无法验证SHA1签名与RSA

我想验证在Java中的证书签名，但它是失败的。我想SHA1和SHA1withRSA是有区别的，但我该如何解决它？无法验证SHA1签名与RSA

这是使用C＃代码签名（证书mycer.p12）：

static string Sign(string token, string cer_name, string passw) 
     { 
      try 
      { 
       if (!File.Exists(cer_name)) 
       { 
        MessageBox.Show("File not found " + cer_name); 
        return ""; 
       } 
       X509Certificate2 cert = new X509Certificate2(cer_name, passw, X509KeyStorageFlags.Exportable); 
       RSACryptoServiceProvider csp = null; 
       csp = (RSACryptoServiceProvider)cert.PrivateKey; 
       if (csp == null) 
       { 
        MessageBox.Show("No valid cert was found"); 
        return ""; 
       } 
       Encoding encoding = Encoding.GetEncoding("UTF-8"); 
       byte[] data = encoding.GetBytes(token); 
       RSACryptoServiceProvider rsaClear = new RSACryptoServiceProvider(); 
       rsaClear.ImportParameters(csp.ExportParameters(true)); 
       byte[] signature = rsaClear.SignData(data, CryptoConfig.MapNameToOID("SHA1")); 
       bool isValid = csp.VerifyData(data, "SHA1", signature); 
       if (isValid) return Convert.ToBase64String(signature).Trim(new char[] { '\0', '\n' }).Replace("\n", ""); 
       else 
       { 
        MessageBox.Show("Siganture verification = FALSE"); 
        return ""; 
       } 
      } 
      catch (Exception e) 
      { 
       MessageBox.Show(e.ToString()); 
       return ""; 
      } 
     }

我使用这个命令提取公钥

openssl pkcs12 -in mycer.p12 -clcerts -nokeys -out publicKEY.pem

现在此代码在Java中进行验证，但返回false：

public static boolean verify(String plainText, String signature, String publicKeyFile) { 
      try { 
CertificateFactory f = CertificateFactory.getInstance("X.509"); 
     X509Certificate certificate = (X509Certificate)f.generateCertificate(new FileInputStream(publicKeyFile)); 
       Signature publicSignature = Signature.getInstance("SHA1withRSA"); 
       publicSignature.initVerify(publicKey); 
       publicSignature.update(plainText.getBytes("UTF-8")); 
       byte[] signatureBytes = Base64.decode(signature); 
       return publicSignature.verify(signatureBytes); 
      } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException | UnsupportedEncodingException e) { 
       e.printStackTrace(); 
       return false; 
      } 
     }

来源

2017-03-09 babboon

此处返回false'publicSignature.verify（signatureBytes）;'或者异常'e.printStackTrace（）;返回false;'？在第二种情况下发布完整的堆栈跟踪。还请查看publicKeyFile只包含一个证书 – pedrofb

这里它返回false publicSignature.verify（signatureBytes）;我会尝试不同的证书。 – babboon

同其他证书一样：/ – babboon

这个帖子让我https://stackoverflow.com/a/16980246/1444413

KeyStore p12 = KeyStore.getInstance("pkcs12"); 
p12.load(new FileInputStream("mycer.p12"), "password".toCharArray()); 
String alias = (String) p12.aliases().nextElement(); 
X509Certificate c = (X509Certificate) p12.getCertificate(alias); 
.... c.getPublicKey() ....

然后方法验证（）..返回真。

来源

2017-03-10 22:24:21 babboon

无法验证SHA1签名与RSA

回答

相关问题