如何更正使用 java 的 rsa 私钥生成签名?
How to correct generate signature using rsa private key with java?
我是 Java 的加密新手,我有一个简单的问题。我有带有 SHA1withRSA 可信私钥和证书的 JKS 密钥库,我需要为 SOAP 消息生成 PKCS#7 签名。
我试着找到了一些关于这个的信息,目前,我有这个:
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(...);//load ks from ks path
//initiate signature(if I do it - Web-Service send me exception:Error while
//ASN.1-decoding PKCS#7 message
RSAPrivateKey = (RSAPrivateKey) ks.getKey(...);
Signature sign = Signature.getInstance("SHA1WithRSA);
sign.initSign(privatKey);
sign.update(data)//data - final byte[] data - method argument
byte[] bb = sign.sign();
BASE64Encoder enc = new BASE64Encoder();
return encoder.encode(bb);
请告诉我,我的错误在哪里?也许我跳过了 need 类 并且这段代码没有我想要的那么好。谢谢
不,仅生成 PKCS#1 签名是不够的。
PKCS#7 指定 Cryptographic Message Syntax (CMS). This is a container format, not just a signature. You need an implementation of CMS to create such a signature. A well known library that contains an implementation of CMS is Bouncy Castle:
Generators/Processors for S/MIME and CMS (PKCS7/RFC 3852).
我是 Java 的加密新手,我有一个简单的问题。我有带有 SHA1withRSA 可信私钥和证书的 JKS 密钥库,我需要为 SOAP 消息生成 PKCS#7 签名。 我试着找到了一些关于这个的信息,目前,我有这个:
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(...);//load ks from ks path
//initiate signature(if I do it - Web-Service send me exception:Error while
//ASN.1-decoding PKCS#7 message
RSAPrivateKey = (RSAPrivateKey) ks.getKey(...);
Signature sign = Signature.getInstance("SHA1WithRSA);
sign.initSign(privatKey);
sign.update(data)//data - final byte[] data - method argument
byte[] bb = sign.sign();
BASE64Encoder enc = new BASE64Encoder();
return encoder.encode(bb);
请告诉我,我的错误在哪里?也许我跳过了 need 类 并且这段代码没有我想要的那么好。谢谢
不,仅生成 PKCS#1 签名是不够的。
PKCS#7 指定 Cryptographic Message Syntax (CMS). This is a container format, not just a signature. You need an implementation of CMS to create such a signature. A well known library that contains an implementation of CMS is Bouncy Castle:
Generators/Processors for S/MIME and CMS (PKCS7/RFC 3852).