如何使用 java.security.Signature 进行验证

发布于 2025-01-04 12:46:59 字数 361 浏览 3 评论 0原文

我已经有一对密钥，公共和私人的。我如何实际使用 java.security.Signature 来验证我用其中一个密钥签名的字符串？

编辑：

我有两个键作为字符串。 verify方法，其实是

verify(byte[] signature)

javadoc中说的：

verify(byte[]signature) 指示给定的签名是否可以使用公钥或签名者的证书进行验证。

在调用验证方法之前，如何使该签名识别用于验证的公钥/私钥？换句话说，如何将字符串密钥转换为可以被签名接受的密钥对象？

原文

I have a key pair already, public and private. How do I actually use the java.security.Signature to do verification of a string I signed with one of the keys?

Edit:

I have both the keys as Strings. The verify method, it is actually

verify(byte[] signature)

The javadoc says:

verify(byte[] signature) Indicates whether the given signature can be
verified using the public key or a certificate of the signer.

How would I make that signature recognize which public/private key to use for that verifying, before I call the verify method? In other words, how do I turn my string keys into key objects that would get accepted by signature?

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

悸初 2025-01-11 12:46:59

使用KeyFactory 将关键规范转换为对象。
调用Signature.getInstance(algName)获取签名实例。
使用Signature的initVerify方法关联密钥以进行签名验证。
使用update来提供Signature字节。
最后，调用verify。
获利

从 KeyFactory javadoc：

下面是如何使用密钥工厂从其编码实例化 DSA 公钥的示例。假设爱丽丝已收到鲍勃的数字签名。鲍勃还向她发送了他的公钥（以编码格式）以验证他的签名。 Alice 然后执行以下操作：
X509EncodedKeySpec bobPubKeySpec = new X509EncodedKeySpec(bobEncodedPubKey);
KeyFactory keyFactory = KeyFactory.getInstance("DSA");
公钥 bobPubKey = keyFactory.generatePublic(bobPubKeySpec);
签名 sig = Signature.getInstance("DSA");
sig.initVerify(bobPubKey);
sig.update(数据);
sig.verify(签名);

Use KeyFactory to translate key specifications to objects.
Call Signature.getInstance(algName) to get a signature instance.
Use Signature's initVerify method to associate a key for signature verification.
Use update to feed the Signature bytes.
Finally, call verify.
Profit

From the KeyFactory javadoc:

The following is an example of how to use a key factory in order to instantiate a DSA public key from its encoding. Assume Alice has received a digital signature from Bob. Bob also sent her his public key (in encoded format) to verify his signature. Alice then performs the following actions:
X509EncodedKeySpec bobPubKeySpec = new X509EncodedKeySpec(bobEncodedPubKey);
KeyFactory keyFactory = KeyFactory.getInstance("DSA");
PublicKey bobPubKey = keyFactory.generatePublic(bobPubKeySpec);
Signature sig = Signature.getInstance("DSA");
sig.initVerify(bobPubKey);
sig.update(data);
sig.verify(signature);

回复收藏 0 原文

~没有更多了~