最近的一个项目需要用到数字签名,参考以下网友文章后,http://hi.baidu.com/luckydogs888/blog/item/50103cf0b587a8aea40f52ee.html,客户端基于usbkey,使用cryptapi进行了数字签名...
最近的一个项目需要用到数字签名,参考以下网友文章后,http://hi.baidu.com/luckydogs888/blog/item/50103cf0b587a8aea40f52ee.html,客户端基于usbkey,使用cryptapi进行了数字签名,但是在服务器端验证时,始终不能通过。
请各位多多指教啊。
代码开始
import com.les.lib.crypto.*;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.RSAPublicKeySpec;
public class Test {
public static void main(String[] args) throws Exception {
//从csp中产生的公钥中获取mod及exp,并经过base64编码的字符串
String modStr = "c9g1DwX3F/gdP0Yp/BouCsJF09N0uiZZ+TLHIhJvwx734QaOCYxEyEku7bQuNbMYewsUlQorRds8PKkqLSjfoTq7p93BySNQdLgcnkLBgwK+j4F/XwxA1oB1U5Ch6ArsltXfHduFn+vN9G5h88Pj1k7PL27l2S4+dQFx6gX/Lt8=";
String expStr = "AQABAA==";
//原始字符串"hello" base64编码的字符串
String signInfoStr = "aGVsbG8=";
//经过签名的数据 base64编码的字符串
String signRstDataStr = "hH9v2A/iXDiS2YXk+7QltV02mVYyqjwvecYfM5mheGafCdLv+bkbrQq3cK7Qb8Ve8K82TZxaK3Zr2Nz/IYaWmoccwOOQg2l8PynqYUhF5JZ+QTiFiYxphwwCTPInFAqWf51K0sHMV10mU3tD7S1B1PAhGGH7VlfdJj32ThbVxBw=";
byte[] SignInfo = LesBase64.Decode(signInfoStr);
System.out.println(new String(SignInfo)); //输出:hello
byte[] SigRstData = LesBase64.Decode(signRstDataStr);
byte[] PKModData = LesBase64.Decode(modStr);
System.out.println(PKModData.length); //输出:128
byte[] PKExpData = LesBase64.Decode(expStr);
byte[] tmp = new byte[PKExpData.length];
for(int i=0;i
tmp[i] = PKExpData[tmp.length-1-i];
}
PKExpData = tmp;
tmp = new byte[PKModData.length];
for(int i=0;i
tmp[i] = PKModData[tmp.length-1-i];
}
PKModData = tmp;
System.out.println(new BigInteger(PKModData)); //输出:-23044474618443941383902157989433713642754642298123185917416211360425356439984730720143561840636265334477915811759872992901025725547865406928667093516053554229664729366267514183621429444301759294057240034718845510998903412772340841976942873675932791475264108345091133681924864382089294026942504783801160968077
System.out.println(new BigInteger(PKExpData)); //输出:65537
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec( new BigInteger(PKModData), new BigInteger( PKExpData));
PublicKey pkey = keyFactory.generatePublic(pubKeySpec);
Signature sig = Signature.getInstance("MD5withRSA");
sig.initVerify(pkey);
sig.update(SignInfo);
boolean VerifyResult = sig.verify(SigRstData);
System.out.println(VerifyResult); //输出:false
}
}
///代码结束
展开