个人中心
gpt4 book ai didi

java - Bouncy caSTLe 分离签名更改 API

转载 作者:行者123 更新时间:2023-12-01 11:45:07 26 4
gpt4 key购买 nike

在我看来,Bouncy caSTLe 已经更改了 API,并且以下代码在 1.52 中不再起作用:

  /**
   * SignatureInterface implementation. Creates detached signature of stream
   * using SHA-256.
   * 
   * @param content
   *          original content stream to sign
   * @throws SignatureException
   *           in case of signature error
   * @throws IOException
   *           in case of I/O error
   * @return signed byte content
   */
  @Override
  public byte[] sign(final InputStream content) throws SignatureException,
      IOException {
    try {

      CMSProcessableInputStream input = new CMSProcessableInputStream(content);
      List<Certificate> certList = Arrays.asList(keystore
          .getCertificateChain(alias));
      CertStore certStore = CertStore.getInstance("Collection",
          new CollectionCertStoreParameters(certList), provider);

      CMSSignedDataGenerator gen = new CMSSignedDataGenerator();      
      gen.addSigner((PrivateKey) keystore.getKey(alias, pin),
          (X509Certificate) keystore.getCertificate(alias),
          CMSSignedGenerator.DIGEST_SHA256);
      gen.addCertificatesAndCRLs(certStore);

      return gen.generate(input, false, provider).getEncoded();
    } catch (Exception e) {
      throw new SignatureException(
          "Problem while preparing signature. Wrong certificate or alias.");
    }
  }

有人知道如何在新 API 中实现相同的行为吗?我在移植指南中没有找到任何相关信息。

编辑(添加变量定义):

 /**
   * Size of the read buffer for signing.
   */
  private static final int BUFSIZE = 8192;

  /**
   * Stored instance of BC.
   */
  private BouncyCastleProvider provider;

  /**
   * PKCS#12 key store.
   */
  private KeyStore keystore;

  /**
   * Alias for certificate to sign.
   */
  private String alias;

  /**
   * Password to private key.
   */
  private char[] pin;

最佳答案

我已经能够将代码更改为以下内容,这似乎对我的版本 1.51 有效(版本 1.52 在 OSGi 下有错误):

 public byte[] sign(final InputStream content) throws SignatureException,
      IOException {
    try {
      CMSTypedData input = new CMSProcessableByteArray(
          IOUtils.toByteArray(content));
      List<Certificate> certList = Arrays.asList(keystore
          .getCertificateChain(alias));
      Store certs = new JcaCertStore(certList);
      CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
      ContentSigner shaSigner = new JcaContentSignerBuilder("SHA256withRSA")
          .setProvider("BC").build((PrivateKey) keystore.getKey(alias, pin));
      gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
          new JcaDigestCalculatorProviderBuilder().setProvider("BC").build())
          .build(shaSigner, (X509Certificate) keystore.getCertificate(alias)));
      gen.addCertificates(certs);
      return gen.generate(input, false).getEncoded();
    } catch (Exception e) {
      throw new SignatureException(
          "Problem while preparing signature. Wrong certificate or alias.");
    }
  }

关于java - Bouncy caSTLe 分离签名更改 API,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/29214006/

26 4 0
文章推荐: java - 通过 html 文件字段将图像文件上传到我的 aws s3 存储桶
文章推荐: clojure - 为什么我不能在 js->clj 生成的序列中调用 seq 函数?
文章推荐: svn - 如何使用钩子(Hook)设置和操作自定义 svn 修订属性
文章推荐: java - FluentWait 与 findElementByAndroidUIAutomator
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com