4vr0ciqcw/qm+3lv9ypllqwgipbbrhgfu yv4spxxiy/mkbh4zawihao14jvosqsjshxss/ Whipfsj2h/9h1yxbuf/3azaf0rnaia88ctpuizy g3vxjsq3tqkh0nfqvlyipxixtddxqvd8yqihaigxkkdfkeexdmx3untvao1zh3// MHVOO3JYGBSR Gsyn ================ Key pair is constructed, party A will announce the public key to party B and begin the transmission of encrypted data ============= original text: RSA Digital Signature Algorithm Generate Signature: dxlbzv3vos7ydaancruaiw7itfhhdrdfwry9d5gsbmhkpwwfbecx0ja8jpmruyqw2ivicdhus3n7 Smu3VZDuZw== Status: True

Iv. Summary

1, the signature algorithm to the asymmetric encryption algorithm RSA public key key use is the core, with the Information Digest algorithm completes the signature operation. Actually, the signature looks like a summary of the information.

2, the key processing and asymmetric encryption algorithm is no different, just encryption, decryption replaced by signature, verification

3, the RSA digital Signature Algorithm's key realization and the RSA encryption algorithm is consistent. So the signature algorithm can be divided into MD series and SHA series