stackoom
  简体   繁体   中英

Validating PKCS#7 detached signature on Android using BouncyCastle [NoSuchAlgorithmException: no such algorithm: 1.2.840.113549.1.1.11]

 原文  2022-11-21 17:32:48       android/ bouncycastle/ pkcs#7/ spongycastle

Question

Currently trying to validate a PKCS#7 signature, where the verified content is the SHA-256 hash of a file and receiving the below error.

Error

org.bouncycastle.cms.CMSException: can't create digest calculator: exception on setup: java.security.NoSuchAlgorithmException: no such algorithm: 1.2.840.113549.1.1.11 for provider BC
    at org.bouncycastle.cms.SignerInformation.doVerify(Unknown Source)
    at org.bouncycastle.cms.SignerInformation.verify(Unknown Source)

Code

    private fun verifySignature(sha256Hash: ByteArray, base64Signature: String): Boolean {
        val signedData = CMSSignedData(
            CMSProcessableByteArray(sha256Hash),
            Base64.decode(base64Signature, Base64.DEFAULT).inputStream()
        )
        val store: Store<X509CertificateHolder> = signedData.certificates
        signedData.signerInfos.signers.forEach { signer ->
            try {
                val certCollection = store.getMatches(signer.sid as Selector<X509CertificateHolder>)
                val certHolder = certCollection.first()
                val cert =
                    JcaX509CertificateConverter().setProvider("BC").getCertificate(certHolder)
                if (signer.verify(
                        JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert)
                    )
                ) {
                    return true
                }
                return false
            } catch (e: Exception) {
                e.printStackTrace()
            }
        }
        return false
    }

Additional Info:

'compileSdk'      : 30
'buildTools'      : '30.0.2'
'org.bouncycastle:bcpkix-jdk18on:1.72'
'org.bouncycastle:bcprov-jdk18on:1.72'
'org.bouncycastle:bcutil-jdk18on:1.72'

1 answers

solution1
 0  2022-11-22 17:00:40

The following resolved my issues

    private val BC = BouncyCastleProvider().apply {
        addAlgorithm("Alg.Alias.MessageDigest.1.2.840.113549.1.1.11", "SHA-256")
    }.also { Security.insertProviderAt(it, 1) }

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to create pkcs#7 certificate with SpongyCastle on Android? Sign data in PKCS#7 format using SpongyCastle Android Signature verification of PKCS#1 PSS (RSASSA-PKCS) not working with algorithm SHA256withRSA Why do I get NoSuchAlgorithmException in android when trying to encrypt with bouncycastle? Android Studio 2.0 - NoSuchAlgorithmException: SHA256WITHDSA Signature not available What kind of X509 format Android and iOS accept ? (PKCS#7 needed to be installed) signature recognition algorithm for android Android studio Signature Algorithm mismatch KeyStore not applying / enforcing private key password for PKCS12 file in Android with BouncyCastle Use BouncyCastle PKCS12SafeBagBuilder or PKCS12BagAttributeCarrier to change PKCS12 safe bag attributes when writing KeyStore to file in Android?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM