The Java Tutorials have been written for JDK 8.Java教程是为JDK 8编写的。Examples and practices described in this page don't take advantage of improvements introduced in later releases and might use technology no longer available.本页中描述的示例和实践没有利用后续版本中引入的改进,并且可能使用不再可用的技术。See Java Language Changes for a summary of updated language features in Java SE 9 and subsequent releases.有关Java SE 9及其后续版本中更新的语言特性的摘要,请参阅Java语言更改。
See JDK Release Notes for information about new features, enhancements, and removed or deprecated options for all JDK releases.有关所有JDK版本的新功能、增强功能以及已删除或不推荐的选项的信息,请参阅JDK发行说明。
This lesson walks you through the steps necessary to use the JDK Security API to generate a digital signature for data and to verify that a signature is authentic. 本课程将指导您完成使用JDKSecurity API为数据生成数字签名并验证签名是否真实所需的步骤。This lesson is meant for developers who wish to incorporate security functionality into their programs, including cryptography services.本课程面向希望将安全功能(包括加密服务)纳入其程序的开发人员。
This lesson demonstrates the use of the JDK Security API with respect to signing documents. The lesson shows what one program, executed by the person who has the original document, would do to generate keys, generate a digital signature for the document using the private key, and export the public key and the signature to files.本课程演示了JDKSecurity API在签署文档方面的使用。本课程展示了由拥有原始文档的人执行的程序将如何生成密钥,使用私钥为文档生成数字签名,并将公钥和签名导出到文件中。
Then it shows an example of another program, executed by the receiver of the document, signature, and public key. It shows how the program could import the public key and verify the authenticity of the signature. 然后,它显示了由文档、签名和公钥的接收者执行的另一个程序的示例。它展示了程序如何导入公钥并验证签名的真实性。The lesson also discusses and demonstrates possible alternative approaches and methods of supplying and importing keys, including in certificates.本课程还讨论并演示了提供和导入密钥(包括证书中的密钥)的可能替代方法和途径。
For further information about the concepts and terminology (digital signatures, certificates, keystores), see the API and Tools Use for Secure Code and File Exchanges lesson.有关概念和术语(数字签名、证书、密钥库)的更多信息,请参阅API和用于安全代码和文件交换的工具课程。
In this lesson you create two basic applications, one for the digital signature generation and the other for the verification. This is followed by a discussion and demonstration of potential enhancements. The lesson contains three sections.在本课中,您将创建两个基本应用程序,一个用于数字签名生成,另一个用于验证。接下来是对潜在增强功能的讨论和演示。本课包含三个部分。
Generating a Digital Signature shows using the API to generate keys and a digital signature for data using the private key and to export the public key and the signature to files. The application gets the data file name from the command line.生成数字签名显示使用API为使用私钥的数据生成密钥和数字签名,并将公钥和签名导出到文件中。应用程序从命令行获取数据文件名。
Verifying a Digital Signature shows using the API to import a public key and a signature that is alleged to be the signature of a specified data file and to verify the authenticity of the signature. The data, public key, and signature file names are specified on the command line.验证数字签名显示使用API导入公钥和据称是指定数据文件签名的签名,并验证签名的真实性。数据、公钥和签名文件名在命令行上指定。
Weaknesses and Alternatives discusses potential weaknesses of the approach used by the basic programs. It then presents and demonstrates possible alternative approaches and methods of supplying and importing keys, including the use of files containing encoded key bytes and the use of certificates containing public keys.弱点和替代方案讨论了基本程序使用的方法的潜在弱点。然后,它介绍并演示了提供和导入密钥的可能替代方法,包括使用包含编码密钥字节的文件和使用包含公钥的证书。