S / MIME验证与X509证书 [英] S/MIME verification with x509 certificate
本文介绍了S / MIME验证与X509证书的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我有一些问题验证S / MIME与X509证书签名的邮件。这是我的code:
I have some problems with verifying S/Mime signed message with x509 certificate. This is my code:
public class verifyMsg {
private static void verify(SMIMESignedParser s) throws Exception {
Security.addProvider(new BouncyCastleProvider());
System.out.println("wbilem");
CertStore certs = s.getCertificatesAndCRLs("Collection", "BC");
SignerInformationStore signers = s.getSignerInfos();
Collection c = signers.getSigners();
Iterator it = c.iterator();
while (it.hasNext()) {
File f = new File("signature.crt");
FileInputStream fis = new FileInputStream(f);
DataInputStream dis = new DataInputStream(fis);
byte[] keyBytes = new byte[(int) f.length()];
dis.readFully(keyBytes);
dis.close();
fis.close();
SignerInformation signer = (SignerInformation) it.next();
Collection certCollection = certs.getCertificates(signer.getSID());
Iterator certIt = certCollection.iterator();
FileInputStream fr = new FileInputStream("signature.crt");
CertificateFactory cf = CertificateFactory.getInstance("X509");
X509Certificate cert = (X509Certificate) cf.generateCertificate(fr);
if (signer.verify(cert, "BC")) { //problem is there...
System.out.println("signature verified");
} else {
System.out.println("signature failed!");
}
}
}
public static void main(String[] args) throws Exception {
Properties props = System.getProperties();
Session session = Session.getDefaultInstance(props, null);
try {
FileInputStream fr = new FileInputStream("signature.crt");
CertificateFactory cf = CertificateFactory.getInstance("X509");
X509Certificate c = (X509Certificate) cf.generateCertificate(fr);
System.out.println("Read in the following certificate:");
System.out.println("\tCertificate for: " + c.getSubjectDN());
System.out.println("\tCertificate issued by: " + c.getIssuerDN());
System.out.println("\tThe certificate is valid from " + c.getNotBefore() + " to " + c.getNotAfter());
System.out.println("\tCertificate SN# " + c.getSerialNumber());
System.out.println("\tGenerated with " + c.getSigAlgName());
System.out.println(c.getPublicKey());
} catch (Exception e) {
e.printStackTrace();
}
try {
MimeMessage msg = new MimeMessage(session, new SharedFileInputStream("G:\\MIME.txt"));
if (msg.isMimeType("multipart/signed")) {
SMIMESignedParser s = new SMIMESignedParser((MimeMultipart) msg.getContent());
System.out.println("Status:");
verify(s);
} else if (msg.isMimeType("application/pkcs7-mime")) {
// in this case the content is wrapped in the signature block.
//
SMIMESignedParser s = new SMIMESignedParser(msg);
System.out.println("Status1:");
verify(s);
} else {
System.err.println("Not a signed message!");
}
} catch (MessagingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (CMSException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
和我有此异常问题:
CMSSignerDigestMismatchException:消息摘要的属性值不匹配的计算值。我不知道我做错了。我使用JDK 1.4.2。
CMSSignerDigestMismatchException: message-digest attribute value does not match calculated value. I don't know what am i doing wrong. I use jdk 1.4.2.
推荐答案
我刚刚发现,问题出消息。我转换字节数组字符串,然后这个字符串转换成输入流。现在我给InputStream的字节数组,无需转换,并一切正常:)
I just find out that the problem is with message. I converted byte array to string and then this string into input stream. Now i give to inputstream byte array without conversion and everything is ok :)
这篇关于S / MIME验证与X509证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文