数字签名
Api文档搜索Signature
RSACrypt封装一个返回privatekey和publickey的方法
fun getPrivateKey():PrivateKey{
//保存密钥对
val privateKeyString = "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCcEBoTuOL3OpJ+GBqsz0gqqm8v/X8RcQsFJ/qS7gbjAbCIVb0i2kxUrPQtOX9a4jH0diS/9ngAOONQLF4obBitzzLefGGdmGqD0Nmf9C3fyUaYUSZVBeqdYjIOLTYEIpTTPzIoBWcKT7rvSNkmvEQOpWdSrViADKnQZcST+PxVGv/0vg1FcfNK8tcL7SDMvmgHIe8mS6zddBGmEUwlj14FDcVABW/sXc/mlfRB345O07cLxcg/yD7kHmr9ZwHytWb9mNUPM2Q80QYl9Kn7AqSbwaTcERx3kAiUMQMp1CeSGK0GkoRSg9G4A0e9G7UoXZ38LUMjAVBIDKn+t0kHZ39VAgMBAAECggEAKr3qNm6Tkrxy9J/rZlra2/yTuSQHUiKQrxfU87rHHhMPYzeANnRtJV+8/EncDGsY3WgiBoUdNopeD04nd5Crbabquq58Gaptua5QfBNnIPxCHmNTSUP2jqYfKWzOd3F1KyoKtZVNNDDD9NcRyh8T0KMSWj1pmKBfPdkxbolpqnDswmDL77KjCTnHTJRjQQux3SihHuOJ4MvgHnHjqjSLZL+6qnUJw838AnhZiIGLlIhaSPbEtuZH7Nk37zodjq+7nBvH0cCvX/XqGRQC2oZeCIWyDv3J5HE4V9PEjiktQVY32f+YZGm3C2EAWqhFZYXDdStYEBCM/UM7EJiGep6OoQKBgQDp9kqJfATLBqnTHzK5SywVPXU0w/fZD4Z9KnvTKhwpivjp8zdcSuiG7F3P8mXIenjbxUyaL2x/9PFgBD878Cj9tXkLnaGb9qwJKgHBCoNwqngg7Z4HTmeDklLfnuUACyf+XX+5V7XHDpoA9tkZflQp267/I+ZLfDAPqSmdJl7l/QKBgQCqw14S1X+o452gx7FK+YVjctndhRN6SY9gZBuC4Q+oU/v2YdFs3CcHVZSijRMqiW8rTGQ/OgFdtD2ef+TMmiRRfnHpgz94iWOAIRKsfJwem3G6SnIZpnQzPSuQshbFIto+lOKqSiV3DnJzfiAI4Eop2RyQMigyVu77lEzyTkySOQKBgQDKfyxGULwJSUwlegQ6EhEmlRnjwJW9Hk3l+aZQv0q+vhTw0FyjGgal+OC9geyMl0wR03OYo+FB4qwj0ak1ZIjmBnKtFhLxXY/LIrt/7GyVUEZHIcK8SiUX4Mav2+QSpJVJ+Hz62ypvDnlGymBfS1LnI8gT9mt1/BfRBjYJWVObtQKBgC3dHy0rzofL6pA+Ui3y6pKVTFKk5WBY1XtsJ791N0FcnTXFe/wi/RCJOcyW22j3VLZqZBpfN/K08D/b1dXmKI8CyRGQwMFdFS5as6tEJKJL2bXRPOgKvvbsHQFV86uq+rcIQgC+vWVGqhK+81eu9fxbZcKM1iL/GlzTrf7+bK5xAoGAU+am9p4hK5VUwgEOLlLeXTi/UZCoql9OnQC0yCjR2Uouq0ip3l+6kK2219FCuC1DGE0zukAv4Th81wzOGNm4uTVyXy81a7IxT5q5+ZiFttERrMCohTfJesOTkfM18WP33pqG1sv9TITRO/DaqK39s7dMVQH4qKVctQuC1/aD4yA="
//转成密钥对对象
val kf = KeyFactory.getInstance("RSA")
val privateKey:PrivateKey = kf.generatePrivate(PKCS8EncodedKeySpec(Base64.decode(privateKeyString)))
return privateKey;
}
fun getPublicKey():PublicKey{
//保存密钥对
val publicKeyString = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBAaE7ji9zqSfhgarM9IKqpvL/1/EXELBSf6ku4G4wGwiFW9ItpMVKz0LTl/WuIx9HYkv/Z4ADjjUCxeKGwYrc8y3nxhnZhqg9DZn/Qt38lGmFEmVQXqnWIyDi02BCKU0z8yKAVnCk+670jZJrxEDqVnUq1YgAyp0GXEk/j8VRr/9L4NRXHzSvLXC+0gzL5oByHvJkus3XQRphFMJY9eBQ3FQAVv7F3P5pX0Qd+OTtO3C8XIP8g+5B5q/WcB8rVm/ZjVDzNkPNEGJfSp+wKkm8Gk3BEcd5AIlDEDKdQnkhitBpKEUoPRuANHvRu1KF2d/C1DIwFQSAyp/rdJB2d/VQIDAQAB"
//转成密钥对对象
val kf = KeyFactory.getInstance("RSA")
val publicKey:PublicKey = kf.generatePublic(X509EncodedKeySpec(Base64.decode(publicKeyString)))
return publicKey
}
//数字签名
object SignatureDedmo {
fun sign(input:String,privateKey:PrivateKey):String{
//获取数字签名对象实例
val signature = Signature.getInstance("SHA256withRSA")
//初始化签名
signature.initSign(privateKey)
//设置数据源
signature.update(input.toByteArray())
//签名
val sign = signature.sign()
return Base64.encode(sign)
}
fun verify(input: String,publicKey:PublicKey,sign:String):Boolean{
val signature = Signature.getInstance("SHA256withRSA")
//初始化签名
signature.initVerify(publicKey)
//传入数据源
signature.update(input.toByteArray())
//校验签名信息
val verify = signature.verify(Base64.decode(sign))
return verify
}
}
fun main(args:Array<String>){
val privateKey = RSACrypt.getPrivateKey()
val publicKey = RSACrypt.getPublicKey()
val input = "name=iPhone&price=7888"
val sign = SignatureDedmo.sign(input,privateKey)
//******************** 校验 ********************
println("校验:"+SignatureDedmo.verify(input,publicKey,sign))
}
如果我们校验的时候把价格改为7
println("校验:"+SignatureDedmo.verify("name=iPhone&price=7",publicKey,sign))
数字签名流程
有一段文字,进行单项Hash函数(md5/sha1/sha256),假设我们用md5加密,生成了一串密文“011010111100”,对密文再次加密,这里用到了私钥,也就是RSA加密。加密完生成一串密文“xxxxxxxxxxxx”
到这里为止就是我们说的签名
当我们把明文和签名传给收件人,签名是一串乱乱的字符串,收件人用公钥对签名进行解密,解密出来的结果就是“011010111100”,也就是上面第一次对文字加密后的结果
收件人再对接收的明文进行一次MD5,如果结果不一致,说明被别人改了
收件人有我们的公钥因为进行了公钥互换
加密算法总结
到目前为止,加密算法就学完了
