java-sandbox/common/src/main/java/by/andd3dfx/digitalsignature/DigitalSignatureUtil.java at master · andrei-punko/java-sandbox · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
package by.andd3dfx.digitalsignature;

import java.io.BufferedInputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.*;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;

public class DigitalSignatureUtil {

    /**
     * According to documentation - https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#KeyPairGenerator
     * possible cases for algorithm are next: DiffieHellman, DSA, RSA, EC
     */
    public KeyPair generateKeysPair(String algorithm, int keysize) throws Exception {
        KeyPairGenerator keyGenerator = KeyPairGenerator.getInstance(algorithm);
        SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
        keyGenerator.initialize(keysize, random);
        return keyGenerator.generateKeyPair();
    }

    /**
     * Store private & public keys from keys pair to files
     */
    public void storeKeysToFiles(KeyPair keyPair, String privateKeyFilename, String publicKeyFilename) throws IOException {
        PrivateKey privateKey = keyPair.getPrivate();
        PublicKey publicKey = keyPair.getPublic();

        saveToFile(privateKeyFilename, privateKey.getEncoded());
        saveToFile(publicKeyFilename, publicKey.getEncoded());
    }

    private void saveToFile(String filename, byte[] data) throws IOException {
        FileOutputStream publicKeyFileOutputStream = new FileOutputStream(filename);
        publicKeyFileOutputStream.write(data);
        publicKeyFileOutputStream.close();
    }

    private byte[] loadFromFile(String filename) throws IOException {
        FileInputStream fileInputStream = new FileInputStream(filename);
        byte[] result = new byte[fileInputStream.available()];
        fileInputStream.read(result);
        fileInputStream.close();
        return result;
    }

    public PrivateKey loadPrivateKeyFromFile(String algorithm, String privateKeyFilename) throws Exception {
        byte[] encKey = loadFromFile(privateKeyFilename);
        PKCS8EncodedKeySpec encodedKeySpec = new PKCS8EncodedKeySpec(encKey);

        KeyFactory keyFactory = KeyFactory.getInstance(algorithm);
        return keyFactory.generatePrivate(encodedKeySpec);
    }

    public PublicKey loadPublicKeyFromFile(String algorithm, String publicKeyFilename) throws Exception {
        byte[] encKey = loadFromFile(publicKeyFilename);
        X509EncodedKeySpec encodedKeySpec = new X509EncodedKeySpec(encKey);

        KeyFactory keyFactory = KeyFactory.getInstance(algorithm);
        return keyFactory.generatePublic(encodedKeySpec);
    }

    /**
     * Sign string with definite algorithm and privateKey.
     * Usage: signString("SHA256withECDSA", privateKey, "Some string ...")
     */
    public byte[] signString(String algorithm, PrivateKey privateKey, String stringTiSign) throws Exception {
        Signature dsa = Signature.getInstance(algorithm);
        dsa.initSign(privateKey);

        byte[] strByte = stringTiSign.getBytes("UTF-8");
        dsa.update(strByte);

        return dsa.sign();
    }

    /**
     * Sign file with definite algorithm and privateKey.
     * Usage: signFile("SHA256withECDSA", privateKey, "d:/some-filename.txt")
     */
    public byte[] signFile(String algorithm, PrivateKey privateKey, String nameOfFileToSign) throws Exception {
        Signature dsa = Signature.getInstance(algorithm);
        dsa.initSign(privateKey);

        FileInputStream fis = new FileInputStream(nameOfFileToSign);
        BufferedInputStream bufferedInputStream = new BufferedInputStream(fis);
        byte[] buffer = new byte[1024];

        int len;
        while ((len = bufferedInputStream.read(buffer)) >= 0) {
            dsa.update(buffer, 0, len);
        }
        bufferedInputStream.close();
        return dsa.sign();
    }

    public String convertBytesArrayToString(byte[] signature) {
        return new BigInteger(1, signature).toString(16);
    }

    public boolean verifyStringSignature(String algorithm, PublicKey publicKey, String signedString, byte[] signature) throws Exception {
        Signature sig = Signature.getInstance(algorithm);
        sig.initVerify(publicKey);
        sig.update(signedString.getBytes("UTF-8"));
        return sig.verify(signature);
    }

    public boolean verifyFileSignature(String algorithm, PublicKey publicKey, String signedFileName, byte[] signatureToVerify) throws Exception {
        FileInputStream fileInputStream = new FileInputStream(signedFileName);
        byte[] bytes = new byte[fileInputStream.available()];
        fileInputStream.read(bytes);
        fileInputStream.close();

        Signature sig = Signature.getInstance(algorithm);
        sig.initVerify(publicKey);
        sig.update(bytes);
        return sig.verify(signatureToVerify);
    }
}