我将一些数据写入文件(在这种情况下是一个字符串,但是因为我使用byte []可以是任何内容),在此之后我会读取它并比较结果。当我比较两个byte []' s时,它们看起来与我相同,但运行.equals()会返回false。
请在下面找到我的代码:
private void sign(ActionEvent e) throws Exception {
byte[] data = read(file);
Signature sig = Signature.getInstance("SHA1withRSA");
sig.initSign(keyPair.getPrivate());
sig.update(data);
byte[] signatureBytes = sig.sign();
String newFilePath = "output.file";
int signatureLength = signatureBytes.length;
String signString = new BASE64Encoder().encode(signatureBytes);
RandomAccessFile raf = new RandomAccessFile(newFilePath, "rw");
raf.writeInt(signatureLength);
raf.write(signatureBytes);
raf.write(data);
raf.close();
verify(newFilePath, signatureBytes, data);
}
private void verify(String path, byte[] signature, byte[] originalMessage) throws Exception {
File f = new File(path);
RandomAccessFile raf = new RandomAccessFile(f.getPath(), "r");
int sigLength = raf.readInt();
byte[] signatureBytes = new byte[sigLength];
raf.read(signatureBytes);
Long remainingLength = raf.length() - 1 - sigLength;
byte[] message = new byte[remainingLength.intValue()];
raf.read(message);
raf.close();
System.out.println("==== VERIFYING SIGNATURE ====");
String originalString = new BASE64Encoder().encode(signature);
String newString = new BASE64Encoder().encode(signatureBytes);
System.out.println("originalString\n" + originalString);
System.out.println("newString\n" + newString);
System.out.println("Signatures match: " + newString.equals(originalString));
System.out.println("==== VERIFYING MESSAGE ====");
String originalMessageString = new String(originalMessage);
String messageString = new String(message);
System.out.println("originalMessageString = " + originalMessageString);
System.out.println("messageString = " + messageString);
System.out.println("Messages match: " + originalMessageString.equals(messageString));
Signature sig = Signature.getInstance("SHA1withRSA");
sig.initVerify(keyPair.getPublic());
sig.update(message);
System.out.println(sig.verify(signatureBytes)); // false
}
我得到以下输出:(该文件是一个包含字符串&#34的文本文件; Hoi")
==== VERIFYING SIGNATURE ====
originalString
DU00HopnNgOnwPL4Y50lwR5CJFVCRqsj3hkdyareMqHPe4RKdCUr2FSNEuh0yq5LyzcP96MNDzNJ
jVTTI8+V3SPMDzQIjw4Ibb+xM3/XZHQi5ej8XfVXao234QytRD5y1bWKxlZEh4BlnzXcqD9tmANB
BOQTG3P15Ea0fFkDYpg=
newString
DU00HopnNgOnwPL4Y50lwR5CJFVCRqsj3hkdyareMqHPe4RKdCUr2FSNEuh0yq5LyzcP96MNDzNJ
jVTTI8+V3SPMDzQIjw4Ibb+xM3/XZHQi5ej8XfVXao234QytRD5y1bWKxlZEh4BlnzXcqD9tmANB
BOQTG3P15Ea0fFkDYpg=
Signatures match: true
==== VERIFYING MESSAGE ====
originalMessageString = Hoi
messageString = Hoi
Messages match: false <------ WTF
false
任何有关解决此问题的帮助都将不胜感激。
答案 0 :(得分:1)
我猜你在messageString之后有一些空格。试试
System.out.println("Messages match: " + originalMessageString.equals(messageString.trim()));
答案 1 :(得分:0)
我在计算remainingLength时使用了错误的偏移量。我从总文件长度中减去1 - 签名长度以补偿文件中的第一个整数。然后我意识到整数是4字节长。将此数字更改为4固定它。
因此,这一行应该是:
Long remainingLength = raf.length() - 4 - sigLength;