usera.java

java版数字签名

package mytest;

import javax.crypto.Cipher;

import sun.misc.BASE64Encoder;

import my.RSAUtil;

import java.security.*;
import java.security.spec.RSAPublicKeySpec;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.io.*;
import java.math.BigInteger;
import java.io.*;
import java.net.*;

public class UserA {
	/**
	 * 生成密钥对
	 * @return KeyPair
	 * @throws EncryptException
	 */
	public static KeyPair generateKeyPair() throws Exception {
		try {
			KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA",
					new org.bouncycastle.jce.provider.BouncyCastleProvider());
			final int KEY_SIZE = 1024;
			keyPairGen.initialize(KEY_SIZE, new SecureRandom());
			KeyPair keyPair = keyPairGen.genKeyPair();
			return keyPair;
		} catch (Exception e) {
			throw new Exception(e.getMessage());
		}
	}

	/**
	 * 生成公钥
	 * @param modulus
	 * @param publicExponent
	 * @return RSAPublicKey
	 * @throws EncryptException
	 */
	public static RSAPublicKey generateRSAPublicKey(byte[] modulus,
			byte[] publicExponent) throws Exception {
		KeyFactory keyFac = null;
		try {
			keyFac = KeyFactory.getInstance("RSA",
					new org.bouncycastle.jce.provider.BouncyCastleProvider());
		} catch (NoSuchAlgorithmException ex) {
			throw new Exception(ex.getMessage());
		}

		RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(new BigInteger(
				modulus), new BigInteger(publicExponent));
		try {
			return (RSAPublicKey) keyFac.generatePublic(pubKeySpec);
		} catch (InvalidKeySpecException ex) {
			throw new Exception(ex.getMessage());
		}
	}

	/**
	 * 生成私钥
	 * @param modulus
	 * @param privateExponent
	 * @return RSAPrivateKey
	 * @throws EncryptException
	 */
	public static RSAPrivateKey generateRSAPrivateKey(byte[] modulus,
			byte[] privateExponent) throws Exception {
		KeyFactory keyFac = null;
		try {
			keyFac = KeyFactory.getInstance("RSA",
					new org.bouncycastle.jce.provider.BouncyCastleProvider());
		} catch (NoSuchAlgorithmException ex) {
			throw new Exception(ex.getMessage());
		}

		RSAPrivateKeySpec priKeySpec = new RSAPrivateKeySpec(new BigInteger(
				modulus), new BigInteger(privateExponent));
		try {
			return (RSAPrivateKey) keyFac.generatePrivate(priKeySpec);
		} catch (InvalidKeySpecException ex) {
			throw new Exception(ex.getMessage());
		}
	}

	/**
	 * 加密
	 * @param key 加密的密钥
	 * @param data 待加密的明文数据
	 * @return 加密后的数据
	 * @throws EncryptException
	 */
	public static byte[] encrypt(Key key, byte[] data) throws Exception {
		try {
			Cipher cipher = Cipher.getInstance("RSA",
					new org.bouncycastle.jce.provider.BouncyCastleProvider());
			cipher.init(Cipher.ENCRYPT_MODE, key);
			int blockSize = cipher.getBlockSize();//获得加密块大小，如：加密前数据为128个byte，而key_size=1024 加密块大小为127 byte,加密后为128个byte;因此共有2个加密块，第一个127 byte第二个为1个byte
			int outputSize = cipher.getOutputSize(data.length);//获得加密块加密后块大小
			int leavedSize = data.length % blockSize;
			int blocksSize = leavedSize != 0 ? data.length / blockSize + 1
					: data.length / blockSize;
			byte[] raw = new byte[outputSize * blocksSize];
			int i = 0;
			while (data.length - i * blockSize > 0) {
				if (data.length - i * blockSize > blockSize)
					cipher.doFinal(data, i * blockSize, blockSize, raw, i
							* outputSize);
				else
					cipher.doFinal(data, i * blockSize, data.length - i
							* blockSize, raw, i * outputSize);
				//这里面doUpdate方法不可用，查看源代码后发现每次doUpdate后并没有什么实际动作除了把byte[]放到ByteArrayOutputStream中，而最后doFinal的时候才将所有的byte[]进行加密，可是到了此时加密块大小很可能已经超出了OutputSize所以只好用dofinal方法。

				i++;
			}
			return raw;
		} catch (Exception e) {
			throw new Exception(e.getMessage());
		}
	}

	/**
	 * 解密
	 * @param key 解密的密钥
	 * @param raw 已经加密的数据
	 * @return 解密后的明文
	 * @throws EncryptException
	 */
	public static byte[] decrypt(Key key, byte[] raw) throws Exception {
		try {
			Cipher cipher = Cipher.getInstance("RSA",
					new org.bouncycastle.jce.provider.BouncyCastleProvider());
			cipher.init(Cipher.DECRYPT_MODE, key);
			int blockSize = cipher.getBlockSize();
			ByteArrayOutputStream bout = new ByteArrayOutputStream(64);
			int j = 0;

			while (raw.length - j * blockSize > 0) {
				bout.write(cipher.doFinal(raw, j * blockSize, blockSize));
				j++;
			}
			return bout.toByteArray();
		} catch (Exception e) {
			throw new Exception(e.getMessage());
		}
	}

	/**
	 * 
	 * 二行制转字符串  * 
	 * 一个字节的数， 转成16进制字符串
	 * 
	 * @param b
	 * 
	 * @return
	 */

	public static String byte2hex(byte[] b) {

		String hs = "";
		String stmp = "";
		for (int n = 0; n < b.length; n++) {
			// 整数转成十六进制表示
			stmp = (java.lang.Integer.toHexString(b[n] & 0XFF));
			if (stmp.length() == 1)
				hs = hs + "0" + stmp;
			else
				hs = hs + stmp;
		}
		return hs.toUpperCase(); // 转成大写
	}

	/**
	 * 
	 * 十六進制字符串转二行制  * 
	 *  
	 * @param b
	 * 
	 * @return
	 */
	public static byte[] hex2byte(byte[] b) {
		if ((b.length % 2) != 0)
			throw new IllegalArgumentException("长度不是偶数");
		byte[] b2 = new byte[b.length / 2];
		for (int n = 0; n < b.length; n += 2) {
			String item = new String(b, n, 2);
			// 两位一组，表示一个字节,把这样表示的16进制字符串，还原成一个进制字节
			b2[n / 2] = (byte) Integer.parseInt(item, 16);
		}
		return b2;
	}

/**
 * 对明文用MD5算法生成信息摘要
 * @param by byte数组
 * @return byte数组
 * @throws Exception
 */
	public static byte[] getMessageDigest(byte[] by) throws Exception {
		//使用getInstance("算法")来获得消息摘要,这里使用MD5算法
		MessageDigest messageDigest = MessageDigest.getInstance("MD5");
		messageDigest.update(by);//开始使用算法
		return messageDigest.digest(); //算法运算结果
	}

	////////////////////////////////////////////////////////////////////////////////
	public static void main(String[] args) throws Exception {

		KeyPair keyPair = UserA.generateKeyPair();
		RSAPublicKey pubKey = (RSAPublicKey) keyPair.getPublic();
		RSAPrivateKey priKey = (RSAPrivateKey) keyPair.getPrivate();
		System.out.println("UserA产生密钥公钥：" + byte2hex(pubKey.getEncoded()));
		System.out.println("UserA产生密钥私钥：" + byte2hex(priKey.getEncoded()));

		String B_ip = "127.0.0.1";
		Socket socket = new Socket(B_ip, 23456);
		ObjectOutputStream output = new ObjectOutputStream(socket
				.getOutputStream());
		ObjectInputStream input = new ObjectInputStream(socket.getInputStream());

		System.out.println("发送A的公钥...");
		output.writeObject(pubKey);//给B发送A的公钥

		RSAPublicKey pubKeyB = (RSAPublicKey) input.readObject();
		System.out.println("收到B的公钥为：" + byte2hex(pubKeyB.getEncoded()));//收到B的公钥

		File file = new File("test.txt");//测试文件
		FileInputStream in = new FileInputStream(file);
		ByteArrayOutputStream bout = new ByteArrayOutputStream();
		byte[] tmpbuf = new byte[1024];
		int count = 0;
		while ((count = in.read(tmpbuf)) != -1) {
			bout.write(tmpbuf, 0, count);
			tmpbuf = new byte[1024];
		}
		in.close();
		byte[] orgData = bout.toByteArray();//测试文件输出为 byte数组的明文

		System.out.println("长度为"+orgData.length+"的明文： "+ new String(orgData) );
		byte[] outDigest = UserA.getMessageDigest(orgData);//用明文生成信息摘要
		System.out.println("生成" + outDigest.length + "位长度的信息摘要："
				+ new String(outDigest));
		Signature signet = Signature.getInstance("MD5withRSA");
		signet.initSign(priKey);
		signet.update(outDigest);
		byte[] signed = signet.sign(); // 对信息的数字签名

		BASE64Encoder enc = new sun.misc.BASE64Encoder();
		String a = enc.encode(signed);
		String b = enc.encode(orgData);
		System.out.println("数字签名后的信息摘要" + a);

		String sendMsg = a + "*" + b;
		byte[] send = UserA.encrypt(pubKeyB, sendMsg.getBytes());//用UserB的公钥对信息进行加密
		String c = new String(send);
		System.out.println("密文原文: " + sendMsg);
		System.out.println("生产密文: " + c);

		output.writeObject(send);//发送加密后的信息给B
		output.flush();
		
		//生产的密文写入文件encrypt.txt
		file = new File("encrypt.txt");
		OutputStream out = new FileOutputStream(file);
		out = new FileOutputStream(file);
		out.write(send);
		out.close();

		output.close();
		input.close();
		socket.close();//关闭连接
	}

}