当前位置:theitroad>Java 在 BouncyCastle 上实现带有数字签名算法 (ECDSA) 的椭圆曲线

Java 在 BouncyCastle 上实现带有数字签名算法 (ECDSA) 的椭圆曲线

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/18244630/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-08-11 23:41:39  来源:igfitidea点击:

Elliptic Curve with Digital Signature Algorithm (ECDSA) implementation on BouncyCastle

javacryptographybouncycastle

提问by Yagiz

I am trying to implement ECDSA (Elliptic Curve Digital Signature Algorithm) but I couldn't find any examples in Java which use Bouncy Castle. I created the keys, but I really don't know what kind of functions I should use to create a signature and verify it.

我正在尝试实现 ECDSA(椭圆曲线数字签名算法),但在 Java 中找不到任何使用 Bouncy Castle 的示例。我创建了密钥,但我真的不知道我应该使用什么样的函数来创建签名并验证它。

public static KeyPair GenerateKeys()
    throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException
{
    ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec("B-571");
    KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "BC");
    g.initialize(ecSpec, new SecureRandom());
    return g.generateKeyPair();
}

采纳答案by gtrig

owlstead is correct. And to elaborate a bit more, you can do this:

owlstead 是正确的。更详细地说,你可以这样做:

KeyPair pair = GenerateKeys();
Signature ecdsaSign = Signature.getInstance("SHA256withECDSA", "BC");
ecdsaSign.initSign(pair.getPrivate());
ecdsaSign.update(plaintext.getBytes("UTF-8"));
byte[] signature = ecdsaSign.sign();

And to verify:

并验证:

Signature ecdsaVerify = Signature.getInstance("SHA256withECDSA", "BC");
ecdsaVerify.initVerify(pair.getPublic());
ecdsaVerify.update(plaintext.getBytes("UTF-8"));
boolean result = ecdsaVerify.verify(signature);

回答by Maarten Bodewes

You seem to be using Bouncy Castle mainly as provider. In that case you could simply use Signature.getInstance("SHA256withECDSA", "BC").

您似乎主要使用 Bouncy Castle 作为提供者。在这种情况下,您可以简单地使用Signature.getInstance("SHA256withECDSA", "BC").

回答by Thomas Pornin

BouncyCastle is a provider: a set of classes which provides some cryptographic functionalities that applications are supposed to use through the generic API that Java comes with. See the Java Cryptography Architecture, especially the section on signatures, to see how to generate or verify a signature. Basically, you get a java.security.Signatureinstance (with the static getInstance()method), then you initialize it with either a private key (initSign(), to generate a signature) or a public key (initVerify(), to verify a signature). You then input the message data with one or several update()calls, and finally you call sign()or verify(), to generate or verify a signature.

BouncyCastle 是一个提供者:一组提供一些加密功能的类,应用程序应该通过 Java 附带的通用 API 使用这些功能。请参阅Java Cryptography Architecture,尤其是有关签名的部分,了解如何生成或验证签名。基本上,您获得一个java.security.Signature实例(使用静态getInstance()方法),然后使用私钥(initSign(), 以生成签名)或公钥(initVerify(), 以验证签名)对其进行初始化。然后通过一次或多次update()调用输入消息数据,最后调用sign()verify()来生成或验证签名。

相关推荐

Java HttpClient 支持多种 TLS 协议

Java HttpClient 支持多种 TLS 协议

Java 在活动之间使用 BottomNavigationView 按下时如何突出显示项目?

Java 在活动之间使用 BottomNavigationView 按下时如何突出显示项目?

Java 根据多个架构定义验证 XML 文件

Java 根据多个架构定义验证 XML 文件

Java 如何在Spring中获取当前目录?

Java 如何在Spring中获取当前目录?

相关推荐
最近更新
标签