Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/362.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java 虽然使用了正确的公钥和签名文件,但未验证签名_Java_Security_Certificate_Digital Signature_Bouncycastle - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java 虽然使用了正确的公钥和签名文件,但未验证签名

Java 虽然使用了正确的公钥和签名文件,但未验证签名

java security certificate

Java 虽然使用了正确的公钥和签名文件,但未验证签名,java,security,certificate,digital-signature,bouncycastle,Java,Security,Certificate,Digital Signature,Bouncycastle,下面类中的结果变量总是返回false,尽管我使用的是正确的签名文件和公钥 public class VeriGen { static FileInputStream fin; public static void main(String args[]) throws Exception { Security.addProvider(new BouncyCastleProvider()); KeyStore msCertStore = KeyS

下面类中的结果变量总是返回false,尽管我使用的是正确的签名文件和公钥

public class VeriGen {

    static FileInputStream fin;

    public static void main(String args[]) throws Exception {
        Security.addProvider(new BouncyCastleProvider());

        KeyStore msCertStore = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
        msCertStore.load(null, null);
        X509Certificate c = ((X509Certificate) msCertStore.getCertificate("Software View Certificate Authority"));
        PublicKey pubKey = c.getPublicKey();


        File file = new File("C:\\Users\\mayooranM\\Desktop\\SignatureVerificationTest\\ProcessExplorer.zip");
        fin = new FileInputStream(file);
        byte fileContent[] = new byte[(int) file.length()];

        File signedData = new File(
                "C:\\Users\\mayooranM\\Desktop\\SignatureVerificationTest\\SignedProcessExplorer.sig");
        fin = new FileInputStream(signedData);
        byte signedContent[] = new byte[(int) signedData.length()];

        boolean result = verifySig(fileContent, pubKey, signedContent);
        System.out.println("result is : " + result);
    }

    public static boolean verifySig(byte[] data, PublicKey key, byte[] sig) throws Exception {
        Signature signer = Signature.getInstance("SHA1WithRSA", "BC");
        signer.initVerify(key);
        signer.update(data);
        return (signer.verify(sig));

    }
}
下面是我用来签署文件的代码

public class SigGen {

    static final String KEYSTORE_FILE = "C:\\Users\\mayooranM\\Desktop\\x.509-sample-keys-and-certificates\\generation-tool\\swviewca.p12";
    static final String KEYSTORE_INSTANCE = "PKCS12";
    static final String KEYSTORE_PWD = "swviewcastoresecret";
    static final String KEYSTORE_ALIAS = "swviewca";
    static FileInputStream fin = null;

    public static void main(String args[]) throws Exception {
        Security.addProvider(new BouncyCastleProvider());

        File file = new File("C:\\Users\\mayooranM\\Desktop\\SignatureVerificationTest\\ProcessExplorer.zip");
        fin = new FileInputStream(file);
        byte fileContent[] = new byte[(int) file.length()];

        KeyStore ks = KeyStore.getInstance(KEYSTORE_INSTANCE);
        ks.load(new FileInputStream(KEYSTORE_FILE), KEYSTORE_PWD.toCharArray());
        Key key = ks.getKey(KEYSTORE_ALIAS, KEYSTORE_PWD.toCharArray());

        // Sign
        PrivateKey privKey = (PrivateKey) key;
        byte[] signedData = signData(fileContent, privKey);

        FileOutputStream fos = new FileOutputStream(
                "C:\\Users\\mayooranM\\Desktop\\SignatureVerificationTest\\SignedProcessExplorer.sig");
        fos.write(signedData);
        fos.close();

    }

    public static byte[] signData(byte[] data, PrivateKey key) throws Exception {
        Signature signer = Signature.getInstance("SHA1WithRSA", "BC");
        signer.initSign(key);
        signer.update(data);
        return (signer.sign());
    }


}
我做错了什么?请注意。

在您发布的代码中,您似乎从未真正阅读过该文件
fin
已分配但从未使用,并且创建了
signedContent
fileContent
数组,但从未填充

正确执行此操作的简单方法是。