android7上的签名验证
在我的应用程序中,我需要验证签名。下面是一个例子。它在安卓6和更早的版本上工作得非常好,但就在最近,我注意到它在安卓7或8上不工作。当我运行android7上的签名验证,android,digital-signature,bouncycastle,signature,Android,Digital Signature,Bouncycastle,Signature,在我的应用程序中,我需要验证签名。下面是一个例子。它在安卓6和更早的版本上工作得非常好,但就在最近,我注意到它在安卓7或8上不工作。当我运行verifyData()时,会出现以下异常: java.security.SignatureException:解码签名字节时出错。 在com.android.org.bouncycastle.jcajce.provider.asymetric.util.DSABase.engineVerify(DSABase.java:82)上 位于java.secur
verifyData()
java.security.SignatureException:解码签名字节时出错。
在com.android.org.bouncycastle.jcajce.provider.asymetric.util.DSABase.engineVerify(DSABase.java:82)上
位于java.security.Signature$Delegate.engineVerify(Signature.java:1380)
位于java.security.Signature.verify(Signature.java:806)
我不知道这些安卓版本有什么变化?如何在Android 7或更高版本上验证签名?
import org.bouncycastle.jce.provider.BouncyCastleProvider;
导入org.bounchycastle.util.io.pem.PemObject;
导入org.bouncycastle.util.io.pem.PemReader;
导入java.io.Reader;
导入java.io.StringReader;
导入java.security.KeyFactory;
导入java.security.PublicKey;
导入java.security.security;
导入java.security.Signature;
导入java.security.spec.X509EncodedKeySpec;
公开课考试{
静态最终字符串公钥=
“----开始公钥------\n”+
“MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEXMHnQfWiM4oCaLfx296llgz7iaVv\n”+
“avMPppkzVNZAxtlNLhFlXnNWD0Mw9yzP8/Go\n”+
“----结束公钥------\n”;
静态最终字符串数据=“0443607A263B8001484E4C31000010561186AF13980030000000000000000001”;
静态最终字符串签名=“303402181938B3C6FE3EFE75E1B1DF42D8E540055E07D6A5542E9ED3A01816AB6B9D1E5AF55E0E3E0B3E1A4DE5EC4A120AFC6D51FE6000000000000000000000000000000000000000”;
静态布尔verifyData()引发异常{
PublicKey pk=getPublicKey();
字节[]数据=十六字节(数据);
字节[]签名字节=十六字节(签名);
Signature Signature=Signature.getInstance(“SHA256withECDSA”、“BC”);
签名。初始化验证(pk);
签名。更新(数据);
返回签名。验证(签名字节);
}
静态PublicKey getPublicKey()引发异常{
addProvider(新的BouncyCastleProvider());
读卡器=新的StringReader(公钥);
PemObject PemObject=新的PemReader(reader).readPemObject();
KeyFactory-KeyFactory=KeyFactory.getInstance(“EC”、“BC”);
X509EncodedKeySpec X509EncodedKeySpec=新的X509EncodedKeySpec(pemObject.getContent());
PublicKey=keyFactory.generatePublic(x509EncodedKeySpec);
返回键;
}
静态字节[]十六进制字节(字符串s){
int len=s.length();
字节[]数据=新字节[len/2];
对于(int i=0;iimport org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemReader;
import java.io.Reader;
import java.io.StringReader;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.security.spec.X509EncodedKeySpec;
public class Test {
static final String PUBLIC_KEY =
"-----BEGIN PUBLIC KEY-----\n" +
"MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEXMHnQfWiM4oCaLfx296llgz7iaVv\n" +
"avMPppkzVNZAxtlNLhFlXnNWD0Mw9yzP8/Go\n" +
"-----END PUBLIC KEY-----\n";
static final String DATA = "0443607A263B8001484E4C310100010561186AF1398003000000000000000000000001";
static final String SIGNATURE = "303402181938B3C6FE3EFE75E1B1DF42D8E54055E07D6A5542E9ED3A021816AB6B9D1E5AF55E0E3E0B3E1A4DEA5EC4A120AFC6D51FE60000000000000000000000000000";
static boolean verifyData() throws Exception {
PublicKey pk = getPublicKey();
byte[] data = hexToBytes(DATA);
byte[] signatureBytes = hexToBytes(SIGNATURE);
Signature signature = Signature.getInstance("SHA256withECDSA", "BC");
signature.initVerify(pk);
signature.update(data);
return signature.verify(signatureBytes);
}
static PublicKey getPublicKey() throws Exception {
Security.addProvider(new BouncyCastleProvider());
Reader reader = new StringReader(PUBLIC_KEY);
PemObject pemObject = new PemReader(reader).readPemObject();
KeyFactory keyFactory = KeyFactory.getInstance("EC", "BC");
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(pemObject.getContent());
PublicKey key = keyFactory.generatePublic(x509EncodedKeySpec);
return key;
}
static byte[] hexToBytes(String s) {
int len = s.length();
byte[] data = new byte[len / 2];
for (int i = 0; i < len; i += 2) {
data[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4)
+ Character.digit(s.charAt(i + 1), 16));
}
return data;
}
}