Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/317.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java 无法验证签名(cmssigneddata)bouncycastle_Java_Store_Bouncycastle_Sign_Verify - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java 无法验证签名(cmssigneddata)bouncycastle

Java 无法验证签名(cmssigneddata)bouncycastle

java

Java 无法验证签名(cmssigneddata)bouncycastle,java,store,bouncycastle,sign,verify,Java,Store,Bouncycastle,Sign,Verify,当我想验证使用BouncyCastle制作的签名时,我不会进入verifySignature方法的第二个循环。store.getMatches()返回一个空数组 public static CMSSignedData sign() throws Exception { byte[] file = fileChooser(); store = KeyStore.getInstance(storeType); FileInputStream in = new FileInpu

当我想验证使用BouncyCastle制作的签名时,我不会进入
verifySignature
方法的第二个
循环。
store.getMatches()
返回一个空数组


public static CMSSignedData sign() throws Exception {
    byte[] file = fileChooser();
    store = KeyStore.getInstance(storeType);
    FileInputStream in = new FileInputStream(new File(storePathKey));
    store.load(in, storePassword);
    in.close();

    Key priv = store.getKey("Subject", storePassword);
    System.out.println(priv.toString() + "priv string");
    X509Certificate cert = (X509Certificate) store.geCertificate("Subject");
    ContentSigner signer = new JcaContentSignerBuilder(sigAlgo).build((RSAPrivateKey) priv);

    CMSTypedData data = new CMSProcessableByteArray(file);
    CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
    gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build())
        .build(signer, cert));
    CMSSignedData sigData = gen.generate(data, true);

    return sigData;
}

public static void verifySig(CMSSignedData sigData) throws Exception {
    Store store = sigData.getCertificates();
    SignerInformationStore signers = sigData.getSignerInfos();
    System.out.println(store.toString() + "store");
    Collection c = signers.getSigners();
    Iterator it = c.iterator();

    while (it.hasNext()) {
        System.out.println("enter while loop1");
        SignerInformation signer = (SignerInformation) it.next();

        Collection certCollection = store.getMatches(signer.getSID());
        Iterator certIt = certCollection.iterator();
        System.out.println(store.getMatches(null) + "collection of certs");

        while (certIt.hasNext()) {
            System.out.println("enter while loop2");
            X509CertificateHolder certHolder = (X509CertificateHolder) certIt.next();
            X509Certificate cert = new JcaX509CertificateConverter().getCertificate(certHolder);

            if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder().build(cert))) {
                System.out.println("verified correct");
            } else {
                System.out.println("not verified");
            }
        }
    }
}



sign()
方法中是否缺少某些内容
 您需要将证书添加到
org.bouncycastle.util.CollectionStore
,并将此存储添加到签名中

我正在使用BouncyCastle 1.56:


import org.bouncycastle.cert.X509CertificateHolder;
导入org.bouncycastle.util.CollectionStore;
//在gen.addSignerInfoGenerator(…)后面添加这些行
//证书是您的X509证书
X509CertificateHolder持有人=新的X509CertificateHolder(cert.getEncoded());
CollectionStore certStore=新的CollectionStore(Collections.singletonList(holder));
gen.addCertificates(certStore);//将存储添加到签名中


要添加多个证书时,
CollectionStore
非常有用。如果只想添加一个,还可以执行以下操作:


X509CertificateHolder持有人=新的X509CertificateHolder(cert.getEncoded());
一般证书(持有人);


我得到的输出:


输入while loop1
[org.bouncycastle.cert。X509CertificateHolder@5bc807a8]证书的收集
边输入边循环2
验证正确