我尝试通过以下代码验证PKCS#7签名:
public static void verifypkcs7(String content, byte[] signedBytes) throws OperatorCreationException, CMSException, IOException, CertificateException, NoSuchAlgorithmException, NoSuchProviderException, CertStoreException, NoSuchStoreException
{
Security.addProvider(new BouncyCastleProvider());
CMSProcessableByteArray cmsByteArray = new CMSProcessableByteArray(content.getBytes("UTF-8"));
CMSSignedData sp = new CMSSignedData(cmsByteArray, signedBytes);
Store certStore = sp.getCertificates();
SignerInformationStore signers = sp.getSignerInfos();
Collection<?> c = signers.getSigners();
Iterator<?> it = c.iterator();
boolean verified = false;
while (it.hasNext())
{
SignerInformation signer = (SignerInformation)it.next();
Collection<?> certCollection = certStore.getMatches(signer.getSID());
Iterator<?> certIt = certCollection.iterator();
X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
verified = signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert));
}
System.out.println(verified);
CMSProcessable signedContent = sp.getSignedContent() ;
byte[] originalContent = (byte[]) signedContent.getContent();
System.out.println(new String(originalContent));
}
我的问题是:
Exception in thread "main" org.bouncycastle.cms.CMSException: can't create digest calculator: exception on setup: java.security.NoSuchAlgorithmException: no such algorithm: SHA1WITHRSA for provider BC
at org.bouncycastle.cms.SignerInformation.doVerify(Unknown Source)
at org.bouncycastle.cms.SignerInformation.verify(Unknown Source)
at PKCS7Signer.verifypkcs7_4(PKCS7Signer.java:281)
at PKCS7Signer.main(PKCS7Signer.java:170)
Caused by: org.bouncycastle.operator.OperatorCreationException: exception on setup: java.security.NoSuchAlgorithmException: no such algorithm: SHA1WITHRSA for provider BC
at org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder$1.get(Unknown Source)
at org.bouncycastle.cms.SignerInformationVerifier.getDigestCalculator(Unknown Source)
... 4 more
Caused by: java.security.NoSuchAlgorithmException: no such algorithm: SHA1WITHRSA for provider BC
at sun.security.jca.GetInstance.getService(Unknown Source)
at sun.security.jca.GetInstance.getInstance(Unknown Source)
at java.security.Security.getImpl(Unknown Source)
at java.security.MessageDigest.getInstance(Unknown Source)
at org.bouncycastle.jcajce.NamedJcaJceHelper.createDigest(Unknown Source)
at org.bouncycastle.operator.jcajce.OperatorHelper.createDigest(Unknown Source)
... 6 more
引起的异常:
verified = signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert));
我尝试使用Google搜索解决方案,但没有任何帮助。你能帮帮我吗?
我用于测试的数据:
Signature: MIIHFgYJKoZIhvcNAQcCoIIHBzCCBwMCAQExDzANBgkqhkiG9w0BAQUFADAvBgkqhkiG9w0BBwGgIgQgNURERTg3OUNERUIwNjIzRTAxOEQwQjY3QTIyN0U2N0KgggWeMIIFmjCCA4KgAwIBAgIQVAbJaGFPCH5uamvYoUjDLzANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJWTjEkMCIGA1UEChMbQ0sgTWVkaWEgYW5kIFRlY2hub2xvZ3kgSlNDMRYwFAYDVQQLEw1DS0NBIE9yaWdTaWduMQ0wCwYDVQQDEwRDS0NBMB4XDTEzMDUzMDA5MjYwNVoXDTE0MDUzMDA5MjYwNVowgcAxCzAJBgNVBAYTAlZOMRIwEAYDVQQIDAlIw6AgTuG7mWkxFTATBgNVBAcMDEPhuqd1IEdp4bqleTFBMD8GA1UECgw4Q8OUTkcgVFkgQ+G7lCBQSOG6pk4gQ8OUTkcgTkdI4buGIFbDgCBUUlVZ4buATiBUSMOUTkcgQ0sxHDAaBgNVBAsME1BIw5JORyBL4bu4IFRIVeG6rFQxJTAjBgNVBAMMHMSQ4bq2TkcgTkfhu4xDIFRV4bqkTiAtIFRFU1QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMoad+6Rjjcp1OEYPRq0Qas7cKe8+Sp1rvfoicap82BLVTcTqrOlMta/n3XLDQq0gQW30ffecNxSvUyFiJCXuuuP7G0CeQGV7GsWSkQoyBFsSiSsILMkCYbIAiObjwr66dxPHB/O1Oj9LVFxo39raXzEixl/xvufgO1xo60DUVONAgMBAAGjggF3MIIBczBmBggrBgEFBQcBAQRaMFgwLgYIKwYBBQUHMAKGImh0dHA6Ly9jZXJ0LmNrY2Eudm4vY2VydHMvY2tjYS5jZXIwJgYIKwYBBQUHMAGGGmh0dHA6Ly9vY3NwLmNrY2Eudm4vc3RhdHVzMB0GA1UdDgQWBBTXjYoyauIsE3keHaGt9lnasv3fiTAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFA8K92CW2aRVFNba/CaAkgNTtugUMDwGA1UdIAQ1MDMwMQYNKwYBBAGB7QMBBgEDBTAgMB4GCCsGAQUFBwIBFhJodHRwOi8vY2tjYS52bi9ycGEwMQYDVR0fBCowKDAmoCSgIoYgaHR0cDovL2NybC5ja2NhLnZuL2NybHMvY2tjYS5jcmwwDgYDVR0PAQH/BAQDAgTwMB8GA1UdJQQYMBYGCCsGAQUFBwMEBgorBgEEAYI3CgMMMBkGA1UdEQQSMBCBDnR1YW5ka0Bja2NhLnZuMA0GCSqGSIb3DQEBBQUAA4ICAQBbsJIh1PhKkyPd5BkpD5/EjgQODKsw2m9ZV3WSdM2HOVh1Pgv24FcJDGp93w6a2FWOx66m8JJXKRGVkAkizWvh/PkYrKOt2hpMetOm1uSDd2y3VcfTZyPcQ3T6qUJUje3DzA6ySWFbmTMv9lV3+dW7jvBHEXzagFVY5ZmzajFmsJ2oRp1DD3Ry/3ZsaP6j+w6FoIXB9LhNbmI8FNQ3A1Q3t/zxJovtsOHbS5cPzFjGLv7BJKWV0BG0eFvoxCb/tJkY5yOBP5P5bD5ht59D4AyEzKS8NKTYLnnIADQ6/zvpBzSoWzYTEKT8xl3o3LYBZQJL7D1U1yofhL3oYefc7fmwAuAZe5hjkO23N844gjz6ru1hBgzf2Zu8w37GZ+jUDPfisQhuGbkFSsNPFjz+CjKrrFO0H4o3hWF4l/t9nXVsM7PwNRo8YYxZmCM+nHTch1ITpzMh+z16KAQ2Ucncgwap+sTwMGnVYFhSsCJCTkYQY9J7OQrElNI7oHKEO1jQsSjghGTkpOvuoIcPimlJGuOUPQhJ3HZzfSPxaOznqpXwkHpTkNhUyzet1QZjdaQ4jNBPTO6pqHnDKXEtJKJsABnCy5tzdBch2Shw68NtFjC+siiLuzNxnz8G/4rWq4edQqpWz0RbMYnWoeuet/pbWF8yYX+zXL6LKECk7U6Nf3Y1UjGCARgwggEUAgEBMG4wWjELMAkGA1UEBhMCVk4xJDAiBgNVBAoTG0NLIE1lZGlhIGFuZCBUZWNobm9sb2d5IEpTQzEWMBQGA1UECxMNQ0tDQSBPcmlnU2lnbjENMAsGA1UEAxMEQ0tDQQIQVAbJaGFPCH5uamvYoUjDLzANBgkqhkiG9w0BAQUFADANBgkqhkiG9w0BAQEFAASBgB0Liyncn9qSKQIjoDXvLYf+vLSZv2XyiXbQI2jNaCMEvKpRToJWh3aPPQNJTJ7aam5ngue2IzcPeA52GqYqDhVfioGc1Y6MaKxlLTBSp/Jqg8LLwnj8BorOwqzuBAJIzyMfnPhD+DwMPCdbIL5Tpi5zwW7RlKcakuVkhONZhY2g
Content: 5DDE879CDEB0623E018D0B67A227E67B
Unbase64在用作第二个参数
之前答案 0 :(得分:1)
试试这个,但你应该换一个较旧的充气城堡版本。我用了1.45
byte[] signedData = ...;
byte[] originalData = ...;
CMSSignedDataParser parser = new CMSSignedDataParser(new CMSTypedStream(
new ByteArrayInputStream(originalData)), signedData);
parser.getSignedContent().drain();
CertStore certs = parser.getCertificatesAndCRLs("Collection", "BC");
SignerInformationStore signers = parser.getSignerInfos();
Collection<?> c = signers.getSigners();
Iterator<?> it = c.iterator();
while (it.hasNext()) {
SignerInformation signer = (SignerInformation) it.next();
Collection<?> certCollection = certs.getCertificates(signer.getSID());
Iterator<?> certIt = certCollection.iterator();
X509Certificate cert = (X509Certificate) certIt.next();
System.out.println("verify returns: " + signer.verify(cert, "BC"));
}