熱點推薦:
您现在的位置: 電腦知識網 >> 編程 >> Java編程 >> Java核心技術 >> 正文

在Jini,RMI和Applet中如何實現代碼簽名

2022-06-13   來源: Java核心技術 

  第一段代碼:生成公開/私有密鑰對並在命令行中指定文件把密鑰對寫入該文件
  import javasecurity*;
  import javaio*;
  public class KeyPairGen
  {
  public static void main(String[] args)
  {
  if(argslength!=)
  {
  Systemoutprintln(Usage: java KeyPairGen KeyFile);
  Systemexit();
  }
  KeyPairGen obj=new KeyPairGen();
  try{
  objgen(args[]);
  }catch(NoSuchAlgorithmException ex)
  {
  Systemoutprintln(NoSuchAlgorithmException);
  }
  catch(FileNotFoundException ex)
  {
  Systemoutprintln(FileNotFoundException);
  }
  catch(IOException ex)
  {
  Systemoutprintln(IOException);
  }
  }
  public void gen(String source) throws NoSuchAlgorithmException
  FileNotFoundExceptionIOException
  {
  KeyPairGenerator kpGen=KeyPairGeneratorgetInstance(DSA);
  kpGeninitialize();
  KeyPair kPair=kpGengenKeyPair();
  FileOutputStream fos=new FileOutputStream(source);
  ObjectOutputStream oos=new ObjectOutputStream(fos);
  ooswriteObject(kPair);
  fosclose();
  oosclose();
  }
  }
  第二段代碼命令行中指定存放密鑰的文件用於簽名的字符串(這裡使用字符串只是為了簡單其實在真正實際使用中應該換成用MD或SHA算法計算某一文件流的消息摘要值)和簽名所存放的文件功能是計算出簽名並把該簽名存放在文件中
  import javasecurity*;
  import javaio*;
  public class SignGen
  {
  public static void main(String[] args)
  {
  if(argslength!=)
  {
  Systemoutprintln(Usage: java SignGen KeyFile String SigFile);
  Systemexit();
  }
  SignGen obj=new SignGen();
  try{
  objgenSignature(args[]args[]args[]);
  }catch(NoSuchAlgorithmException ex)
  {
  Systemoutprintln(NoSuchAlgorithmException);
  }
  catch(InvalidKeyException ex)
  {
  Systemoutprintln(InvalidKeyException);
  }
  catch(SignatureException ex)
  {
  Systemoutprintln(SignatureException);
  }
  catch(ClassNotFoundException ex)
  {
  Systemoutprintln(ClassNotFoundException);
  }
  catch(FileNotFoundException ex)
  {
  Systemoutprintln(FileNotFoundException);
  }
  catch(IOException ex)
  {
  Systemoutprintln(IOException);
  }
  }
  public void genSignature(String keyFileString strString sigFile)
  throws NoSuchAlgorithmExceptionInvalidKeyExceptionSignatureException
  ClassNotFoundExceptionFileNotFoundExceptionIOException
  {
  FileInputStream fis=new FileInputStream(keyFile);
  ObjectInputStream ois=new ObjectInputStream(fis);
  KeyPair kp=(KeyPair)oisreadObject();
  PublicKey pubKey=kpgetPublic();
  PrivateKey priKey=kpgetPrivate();
  fisclose();
  oisclose();
  Signature sig=SignaturegetInstance(SHAWithDSA);
  siginitSign(priKey);
  sigupdate(strgetBytes());
  byte[] b=sigsign();
  FileOutputStream fos=new FileOutputStream(sigFile);
  ObjectOutputStream oos=new ObjectOutputStream(fos);
  ooswriteObject(b);
  fosclose();
  oosclose();
  }
  }
  第三段代碼當然是用於驗證簽名了命令行中指定三個參數密鑰文件更新驗證的字符串和簽名文件
  import javasecurity*;
  import javaio*;
  public class SignVerify
  {
  public static void main(String[] args)
  {
  if(argslength!=)
  {
  Systemoutprintln(Usage: java SignVerify KeyFile String SigFile);
  Systemexit();
  }
  SignVerify obj=new SignVerify();
  try{
  objverify(args[]args[]args[]);
  }catch(NoSuchAlgorithmException ex)
  {
  Systemoutprintln(NoSuchAlgorithmException);
  }
  catch(InvalidKeyException ex)
  {
  Systemoutprintln(InvalidKeyException);
  }
  catch(SignatureException ex)
  {
  Systemoutprintln(SignatureException);
  }
  catch(ClassNotFoundException ex)
  {
  Systemoutprintln(ClassNotFoundException);
  }
  catch(FileNotFoundException ex)
  {
  Systemoutprintln(FileNotFoundException);
  }
  catch(IOException ex)
  {
  Systemoutprintln(IOException);
  }
  }
  public void verify(String keyFileString strString sigFile) throws
  NoSuchAlgorithmExceptionInvalidKeyExceptionSignatureException
  ClassNotFoundExceptionFileNotFoundExceptionIOException
  {
  FileInputStream fis=new FileInputStream(keyFile);
  ObjectInputStream ois=new ObjectInputStream(fis);
  KeyPair kp=(KeyPair)oisreadObject();
  PublicKey pubKey=kpgetPublic();
  PrivateKey priKey=kpgetPrivate();
  fisclose();
  oisclose();
  FileInputStream fis=new FileInputStream(sigFile);
  ObjectInputStream ois=new ObjectInputStream(fis);
  byte[] b=(byte[])oisreadObject();
  fisclose();
  oisclose();
  Signature sig=SignaturegetInstance(SHAWithDSA);
  siginitVerify(pubKey);
  sigupdate(strgetBytes());
  if(sigverify(b))
  {
  Systemoutprintln(Verify OK!);
  }
  else
  {
  Systemoutprintln(Verify Error!);
  }
  }
  }
  在驗證過程中密鑰對字符串和簽名一個都不能錯否則無法通過驗證
From:http://tw.wingwit.com/Article/program/Java/hx/201311/26967.html
    推薦文章
    Copyright © 2005-2022 電腦知識網 Computer Knowledge   All rights reserved.