From 96e836ec94cd8363188935e744dba2ee55fc98a0 Mon Sep 17 00:00:00 2001 From: eelhazati <35301254+eelhazati@users.noreply.github.com> Date: Wed, 13 Nov 2019 09:54:18 +0100 Subject: [PATCH] BAEL-3282 -- Digital signature. (#7981) * Digital signature. * Digital signature. move message.txt in src/test/resources/digitalsignature. --- .../com/baeldung/digitalsignature/Utils.java | 33 +++++++++++++++++++ ...tureWithMessageDigestAndCipherSigning.java | 28 ++++++++++++++++ ...reWithMessageDigestAndCipherVerifying.java | 33 +++++++++++++++++++ .../DigitalSignatureWithSignatureSigning.java | 27 +++++++++++++++ ...igitalSignatureWithSignatureVerifying.java | 28 ++++++++++++++++ .../resources/digitalsignature/message.txt | 1 + 6 files changed, 150 insertions(+) create mode 100644 libraries-security/src/main/java/com/baeldung/digitalsignature/Utils.java create mode 100644 libraries-security/src/main/java/com/baeldung/digitalsignature/level1/DigitalSignatureWithMessageDigestAndCipherSigning.java create mode 100644 libraries-security/src/main/java/com/baeldung/digitalsignature/level1/DigitalSignatureWithMessageDigestAndCipherVerifying.java create mode 100644 libraries-security/src/main/java/com/baeldung/digitalsignature/level2/DigitalSignatureWithSignatureSigning.java create mode 100644 libraries-security/src/main/java/com/baeldung/digitalsignature/level2/DigitalSignatureWithSignatureVerifying.java create mode 100644 libraries-security/src/test/resources/digitalsignature/message.txt diff --git a/libraries-security/src/main/java/com/baeldung/digitalsignature/Utils.java b/libraries-security/src/main/java/com/baeldung/digitalsignature/Utils.java new file mode 100644 index 0000000000..9f1e5808c3 --- /dev/null +++ b/libraries-security/src/main/java/com/baeldung/digitalsignature/Utils.java @@ -0,0 +1,33 @@ +package com.baeldung.digitalsignature; + +import java.io.FileInputStream; +import java.security.KeyStore; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.cert.Certificate; + +public class Utils { + + private static final String STORE_TYPE = "PKCS12"; + private static final char[] PASSWORD = "changeit".toCharArray(); + private static final String SENDER_KEYSTORE = "sender_keystore.p12"; + private static final String SENDER_ALIAS = "senderKeyPair"; + + public static final String SIGNING_ALGORITHM = "SHA256withRSA"; + + private static final String RECEIVER_KEYSTORE = "receiver_keystore.p12"; + private static final String RECEIVER_ALIAS = "receiverKeyPair"; + + public static PrivateKey getPrivateKey() throws Exception { + KeyStore keyStore = KeyStore.getInstance(STORE_TYPE); + keyStore.load(new FileInputStream(SENDER_KEYSTORE), PASSWORD); + return (PrivateKey) keyStore.getKey(SENDER_ALIAS, PASSWORD); + } + + public static PublicKey getPublicKey() throws Exception { + KeyStore keyStore = KeyStore.getInstance(STORE_TYPE); + keyStore.load(new FileInputStream(RECEIVER_KEYSTORE), PASSWORD); + Certificate certificate = keyStore.getCertificate(RECEIVER_ALIAS); + return certificate.getPublicKey(); + } +} diff --git a/libraries-security/src/main/java/com/baeldung/digitalsignature/level1/DigitalSignatureWithMessageDigestAndCipherSigning.java b/libraries-security/src/main/java/com/baeldung/digitalsignature/level1/DigitalSignatureWithMessageDigestAndCipherSigning.java new file mode 100644 index 0000000000..78d40dd365 --- /dev/null +++ b/libraries-security/src/main/java/com/baeldung/digitalsignature/level1/DigitalSignatureWithMessageDigestAndCipherSigning.java @@ -0,0 +1,28 @@ +package com.baeldung.digitalsignature.level1; + +import com.baeldung.digitalsignature.Utils; + +import javax.crypto.Cipher; +import java.nio.file.Files; +import java.nio.file.Paths; +import java.security.MessageDigest; +import java.security.PrivateKey; + +public class DigitalSignatureWithMessageDigestAndCipherSigning { + + public static void main(String[] args) throws Exception { + + PrivateKey privateKey = Utils.getPrivateKey(); + + byte[] messageBytes = Files.readAllBytes(Paths.get("src/test/resources/digitalsignature/message.txt")); + + MessageDigest md = MessageDigest.getInstance("SHA-256"); + byte[] messageHash = md.digest(messageBytes); + + Cipher cipher = Cipher.getInstance("RSA"); + cipher.init(Cipher.ENCRYPT_MODE, privateKey); + byte[] digitalSignature = cipher.doFinal(messageHash); + + Files.write(Paths.get("target/digital_signature_1"), digitalSignature); + } +} diff --git a/libraries-security/src/main/java/com/baeldung/digitalsignature/level1/DigitalSignatureWithMessageDigestAndCipherVerifying.java b/libraries-security/src/main/java/com/baeldung/digitalsignature/level1/DigitalSignatureWithMessageDigestAndCipherVerifying.java new file mode 100644 index 0000000000..0b242a44fb --- /dev/null +++ b/libraries-security/src/main/java/com/baeldung/digitalsignature/level1/DigitalSignatureWithMessageDigestAndCipherVerifying.java @@ -0,0 +1,33 @@ +package com.baeldung.digitalsignature.level1; + +import com.baeldung.digitalsignature.Utils; + +import javax.crypto.Cipher; +import java.nio.file.Files; +import java.nio.file.Paths; +import java.security.MessageDigest; +import java.security.PublicKey; +import java.util.Arrays; + +public class DigitalSignatureWithMessageDigestAndCipherVerifying { + + public static void main(String[] args) throws Exception { + + PublicKey publicKey = Utils.getPublicKey(); + + byte[] messageBytes = Files.readAllBytes(Paths.get("src/test/resources/digitalsignature/message.txt")); + + MessageDigest md = MessageDigest.getInstance("SHA-256"); + byte[] newMessageHash = md.digest(messageBytes); + + byte[] encryptedMessageHash = Files.readAllBytes(Paths.get("target/digital_signature_1")); + + Cipher cipher = Cipher.getInstance("RSA"); + cipher.init(Cipher.DECRYPT_MODE, publicKey); + byte[] decryptedMessageHash = cipher.doFinal(encryptedMessageHash); + + boolean isCorrect = Arrays.equals(decryptedMessageHash, newMessageHash); + System.out.println("Signature " + (isCorrect ? "correct" : "incorrect")); + } + +} diff --git a/libraries-security/src/main/java/com/baeldung/digitalsignature/level2/DigitalSignatureWithSignatureSigning.java b/libraries-security/src/main/java/com/baeldung/digitalsignature/level2/DigitalSignatureWithSignatureSigning.java new file mode 100644 index 0000000000..afc8fd1045 --- /dev/null +++ b/libraries-security/src/main/java/com/baeldung/digitalsignature/level2/DigitalSignatureWithSignatureSigning.java @@ -0,0 +1,27 @@ +package com.baeldung.digitalsignature.level2; + +import com.baeldung.digitalsignature.Utils; + +import java.nio.file.Files; +import java.nio.file.Paths; +import java.security.PrivateKey; +import java.security.Signature; + +public class DigitalSignatureWithSignatureSigning { + + public static void main(String[] args) throws Exception { + + PrivateKey privateKey = Utils.getPrivateKey(); + + Signature signature = Signature.getInstance(Utils.SIGNING_ALGORITHM); + signature.initSign(privateKey); + + byte[] messageBytes = Files.readAllBytes(Paths.get("src/test/resources/digitalsignature/message.txt")); + + signature.update(messageBytes); + byte[] digitalSignature = signature.sign(); + + Files.write(Paths.get("target/digital_signature_2"), digitalSignature); + } + +} diff --git a/libraries-security/src/main/java/com/baeldung/digitalsignature/level2/DigitalSignatureWithSignatureVerifying.java b/libraries-security/src/main/java/com/baeldung/digitalsignature/level2/DigitalSignatureWithSignatureVerifying.java new file mode 100644 index 0000000000..ee34be989c --- /dev/null +++ b/libraries-security/src/main/java/com/baeldung/digitalsignature/level2/DigitalSignatureWithSignatureVerifying.java @@ -0,0 +1,28 @@ +package com.baeldung.digitalsignature.level2; + +import com.baeldung.digitalsignature.Utils; + +import java.nio.file.Files; +import java.nio.file.Paths; +import java.security.PublicKey; +import java.security.Signature; + +public class DigitalSignatureWithSignatureVerifying { + + public static void main(String[] args) throws Exception { + + PublicKey publicKey = Utils.getPublicKey(); + + byte[] sig = Files.readAllBytes(Paths.get("target/digital_signature_2")); + + Signature signature = Signature.getInstance(Utils.SIGNING_ALGORITHM); + signature.initVerify(publicKey); + + byte[] messageBytes = Files.readAllBytes(Paths.get("src/test/resources/digitalsignature/message.txt")); + + signature.update(messageBytes); + + boolean isCorrect = signature.verify(sig); + System.out.println("Signature " + (isCorrect ? "correct" : "incorrect")); + } +} diff --git a/libraries-security/src/test/resources/digitalsignature/message.txt b/libraries-security/src/test/resources/digitalsignature/message.txt new file mode 100644 index 0000000000..acc7b6f104 --- /dev/null +++ b/libraries-security/src/test/resources/digitalsignature/message.txt @@ -0,0 +1 @@ +This is a cool message! \ No newline at end of file