gpt4 book ai didi

java - Bouncy caSTLe 分离签名更改 API

转载 作者:行者123 更新时间:2023-12-01 11:45:07 26 4
gpt4 key购买 nike

在我看来,Bouncy caSTLe 已经更改了 API,并且以下代码在 1.52 中不再起作用:

  /**
* SignatureInterface implementation. Creates detached signature of stream
* using SHA-256.
*
* @param content
* original content stream to sign
* @throws SignatureException
* in case of signature error
* @throws IOException
* in case of I/O error
* @return signed byte content
*/
@Override
public byte[] sign(final InputStream content) throws SignatureException,
IOException {
try {

CMSProcessableInputStream input = new CMSProcessableInputStream(content);
List<Certificate> certList = Arrays.asList(keystore
.getCertificateChain(alias));
CertStore certStore = CertStore.getInstance("Collection",
new CollectionCertStoreParameters(certList), provider);

CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSigner((PrivateKey) keystore.getKey(alias, pin),
(X509Certificate) keystore.getCertificate(alias),
CMSSignedGenerator.DIGEST_SHA256);
gen.addCertificatesAndCRLs(certStore);

return gen.generate(input, false, provider).getEncoded();
} catch (Exception e) {
throw new SignatureException(
"Problem while preparing signature. Wrong certificate or alias.");
}
}

有人知道如何在新 API 中实现相同的行为吗?我在移植指南中没有找到任何相关信息。

编辑(添加变量定义):

 /**
* Size of the read buffer for signing.
*/
private static final int BUFSIZE = 8192;

/**
* Stored instance of BC.
*/
private BouncyCastleProvider provider;

/**
* PKCS#12 key store.
*/
private KeyStore keystore;

/**
* Alias for certificate to sign.
*/
private String alias;

/**
* Password to private key.
*/
private char[] pin;

最佳答案

我已经能够将代码更改为以下内容,这似乎对我的版本 1.51 有效(版本 1.52 在 OSGi 下有错误):

 public byte[] sign(final InputStream content) throws SignatureException,
IOException {
try {
CMSTypedData input = new CMSProcessableByteArray(
IOUtils.toByteArray(content));
List<Certificate> certList = Arrays.asList(keystore
.getCertificateChain(alias));
Store certs = new JcaCertStore(certList);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
ContentSigner shaSigner = new JcaContentSignerBuilder("SHA256withRSA")
.setProvider("BC").build((PrivateKey) keystore.getKey(alias, pin));
gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().setProvider("BC").build())
.build(shaSigner, (X509Certificate) keystore.getCertificate(alias)));
gen.addCertificates(certs);
return gen.generate(input, false).getEncoded();
} catch (Exception e) {
throw new SignatureException(
"Problem while preparing signature. Wrong certificate or alias.");
}
}

关于java - Bouncy caSTLe 分离签名更改 API,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/29214006/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com