Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/transferwise/digital-signatures

Last synced: 18 days ago
JSON representation

Host: GitHub
URL: https://github.com/transferwise/digital-signatures
Owner: transferwise
License: mit
Created: 2020-01-02T13:31:55.000Z (about 5 years ago)
Default Branch: master
Last Pushed: 2024-08-15T14:01:46.000Z (5 months ago)
Last Synced: 2024-11-06T17:35:59.638Z (2 months ago)
Language: Java
Size: 68.4 KB
Stars: 2
Watchers: 5
Forks: 2
Open Issues: 8
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # Library for signing data with private key

Provides functionality for creating RSA digital signatures.

## Requirements

* Java ≥ 8

## Generating a RSA private/public key pair

To generate a RSA key pair and store it in PEM format you can use the OpenSSL cryptography and SSL/TLS toolkit:

1. Install OpenSSL following the instructions from [its official website](https://www.openssl.org/).

2. Generate private RSA key (key length ≥ 2048 is required for sufficient cryptographic complexity):

    ```bash

    $ openssl genrsa -out private.pem 2048

    ```

3. Generate public RSA key from private key:

    ```bash

    $ openssl rsa -pubout -in private.pem -out public.pem

    ```

## [Library](./digital-signatures)

Contains a single utility class 

[DigitalSignatures](./digital-signatures/src/main/java/com/transferwise/digitalsignatures/DigitalSignatures.java) 

with straightforward usage:

```java

byte[] signature = DigitalSignatures.sign(Path privateKeyFilePath, byte[] dataToSign);

```

There are also options to provide the private key as `String` or `Reader`.

The resulting signature byte array can be encoded to [Base64](https://en.wikipedia.org/wiki/Base64) in case it is 

going to be transferred over HTTP. For such cases there is a convenience method:

```java

String signatureBase64 = DigitalSignatires.encodeToBase64(byte[] bytes);

```

## [CLI tool](./digital-signatures-cli)

To allow users to sign their data via CLI there is an executable JAR:

```bash

usage: java -jar digital-signatures-cli--all.jar -d  -k 

Calculates SHA256 with RSA signature in Base64 encoding for provided data

 -d,--data-to-sign        String containing data to sign

 -k,--private-key-file    Path to file containing RSA private key

```

## Building

Run `./gradlew clean build`. 

The CLI tool executable JAR is assembled to an extra `*-all.jar` artifact of `digital-signatures-cli` module.