1. 对一段原始字符串，实现SHA 哈希签名，即hashMessage；

2. 用私钥key 对SHA后的字符串信息签名，即signatureMessage；

3. 用公钥key验证私钥签名的信息（私钥签名的原始字符串是SHA-256哈希的字符串，即hashMessage）是否正确；

import java.security.MessageDigest
import java.security.KeyFactory
import java.security.PrivateKey
import java.security.PublicKey
import java.security.Signature
import java.security.spec.PKCS8EncodedKeySpec
import java.security.spec.X509EncodedKeySpec
import org.bouncycastle.util.encoders.Hex

// 对原始字符串传SHA-256哈希
fun sha256(input: String): String {
    val bytes = input.toByteArray()
    val md = MessageDigest.getInstance("SHA-256")
    val digest = md.digest(bytes)
    return Hex.toHexString(digest)
}

// 加载私钥信息
fun loadPrivateKey(privateKeyPEM: String): PrivateKey {
    val privateKeyPEMStripped = privateKeyPEM
        .replace("-----BEGIN PRIVATE KEY-----", "")
        .replace("-----END PRIVATE KEY-----", "")
        .replace("\n", "")
    val encoded = Hex.decode(privateKeyPEMStripped)
    val keySpec = PKCS8EncodedKeySpec(encoded)
    val keyFactory = KeyFactory.getInstance("RSA")
    return keyFactory.generatePrivate(keySpec)
}

// 加载公钥信息
fun loadPublicKey(publicKeyPEM: String): PublicKey {
    val publicKeyPEMStripped = publicKeyPEM
        .replace("-----BEGIN PUBLIC KEY-----", "")
        .replace("-----END PUBLIC KEY-----", "")
        .replace("\n", "")
    val encoded = Hex.decode(publicKeyPEMStripped)
    val keySpec = X509EncodedKeySpec(encoded)
    val keyFactory = KeyFactory.getInstance("RSA")
    return keyFactory.generatePublic(keySpec)
}

// 使用私钥key 对SHA-256哈希后的字符串签名
fun signMessage(message: String, privateKey: PrivateKey): String {
    val signature = Signature.getInstance("SHA256withRSA")
    signature.initSign(privateKey)
    signature.update(message.toByteArray())
    val signedBytes = signature.sign()
    return Hex.toHexString(signedBytes)
}

//使用公钥钥key 对私钥签名的SHA-256哈希的字符串 验证：message 是对原始字符串 SHA-256哈希后的字符串； signedMessage 是私钥签名后的字符串；publicKey - 公钥key
fun verifySignature(message: String, signedMessage: String, publicKey: PublicKey): Boolean {
    val signature = Signature.getInstance("SHA256withRSA")
    signature.initVerify(publicKey)
    signature.update(message.toByteArray())
    val signedBytes = Hex.decode(signedMessage)
    return signature.verify(signedBytes)
}

//示例如下

fun main() {
    val message = "Test"
    val privateKeyPEM = ""

     val publicKeyPEM = ""
     val hashMsg = sha256(message)

     // 加载私钥和公钥
    val privateKey = loadPrivateKey(privateKeyPEM)
    val publicKey = loadPublicKey(publicKeyPEM)

    // 使用私钥签名
    val signatureMessage = signMessage(hashMsg, privateKey)

    // 使用公钥验证签名信息
    val isVerified = verifySignature(hashMsg, signatureMessage, publicKey)
}