我没有在互联网上看到任何这样的例子,所以据我所知,这是第一次有人在Java中尝试这个,我很难相信。
我只是尝试使用我已经给出的.pem,.p12和.cer文件来生成manifest.json的签名文件。这是我所拥有的,它给我一个InvalidKeyException版本不匹配:(支持:00,解析:03
请参阅下面代码中发生错误的评论。我用其他语言看过一些关于人们如何使用openssl进行此操作的示例,但必须有一个Java等价物?
File pemFile = new File("AWWdevCert.pem");
File passCer = new File("pass.cer");
File passP12 = new File("pass.p12");
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
KeySpec ks = new PKCS8EncodedKeySpec(FileUtils.readFileToByteArray(passP12));
PrivateKey privKey = keyFactory.generatePrivate(ks); // ERROR HERE
CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
InputStream in = new ByteArrayInputStream(FileUtils.readFileToByteArray(passCer));
X509Certificate passCert = (X509Certificate)certFactory.generateCertificate(in); //don't know what to do with this
File inputFile = new File("WebContent/WEB-INF/Lowes.raw/manifest.json");
FileInputStream freader = null;
int sizecontent = ((int) inputFile.length());
byte[] contentbytes = new byte[sizecontent];
freader = new FileInputStream(inputFile);
System.out.println("\nContent Bytes: " + freader.read(contentbytes, 0, sizecontent));
freader.close();
Signature signature = Signature.getInstance("Sha1WithRSA");
signature.initSign(privKey);
signature.update(contentbytes);
byte[] signedData = signature.sign();
//create signature file
File signatureFile = new File(passDirectory.getAbsolutePath()+File.separator+"signature");
答案 0 :(得分:4)
在github上查看此jpasskit项目
答案 1 :(得分:0)
您还可以仅通过使用本机sun.security软件包来生成签名。这是Scala中的示例(可以轻松地用Java重写)
import java.security.cert.X509Certificate
import java.security.{MessageDigest, PrivateKey, Signature}
import java.util.Date
import sun.security.pkcs._
import sun.security.util.DerOutputStream
import sun.security.x509.{AlgorithmId, X500Name}
object PKPassSigner {
def sign(
signingCert: X509Certificate,
privateKey: PrivateKey,
intermediateCert: X509Certificate,
dataToSing: Array[Byte]
): Array[Byte] = {
val digestAlgorithmId = new AlgorithmId(AlgorithmId.SHA_oid)
val md = MessageDigest.getInstance(digestAlgorithmId.getName)
val attributes = new PKCS9Attributes(Array(
new PKCS9Attribute(PKCS9Attribute.SIGNING_TIME_OID, new Date()),
new PKCS9Attribute(PKCS9Attribute.MESSAGE_DIGEST_OID, md.digest(dataToSign)),
new PKCS9Attribute(PKCS9Attribute.CONTENT_TYPE_OID, ContentInfo.DATA_OID)
))
val signature = Signature.getInstance("Sha1WithRSA")
signature.initSign(privateKey)
signature.update(attributes.getDerEncoding)
val signedData = signature.sign()
val signerInfo = new SignerInfo(
X500Name.asX500Name(signingCert.getIssuerX500Principal),
signingCert.getSerialNumber,
digestAlgorithmId,
attributes,
AlgorithmId.get(privateKey.getAlgorithm),
signedData,
null
)
val p7 = new PKCS7(
Array(digestAlgorithmId),
new ContentInfo(ContentInfo.DATA_OID, null),
Array(signingCert, intermediateCert),
Array(signerInfo)
)
val out = new DerOutputStream()
p7.encodeSignedData(out)
out.flush()
val res = out.toByteArray
out.close()
res
}
}