• Home
• com.aliyun
• alibabacloud-dkms-gcs-sdk-samples
• 0.5.3
• source code
• AsymmetricVerify.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.aliyun.dkms.gcs.sdk.samples.option.AsymmetricVerify Maven / Gradle / Ivy

package com.aliyun.dkms.gcs.sdk.samples.option;

import com.aliyun.dkms.gcs.openapi.models.Config;
import com.aliyun.dkms.gcs.openapi.util.models.RuntimeOptions;
import com.aliyun.dkms.gcs.sdk.Client;
import com.aliyun.dkms.gcs.sdk.models.VerifyRequest;
import com.aliyun.dkms.gcs.sdk.models.VerifyResponse;
import com.aliyun.tea.TeaException;
import com.aliyuncs.DefaultAcsClient;
import com.aliyuncs.IAcsClient;
import com.aliyuncs.exceptions.ClientException;
import com.aliyuncs.exceptions.ServerException;
import com.aliyuncs.kms.model.v20160120.*;
import com.aliyuncs.profile.DefaultProfile;


import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;

public class AsymmetricVerify {
    public static void main(String[] args) {
        asymmetricVerifyKmsSample();
        asymmetricVerifyDKmsSample();

    }

    /**
     * 共享kms非对称签名验证sample
     */
    public static void asymmetricVerifyKmsSample() {
        DefaultProfile profile = DefaultProfile.getProfile("cn-hangzhou", "", "");

        /** use STS Token
         DefaultProfile profile = DefaultProfile.getProfile(
         "",           // The region ID
         "",       // The AccessKey ID of the RAM account
         "",   // The AccessKey Secret of the RAM account
         "");          // STS Token
         **/
        IAcsClient client = new DefaultAcsClient(profile);

        AsymmetricVerifyRequest request = new AsymmetricVerifyRequest();
        request.setKeyId("");
        request.setKeyVersionId("");
        request.setAlgorithm("");
        request.setDigest("");
        request.setValue("");

        try {
            AsymmetricVerifyResponse response = client.getAcsResponse(request);
            System.out.printf("KeyId: %s%n", response.getKeyId());
            System.out.printf("KeyVersionId: %s%n", response.getKeyVersionId());
            System.out.printf("Value: %s%n", response.getValue());
        } catch (ServerException e) {
            e.printStackTrace();
        } catch (ClientException e) {
            System.out.println("ErrCode:" + e.getErrCode());
            System.out.println("ErrMsg:" + e.getErrMsg());
            System.out.println("RequestId:" + e.getRequestId());
        }
    }

    /**
     * 专属kms非对称签名验证sample
     */
    public static void asymmetricVerifyDKmsSample() {
        Config config = new Config();
        config.setProtocol("https");
        config.setClientKeyFile("");
        config.setPassword("");
        config.setEndpoint("");
        // 验证服务端证书，这里需要设置为您的服务端证书路径
        config.setCaFilePath("");
        // 或者，设置为您的服务端证书内容
        //config.setCa("");
        // 待签名数据类型，RAW-原始消息，DIGEST-摘要
        String messageType = "DIGEST";
        // 待验证签名值
        byte[] signature = "".getBytes(StandardCharsets.UTF_8);
        VerifyRequest verifyRequest = new VerifyRequest();
        verifyRequest.setKeyId(keyId);
        verifyRequest.setAlgorithm(algorithm);
        verifyRequest.setMessage(digest);
        verifyRequest.setMessageType(messageType);
        verifyRequest.setSignature(signature);
        try {
            // 如需忽略服务端证书，可使用此处注释代码方式调用
            //RuntimeOptions runtimeOptions = new RuntimeOptions();
            //runtimeOptions.setIgnoreSSL(true);
            //VerifyResponse verifyResponse = client.verifyWithOptions(verifyRequest, runtimeOptions);
            VerifyResponse verifyResponse = client.verify(verifyRequest);
            System.out.println("================verify================");
            System.out.printf("KeyId: %s%n", verifyResponse.getKeyId());
            //验签结果
            System.out.printf("Value: %s%n", verifyResponse.getValue());
            System.out.println("================verify================");
        } catch (Exception e) {
            if (e instanceof TeaException) {
                System.out.printf("Code: %s%n", ((TeaException) e).getCode());
                System.out.printf("Message: %s%n", ((TeaException) e).getMessage());
                System.out.printf("HttpCode: %s%n", ((TeaException) e).getData().get("httpCode"));
                System.out.printf("HostId: %s%n", ((TeaException) e).getData().get("hostId"));
                System.out.printf("RequestId: %s%n", ((TeaException) e).getData().get("requestId"));
            } else {
                System.out.printf("verify errMsg: %s%n", e.getMessage());
            }
            e.printStackTrace();
        }
    }

    private static byte[] getDigest(String message) throws Exception {
        MessageDigest sha256 = MessageDigest.getInstance("SHA-256");
        return sha256.digest(message.getBytes(StandardCharsets.UTF_8));
    }
}