package com.java.test; import java.io.File; import java.io.IOException; import java.security.InvalidKeyException; import java.security.KeyFactory; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.PublicKey; import java.security.Security; import java.security.Signature; import java.security.SignatureException; import java.security.cert.CertificateException; import java.security.spec.InvalidKeySpecException; import java.security.spec.RSAPublicKeySpec; import java.util.Base64; import java.util.Collection; import java.util.Iterator; import org.apache.commons.io.FileUtils; import org.spongycastle.asn1.ASN1Encodable; import org.spongycastle.asn1.ASN1Integer; import org.spongycastle.asn1.ASN1Sequence; import org.spongycastle.cert.X509CertificateHolder; import org.spongycastle.cms.CMSException; import org.spongycastle.cms.CMSSignedData; import org.spongycastle.cms.SignerInformation; import org.spongycastle.cms.SignerInformationStore; import org.spongycastle.operator.OperatorCreationException; import org.spongycastle.util.Store; import com.java.test.ttt.BouncyCastleProvider; public class test3 { @SuppressWarnings({ "restriction", "deprecation", "rawtypes", "unchecked", "unused" }) public static void main(String[] args) throws CMSException, IOException, OperatorCreationException, CertificateException, SignatureException, NoSuchAlgorithmException, InvalidKeyException, KeyStoreException, InvalidKeySpecException { // File f = new File("d:/sss.text"); File f = new File("d:/21.json.RSA"); File f2 = new File("d:/21.json"); // File f = new File("d:/ANDROIDK.RSA"); Security.addProvider(new BouncyCastleProvider()); CMSSignedData s = new CMSSignedData(FileUtils.readFileToByteArray(f)); Store certStore = s.getCertificates(); SignerInformationStore signers = s.getSignerInfos(); Collection c = signers.getSigners(); Iterator it = c.iterator(); while (it.hasNext()) { SignerInformation signer = (SignerInformation)it.next(); Collection certCollection = certStore.getMatches(signer.getSID()); Iterator certIt = certCollection.iterator(); X509CertificateHolder cert = (X509CertificateHolder)certIt.next(); System.out.println(cert.getSubjectPublicKeyInfo().parsePublicKey().toString()); ASN1Sequence seq = (ASN1Sequence)(cert.getSubjectPublicKeyInfo().getPublicKey().toASN1Primitive()); ASN1Encodable[] ss = seq.toArray(); ASN1Integer a1 = (ASN1Integer) ss[0]; ASN1Integer a2 = (ASN1Integer) ss[1]; byte[] bts = cert.getSubjectPublicKeyInfo().getPublicKey().getEncoded(); KeyStore keyStore = KeyStore.getInstance("JKS"); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); PublicKey publicKey = keyFactory.generatePublic(new RSAPublicKeySpec(a1.getValue(), a2.getValue())); System.out.println(Base64.getEncoder().encodeToString(signer.getSignature())); Signature sig = Signature.getInstance("SHA1withRSA"); sig.initVerify(publicKey); sig.update(FileUtils.readFileToByteArray(f2)); // // boolean flag = sig.verify(signer.getSignature()); System.out.println(flag); // PKCS7 p7 = new PKCS7(FileUtils.readFileToByteArray(f)); // SignerInfo si = p7.getSignerInfos()[0]; // // System.out.println(Base64.getEncoder().encodeToString(si.getEncryptedDigest())); } } }
能直接进行验签。整了好多时间。