堆栈内存溢出
  繁体   English   中英

对Java中的文件执行签名和验证操作时出错

[英]Error while performing sign and verify operation to a file in Java

 原文  2018-10-15 02:52:34       java/ security/ spring-security

问题描述

我正在使用Java执行签名和验证操作并出现以下错误

java.security.SignatureException:签名长度不正确:得到了155,但是期望是128

请在下面找到我的代码以签名并验证

AddSignature 

import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.ObjectOutputStream;
import java.nio.file.Files;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.Security;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.List;

import javax.swing.JOptionPane;


public class AddSignature {

    //The constructor of Message class builds the list that will be written to the file. The list consists of the message and the signature.
    public AddSignature(String data, String keyFile) throws InvalidKeyException, Exception {
        sign(data, keyFile);
    }

    //The method that signs the data using the private key that is stored in keyFile path
    public void sign(String data, String keyFile) throws InvalidKeyException, Exception{
        Signature dsa = Signature.getInstance("SHA1withRSA"); 
        dsa.initSign(getPrivate(keyFile));
        dsa.update(data.getBytes());
        writeToFile("encrypt//destination//data.txt", data.getBytes());
         byte[] sign = dsa.sign();
        writeToFile("encrypt//destination//signed.txt", sign);
    }

    //Method to retrieve the Private Key from a file
    public PrivateKey getPrivate(String filename) throws Exception {
        byte[] keyBytes = Files.readAllBytes(new File(filename).toPath());
        PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
        KeyFactory kf = KeyFactory.getInstance("RSA");
        return kf.generatePrivate(spec);
    }

    private void writeToFile(String signedFileLocation, byte[] signedData) throws FileNotFoundException, IOException {
        File f = new File(signedFileLocation);
        f.getParentFile().mkdirs();
        ObjectOutputStream out = new ObjectOutputStream(new FileOutputStream(signedFileLocation));
        out.writeObject(signedData);
        out.close();
    }


    public static void main(String[] args) throws InvalidKeyException, IOException, Exception{
        String data = JOptionPane.showInputDialog("Type your message here");
        Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
        new AddSignature(data, "MyKeys/privateKey");
    }}

VerifySignature 

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.nio.file.Files;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.X509EncodedKeySpec;

public class VerifySignature {

    private static boolean verifySignature(byte[] data, byte[] signature, String keyFile) throws Exception {
        Signature sig = Signature.getInstance("SHA1withRSA");
        sig.initVerify(getPublic(keyFile));
        sig.update(data);
        try {
            return sig.verify(signature);
        } catch (Exception e) {
            e.printStackTrace();
        }
        return false;
    }

    public static byte[] read(String fileName) throws IOException {
        FileInputStream fin = null;
        try {
            File file = new File(fileName);
            fin = new FileInputStream(file);
            byte fileContent[] = new byte[(int) file.length()];
            fin.read(fileContent);
            return fileContent;
        } catch (Exception e) {
            throw e;
        } finally {
            fin.close();
        }
    }

    // Method to retrieve the Public Key from a file
    public static PublicKey getPublic(String filename) throws Exception {
        byte[] keyBytes = Files.readAllBytes(new File(filename).toPath());
        X509EncodedKeySpec spec = new X509EncodedKeySpec(keyBytes);
        KeyFactory kf = KeyFactory.getInstance("RSA");
        return kf.generatePublic(spec);
    }

    public static void main(String[] args) throws Exception {
        byte[] data = read("encrypt//destination//data.txt");
        byte[] signed = read("encrypt//destination//signed.txt");
        verifySignature(data, signed, "MyKeys/publicKey");
    }
}

我需要对文件签名并保留在一个位置,并且需要检索同一文件以验证签名

1 个解决方案

解决方案1
 0  2018-10-15 09:40:31

从文件中检索私钥时,可能会出错。 您可以尝试这样: 

public PrivateKey getPrivate(String filename) throws Exception {
  //byte[] keyBytes = Files.readAllBytes(new File(filename).toPath());
    byte[] keyBytes = Base64Utils.decode(readFile(filename));
    PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
    KeyFactory kf = KeyFactory.getInstance("RSA");
    return kf.generatePrivate(spec);
}
private static String readFile(String filePath) throws Exception {
    File inFile = new File(filePath);
    long fileLen = inFile.length();
    Reader reader = new FileReader(inFile);
    char[] content = new char[(int) fileLen];
    reader.read(content);
    System.out.println("read content:" + new String(content));
    return new String(content);
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在JAVA中签名和验证文件 在IBM中执行联合操作时发生错误 在 java 应用程序中打开太多文件描述符,同时执行文件操作 Java:在忽略符号的同时执行数学运算 在 arraylist 上执行操作时发生 java.util.NoSuchElementException 在执行流操作java 8时更新集合 在就地执行Elasticsearch Reindex操作时发生服务器错误 密钥库操作失败,并带有RSA标志和验证 在Java中签名和验证方法调用 如何在使用 Java Bigquery API 执行更新操作时检索更新的行数
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM