Provides functionality for creating RSA digital signatures.
- Java ≥ 8
To generate a RSA key pair and store it in PEM format you can use the OpenSSL cryptography and SSL/TLS toolkit:
- Install OpenSSL following the instructions from its official website.
- Generate private RSA key (key length ≥ 2048 is required for sufficient cryptographic complexity):
$ openssl genrsa -out private.pem 2048
- Generate public RSA key from private key:
$ openssl rsa -pubout -in private.pem -out public.pem
Contains a single utility class DigitalSignatures with straightforward usage:
byte[] signature = DigitalSignatures.sign(Path privateKeyFilePath, byte[] dataToSign);There are also options to provide the private key as String or Reader.
The resulting signature byte array can be encoded to Base64 in case it is
going to be transferred over HTTP. For such cases there is a convenience method:
String signatureBase64 = DigitalSignatires.encodeToBase64(byte[] bytes);To allow users to sign their data via CLI there is an executable JAR:
usage: java -jar digital-signatures-cli-<version>-all.jar -d <DATA> -k <PATH>
Calculates SHA256 with RSA signature in Base64 encoding for provided data
-d,--data-to-sign <DATA> String containing data to sign
-k,--private-key-file <PATH> Path to file containing RSA private keyRun ./gradlew clean build.
The CLI tool executable JAR is assembled to an extra *-all.jar artifact of digital-signatures-cli module.