verifying detached signature with BC

后端未结

关注

 3  1774

陌清茗 2020-12-16 03:54

How can I verify a detached signature (CMS/pkcs #7 signature) using the BouncyCastle provider in Java?

Currently, my code below throws an exception with the message

3条回答

一整个雨季 (楼主)

2020-12-16 04:30

You can verify detached signature by the following code :

public static boolean verif_Detached(String signed_file_name,String original_file_name) throws IOException, CMSException, NoSuchAlgorithmException, NoSuchProviderException, CertStoreException, CertificateExpiredException, CertificateNotYetValidException{

    boolean result= false;
    Security.addProvider(new BouncyCastleProvider()); 

    File f = new File(signed_file_name);
    byte[] Sig_Bytes = new byte[(int)f.length()];
    DataInputStream in = new DataInputStream(new FileInputStream(f));
    in.readFully(Sig_Bytes);
    in.close();

    File fi = new File(original_file_name);
    byte[] Data_Bytes = new byte[(int)fi.length()];
    DataInputStream input = new DataInputStream(new FileInputStream(fi));
    input.readFully(Data_Bytes);
    input.close();

    try{
        CMSSignedData cms = new CMSSignedData(new CMSProcessableByteArray(Data_Bytes), Sig_Bytes); 
        CertStore certStore = cms.getCertificatesAndCRLs("Collection", "BC"); 
        SignerInformationStore signers = cms.getSignerInfos(); 
        Collection c = signers.getSigners(); 
        Iterator it = c.iterator(); 
        while (it.hasNext()) { 
            SignerInformation signer = (SignerInformation) it.next(); 
            Collection certCollection = certStore.getCertificates(signer.getSID()); 
            Iterator certIt = certCollection.iterator(); 
            X509Certificate cert = (X509Certificate) certIt.next();
            cert_signer=cert;
            result=signer.verify(cert, "BC");
        }
    }catch(Exception e){
        e.printStackTrace();
        result=false;
    }
    return result; 
}

0 讨论(0)

查看其它3个回答