使用 SpongyCastle 以 PKCS#7 格式签署数据
[英]Sign data in PKCS#7 format using SpongyCastle
问题描述
I'm trying to sign a String in PKCS#7 format with SpongyCastle (using these dependencies "com.madgag.spongycastle:core:1.58.0.0" and "com.madgag.spongycastle:pkix:1.54.0.0" ) in Android.
我正在尝试在 Android 中使用 SpongyCastle(使用这些依赖"com.madgag.spongycastle:core:1.58.0.0"和"com.madgag.spongycastle:pkix:1.54.0.0" )以 PKCS#7 格式签署字符串。
Here is my key pair generation code:这是我的密钥对生成代码:
KeyPairGenerator keyPairGenerator;
try {
Calendar start = GregorianCalendar.getInstance();
Calendar end = GregorianCalendar.getInstance();
end.add(Calendar.YEAR, 10);
keyPairGenerator = KeyPairGenerator.getInstance("RSA", ANDROID_KEY_STORE);
keyPairGenerator.initialize(new KeyPairGeneratorSpec.Builder(context)
.setAlias(ALIAS)
.setSerialNumber(BigInteger.valueOf(1))
.setStartDate(start.getTime())
.setEndDate(end.getTime())
.setSubject(new X500Principal(""))
.build());
keyPairGenerator.generateKeyPair();
} catch (Exception e) {
try {
throw e;
} catch (InvalidAlgorithmParameterException ex) {
ex.printStackTrace();
} catch (NoSuchAlgorithmException ex) {
ex.printStackTrace();
} catch (NoSuchProviderException ex) {
ex.printStackTrace();
}
}
and copied signing code from solution provided here :并从此处提供的解决方案复制签名代码:
CMSSignedDataGenerator setUpProvider(final KeyStore keystore) throws Exception {
Security.addProvider(new BouncyCastleProvider());
Certificate[] certchain = keystore.getCertificateChain(ALIAS);
final List<Certificate> certlist = new ArrayList<>();
for (int i = 0, length = certchain == null ? 0 : certchain.length; i < length; i++) {
certlist.add(certchain[i]);
}
Store certstore = new JcaCertStore(certlist);
Certificate cert = keystore.getCertificate(ALIAS);
ContentSigner signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").
build((PrivateKey) (keystore.getKey(ALIAS, null)));
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
generator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider("BC").
build()).build(signer, (X509Certificate) cert));
generator.addCertificates(certstore);
return generator;
}
but I'm getting cannot create signer: no such algorithm: SHA1WITHRSA for provider BC exception.但我越来越cannot create signer: no such algorithm: SHA1WITHRSA for provider BC异常。 any hints or sloutions?任何提示或sloutions?
1 个解决方案
解决方案1
0 已采纳 2022-12-21 10:48:29
There's no need to setProvider("BC") .无需setProvider("BC") 。 It doesn't crash after removing setProvider("BC") from both JcaContentSignerBuilder and JcaDigestCalculatorProviderBuilder从JcaContentSignerBuilder和JcaDigestCalculatorProviderBuilder中删除setProvider("BC")后它不会崩溃
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.