堆栈内存溢出
  简体   繁体   English

KeyValue为什么要使用公共密钥?

[英]Why does KeyValue take a public key?

 原文  2013-02-06 18:30:38       java/ key/ digital-signature/ keystore/ xml-signature

问题描述

I am trying to sign an XML document using Java and I'm following along with this tutorial . 我正在尝试使用Java对XML文档进行签名,并且跟随本教程的学习 I was trying to sign the document using my private key, but when I looked at the API it says KeyValue only takes a PublicKey as the parameter. 我试图使用私钥对文档进行签名,但是当我查看API时,它说KeyValue仅将PublicKey作为参数。 Also in the tutorial it has me sign a DOMSignContext with the private key and then the XMLSignature with the public key. 同样在本教程中,它使我使用私钥对DOMSignContext进行签名,然后使用公钥对XMLSignature进行签名。 

DOMSignContext dsc = new DOMSignContext(kp.getPrivate(), doc.getDocumentElement()); 
KeyValue kv = kif.newKeyValue(kp.getPublic());
KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv)); 
XMLSignature signature = fac.newXMLSignature(si, ki);

I thought the whole point of a private key was so that people would trust you? 我认为私钥的全部目的是让人们信任您? Why would you need a public key for anything here? 您为什么在这里需要公用密钥? Can somebody explain the details here a little bit better for me? 有人可以在这里为我解释一些细节吗?

1 个解决方案

解决方案1
 1 已采纳  2013-02-06 19:33:46

In general, when someone wants to verify/decrypt something encrypted with a private key, the associated public key must be known (which is the whole point of public-key/asymmetric cryptography). 通常,当某人想要验证/解密使用私钥加密的内容时,必须知道关联的公钥(这是公钥/非对称密码学的重点)。

In the XMLSignature context, someone wanting to verify a document with a XMLSignature will need to know what public key to use; XMLSignature上下文中,想要使用XMLSignature验证文档的人将需要知道要使用哪个公钥; thus the public key can be included in a XMLSignature structure for convenience. 因此,为方便起见,公共密钥可以包含在XMLSignature结构中。

Successful verification of the XMLSignature means one can trust that the data signed has not been modified since the signature was created. XMLSignature的成功验证意味着人们可以相信,自创建签名以来,已签名的数据尚未被修改。 If the public key is known to be associated with a particular party, then one can trust that party created the signature. 如果已知公钥与特定的一方相关联,则可以信任该一方创建了签名。

As noted in the tutorial, you still have to "sign" the signature with: 如本教程所述,您仍然必须使用以下方法“签名”签名: 

signature.sign(dsc);

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 为什么Hashtable不带空键? - Why does Hashtable not take null key? 为什么putExtra需要一个键值对而不是一个值? - Why does putExtra take a key value pair and not just a value? 为什么线程中的公共方法无法在onCreate中解析? - Why does a public method in a thread not resolve in onCreate? 为什么Calendar类没有公共构造函数? - Why does the Calendar class not have a public constructor? 为什么public void Void(){…}用Java编译? - Why does public void Void() {…} compile in Java? 为什么依赖注射使用公共方法? - Why does dependecy injection use public methods? 如何使用Lambda-Expressions通过Key对KeyValue对象进行过滤? - How to perform filtering by Key on KeyValue objects using Lambda-Expressions? 为什么Java应用程序占用大量内存? - Why does java application take much memory? 为什么Map.compute()采用BiFunction - Why does Map.compute() take a BiFunction 为什么这需要这么长时间才能运行? - Why does this take so long to run?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM