-1
我正在尝试使用此代码question来签署消息。无法使用bouncycastle签署内容
我面临的问题是,而不是原来的内容我有一些毫无意义的废话。 略有改变代码:
public class BCTestSign2 {
static final String KEYSTORE_FILE = "c:\\clientkeystore";
static final String KEYSTORE_INSTANCE = "JKS";
static final String KEYSTORE_PWD = "javacaps";
static final String KEYSTORE_ALIAS = "client";
public static void main(String[] args) throws Exception {
String text = "This is a message";
Security.addProvider(new BouncyCastleProvider());
KeyStore ks = KeyStore.getInstance(KEYSTORE_INSTANCE);
ks.load(new FileInputStream(KEYSTORE_FILE), KEYSTORE_PWD.toCharArray());
Key key = ks.getKey(KEYSTORE_ALIAS, KEYSTORE_PWD.toCharArray());
//Sign
PrivateKey privKey = (PrivateKey) key;
Signature signature = Signature.getInstance("SHA1WithRSA", "BC");
signature.initSign(privKey);
signature.update(text.getBytes());
//Build CMS
X509Certificate cert = (X509Certificate) ks.getCertificate(KEYSTORE_ALIAS);
List certList = new ArrayList();
CMSTypedData msg = new CMSProcessableByteArray(signature.sign());
certList.add(cert);
Store certs = new JcaCertStore(certList);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(privKey);
gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build()).build(sha1Signer, cert));
gen.addCertificates(certs);
CMSSignedData sigData = gen.generate(msg, true);
System.out.print ("Signed content: ");
sigData.getSignedContent().write (System.out);
}
}
,输出是:
签名内容:7Ѓ“(2XжS^р««Ц8в@üqШ<€&чcеЫR,ьћIк¤еџ”рМр “Гx|ЛЗжzҐЎНD,Y•*ґ№‰•^d1г,qNюТЉG°yюЄЭќ2ЉшОuхcS-Ѕљg[Яμр·№У_С`|еo”ќў‰†і
我使用同样的罐子:bcprov-jdk16- 1.46,bcmail-jdk16-1.46用v1.6编译a nd jdk 我也尝试了相同的代码,为后来的jdks和jar。
任何想法?
upd1: 我有一个包含显式签名消息的签名文件的示例。因此,您可以打开文件并查看符号之间的原始消息。当我得到“Enveloped data”(匹配原始文章)时,我可以看到我的证书的详细信息,但是我找不到原始消息 - 只有sigData.getSignedContent()中的散列值。
我做到了。相同。看起来这个输出实际上是签名消息的散列。但是原始信息在哪里呢?而这个哈希不依赖于JcaContentSignerBuilder()中的参数 – Denis