/**
* 验证签名
*
* @param data 数据信息
* @param publicKeyString 公匙序列化后的base64编码
* @param signature base64编码的签名信息
* @return
* @throws Exception
*/
public static boolean verify(String data, String publicKeyString, String signature)
throws Exception {
// 公匙反序列化
// BASE64Decoder decoder = new BASE64Decoder();
// byte[] bytes = decoder.decodeBuffer(publicKeyString);
Base64 base64 = new Base64();
byte[] bytes = base64.decode(publicKeyString.getBytes("utf8"));
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(bytes);
PublicKey publicKey = KeyFactory.getInstance("DSA").generatePublic(keySpec);
// 验证
Signature sign = Signature.getInstance("DSA");
sign.initVerify(publicKey);
sign.update(data.getBytes("utf8"));
// return sign.verify(decoder.decodeBuffer(signature));
return sign.verify(base64.decode(signature.getBytes("utf8")));
}
/**
* 采用二进制公匙进行签名验证
*
* @param data 数据信息
* @param publicKey 2进制公匙
* @param signature base64编码的签名信息
* @return
* @throws Exception
* @author huangbuji
* <p>Create at 2014-2-12 下午5:37:18
*/
public static boolean verifyBinKey(String data, byte[] publicKey, String signature)
throws Exception {
Base64 base64 = new Base64();
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicKey);
PublicKey pub = KeyFactory.getInstance("DSA").generatePublic(keySpec);
// 验证
Signature sign = Signature.getInstance("DSA");
sign.initVerify(pub);
sign.update(data.getBytes("utf8"));
// return sign.verify(decoder.decodeBuffer(signature));
return sign.verify(base64.decode(signature.getBytes("utf8")));
}
/**
* 根据数据,生成签名
*
* @param data 数据信息
* @param privateKey 私匙序列化后的base64编码
* @return base64编码的签名信息
* @throws Exception
*/
public static String sign(String data, String privateKeyString) throws Exception {
Base64 base64 = new Base64();
// 私匙反序列化
// BASE64Decoder decoder = new BASE64Decoder();
// byte[] bytes = decoder.decodeBuffer(privateKeyString);
byte[] bytes = base64.decode(privateKeyString.getBytes("utf8"));
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(bytes);
PrivateKey privateKey = KeyFactory.getInstance("DSA").generatePrivate(keySpec);
// 生成签名
Signature signature = Signature.getInstance("DSA");
signature.initSign(privateKey);
signature.update(data.getBytes("utf8"));
// return new BASE64Encoder().encode(signature.sign());
return new String(base64.encode(signature.sign()), "utf8");
}
/**
* 补充C#签名信息缺失的前面46位二进制
*
* @param sign base64编码的签名信息
* @return 完整的签名二进制信息
* @throws Exception
* @author huangbuji
* <p>Create at 2014-2-13 上午10:38:46
*/
public static byte[] changeDSANet2java(String sign) throws Exception {
Base64 base64 = new Base64();
byte tx[] = base64.decode(sign.getBytes("utf8"));
byte[] tx_new = new byte[46];
tx_new[0] = 48;
tx_new[1] = 44;
tx_new[2] = 2;
tx_new[3] = 20;
for (int x = 0; x < 20; x++) {
tx_new[x + 4] = tx[x];
}
tx_new[24] = 2;
tx_new[25] = 20;
for (int x = 20; x < 40; x++) {
tx_new[x + 6] = tx[x];
}
return tx_new;
}