2

我有一个数字签名的setup.exe文件。它是使用 SignTool.exe 签名的。我也得到了myypfxfile.pfxmycertfile.cer。我已经编写了下面的代码来验证 Java 中的数字签名,但它给了我 SignatureException:Signature length not correct: got 1734 but was expecting 128. 请建议如何解决这个问题。

以下是有关mycertfile.cer的详细信息:

签名算法:sha1RSA

签名哈希算法:sha1

有效期为 2014 年 7 月 23 日至 2015 年 7 月 31 日

公钥:RSA(1024 位)30 81 89 02 81 81 00 ac 27 04 f6 2a 03 56 65 af 70 b3 32 6c 01 c1 7e 05 96 22 5a ae d0 b2 60 cf 64 f7 ff a5 55 ad 91 67 48 03 81 f7 86 a4 69 45 7c fa b9 b5 9e f9 03 ec be da b9 cd 92 b5 f6 a0 5c 52 9a ea aa 8d c6 24 d7 16 6c 1c a5 88 c8 b0 5d b5 cc 73 fb 13 14 63 e6 60 e4 e3 8b 3a f4 b8 ea c7 a8 4a c7 43 ae 4d b9 95 35 3b 60 d5 18 f6 fa 15 9d 5e 46 81 11 fa 02 44 d8 95 0a da b3 58 e6 65 cd c7 0d f9 02 03 01 00 01

public class CheckCertificate {

public static void main(String[] args) {

    /* Verify a DSA signature */

    /* import encoded public key */

    FileInputStream certfis = null;

    try {
        certfis = new FileInputStream(
                "E:\\GaneshDigiSignature\\mycertfile.cer");

        java.security.cert.CertificateFactory cf = null;
        java.security.cert.Certificate cert = null;

        cf = java.security.cert.CertificateFactory.getInstance("X.509");

        cert = cf.generateCertificate(certfis);

        PublicKey pubKey = cert.getPublicKey();

        /* input the signature bytes */
        FileInputStream sigfis = null;
        byte[] sigToVerify = null;

        sigfis = new FileInputStream(
                "E:\\GaneshDigiSignature\\myypfxfile.pfx");

        sigToVerify = new byte[sigfis.available()];

        sigfis.read(sigToVerify);

        sigfis.close();

        /* create a Signature object and initialize it with the public key */
        Signature sig = null;

        sig = Signature.getInstance("SHA1withRSA");

        sig.initVerify(pubKey);

        /* Update and verify the data */

        FileInputStream datafis = null;

        datafis = new FileInputStream("E:\\GaneshDigiSignature\\setup.exe");

        BufferedInputStream bufin = new BufferedInputStream(datafis);

        byte[] buffer = new byte[1024];
        int len;

        while (bufin.available() != 0) {
            len = bufin.read(buffer);
            sig.update(buffer, 0, len);
        }

        bufin.close();
        boolean verifies = sig.verify(sigToVerify);

        System.out.println("signature verifies: " + verifies);
    } catch (FileNotFoundException e) {
        System.out.println("FileNotFoundException:" + e.getMessage());
    } catch (IOException e) {
        System.out.println("IOException:" + e.getMessage());
    } catch (InvalidKeyException e) {
        System.out.println("InvalidKeyException:" + e.getMessage());
    } catch (NoSuchAlgorithmException e) {
        System.out.println("NoSuchAlgorithmException:" + e.getMessage());
    } catch (SignatureException e) {
        System.out.println("SignatureException:" + e.getMessage());
    } catch (CertificateException e) {
        System.out.println("CertificateException:" + e.getMessage());
    }

}

}
4

0 回答 0