使用SunMSCAPI JCE提供程序加密散列数据

时间:2013-08-15 09:37:01

标签: java rsa keystore mscapi

我想用RSA和SHA-1签署我的数据,但我的数据大小非常大。

我引用这个帖子:Using SHA1 and RSA with java.security.Signature vs. MessageDigest and Cipher,我正在尝试加密散列数据。

当我使用 PKCS12 PKCS11 提供程序加载我的私钥时,这很好。签名和加密数据是相同的。但是在使用 SunMSCAPI 提供程序时我遇到了麻烦,我得到了不同的结果。

这是我的代码:

public static Vector<PrivateKey> privateKeyArr = new Vector<PrivateKey>();
    private static PrivateKey privateKey;

    public static void load_win_store() {
        try {
            KeyStore store = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
            store.load(null, null);
            Enumeration enumer = store.aliases();

            while (enumer.hasMoreElements()) {
                String alias = enumer.nextElement().toString();
                X509Certificate x509 = (X509Certificate) store.getCertificate(alias);
                PrivateKey privateKey = (PrivateKey) store.getKey(alias, null);
                privateKeyArr.add(privateKey);
            }
        } catch (Exception ex) {
            ex.printStackTrace();
        }

        privateKey = privateKeyArr.get(0);
    }

public static void main(String[] args) {
        try {
            String plaintext = "abc";
            load_win_store();

            Signature instance = Signature.getInstance("SHA1withRSA");
            instance.initSign(privateKey);
            instance.update((plaintext).getBytes());
            byte[] signature = instance.sign();

            MessageDigest _sha1 = MessageDigest.getInstance("SHA1");
            byte[] _digest = _sha1.digest(plaintext.getBytes());
            DERObjectIdentifier sha1oid_ = new DERObjectIdentifier("1.3.14.3.2.26");

            AlgorithmIdentifier sha1aid_ = new AlgorithmIdentifier(sha1oid_, null);
            DigestInfo di = new DigestInfo(sha1aid_, _digest);

            Cipher cipher = Cipher.getInstance("RSA");
            cipher.init(Cipher.ENCRYPT_MODE, privateKey);
            byte[] cipherText = cipher.doFinal(di.getDEREncoded());

            System.out.println("Cipher text: " + byteArray2Hex(cipherText));
            System.out.println("Signature: " + byteArray2Hex(signature));
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

byteArray2Hex方法:

private static final char[] hex = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};

private static String byteArray2Hex(byte[] bytes) {
    StringBuilder sb = new StringBuilder(bytes.length * 2);
    for (final byte b : bytes) {
        sb.append(hex[(b & 0xF0) >> 4]);
        sb.append(hex[b & 0x0F]);
    }
    return sb.toString();
}

这是我的结果:

Cipher text: a70c2d53a4fb6eb68f91ca46fcaae61c30544...
Signature: 63d39af150212aa1b3a2539fcecfd9d744...

请帮助我,非常感谢!

0 个答案:

没有答案