Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/330.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java SignedObject不是';不能正确序列化_Java_Serialization_Java Security - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java SignedObject不是';不能正确序列化

Java SignedObject不是';不能正确序列化

java serialization

Java SignedObject不是';不能正确序列化,java,serialization,java-security,Java,Serialization,Java Security,似乎java.security.SignedObject没有正确序列化 在单个进程上执行以下操作时,效果良好: Signature signingEngine = Signature.getInstance("DSA", "SUN"); PublicKey pubKey; // Already initialized appropriately PrivateKey privKey; // " " " SignedObject so = new SignedObjec

似乎
java.security.SignedObject
没有正确序列化

在单个进程上执行以下操作时,效果良好:

Signature signingEngine = Signature.getInstance("DSA", "SUN");
PublicKey pubKey; // Already initialized appropriately
PrivateKey privKey; // "     "           "
SignedObject so = new SignedObject(myObject, privKey, signingEngine);
so.verify(pubKey, signingEngine); // returns true
但是,当我有两个进程并试图通过网络传递签名对象时,我会遇到问题

发送方

Signature signingEngine = Signature.getInstance("DSA", "SUN");
PrivateKey privKey; // Already initialized appropriately
SignedObject so = new SignedObject(myObject, privKey, signingEngine);
Socket socket = new Socket("localhost", 4000);
ObjectOutputStream out = new ObjectOutputStream(socket.getOutputStream());
out.writeObject(so);
out.close();

Signature signingEngine = Signature.getInstance("DSA", "SUN");
PublicKey pubKey; // Already initialized appropriately
ServerSocket socket = new ServerSocket(4000);
ObjectInputStream in = new ObjectInputStream(socket.accept().getInputStream());
SignedObject so = (SignedObject) in.readObject();
in.close();
so.verify(pubKey, signingEngine); // returns false
接收器

Signature signingEngine = Signature.getInstance("DSA", "SUN");
PrivateKey privKey; // Already initialized appropriately
SignedObject so = new SignedObject(myObject, privKey, signingEngine);
Socket socket = new Socket("localhost", 4000);
ObjectOutputStream out = new ObjectOutputStream(socket.getOutputStream());
out.writeObject(so);
out.close();

Signature signingEngine = Signature.getInstance("DSA", "SUN");
PublicKey pubKey; // Already initialized appropriately
ServerSocket socket = new ServerSocket(4000);
ObjectInputStream in = new ObjectInputStream(socket.accept().getInputStream());
SignedObject so = (SignedObject) in.readObject();
in.close();
so.verify(pubKey, signingEngine); // returns false
请注意,
myObject
实现了
Serializable
,即使我将
myObject
更改为诸如
byte[]
之类的原语,我仍然存在相同的问题。有趣的是,如果我通过套接字将签名对象发送到同一进程中运行的不同线程,
verify
成功

我认为它可能与
签名
实例有关,但是
验证
即使在我使用
签名
的不同实例进行签名和验证时,也会在单个过程中成功

我怀疑密钥是否有任何问题,因为在“一个进程”和“发送者/接收者”的情况下,我是以完全相同的方式从文件中加载密钥的。

到底是什么问题?什么类型的异常以及在代码中的位置?问题是SignedObject.verify在两个进程的情况下返回false。您确定公钥在两端都相同吗?我确定它们在两端都应该相同。在这两种情况下,我都使用完全相同的方法从文件中读取密钥对。我确信它们的两端也应该是相同的,否则这个过程将不起作用,但这不是我所要求的。你查过了吗?