All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.aliyun.dkms.gcs.sdk.samples.option.AsymmetricSign Maven / Gradle / Ivy

Go to download

Dedicated Key Management Service SDK for Java Copyright (C) Alibaba Cloud Computing All rights reserved. 版权所有 (C)阿里云计算有限公司 http://www.aliyun.com

The newest version!
package com.aliyun.dkms.gcs.sdk.samples.option;

import com.aliyun.dkms.gcs.openapi.models.Config;
import com.aliyun.dkms.gcs.openapi.util.models.RuntimeOptions;
import com.aliyun.dkms.gcs.sdk.Client;
import com.aliyun.dkms.gcs.sdk.models.SignRequest;
import com.aliyun.dkms.gcs.sdk.models.SignResponse;
import com.aliyun.tea.TeaException;
import com.aliyuncs.DefaultAcsClient;
import com.aliyuncs.IAcsClient;
import com.aliyuncs.exceptions.ClientException;
import com.aliyuncs.exceptions.ServerException;
import com.aliyuncs.kms.model.v20160120.*;
import com.aliyuncs.profile.DefaultProfile;

import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.util.Arrays;

public class AsymmetricSign {

    public static void main(String[] args) {
        asymmetricSignKmsSample();
        asymmetricSignDKmsSample();

    }

    public static void asymmetricSignKmsSample() {
        DefaultProfile profile = DefaultProfile.getProfile("cn-hangzhou", "", "");

        /** use STS Token
         DefaultProfile profile = DefaultProfile.getProfile(
         "",           // The region ID
         "",       // The AccessKey ID of the RAM account
         "",   // The AccessKey Secret of the RAM account
         "");          // STS Token
         **/
        IAcsClient client = new DefaultAcsClient(profile);

        AsymmetricSignRequest request = new AsymmetricSignRequest();
        request.setKeyId("");
        request.setKeyVersionId("");
        request.setAlgorithm("");
        request.setDigest("");
        try {
            AsymmetricSignResponse response = client.getAcsResponse(request);
            System.out.printf("KeyId: %s%n", response.getKeyId());
            System.out.printf("KeyVersionId: %s%n", response.getKeyVersionId());
            System.out.printf("Value: %s%n", response.getValue());
        } catch (ServerException e) {
            e.printStackTrace();
        } catch (ClientException e) {
            System.out.println("ErrCode:" + e.getErrCode());
            System.out.println("ErrMsg:" + e.getErrMsg());
            System.out.println("RequestId:" + e.getRequestId());
        }
    }

    /**
     * 专属kms非对称生成签名sample
     */
    public static void asymmetricSignDKmsSample() {
        Config config = new Config();
        config.setProtocol("https");
        config.setClientKeyFile("");
        config.setPassword("");
        config.setEndpoint("");
        // 验证服务端证书,这里需要设置为您的服务端证书路径
        config.setCaFilePath("");
        // 或者,设置为您的服务端证书内容
        //config.setCa("");
        // 待签名数据类型,RAW-原始消息,DIGEST-摘要
        String messageType = "DIGEST";
        SignRequest signRequest = new SignRequest();
        signRequest.setKeyId(keyId);
        signRequest.setAlgorithm(algorithm);
        signRequest.setMessage(digest);
        signRequest.setMessageType(messageType);
        try {
            // 如需忽略服务端证书,可使用此处注释代码方式调用
            //RuntimeOptions runtimeOptions = new RuntimeOptions();
            //runtimeOptions.setIgnoreSSL(true);
            //SignResponse signResponse = client.signWithOptions(signRequest, runtimeOptions);
            SignResponse signResponse = client.sign(signRequest);
            System.out.println("================sign================");
            //用于签名/验签的密钥Id,验签时需使用到此参数
            System.out.printf("KeyId: %s%n", signResponse.getKeyId());
            //签名值,验签时需使用到此参数
            System.out.printf("Signature: %s%n", Arrays.toString(signResponse.getSignature()));
            //算法,验签时需使用到此参数
            System.out.printf("Algorithm: %s%n", signResponse.getAlgorithm());
            //待签名数据类型,RAW-原始消息,DIGEST-摘要,验签时需使用到此参数
            System.out.printf("MessageType: %s%n", signResponse.getMessageType());
            System.out.println("================sign================");
            return signResponse;
        } catch (Exception e) {
            if (e instanceof TeaException) {
                System.out.printf("Code: %s%n", ((TeaException) e).getCode());
                System.out.printf("Message: %s%n", ((TeaException) e).getMessage());
                System.out.printf("HttpCode: %s%n", ((TeaException) e).getData().get("httpCode"));
                System.out.printf("HostId: %s%n", ((TeaException) e).getData().get("hostId"));
                System.out.printf("RequestId: %s%n", ((TeaException) e).getData().get("requestId"));
            } else {
                System.out.printf("sign errMsg: %s%n", e.getMessage());
            }
            e.printStackTrace();
        }
        return null;
    }

    private static byte[] getDigest(String message) throws Exception {
        MessageDigest sha256 = MessageDigest.getInstance("SHA-256");
        return sha256.digest(message.getBytes(StandardCharsets.UTF_8));
    }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy