gpt4 book ai didi

java - 使用 MSCAPI 和 IAIK 的 InvalidKeyException

转载 作者:行者123 更新时间:2023-11-30 09:04:37 28 4
gpt4 key购买 nike

我在我的应用程序中使用 Sun 的 MSCAPI 提供程序来检索签名证书。签名者的私钥是 sun.security.mscapi.RSAPrivateKey。IAIK 似乎无法识别此类(请参阅下面的错误)。我不懂为什么。我的问题有哪些解决方案?

提前致谢!

java.security.NoSuchAlgorithmException: Error computing signature value: iaik.cms.CMSException: Unable to calculate signature: java.security.InvalidKeyException: Class does not represent an RSA key: sun.security.mscapi.RSAPrivateKey
at iaik.cms.SignedData.addSignerInfo(Unknown Source)
at testIaikCmsWithMsCAPIProvider.init(testIaikCmsWithMsCAPIProvider.java:69)
at testIaikCmsWithMsCAPIProvider.main(testIaikCmsWithMsCAPIProvider.java:39)

编辑:

这是我的“脏”类测试:

import iaik.asn1.structures.AlgorithmID;
import iaik.cms.CMSException;
import iaik.cms.CMSParsingException;
import iaik.cms.ContentInfo;
import iaik.cms.IssuerAndSerialNumber;
import iaik.cms.SignedData;
import iaik.cms.SignerInfo;
import iaik.utils.Util;

import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

public class testIaikCmsWithMsCAPIProvider {

public static final String SunMscapiClassName = "sun.security.mscapi.SunMSCAPI";
private Provider provider;
private String providerName;
private String alias = "Sample Alias";
private X509Certificate signerCertificate;
private PrivateKey privateKey;

public static void main(String[] args) {
testIaikCmsWithMsCAPIProvider test = new testIaikCmsWithMsCAPIProvider();
test.init();
}

private void init() {
try {
Class<Provider> sunmscapiClass = (Class<Provider>)Class.forName(SunMscapiClassName);
Provider sunmscapiInstance = sunmscapiClass.newInstance();
Security.addProvider(sunmscapiInstance);

KeyStore ks = null;

ks = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
ks.load(null, null);

this.provider = ks.getProvider();
this.providerName = ks.getProvider().getName();

this.initMscapiProgrammaticMode(ks);

X509Certificate[] certificateChain = new X509Certificate[1];
certificateChain[0] = signerCertificate;
iaik.x509.X509Certificate[] iaikCertificateChain = Util.convertCertificateChain(certificateChain);
IssuerAndSerialNumber issuerSerial = new IssuerAndSerialNumber(iaikCertificateChain[0]);
AlgorithmID signatureAlg = AlgorithmID.rsaEncryption;
AlgorithmID digestAlg = AlgorithmID.sha1;
SignerInfo signerInfo = new SignerInfo(issuerSerial, digestAlg, signatureAlg, privateKey);
Path path = Paths.get("file.pdf");
byte[] signatureFileContent = Files.readAllBytes(path);
SignedData signedData = new SignedData(signatureFileContent, SignedData.EXPLICIT);
signedData.setCertificates(iaikCertificateChain);
signedData.addSignerInfo(signerInfo);

byte[] digitalSignature = new ContentInfo(signedData.getContentType()).getEncoded();
FileOutputStream fos = new FileOutputStream("signature.pdf");
fos.write(digitalSignature);
fos.close();

System.out.println(providerName + provider + alias + signerCertificate + privateKey.getClass());
}
catch(Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}

private void initMscapiProgrammaticMode(KeyStore ks) throws KeyStoreException, UnrecoverableKeyException,
NoSuchAlgorithmException {

X509Certificate javaCert = (X509Certificate)ks.getCertificate(this.alias);
this.signerCertificate = javaCert;

// retrieve associated private key
this.privateKey = (PrivateKey)ks.getKey(this.alias, null);

}

}

最佳答案

经过几个月的研究,我终于找到了解决方案。非常高兴,伙计们,我现在将分享它:

非常简单,在尝试对 IAIK 进行签名时,默认情况下使用它自己的提供程序。现在我们要使用 MSCAPI 之一。这就是为什么我们需要他指定这一行,以便它可以找到正确的提供者:

signedData.setSecurityProvider (new SecurityProvider ());

关于java - 使用 MSCAPI 和 IAIK 的 InvalidKeyException,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/25156143/

28 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com