数字签名的长度是否取决于数字令牌(数字证书)?
Is length of Digital Signature is digital token(digital certificate) dependent?
数字签名的长度是否依赖于数字令牌(数字证书)?我正在使用以下代码生成数字签名,数字签名的长度因证书而异。所有证书的长度都是唯一的,还是取决于证书?我正在使用 ePass 数字令牌。
Security.addProvider(new BouncyCastleProvider());
try {
Signature signature = Signature.getInstance(DIGEST_SHA1);
signature.initSign(privateKey);
signature.update("abc".getBytes("UTF-8"));
// X509Certificate certFromKeystore = (X509Certificate) ks.getCertificate(signName);
X509Certificate certFromKeystore = x509CertificateToSign;
// System.out.println(alias+"***"+certFromKeystore.toString());
List certList = new ArrayList();
CMSTypedData data = new CMSProcessableByteArray("abc".getBytes());
certList.add(certFromKeystore);
Store certs = new JcaCertStore(certList);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
ContentSigner sha1Signer = new JcaContentSignerBuilder(DIGEST_SHA1)
.setProvider("SunMSCAPI").build(privateKey);
gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().setProvider(BC_PROVIDER).build())
.build(sha1Signer, certFromKeystore));
gen.addCertificates(certs);
CMSSignedData signedData = gen.generate(data, false);
BASE64Encoder encoder = new BASE64Encoder();
String signedContent = encoder.encode((byte[]) signedData.getSignedContent().getContent());
System.out.println(
"=============Signed content:=============" + "\n" + signedContent + "\n");
String envelopedData = encoder.encode(signedData.getEncoded());
System.out.println("==============Enveloped data===============" + "\n"
+ envelopedData + "==" + envelopedData.length());
这取决于您使用的数字签名格式。
基本签名容器(即 PKCS#1)仅包含已签名的哈希。高级格式也可以包括证书本身或对证书的引用。
在你的情况下,CMS,你包括了证书,所以每个结果的大小都会不同
数字签名的长度是否依赖于数字令牌(数字证书)?我正在使用以下代码生成数字签名,数字签名的长度因证书而异。所有证书的长度都是唯一的,还是取决于证书?我正在使用 ePass 数字令牌。
Security.addProvider(new BouncyCastleProvider());
try {
Signature signature = Signature.getInstance(DIGEST_SHA1);
signature.initSign(privateKey);
signature.update("abc".getBytes("UTF-8"));
// X509Certificate certFromKeystore = (X509Certificate) ks.getCertificate(signName);
X509Certificate certFromKeystore = x509CertificateToSign;
// System.out.println(alias+"***"+certFromKeystore.toString());
List certList = new ArrayList();
CMSTypedData data = new CMSProcessableByteArray("abc".getBytes());
certList.add(certFromKeystore);
Store certs = new JcaCertStore(certList);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
ContentSigner sha1Signer = new JcaContentSignerBuilder(DIGEST_SHA1)
.setProvider("SunMSCAPI").build(privateKey);
gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().setProvider(BC_PROVIDER).build())
.build(sha1Signer, certFromKeystore));
gen.addCertificates(certs);
CMSSignedData signedData = gen.generate(data, false);
BASE64Encoder encoder = new BASE64Encoder();
String signedContent = encoder.encode((byte[]) signedData.getSignedContent().getContent());
System.out.println(
"=============Signed content:=============" + "\n" + signedContent + "\n");
String envelopedData = encoder.encode(signedData.getEncoded());
System.out.println("==============Enveloped data===============" + "\n"
+ envelopedData + "==" + envelopedData.length());
这取决于您使用的数字签名格式。
基本签名容器(即 PKCS#1)仅包含已签名的哈希。高级格式也可以包括证书本身或对证书的引用。
在你的情况下,CMS,你包括了证书,所以每个结果的大小都会不同