Detached

Detached

关注
发信
关注(28)粉丝(399)

用BC验证分离的签名

本文介绍了用BC验证分离的签名的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

如何使用Java中的BouncyCastle提供程序验证分离的签名(CMS / pkcs#7签名)?

How can I verify a detached signature (CMS/pkcs #7 signature) using the BouncyCastle provider in Java?

目前,我的代码会抛出异常消息消息摘要属性值与计算值不匹配

Currently, my code below throws an exception with the message message-digest attribute value does not match calculated value

Security.addProvider(new BouncyCastleProvider());

File f = new File(filename);
byte[] buffer = new byte[(int)f.length()];
DataInputStream in = new DataInputStream(new FileInputStream(f));
in.readFully(buffer);
in.close();

CMSSignedData signature = new CMSSignedData(buffer);
SignerInformation signer = (SignerInformation) signature.getSignerInfos().getSigners().iterator().next();
CertStore cs = signature.getCertificatesAndCRLs("Collection", "BC");
Iterator iter = cs.getCertificates(signer.getSID()).iterator();
X509Certificate certificate = (X509Certificate) iter.next();

CMSProcessable sc = signature.getSignedContent();

signer.verify(certificate, "BC");


推荐答案

您可以通过以下代码验证分离签名:

You can verify detached signature by the following code :

public static boolean verif_Detached(String signed_file_name,String original_file_name) throws IOException, CMSException, NoSuchAlgorithmException, NoSuchProviderException, CertStoreException, CertificateExpiredException, CertificateNotYetValidException{

    boolean result= false;
    Security.addProvider(new BouncyCastleProvider());

    File f = new File(signed_file_name);
    byte[] Sig_Bytes = new byte[(int)f.length()];
    DataInputStream in = new DataInputStream(new FileInputStream(f));
    in.readFully(Sig_Bytes);
    in.close();

    File fi = new File(original_file_name);
    byte[] Data_Bytes = new byte[(int)fi.length()];
    DataInputStream input = new DataInputStream(new FileInputStream(fi));
    input.readFully(Data_Bytes);
    input.close();

    try{
        CMSSignedData cms = new CMSSignedData(new CMSProcessableByteArray(Data_Bytes), Sig_Bytes);
        CertStore certStore = cms.getCertificatesAndCRLs("Collection", "BC");
        SignerInformationStore signers = cms.getSignerInfos();
        Collection c = signers.getSigners();
        Iterator it = c.iterator();
        while (it.hasNext()) {
            SignerInformation signer = (SignerInformation) it.next();
            Collection certCollection = certStore.getCertificates(signer.getSID());
            Iterator certIt = certCollection.iterator();
            X509Certificate cert = (X509Certificate) certIt.next();
            cert_signer=cert;
            result=signer.verify(cert, "BC");
        }
    }catch(Exception e){
        e.printStackTrace();
        result=false;
    }
    return result;
}

这篇关于用BC验证分离的签名的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-21 18:12
Powered by LMLPHP ©2024 Detached 0.040454