验证 java 中分离的 PKSC #7 签名(可能由 Bouncy Castle 提供),由 CAPICOM 生成
全部!
我正在解决两个问题:
- 停止使用 CAPICOM 签署/验证文档 - 因为 Microsoft 不再支持它(请参阅更多内容:使用 CAPICOM 的替代方案)
- 首先我们要列出我们系统支持的浏览器的广泛列表(定制Documentum Webtop)。由于 CAPICOM 用作 ActiveX,现在仅 IE 6+ 完全支持。
对于签名,我们使用 Windows 模块 CryptoPro 因为只有它在俄罗斯正式具有法律效力。我们的系统部署在俄罗斯一个地区的政府中。
我们的系统已经运行了 5 年,并且生成了许多标志(全部由 CAPICOM 提供)。标志被分离并保留在数据库中。
我们希望找到解决方案来验证 java 代码中的这些标志(封装在 Applet 中)。
我尝试过下面的代码,但找不到任何合适的方法来验证任何签名。此方法始终返回 false。
public boolean verifyFile(String fileInput, String metadata, String base64Signature) throws Exception {
Security.addProvider(new BouncyCastleProvider());
byte[] signedContent = Base64.decode(base64Signature.getBytes("UTF-8"));
CMSSignedData cms7 = new CMSSignedData(signedContent);
CertStore certs = cms7.getCertificatesAndCRLs("Collection", "BC");
SignerInformationStore signers = cms7.getSignerInfos();
Collection c = signers.getSigners();
SignerInformation signer = (SignerInformation)c.iterator().next();
Collection certCollection = certs.getCertificates(signer.getSID());
Iterator certIt = certCollection.iterator();
X509Certificate cert = (X509Certificate)certIt.next();
Signature signature = Signature.getInstance("SHA1withRSA", "BC");
signature.initVerify(cert.getPublicKey());
String signedContentString = getSignedDataString(fileInput, metadata);
signature.update(signedContentString.getBytes("UTF-8"));
return signature.verify(signer.getSignature());
}
有人有任何解决方案或已经遇到过这个问题吗
all!
I'm solving two problems:
- Stop using CAPICOM to sign/verify documents - because it's no longer supported by Microsoft (see more: Alternatives to Using CAPICOM)
- Flowing out first we want to wide list of supported browsers by our system (customized Documentum webtop). Now it fully supported only by IE 6+ because of CAPICOM used as ActiveX.
For signing we use windows module CryptoPro because of only it officially have legal effect in Russia. Our system deployed in government of one Russian region.
Our system works already 5 years and there are many generated signs (all by CAPICOM). Signs is detached and persist in database.
We want to find solution to verify those signs in java code (wrapped in Applet).
I have tried code below, but I can't find any suitable method to verify any signature. This method always returns false.
public boolean verifyFile(String fileInput, String metadata, String base64Signature) throws Exception {
Security.addProvider(new BouncyCastleProvider());
byte[] signedContent = Base64.decode(base64Signature.getBytes("UTF-8"));
CMSSignedData cms7 = new CMSSignedData(signedContent);
CertStore certs = cms7.getCertificatesAndCRLs("Collection", "BC");
SignerInformationStore signers = cms7.getSignerInfos();
Collection c = signers.getSigners();
SignerInformation signer = (SignerInformation)c.iterator().next();
Collection certCollection = certs.getCertificates(signer.getSID());
Iterator certIt = certCollection.iterator();
X509Certificate cert = (X509Certificate)certIt.next();
Signature signature = Signature.getInstance("SHA1withRSA", "BC");
signature.initVerify(cert.getPublicKey());
String signedContentString = getSignedDataString(fileInput, metadata);
signature.update(signedContentString.getBytes("UTF-8"));
return signature.verify(signer.getSignature());
}
Have somebody any solution or already encountered this pr
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论