java – signature.verify()始终返回False
发布时间:2020-12-15 05:04:46 所属栏目:Java 来源:网络整理
导读:public static void main(String[] args) { try{ String mod = "q0AwozeUj0VVkoksDQSCTj3QEgODomq4sAr02xMyIrWldZrNHhWfZAIcWt2MuAY3X6S3ZVUfOFXOrVbltRrO3F9Z6R8/jJIMv7wjkeVBFC5gncwGR0C3aV9gmF6II19jTKfF1sxb26iMEMAlMEOSnAAceNaJH91zBoaW7ZIh+qk="; Stri
public static void main(String[] args) { try{ String mod = "q0AwozeUj0VVkoksDQSCTj3QEgODomq4sAr02xMyIrWldZrNHhWfZAIcWt2MuAY3X6S3ZVUfOFXOrVbltRrO3F9Z6R8/jJIMv7wjkeVBFC5gncwGR0C3aV9gmF6II19jTKfF1sxb26iMEMAlMEOSnAAceNaJH91zBoaW7ZIh+qk="; String exp = "AQAB"; byte[] modulusBytes = Base64.decodeBase64(mod.getBytes("UTF-8")); byte[] exponentBytes = Base64.decodeBase64(exp.getBytes("UTF-8")); String signedMessage = "3753e672cfb21e3c182ef2df51f19edeffb63432ed338a47251326ccc14aa63883e910a140cf313754ebc6425aad434e309307cc882da6cd4a4f9f40bd14a9823aca145e5ffc97cd63dbb5925c049282416bdfd7d74ddeef7055065210a841793fe315dff5a44af19c1522daafdc2f7e61ce5a2b42ebf79dfb086e6d210168dd"; BigInteger modulus = new BigInteger(1,modulusBytes ); BigInteger exponent = new BigInteger(1,exponentBytes); RSAPublicKeySpec rsaPubKey = new RSAPublicKeySpec(modulus,exponent); KeyFactory fact = KeyFactory.getInstance("RSA"); PublicKey pubKey = fact.generatePublic(rsaPubKey); Signature signature = Signature.getInstance("SHA1withRSA"); byte[] sigBytes = hexStringToByteArray(signedMessage); signature.initVerify(pubKey); System.out.println(signature.verify(sigBytes)); }catch(Exception e){ System.out.println("Error: " + e.toString()); } } private static byte[] hexStringToByteArray(final String encoded) { if ((encoded.length() % 2) != 0) throw new IllegalArgumentException("Input string must contain an even number of characters"); final byte result[] = new byte[encoded.length()/2]; final char enc[] = encoded.toCharArray(); for (int i = 0; i < enc.length; i += 2) { StringBuilder curr = new StringBuilder(2); curr.append(enc[i]).append(enc[i + 1]); result[i/2] = (byte) Integer.parseInt(curr.toString(),16); } return result; } 此代码始终返回false.我不知道从哪里开始. 解决方法
在您对邮件进行签名的地方,您应该拥有以下代码:
Signature signature = Signature.getInstance("SHA1withRSA"); signature.initSign(privKey); signature.update(message); byte[] signatureValue = signature.sign(); 请注意名为signatureValue的字节数组.这是数据的实际签名.这就是你应该提供给verify() – 方法的东西.应该在调用update() – 方法时提供已签名的消息.即: Signature signature = Signature.getInstance("SHA1withRSA"); signature.initVerify(pubKey); signature.update(message); bool ok = signature.verify(signatureValue); (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |