Java中的ECDSA签名验证性能

编程问答 2022-06-09

问题描述

我正在尝试针对 secp521r1 曲线计算Java中 ECDSA 签名验证的性能。 我每秒获得 3000 签名验证。

还添加了其他工作,我使用openssl speed命令测试了secp521r1曲线,在我的机器(40个内核)上进行了 9000 验证。我也用Golang进行了测试,但是secp521r1的性能并不好,尽管secp256r1的性能很棒(每秒 28000 验证)。我接触了Golang社区,发现256是经过手动优化的,但其他曲线却没有。

我还使用nodeJs进行了测试以验证签名,在那里我每秒获得 9000 验证,这与Openssl相似。通过检查nodeJs加密模块实现的源代码,我发现它们正在使用像openssl这样的实现。

但是我只需要从事Java工作,因此可以接触到社区。这是Java中的常见结果吗?还是我们也有类似Java的openssl实现?

虚拟代码========================= 

package dummy;

import java.io.FileInputStream;
import java.io.FileReader;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;

import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemReader;
import org.json.JSONObject;

public class DSA {
    static JSONObject ob = new JSONObject();
    static byte[] strByte = null;
    static byte[] realSig;
    static String str = "a";//"{\"type\":\"issueTx\",\"userId\":1,\"transaction\":{\"amount\":1000}}"; /a
    static byte[] sigdata;
    static String sigEdata;
    static X509Certificate c;
    static String sigTestSigneddata;

    public static void main(String[] args)
            throws InvalidAlgorithmParameterException,NoSuchAlgorithmException,IOException {

        try {


            KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
            keyGen.initialize(new ECGenParameterSpec("secp521r1"),new SecureRandom());

            KeyPair pair = keyGen.generateKeyPair();
            PrivateKey priv = pair.getPrivate();
            PublicKey pub = pair.getPublic();
            FileWriter fw = new FileWriter("MyKeys/n.pem");
            PemWriter writer = new PemWriter(fw);
            writer.writeObject(new PemObject("PUBLIC KEY",pub.getEncoded()));
            writer.close();
            FileWriter fw2 = new FileWriter("MyKeys/n_sk");
            PemWriter writer2 = new PemWriter(fw2);
            writer2.writeObject(new PemObject("PRIVATE KEY ",priv.getEncoded()));
            writer2.close();

            Security.addProvider(new BouncyCastleProvider());
            Signature ecdsa;

            ecdsa = Signature.getInstance("SHA256withECDSA"); // SHA512WITHECDSA SHA512withECDSA
            ecdsa.initSign(getPrivate("MyKeys/n_sk"));

            strByte = str.getBytes("UTF-8");
            ecdsa.update(strByte);
            realSig = ecdsa.sign();

            sigEdata = Base64.getEncoder().encodeToString(realSig);

            Thread.sleep(1000);
             verify();

        } catch (Exception e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
    }

    public static void verify() throws Exception {

        verifySignature();

    }

    private static void verifySignature() throws Exception {
    
        Signature sig = Signature.getInstance("SHA256withECDSA","BC"); // SHA256withECDSA // SHA512withECDSA

        // sig.initVerify(c.getPublicKey()); to verify using digi cert
        sig.initVerify(getPublic("MyKeys/n.pem"));
        sig.update(str.getBytes());
        System.out.println(sig.verify(Base64.getDecoder().decode(sigEdata)));

        // sig.verify(sigEdata.getBytes(Charset.defaultCharset()));
        System.out.println(str);

    }

    private static PrivateKey getPrivate(String filename) throws Exception {

        PemReader reader = new PemReader(new FileReader(filename));
        PemObject pemObject = reader.readPemObject();
        byte[] content = pemObject.getContent();
        reader.close();
        PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(content);
        KeyFactory kf = KeyFactory.getInstance("EC");
        return kf.generatePrivate(spec);
    }

    

    private static PublicKey getPublic(String filename) throws Exception {

        PemReader reader = new PemReader(new FileReader(filename));
        PemObject pemObject = reader.readPemObject();
        byte[] content = pemObject.getContent();
        reader.close();
        X509EncodedKeySpec spec = new X509EncodedKeySpec(content);
        KeyFactory kf = KeyFactory.getInstance("EC");
        return kf.generatePublic(spec);
    }
    
    
}

解决方法

暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!

如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。

小编邮箱:dio#foxmail.com (将#修改为@)

bouncycastledsaecdsajavajavaopenssl

相关问答

导入项目后报错问题
依赖报错 idea导入项目后依赖报错,解决方案:https://blog....
idea不能识别yaml文件
使用mybatis plus常见错误
错误1:代码生成器依赖和mybatis依赖冲突 启动项目时报错如下...
gradle常见问题与错误
错误1:gradle项目控制台输出为乱码 # 解决方案:https://bl...
Mybatis Plus传入参数0不起作用
错误还原:在查询的过程中,传入的workType为0时,该条件不起...
linux中make编译源码包失败
报错如下,gcc版本太低 ^ server.c:5346:31: 错误:‘struct...