当前位置: 文江博客话题详情

如何从数字证书中的signdata中读取原始内容?

发布于 2024-09-11 22:29:01 字数 10822 浏览 2 评论 0原文

我想在验证Signdata后读出原始内容。

我的代码是这样的:

import java.io.*;
import java.util.*;
import java.security.*;
import java.security.Security;
import java.security.cert.*;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.cms.*;


/* Verify INCLUDED CMS signature CMS/pkcs #7 signature using BC provider.
    Verify with either the included signer certificate, or a specified separate signer
    certificate file.
    Output signed content to binary file
                 M. Gallant  04/01/2005  */

class BCVerifyISig {
 static final boolean DEBUG =true;

 public static void main(String args[]) {
 System.out.println("");


 Security.addProvider(new BouncyCastleProvider());

 X509Certificate signercert = null;

 String INFILE  = "MIIHWgYJKoZIhvcNAQcCoIIHSzCCB0cCAQExCzAJBgUrDgMCGgUAMDwGCSqGSIb3DQEHAaAvBC1UaGlzIGlzIHNhbXBsZSBmaWxlIGZyb20gVENTIC4NCg0KQnkgTmFyZW5kcmGgggUpMIIFJTCCBA2gAwIBAgIKBN4I7NsiDn/KbDANBgkqhkiG9w0BAQUFADCBszELMAkGA1UEBhMCSU4xEjAQBgNVBAoTCUluZGlhIFBLSTEPMA0GA1UECxMGVENTIENBMTcwNQYDVQQDEy5UYXRhIENvbnN1bHRhbmN5IFNlcnZpY2VzIENlcnRpZnlpbmcgQXV0aG9yaXR5MRIwEAYDVQQHEwlIeWRlcmFiYWQxJTAjBgkqhkiG9w0BCQEWFmFkbWluQHRjcy1jYS50Y3MuY28uaW4xCzAJBgNVBAgTAkFQMB4XDTEwMDQxOTEwMDYwOFoXDTExMDQxOTEwMDYwOFowggEaMQswCQYDVQQGEwJJTjEXMBUGA1UECBMOQW5kaHJhIFByYWRlc2gxEjAQBgNVBAcTCUh5ZGVyYWJhZDE5MDcGA1UEChMwVGF0YSBDb25zdWx0YW5jeSBTZXJ2aWNlcyAtIENlcnRpZnlpbmcgQXV0aG9yaXR5MSgwJgYDVQQLEx9UQ1MtQ0EgLSBSZWdpc3RyYXRpb24gQXV0aG9yaXR5MSAwHgYDVQQLExdJbmRpdmlkdWFsIC0gR292ZXJubWVudDEcMBoGA1UECxMTQ2xhc3MgMyBDZXJ0aWZpY2F0ZTEmMCQGCSqGSIb3DQEJARYXYXBvbmxpbmVfcnNkcEBhcC5nb3YuaW4xETAPBgNVBAMTCEEgTXVyYWxpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIOkRYUG4o0tEOLbqE+h41NKw/o8JBCJ139LB/yMOxiBZbn2jdhw2uiDqwinmwh1C6T2pu5LwtxKTgqLwcwNIIbs+C+A4PrnYRyoke/S15Tx6zxgiIOcLxOZOu9qAtzGbLyxE8vP0nIOhBRbt3zIBOhPKEHb4HYI8UrSjdp68xGQIDAQABo4IBUzCCAU8wDAYDVR0TAQH/BAIwADALBgNVHQ8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMCMB0GA1UdDgQWBBQxsf0e2vnFCoJ3rv98C6T9jNxRFzAiBgNVHREEGzAZgRdhcG9ubGluZV9yc2RwQGFwLmdvdi5pbjATBgNVHSMEDDAKgAhJuUo0WSwkoTBSBgNVHSAESzBJMEcGCGCCZGQBAwMDMDswOQYIKwYBBQUHAgEWLWh0dHA6Ly93d3cudGNzLWNhLnRjcy5jby5pbi9yZWx5aW5ncGFydHkuaHRtbDBnBgNVHR8EYDBeMC6gLKAqhihodHRwOi8vd3d3LnRjcy1jYS50Y3MuY28uaW4vY3JsXzI3ODUuY3JsMCygKqAohiZodHRwOi8vd3d3LnRjcy1jYS50Y3MuY29tL2NybF8yNzg1LmNybDANBgkqhkiG9w0BAQUFAAOCAQEAza5lRCk3ggOmPZX4/hfEwRQ3HBckrlVAjUUs11RZAbH36I/K1GdrbFpB+4IWA9HU4I+TkEklrMx+rCp6PROy/HKgO1u7IWsaoknOJMfhXH6zXm5VqWFuUOrqtWqhBSR9Xjnjc4E70gX+5hDFcPwvbeX2/nQdk1Ebr4lXMj++PWYWu9D8Ny7k+6pL1jSccCJxPQg8bLUoSSPl+zsp8pK8OIS49arbc+QSDL7rboE9UMTQgLPoXxcuUB3+ISQ1AjuJXW1aDb4NjGU+bkbYB58ngnbqSWCncYIQtaAwpqmPaUTSEHuZeE5zX8LDmuuAokHD1Z2elYV0SBn/9OxNpH1O7zGCAcgwggHEAgEBMIHCMIGzMQswCQYDVQQGEwJJTjESMBAGA1UEChMJSW5kaWEgUEtJMQ8wDQYDVQQLEwZUQ1MgQ0ExNzA1BgNVBAMTLlRhdGEgQ29uc3VsdGFuY3kgU2VydmljZXMgQ2VydGlmeWluZyBBdXRob3JpdHkxEjAQBgNVBAcTCUh5ZGVyYWJhZDElMCMGCSqGSIb3DQEJARYWYWRtaW5AdGNzLWNhLnRjcy5jby5pbjELMAkGA1UECBMCQVACCgTeCOzbIg5/ymwwCQYFKw4DAhoFAKBdMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZI";
 INFILE +="hvcNAQkFMQ8XDTEwMDcwOTEzMzMxNFowIwYJKoZIhvcNAQkEMRYEFEIW89h1fgH0b6ofWCdqmeEI2fPWMA0GCSqGSIb3DQEBAQUABIGApi7QJtVF5FkDQ1eI0B7vaBfSmkdh8ywVdOH8AitKOduVeqQp74jWNN8p5J6ut4DhjrRPq9TGSy8vXDFm5tPAs/gqehGTGRixskLyF0mkwItIQvcfsxDmYnB0hrVt46fOUirVpSzQ6AqnW4DCXzX5zEY/dPk5bIgYi4KElaGVKSI=";   // Input CMS/PKCS#7 included signed content to verify
 String OUTFILE = "C:\\Documents and Settings\\Administrator\\Desktop\\cert\\abc.01";   //output file containing recovered signed-content
 if(true) {
    try{
         byte[] sigbytes1 = null;
        sun.misc.BASE64Decoder dec = new sun.misc.BASE64Decoder() ;
        //String theString="-----BEGIN CERTIFICATE-----";
        String theString ="MIIFJTCCBA2gAwIBAgIKBN4I7NsiDn/KbDANBgkqhkiG9w0BAQUFADCBszELMAkG";
        theString +="A1UEBhMCSU4xEjAQBgNVBAoTCUluZGlhIFBLSTEPMA0GA1UECxMGVENTIENBMTcw";
        theString +="NQYDVQQDEy5UYXRhIENvbnN1bHRhbmN5IFNlcnZpY2VzIENlcnRpZnlpbmcgQXV0";
        theString +="aG9yaXR5MRIwEAYDVQQHEwlIeWRlcmFiYWQxJTAjBgkqhkiG9w0BCQEWFmFkbWlu";
        theString +="QHRjcy1jYS50Y3MuY28uaW4xCzAJBgNVBAgTAkFQMB4XDTEwMDQxOTEwMDYwOFoX";
        theString +="DTExMDQxOTEwMDYwOFowggEaMQswCQYDVQQGEwJJTjEXMBUGA1UECBMOQW5kaHJh";
        theString +="IFByYWRlc2gxEjAQBgNVBAcTCUh5ZGVyYWJhZDE5MDcGA1UEChMwVGF0YSBDb25z";
            theString +="dWx0YW5jeSBTZXJ2aWNlcyAtIENlcnRpZnlpbmcgQXV0aG9yaXR5MSgwJgYDVQQL";
        theString +="Ex9UQ1MtQ0EgLSBSZWdpc3RyYXRpb24gQXV0aG9yaXR5MSAwHgYDVQQLExdJbmRp";
        theString +="dmlkdWFsIC0gR292ZXJubWVudDEcMBoGA1UECxMTQ2xhc3MgMyBDZXJ0aWZpY2F0";
        theString +="ZTEmMCQGCSqGSIb3DQEJARYXYXBvbmxpbmVfcnNkcEBhcC5nb3YuaW4xETAPBgNV";
        theString +="BAMTCEEgTXVyYWxpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIOkRYUG4o";
            theString +="0tEOLbqE+h41NKw/o8JBCJ139LB/yMOxiBZbn2jdhw2uiDqwinmwh1C6T2pu5Lwt";
            theString +="xKTgqLwcwNIIbs+C+A4PrnYRyoke/S15Tx6zxgiIOcLxOZOu9qAtzGbLyxE8vP0n";
        theString +="IOhBRbt3zIBOhPKEHb4HYI8UrSjdp68xGQIDAQABo4IBUzCCAU8wDAYDVR0TAQH/";
        theString +="BAIwADALBgNVHQ8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMC";
        theString +="MB0GA1UdDgQWBBQxsf0e2vnFCoJ3rv98C6T9jNxRFzAiBgNVHREEGzAZgRdhcG9u";
        theString +="bGluZV9yc2RwQGFwLmdvdi5pbjATBgNVHSMEDDAKgAhJuUo0WSwkoTBSBgNVHSAE";
       theString +="SzBJMEcGCGCCZGQBAwMDMDswOQYIKwYBBQUHAgEWLWh0dHA6Ly93d3cudGNzLWNh";
        theString +="LnRjcy5jby5pbi9yZWx5aW5ncGFydHkuaHRtbDBnBgNVHR8EYDBeMC6gLKAqhiho";
            theString +="dHRwOi8vd3d3LnRjcy1jYS50Y3MuY28uaW4vY3JsXzI3ODUuY3JsMCygKqAohiZo";
        theString +="dHRwOi8vd3d3LnRjcy1jYS50Y3MuY29tL2NybF8yNzg1LmNybDANBgkqhkiG9w0B";
        theString +="AQUFAAOCAQEAza5lRCk3ggOmPZX4/hfEwRQ3HBckrlVAjUUs11RZAbH36I/K1Gdr";
        theString +="bFpB+4IWA9HU4I+TkEklrMx+rCp6PROy/HKgO1u7IWsaoknOJMfhXH6zXm5VqWFu";
        theString +="UOrqtWqhBSR9Xjnjc4E70gX+5hDFcPwvbeX2/nQdk1Ebr4lXMj++PWYWu9D8Ny7k";
        theString +="+6pL1jSccCJxPQg8bLUoSSPl+zsp8pK8OIS49arbc+QSDL7rboE9UMTQgLPoXxcu";
        theString +="UB3+ISQ1AjuJXW1aDb4NjGU+bkbYB58ngnbqSWCncYIQtaAwpqmPaUTSEHuZeE5z";
                            theString +="X8LDmuuAokHD1Z2elYV0SBn/9OxNpH1O7w==";
                                    //  theString +="-----END CERTIFICATE-----";
        sigbytes1 = dec.decodeBuffer(new String(theString.getBytes()));
        System.out.println("sdfsdf"+sigbytes1);
     InputStream inStream =   new ByteArrayInputStream(sigbytes1); 

     CertificateFactory cf = CertificateFactory.getInstance("X.509");
     signercert = (X509Certificate)cf.generateCertificate(inStream);
     inStream.close();
     if(DEBUG)
        System.out.println("Got certificate from file "  ) ;
    }
    catch(Exception cerexc) {
     System.out.println("Failed to create certificate from file " + cerexc.toString()) ;
     System.exit(1) ;
    }
    }

 boolean INCLUDED = true;   // included (true)  or detached (false) content

  FileInputStream freader = null;
  File f = null;

//------  Get the included data signature from file -------------
  //f = new File(INFILE) ;
  //int sizecontent = ((int) f.length());
  byte[] sigbytes = null;

  try {
    //freader = new FileInputStream(f);
    sigbytes=INFILE.getBytes();

   // System.out.println("\nSignature Bytes: " + freader.read(sigbytes, 0, sizecontent));
   // freader.close();
   }
  catch(Exception ioe) {
    System.out.println(ioe.toString());
    return;
    }




 if(isBase64Encoded(sigbytes)){
    try{
    sun.misc.BASE64Decoder dec = new sun.misc.BASE64Decoder() ;

    sigbytes = dec.decodeBuffer(new String(sigbytes));
    System.out.println("Signature file is BASE64 encoded") ;
    }
    catch(Exception ioe) {System.out.println("Problem decoding from b64") ; }
   }

// --- Use Bouncy Castle provider to verify included-content CSM/PKCS#7 signature  ---
 try{
  CMSSignedData s   = new CMSSignedData(sigbytes) ;
  CertStore  certs      = s.getCertificatesAndCRLs("Collection", "BC");
  SignerInformationStore  signers = s.getSignerInfos();
  Collection            c   = signers.getSigners();
  Iterator                it    = c.iterator();
  int verified = 0;

  while (it.hasNext())
  {
      X509Certificate cert =null;
      SignerInformation   signer = (SignerInformation)it.next();
      Collection          certCollection = certs.getCertificates(signer.getSID());
      if (certCollection.isEmpty() && signercert==null)
    continue;  
      else  if (signercert !=null)      // use a signer cert file for verification, if it was provided
    cert = signercert;
      else {                // use the certificates included in the signature for verification
    Iterator        certIt = certCollection.iterator();
     cert = (X509Certificate)certIt.next();
    }

    if(DEBUG)
        System.out.println("Current certificate " + cert.toString()) ;
    System.out.println("") ;

      if (signer.verify(cert.getPublicKey(), "BC"))
    verified++;
  }

   if(verified == 0)
    System.out.println("WARNING: No signers' signatures could be verified !") ;
   else if(signercert !=null)
    System.out.println("Verified a signature using signer certificate file  '"  ) ;
   else
    System.out.println("Verified a signature using a certificate in the signature file '" + INFILE + "'") ;


   CMSProcessableByteArray cpb = (CMSProcessableByteArray) s.getSignedContent() ;
   byte[] rawcontent  = (byte[]) cpb.getContent() ;
   System.out.println("\nWriting content (" + rawcontent.length + " bytes) to file " + OUTFILE + " ... ") ;
   FileOutputStream fcontent = new FileOutputStream(OUTFILE);
   fcontent.write(rawcontent);
   fcontent.close();

 }
 catch(Exception ex){
  System.out.println("Couldn't verify included-content CMS signature\n" + ex.toString()) ;
 }
}


 private static final boolean isBase64Encoded(byte[] data) {
  Arrays.sort(Base64Map);
  for (int i=0; i<data.length; i++){
    //System.out.println("data[" + i + "] " + (char)data[i]) ;
    if( Arrays.binarySearch(Base64Map, (char)data[i])<0 
        && !Character.isWhitespace((char)data[i]) )
     return false;
    }
  return true;
 }

   private static char[] Base64Map =
   {  'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H',
      'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P',
      'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X',
      'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f',
      'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n',
      'o', 'p', 'q', 'r', 's', 't', 'u', 'v',
      'w', 'x', 'y', 'z', '0', '1', '2', '3',
      '4', '5', '6', '7', '8', '9', '+', '/', '='
   };




 private static void usage() {
  System.out.println("Usage:\n java BCVerifyISig  <includedContentSignatureFile>  <outputContentFile>  [signercertFile]") ;
  System.exit(1);
 }
}

验证后我想从生成符号数据的地方取回原始的最终内容。

在上面的代码中,INFILE 是我的签名数据,theString 是用户公钥。

原文

I wish to read out original content after verify Signdata.

My code is like this:

import java.io.*;
import java.util.*;
import java.security.*;
import java.security.Security;
import java.security.cert.*;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.cms.*;


/* Verify INCLUDED CMS signature CMS/pkcs #7 signature using BC provider.
    Verify with either the included signer certificate, or a specified separate signer
    certificate file.
    Output signed content to binary file
                 M. Gallant  04/01/2005  */

class BCVerifyISig {
 static final boolean DEBUG =true;

 public static void main(String args[]) {
 System.out.println("");


 Security.addProvider(new BouncyCastleProvider());

 X509Certificate signercert = null;

 String INFILE  = "MIIHWgYJKoZIhvcNAQcCoIIHSzCCB0cCAQExCzAJBgUrDgMCGgUAMDwGCSqGSIb3DQEHAaAvBC1UaGlzIGlzIHNhbXBsZSBmaWxlIGZyb20gVENTIC4NCg0KQnkgTmFyZW5kcmGgggUpMIIFJTCCBA2gAwIBAgIKBN4I7NsiDn/KbDANBgkqhkiG9w0BAQUFADCBszELMAkGA1UEBhMCSU4xEjAQBgNVBAoTCUluZGlhIFBLSTEPMA0GA1UECxMGVENTIENBMTcwNQYDVQQDEy5UYXRhIENvbnN1bHRhbmN5IFNlcnZpY2VzIENlcnRpZnlpbmcgQXV0aG9yaXR5MRIwEAYDVQQHEwlIeWRlcmFiYWQxJTAjBgkqhkiG9w0BCQEWFmFkbWluQHRjcy1jYS50Y3MuY28uaW4xCzAJBgNVBAgTAkFQMB4XDTEwMDQxOTEwMDYwOFoXDTExMDQxOTEwMDYwOFowggEaMQswCQYDVQQGEwJJTjEXMBUGA1UECBMOQW5kaHJhIFByYWRlc2gxEjAQBgNVBAcTCUh5ZGVyYWJhZDE5MDcGA1UEChMwVGF0YSBDb25zdWx0YW5jeSBTZXJ2aWNlcyAtIENlcnRpZnlpbmcgQXV0aG9yaXR5MSgwJgYDVQQLEx9UQ1MtQ0EgLSBSZWdpc3RyYXRpb24gQXV0aG9yaXR5MSAwHgYDVQQLExdJbmRpdmlkdWFsIC0gR292ZXJubWVudDEcMBoGA1UECxMTQ2xhc3MgMyBDZXJ0aWZpY2F0ZTEmMCQGCSqGSIb3DQEJARYXYXBvbmxpbmVfcnNkcEBhcC5nb3YuaW4xETAPBgNVBAMTCEEgTXVyYWxpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIOkRYUG4o0tEOLbqE+h41NKw/o8JBCJ139LB/yMOxiBZbn2jdhw2uiDqwinmwh1C6T2pu5LwtxKTgqLwcwNIIbs+C+A4PrnYRyoke/S15Tx6zxgiIOcLxOZOu9qAtzGbLyxE8vP0nIOhBRbt3zIBOhPKEHb4HYI8UrSjdp68xGQIDAQABo4IBUzCCAU8wDAYDVR0TAQH/BAIwADALBgNVHQ8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMCMB0GA1UdDgQWBBQxsf0e2vnFCoJ3rv98C6T9jNxRFzAiBgNVHREEGzAZgRdhcG9ubGluZV9yc2RwQGFwLmdvdi5pbjATBgNVHSMEDDAKgAhJuUo0WSwkoTBSBgNVHSAESzBJMEcGCGCCZGQBAwMDMDswOQYIKwYBBQUHAgEWLWh0dHA6Ly93d3cudGNzLWNhLnRjcy5jby5pbi9yZWx5aW5ncGFydHkuaHRtbDBnBgNVHR8EYDBeMC6gLKAqhihodHRwOi8vd3d3LnRjcy1jYS50Y3MuY28uaW4vY3JsXzI3ODUuY3JsMCygKqAohiZodHRwOi8vd3d3LnRjcy1jYS50Y3MuY29tL2NybF8yNzg1LmNybDANBgkqhkiG9w0BAQUFAAOCAQEAza5lRCk3ggOmPZX4/hfEwRQ3HBckrlVAjUUs11RZAbH36I/K1GdrbFpB+4IWA9HU4I+TkEklrMx+rCp6PROy/HKgO1u7IWsaoknOJMfhXH6zXm5VqWFuUOrqtWqhBSR9Xjnjc4E70gX+5hDFcPwvbeX2/nQdk1Ebr4lXMj++PWYWu9D8Ny7k+6pL1jSccCJxPQg8bLUoSSPl+zsp8pK8OIS49arbc+QSDL7rboE9UMTQgLPoXxcuUB3+ISQ1AjuJXW1aDb4NjGU+bkbYB58ngnbqSWCncYIQtaAwpqmPaUTSEHuZeE5zX8LDmuuAokHD1Z2elYV0SBn/9OxNpH1O7zGCAcgwggHEAgEBMIHCMIGzMQswCQYDVQQGEwJJTjESMBAGA1UEChMJSW5kaWEgUEtJMQ8wDQYDVQQLEwZUQ1MgQ0ExNzA1BgNVBAMTLlRhdGEgQ29uc3VsdGFuY3kgU2VydmljZXMgQ2VydGlmeWluZyBBdXRob3JpdHkxEjAQBgNVBAcTCUh5ZGVyYWJhZDElMCMGCSqGSIb3DQEJARYWYWRtaW5AdGNzLWNhLnRjcy5jby5pbjELMAkGA1UECBMCQVACCgTeCOzbIg5/ymwwCQYFKw4DAhoFAKBdMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZI";
 INFILE +="hvcNAQkFMQ8XDTEwMDcwOTEzMzMxNFowIwYJKoZIhvcNAQkEMRYEFEIW89h1fgH0b6ofWCdqmeEI2fPWMA0GCSqGSIb3DQEBAQUABIGApi7QJtVF5FkDQ1eI0B7vaBfSmkdh8ywVdOH8AitKOduVeqQp74jWNN8p5J6ut4DhjrRPq9TGSy8vXDFm5tPAs/gqehGTGRixskLyF0mkwItIQvcfsxDmYnB0hrVt46fOUirVpSzQ6AqnW4DCXzX5zEY/dPk5bIgYi4KElaGVKSI=";   // Input CMS/PKCS#7 included signed content to verify
 String OUTFILE = "C:\\Documents and Settings\\Administrator\\Desktop\\cert\\abc.01";   //output file containing recovered signed-content
 if(true) {
    try{
         byte[] sigbytes1 = null;
        sun.misc.BASE64Decoder dec = new sun.misc.BASE64Decoder() ;
        //String theString="-----BEGIN CERTIFICATE-----";
        String theString ="MIIFJTCCBA2gAwIBAgIKBN4I7NsiDn/KbDANBgkqhkiG9w0BAQUFADCBszELMAkG";
        theString +="A1UEBhMCSU4xEjAQBgNVBAoTCUluZGlhIFBLSTEPMA0GA1UECxMGVENTIENBMTcw";
        theString +="NQYDVQQDEy5UYXRhIENvbnN1bHRhbmN5IFNlcnZpY2VzIENlcnRpZnlpbmcgQXV0";
        theString +="aG9yaXR5MRIwEAYDVQQHEwlIeWRlcmFiYWQxJTAjBgkqhkiG9w0BCQEWFmFkbWlu";
        theString +="QHRjcy1jYS50Y3MuY28uaW4xCzAJBgNVBAgTAkFQMB4XDTEwMDQxOTEwMDYwOFoX";
        theString +="DTExMDQxOTEwMDYwOFowggEaMQswCQYDVQQGEwJJTjEXMBUGA1UECBMOQW5kaHJh";
        theString +="IFByYWRlc2gxEjAQBgNVBAcTCUh5ZGVyYWJhZDE5MDcGA1UEChMwVGF0YSBDb25z";
            theString +="dWx0YW5jeSBTZXJ2aWNlcyAtIENlcnRpZnlpbmcgQXV0aG9yaXR5MSgwJgYDVQQL";
        theString +="Ex9UQ1MtQ0EgLSBSZWdpc3RyYXRpb24gQXV0aG9yaXR5MSAwHgYDVQQLExdJbmRp";
        theString +="dmlkdWFsIC0gR292ZXJubWVudDEcMBoGA1UECxMTQ2xhc3MgMyBDZXJ0aWZpY2F0";
        theString +="ZTEmMCQGCSqGSIb3DQEJARYXYXBvbmxpbmVfcnNkcEBhcC5nb3YuaW4xETAPBgNV";
        theString +="BAMTCEEgTXVyYWxpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIOkRYUG4o";
            theString +="0tEOLbqE+h41NKw/o8JBCJ139LB/yMOxiBZbn2jdhw2uiDqwinmwh1C6T2pu5Lwt";
            theString +="xKTgqLwcwNIIbs+C+A4PrnYRyoke/S15Tx6zxgiIOcLxOZOu9qAtzGbLyxE8vP0n";
        theString +="IOhBRbt3zIBOhPKEHb4HYI8UrSjdp68xGQIDAQABo4IBUzCCAU8wDAYDVR0TAQH/";
        theString +="BAIwADALBgNVHQ8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMC";
        theString +="MB0GA1UdDgQWBBQxsf0e2vnFCoJ3rv98C6T9jNxRFzAiBgNVHREEGzAZgRdhcG9u";
        theString +="bGluZV9yc2RwQGFwLmdvdi5pbjATBgNVHSMEDDAKgAhJuUo0WSwkoTBSBgNVHSAE";
       theString +="SzBJMEcGCGCCZGQBAwMDMDswOQYIKwYBBQUHAgEWLWh0dHA6Ly93d3cudGNzLWNh";
        theString +="LnRjcy5jby5pbi9yZWx5aW5ncGFydHkuaHRtbDBnBgNVHR8EYDBeMC6gLKAqhiho";
            theString +="dHRwOi8vd3d3LnRjcy1jYS50Y3MuY28uaW4vY3JsXzI3ODUuY3JsMCygKqAohiZo";
        theString +="dHRwOi8vd3d3LnRjcy1jYS50Y3MuY29tL2NybF8yNzg1LmNybDANBgkqhkiG9w0B";
        theString +="AQUFAAOCAQEAza5lRCk3ggOmPZX4/hfEwRQ3HBckrlVAjUUs11RZAbH36I/K1Gdr";
        theString +="bFpB+4IWA9HU4I+TkEklrMx+rCp6PROy/HKgO1u7IWsaoknOJMfhXH6zXm5VqWFu";
        theString +="UOrqtWqhBSR9Xjnjc4E70gX+5hDFcPwvbeX2/nQdk1Ebr4lXMj++PWYWu9D8Ny7k";
        theString +="+6pL1jSccCJxPQg8bLUoSSPl+zsp8pK8OIS49arbc+QSDL7rboE9UMTQgLPoXxcu";
        theString +="UB3+ISQ1AjuJXW1aDb4NjGU+bkbYB58ngnbqSWCncYIQtaAwpqmPaUTSEHuZeE5z";
                            theString +="X8LDmuuAokHD1Z2elYV0SBn/9OxNpH1O7w==";
                                    //  theString +="-----END CERTIFICATE-----";
        sigbytes1 = dec.decodeBuffer(new String(theString.getBytes()));
        System.out.println("sdfsdf"+sigbytes1);
     InputStream inStream =   new ByteArrayInputStream(sigbytes1); 

     CertificateFactory cf = CertificateFactory.getInstance("X.509");
     signercert = (X509Certificate)cf.generateCertificate(inStream);
     inStream.close();
     if(DEBUG)
        System.out.println("Got certificate from file "  ) ;
    }
    catch(Exception cerexc) {
     System.out.println("Failed to create certificate from file " + cerexc.toString()) ;
     System.exit(1) ;
    }
    }

 boolean INCLUDED = true;   // included (true)  or detached (false) content

  FileInputStream freader = null;
  File f = null;

//------  Get the included data signature from file -------------
  //f = new File(INFILE) ;
  //int sizecontent = ((int) f.length());
  byte[] sigbytes = null;

  try {
    //freader = new FileInputStream(f);
    sigbytes=INFILE.getBytes();

   // System.out.println("\nSignature Bytes: " + freader.read(sigbytes, 0, sizecontent));
   // freader.close();
   }
  catch(Exception ioe) {
    System.out.println(ioe.toString());
    return;
    }




 if(isBase64Encoded(sigbytes)){
    try{
    sun.misc.BASE64Decoder dec = new sun.misc.BASE64Decoder() ;

    sigbytes = dec.decodeBuffer(new String(sigbytes));
    System.out.println("Signature file is BASE64 encoded") ;
    }
    catch(Exception ioe) {System.out.println("Problem decoding from b64") ; }
   }

// --- Use Bouncy Castle provider to verify included-content CSM/PKCS#7 signature  ---
 try{
  CMSSignedData s   = new CMSSignedData(sigbytes) ;
  CertStore  certs      = s.getCertificatesAndCRLs("Collection", "BC");
  SignerInformationStore  signers = s.getSignerInfos();
  Collection            c   = signers.getSigners();
  Iterator                it    = c.iterator();
  int verified = 0;

  while (it.hasNext())
  {
      X509Certificate cert =null;
      SignerInformation   signer = (SignerInformation)it.next();
      Collection          certCollection = certs.getCertificates(signer.getSID());
      if (certCollection.isEmpty() && signercert==null)
    continue;  
      else  if (signercert !=null)      // use a signer cert file for verification, if it was provided
    cert = signercert;
      else {                // use the certificates included in the signature for verification
    Iterator        certIt = certCollection.iterator();
     cert = (X509Certificate)certIt.next();
    }

    if(DEBUG)
        System.out.println("Current certificate " + cert.toString()) ;
    System.out.println("") ;

      if (signer.verify(cert.getPublicKey(), "BC"))
    verified++;
  }

   if(verified == 0)
    System.out.println("WARNING: No signers' signatures could be verified !") ;
   else if(signercert !=null)
    System.out.println("Verified a signature using signer certificate file  '"  ) ;
   else
    System.out.println("Verified a signature using a certificate in the signature file '" + INFILE + "'") ;


   CMSProcessableByteArray cpb = (CMSProcessableByteArray) s.getSignedContent() ;
   byte[] rawcontent  = (byte[]) cpb.getContent() ;
   System.out.println("\nWriting content (" + rawcontent.length + " bytes) to file " + OUTFILE + " ... ") ;
   FileOutputStream fcontent = new FileOutputStream(OUTFILE);
   fcontent.write(rawcontent);
   fcontent.close();

 }
 catch(Exception ex){
  System.out.println("Couldn't verify included-content CMS signature\n" + ex.toString()) ;
 }
}


 private static final boolean isBase64Encoded(byte[] data) {
  Arrays.sort(Base64Map);
  for (int i=0; i<data.length; i++){
    //System.out.println("data[" + i + "] " + (char)data[i]) ;
    if( Arrays.binarySearch(Base64Map, (char)data[i])<0 
        && !Character.isWhitespace((char)data[i]) )
     return false;
    }
  return true;
 }

   private static char[] Base64Map =
   {  'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H',
      'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P',
      'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X',
      'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f',
      'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n',
      'o', 'p', 'q', 'r', 's', 't', 'u', 'v',
      'w', 'x', 'y', 'z', '0', '1', '2', '3',
      '4', '5', '6', '7', '8', '9', '+', '/', '='
   };




 private static void usage() {
  System.out.println("Usage:\n java BCVerifyISig  <includedContentSignatureFile>  <outputContentFile>  [signercertFile]") ;
  System.exit(1);
 }
}

After verify I want to get back my original final content from where I generate sign data.

Here in above code INFILE is my Signdata and theString is User Public key.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

凉城凉梦凉人心 2024-09-18 22:29:01

如果此信息包含在 PKCS7 表示中,则您可以通过以下方式获取它:

byte[] data = Base64.decodeBase64(base64EncodedPKCS7.getBytes());
CMSSignedData signedData = new CMSSignedData(data);
signedData.getSignedContent();

但是,不必包含此信息。如果不是,您应该将其与 PKCS7 分开传输。

base64EncodedPKCS7 是您的 infile 的内容。

If this information is included in the PKCS7 representation, then you can obtain it via:

byte[] data = Base64.decodeBase64(base64EncodedPKCS7.getBytes());
CMSSignedData signedData = new CMSSignedData(data);
signedData.getSignedContent();

However it is not necessary for this information to be included. If it is not, you should transfer it separately from the PKCS7.

base64EncodedPKCS7 is the content of your infile.

回复 原文
唐婉 2024-09-18 22:29:01

试试这个:

    byte[] byte_out=null;
    ByteArrayOutputStream out=null;
    out = new ByteArrayOutputStream();
    signedData.getSignedContent().write(out);
    byte_out=out.toByteArray();
    String s = new String(byte_out);
    System.out.println("Original Content-->" +s);

Try This:

    byte[] byte_out=null;
    ByteArrayOutputStream out=null;
    out = new ByteArrayOutputStream();
    signedData.getSignedContent().write(out);
    byte_out=out.toByteArray();
    String s = new String(byte_out);
    System.out.println("Original Content-->" +s);
回复 原文
在巴黎塔顶看东京樱花 2024-09-18 22:29:01

尝试使用这个。

byte[] signedBytes = documento.getDataDocumento()
CMSSignedData signedData = new CMSSignedData(signedBytes);

CMSProcessable signedContent = signedData.getSignedContent();

byte[] archivoOriginal = (byte[]) signedContent.getContent();

Try to use this.

byte[] signedBytes = documento.getDataDocumento()
CMSSignedData signedData = new CMSSignedData(signedBytes);

CMSProcessable signedContent = signedData.getSignedContent();

byte[] archivoOriginal = (byte[]) signedContent.getContent();
回复 原文
~没有更多了~

关于作者

一笑百媚生

暂无简介

0 文章
0 评论
21 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

lioqio

文章 0 评论 0

Single

文章 0 评论 0

禾厶谷欠

文章 0 评论 0

alipaysp_2zg8elfGgC

文章 0 评论 0

qq_N6d4X7

文章 0 评论 0

放低过去

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文