写入和从文件读取后字符串已更改

时间:2016-06-20 07:43:01

标签: java signature randomaccessfile

我将一些数据写入文件(在这种情况下是一个字符串,但是因为我使用byte []可以是任何内容),在此之后我会读取它并比较结果。当我比较两个byte []' s时,它们看起来与我相同,但运行.equals()会返回false

请在下面找到我的代码:

private void sign(ActionEvent e) throws Exception {
    byte[] data = read(file);

    Signature sig = Signature.getInstance("SHA1withRSA");
    sig.initSign(keyPair.getPrivate());
    sig.update(data);
    byte[] signatureBytes = sig.sign();

    String newFilePath = "output.file";

    int signatureLength = signatureBytes.length;
    String signString = new BASE64Encoder().encode(signatureBytes);

    RandomAccessFile raf = new RandomAccessFile(newFilePath, "rw");
    raf.writeInt(signatureLength);
    raf.write(signatureBytes);
    raf.write(data);
    raf.close();

    verify(newFilePath, signatureBytes, data);
}

private void verify(String path, byte[] signature, byte[] originalMessage) throws Exception {
    File f = new File(path);

    RandomAccessFile raf = new RandomAccessFile(f.getPath(), "r");
    int sigLength = raf.readInt();
    byte[] signatureBytes = new byte[sigLength];
    raf.read(signatureBytes);

    Long remainingLength = raf.length() - 1 - sigLength;
    byte[] message = new byte[remainingLength.intValue()];
    raf.read(message);

    raf.close();

    System.out.println("==== VERIFYING SIGNATURE ====");
    String originalString = new BASE64Encoder().encode(signature);
    String newString = new BASE64Encoder().encode(signatureBytes);

    System.out.println("originalString\n" + originalString);
    System.out.println("newString\n" + newString);

    System.out.println("Signatures match: " + newString.equals(originalString));

    System.out.println("==== VERIFYING MESSAGE ====");
    String originalMessageString = new String(originalMessage);
    String messageString = new String(message);
    System.out.println("originalMessageString = " + originalMessageString);
    System.out.println("messageString = " + messageString);
    System.out.println("Messages match: " + originalMessageString.equals(messageString));

    Signature sig = Signature.getInstance("SHA1withRSA");
    sig.initVerify(keyPair.getPublic());
    sig.update(message);

    System.out.println(sig.verify(signatureBytes)); // false
}

我得到以下输出:(该文件是一个包含字符串&#34的文本文件; Hoi")

==== VERIFYING SIGNATURE ====
originalString
DU00HopnNgOnwPL4Y50lwR5CJFVCRqsj3hkdyareMqHPe4RKdCUr2FSNEuh0yq5LyzcP96MNDzNJ
jVTTI8+V3SPMDzQIjw4Ibb+xM3/XZHQi5ej8XfVXao234QytRD5y1bWKxlZEh4BlnzXcqD9tmANB
BOQTG3P15Ea0fFkDYpg=
newString
DU00HopnNgOnwPL4Y50lwR5CJFVCRqsj3hkdyareMqHPe4RKdCUr2FSNEuh0yq5LyzcP96MNDzNJ
jVTTI8+V3SPMDzQIjw4Ibb+xM3/XZHQi5ej8XfVXao234QytRD5y1bWKxlZEh4BlnzXcqD9tmANB
BOQTG3P15Ea0fFkDYpg=
Signatures match: true
==== VERIFYING MESSAGE ====
originalMessageString = Hoi
messageString = Hoi   
Messages match: false  <------ WTF
false

任何有关解决此问题的帮助都将不胜感激。

2 个答案:

答案 0 :(得分:1)

我猜你在messageString之后有一些空格。试试

System.out.println("Messages match: " + originalMessageString.equals(messageString.trim()));

答案 1 :(得分:0)

我在计算remainingLength时使用了错误的偏移量。我从总文件长度中减去1 - 签名长度以补偿文件中的第一个整数。然后我意识到整数是4字节长。将此数字更改为4固定它。

因此,这一行应该是:

Long remainingLength = raf.length() - 4 - sigLength;