Digital signature application

introduction

Digital signature can ensure the integrity and non repudiation of file data. This time, we will use the Java language to realize the digital signature and verification of files. The JDK of the Java language provides a rich cryptography class library. Elliptic curve ECDSA digital signature algorithm and SHA256 hash algorithm are adopted this time. SHA or other signature algorithms can also be used through simple parameter selection.
Environment and equipment

One Windows computer, Java virtual machine JDK 1.6 and above.

step

To read all the contents of a file in a computer into the byte array bytes, you need to ensure that the file exists in the computer.

byte[] bytes = {};
try {
	//Get the file name in the computer D: \ \ test Txt path
	Path path = Paths.get("d:\\test.txt");
			
	//Read content from file into byte array byte []
	bytes = Files.readAllBytes(path);
}catch(Exception e){
	System.out.println("File read error" + e);
}

To use the elliptic curve signature algorithm, you need to first obtain an instance of keyPairGen of the generation key class KeyPairGenerator of the elliptic curve signature algorithm EC, and then initialize keyPairGen. For the elliptic curve algorithm, the minimum key length is 112, generate a pair of keys, including the public key and private key, store them in the object pair, and output the contents of the private key in hexadecimal mode.

//Using the elliptic curve signature algorithm, you need to get the key of the elliptic curve algorithm to generate an instance keyPairGen
KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("EC");
		
//Initialize the key pair generator. For the elliptic curve algorithm, the minimum parameter is 112
keyPairGen.initialize(112);
		
//Generate a pair of keys, including public key and private key, and store them in the object pair;
KeyPair pair = keyPairGen.generateKeyPair();
		
//Get private key from pair
PrivateKey privKey = pair.getPrivate();
		
//Output private key content
byte[] bytePrivKey = privKey.getEncoded();
String strPrivKey = DatatypeConverter.printHexBinary(bytePrivKey);
System.out.printf("Private key:0x%s\n",strPrivKey);

Get the public key from the object pair and output the contents of the public key in hexadecimal mode.

//Get public key from pair
PublicKey pubKey = pair.getPublic();
//Output public key byte content
byte[] bytePubKey = pubKey.getEncoded();
String strPubKey = DatatypeConverter.printHexBinary(bytePubKey);
System.out.printf("Public key: 0 x%s\n",strPubKey);

Create a signature object sign. SHA256 algorithm is used as hash function and elliptic curve signature algorithm ECDSA is used as signature algorithm. Initialize the signature object sign with the private key pairKry. Then, use the update method of the signature object sign to load the content bytes of the byte array to be signed, and then use the sign method to generate the signature; Print the signature value of bytes in hexadecimal byte method.

//Create a signature object sign, use SHA256 algorithm as hash function and elliptic curve signature algorithm ECDSA as signature algorithm
Signature sign = Signature.getInstance("SHA256withECDSA");
		
//Initialize the signature object sign with the private key privKey
sign.initSign(privKey);
		
//The signature object sign loads the contents of the byte array to be signed, bytes
sign.update(bytes);
		
//Generate signature
byte[] signature = sign.sign();
		
//Print the signature value of bytes in hexadecimal bytes
String strSign = DatatypeConverter.printHexBinary(signature);
System.out.printf("Signature content:0x%s\n",strSign);

Use the public key pubKey to verify the signature. Create a signature object VeriSign, use SHA256 algorithm as hash function and elliptic curve signature algorithm ECDSA as signature algorithm. Use the public key pubKey to initialize the signature object VeriSign. The signature object VeriSign loads the byte array content bytes that need to verify the signature. VeriSign uses the public key pubKey to authenticate bytes.

//Use the public key pubKey to verify the signature
System.out.println("Verifying, please wait------");
		
//Create a signature object veriSign, use SHA256 algorithm as hash function and elliptic curve signature algorithm ECDSA as signature algorithm
Signature veriSign = Signature.getInstance("SHA256withECDSA");
		
//Use the public key pubKey to initialize the signature object VeriSign
veriSign.initVerify(pubKey);
		
//The signature object veriSign loads the contents of the byte array that needs to verify the signature, bytes
veriSign.update(bytes);;
		
//The signature object veriSign uses the public key pubKey to verify the signature of bytes
boolean ok = veriSign.verify(signature);
if(ok)
	System.out.println("The verification is successful and the signature is correct!");
else
	System.out.println("Verification failed, the signature is incorrect!");

If the signature verification is successful, print "verification successful, signature correct!", Otherwise, print out "verification failed, signature incorrect!".

realization

package digitalsignature;

import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import javax.xml.bind.DatatypeConverter;

/** 
* @author renhongchang
* @version Creation time: 2:57:08 PM, May 31, 2021 
* @blog https://rhc-rgb.github.io
* 
* The elliptic curve algorithm is used to generate a digital signature with a file in the computer
* Then verify the digital signature of the file
*/
public class DigitalSignature {

	public static void main(String[] args) throws Exception {
		byte[] bytes = {};
		try {
			//Get the file name in the computer D: \ \ test Txt path
			Path path = Paths.get("d:\\test.txt");
			
			//Read content from file into byte array byte []
			bytes = Files.readAllBytes(path);
		}catch(Exception e){
			System.out.println("File read error" + e);
		}
		
		
		//Using the elliptic curve signature algorithm, you need to get the key of the elliptic curve algorithm to generate an instance keyPairGen
		KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("EC");
		
		//Initialize the key pair generator. For the elliptic curve algorithm, the minimum parameter is 112
		keyPairGen.initialize(112);
		
		//Generate a pair of keys, including public key and private key, and store them in the object pair;
		KeyPair pair = keyPairGen.generateKeyPair();
		
		//Get private key from pair
		PrivateKey privKey = pair.getPrivate();
		
		//Output private key content
		byte[] bytePrivKey = privKey.getEncoded();
		String strPrivKey = DatatypeConverter.printHexBinary(bytePrivKey);
		System.out.printf("Private key:0x%s\n",strPrivKey);
		
		
		//Get public key from pair
		PublicKey pubKey = pair.getPublic();
		//Output public key byte content
		byte[] bytePubKey = pubKey.getEncoded();
		String strPubKey = DatatypeConverter.printHexBinary(bytePubKey);
		System.out.printf("Public key: 0 x%s\n",strPubKey);
		
		
		//Create a signature object sign, use SHA256 algorithm as hash function and elliptic curve signature algorithm ECDSA as signature algorithm
		Signature sign = Signature.getInstance("SHA256withECDSA");
		
		//Initialize the signature object sign with the private key privKey
		sign.initSign(privKey);
		
		//The signature object sign loads the contents of the byte array to be signed, bytes
		sign.update(bytes);
		
		//Generate signature
		byte[] signature = sign.sign();
		
		//Print the signature value of bytes in hexadecimal bytes
		String strSign = DatatypeConverter.printHexBinary(signature);
		System.out.printf("Signature content:0x%s\n",strSign);
		
		//Use the public key pubKey to verify the signature
		System.out.println("Verifying, please wait------");
		
		//Create a signature object veriSign, use SHA256 algorithm as hash function and elliptic curve signature algorithm ECDSA as signature algorithm
		Signature veriSign = Signature.getInstance("SHA256withECDSA");
		
		//Use the public key pubKey to initialize the signature object VeriSign
		veriSign.initVerify(pubKey);
		
		//The signature object veriSign loads the contents of the byte array that needs to verify the signature, bytes
		veriSign.update(bytes);;
		
		//The signature object veriSign uses the public key pubKey to verify the signature of bytes
		boolean ok = veriSign.verify(signature);
		if(ok)
			System.out.println("The verification is successful and the signature is correct!");
		else
			System.out.println("Verification failed, the signature is incorrect!");
	}
}

Implementation results

Private key:0x302C020100301006072A8648CE3D020106052B8104000604153013020101040EAE0831C7D9E7F76ADF8A0B08D1DF
 Public key: 0 x3032301006072A8648CE3D020106052B81040006031E0004050A0BCE147FF9BFDDA2FD06BD748B983B600DD605296822BD59E317
 Signature content:0x3020020E3CBFF953DC7C15041DDC01A56704020E51949B5868C2123534E39ABA2F03
 Verifying, please wait------
The verification is successful and the signature is correct!

Keywords: Java Algorithm Cyber Security rsa

Added by rhyspaterson on Wed, 12 Jan 2022 09:31:18 +0200

Programming VIP

Digital signature application

introduction

Environment and equipment

step

realization

Implementation results

Popular Keywords