How to sign string with private key

问题:

How can I get the signature of a string using SHA1withRSA if I already have the Private Key as byte[] or String?

回答1:

I guess what you say is you know the key pair before hand and want to sign/verify with that.

Please see the following code.

import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; import java.security.Signature;  import sun.misc.BASE64Encoder;  public class MainClass {     public static void main(String[] args) throws Exception {          KeyPair keyPair = getKeyPair();          byte[] data = "test".getBytes("UTF8");          Signature sig = Signature.getInstance("SHA1WithRSA");         sig.initSign(keyPair.getPrivate());         sig.update(data);         byte[] signatureBytes = sig.sign();         System.out.println("Singature:" + new BASE64Encoder().encode(signatureBytes));          sig.initVerify(keyPair.getPublic());         sig.update(data);          System.out.println(sig.verify(signatureBytes));     }      private static KeyPair getKeyPair() throws NoSuchAlgorithmException {         KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");         kpg.initialize(1024);         return kpg.genKeyPair();     } } 

Here you need to change the method getKeyPair() to supply your known key pair. You may load it from a java key store [JKS].

You can't just have an arbitrary byte array either as your public key or private key. They should be generated in relation.

Thanks...

回答2:

You first must create a public key from array of bytes

byte publicKeyBytes[] = .... your public key in bytes ...  KeyFactory keyFactory = KeyFactory.getInstance("RSA");  X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(publicKeyBytes));  PublicKey publicKey = keyFactory.generatePublic(publicKeySpec); 

and after using the publicKey to encrypt

String data = "... data to be encrypted ...."; String alg = "RSA/ECB/PKCS1Padding"; Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding"); cipher.init(Cipher.ENCRYPT_MODE, publicKey); byte encryptedBytes[] = cipher.doFinal(data.getBytes()); 

Now only who have the privateKey can read your data

@rczajka: a publicKey is a key. You can use it to sign somethig that only the owner (that have the privateKey) can read.

回答3:

public static String sign(String samlResponseString, String keystoreFile, String keyStorePassword, String privateKeyPassword, String alias)             throws NoSuchAlgorithmException, UnsupportedEncodingException,             InvalidKeyException, SignatureException {         PrivateKey pkey=getPrivateKey(  keystoreFile,   keyStorePassword, privateKeyPassword,   alias);         String signedString = null;         Signature signature = Signature.getInstance("SHA256withRSA");         signature.initSign(pkey);         signature.update(samlResponseString.getBytes());         byte[] signatureBytes = signature.sign();         byte[] encryptedByteValue = Base64.encodeBase64(signatureBytes);         signedString = new String(encryptedByteValue, "UTF-8");         System.out.println(signedString);         return signedString;     } 

文章来源: How to sign string with private key