本文主要是介绍java读取OPENSSL生成的DSA的pem文件,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
首先下载OPENSSL工具,生成dsa签名文件
DSA公私钥可以使用OpenSSL 生成,如下:
a) 生成DSA参数
openssl dsaparam -out dsa_param.pem 1024
b) 生成私钥
openssl gendsa -out dsa_private_temp_key.pem dsa_param.pem
将传统格式的私钥转换成PKCS#8格式的(java使用的是PKCS#8格式的私钥)
openssl pkcs8 -topk8 -inform PEM -in dsa_private_temp_key.pem -outform PEM -nocrypt -out dsa_private_key.pem
c) 生成公钥
openssl dsa -in dsa_private_key.pem -pubout -out dsa_public_key.pem
下面是java代码:
import java.io.BufferedReader;
import java.io.FileReader;
import java.io.Serializable;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
import yak.exception.GeneralException;
public class DSASign implements SignatureInterface,Serializable {
private PrivateKey privateKey;
private PublicKey publicKey;
private String privatefile = "C:\\OpenSSL\\bin\\dsa_private_key.pem";//YakProperty.getString("DSA_PRIVATE_KEY");
private String publicfile = "C:\\OpenSSL\\bin\\dsa_public_key.pem";
//YakProperty.getString("DSA_PUBLIC_KEY");
private static DSASign dsa;
private BASE64Decoder base64decoder = new BASE64Decoder();
private BASE64Encoder base64encoder = new BASE64Encoder();
public static DSASign getInstance()throws GeneralException
{
if(dsa == null)
dsa = new DSASign();
return dsa;
}
public DSASign()
{
try{
initPrivateKey();
initPublicKey();
}catch(Exception e)
{
}
}
private void initPrivateKey()throws GeneralException
{
try{
BufferedReader br = new BufferedReader(new FileReader(privatefile));
String s = br.readLine();
StringBuffer privatekey = new StringBuffer();
s = br.readLine();
while (s.charAt(0) != '-') {
privatekey.append(s + "\r");
s = br.readLine();
}
BASE64Decoder base64decoder = new BASE64Decoder();
byte[] keybyte = base64decoder.decodeBuffer(privatekey.toString());
KeyFactory kf = KeyFactory.getInstance("DSA");
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keybyte);
privateKey = kf.generatePrivate(keySpec);
}catch(Exception e)
{
e.printStackTrace();
throw new GeneralException(e.getMessage());
}
}
private void initPublicKey()throws GeneralException
{
try{
BufferedReader br = new BufferedReader(new FileReader(publicfile));
String s = br.readLine();
StringBuffer publickey = new StringBuffer();
s = br.readLine();
while (s.charAt(0) != '-') {
publickey.append(s + "\r");
s = br.readLine();
}
byte[] keybyte = base64decoder.decodeBuffer(publickey.toString());
KeyFactory kf = KeyFactory.getInstance("DSA");
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keybyte);
publicKey = kf.generatePublic(keySpec);
}catch(Exception e)
{
throw new GeneralException(e.getMessage());
}
}
public String sign(String content) throws GeneralException {
// TODO Auto-generated method stub
try {
Signature signalg = Signature.getInstance("DSA");
signalg.initSign(privateKey);
signalg.update(content.getBytes());
byte[] signature = signalg.sign();
String sign = base64encoder.encode(signature);
return sign;
} catch (Exception e) {
throw new GeneralException(e.getMessage());
}
}
public boolean verify(String signature, String contecnt)
throws GeneralException {
try {
Signature verifyalg = Signature.getInstance("DSA");
verifyalg.initVerify(publicKey);
verifyalg.update(contecnt.getBytes());
byte[] signbyte = base64decoder.decodeBuffer(signature);
return verifyalg.verify(signbyte);
} catch (Exception e) {
e.printStackTrace();
throw new GeneralException(e.getMessage());
}
}
public static void main(String args[])
{
DSASign d = new DSASign();
try{
String sign = d.sign(s);
System.out.println(sign);
boolean boo = d.verify(sign, s);
System.out.println(boo);
}catch(Exception e)
{
e.printStackTrace();
}
}
}
这篇关于java读取OPENSSL生成的DSA的pem文件的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!