难道CSDN上就没人会了吗？一直没有人回答

ipsoft 2008-09-26 02:31:26

x509 v3版证书 PKCS12
做验签怎么做啊。专家门救救。

下面的代码对吗？





byte[] plainByte = System.Text.Encoding.Default.GetBytes(PlainString);

            byte[] paSign = Hex2byte(EncryptedString);



            string certPath = Fetch.MapPath(PathProvider.BasePath + "/pingan/V_GROUP_LPMS_PARTNER_SIGN.cer");

            X509Certificate2 myCert = new X509Certificate2(certPath);

            RSACryptoServiceProvider RSA = (RSACryptoServiceProvider)myCert.PublicKey.Key;

            RSAPKCS1SignatureDeformatter RSADeformatter = new RSAPKCS1SignatureDeformatter(RSA);

            RSADeformatter.SetHashAlgorithm("SHA1");

            if (RSADeformatter.VerifySignature(plainByte, paSign))

            {

                return "The signature was verified.";

            }

            else

            {

                return "The signature was not verified.";

            }

出异常信息，异常详细信息: System.Security.Cryptography.CryptographicException: 不正确的散列算法。

对方网站是用的JAVA开发的。java签名和验签操作代码如下



private static String algorithm = "SHA1withRSA";

/**

     * 签名服务

     */

    public String sign(String srcStr) throws Exception {



//        KeyStore store = KeyStore.getInstance("JKS");

        KeyStore store = KeyStore.getInstance("PKCS12");

        FileInputStream stream = new FileInputStream(sslTrustStore4SSLChannel); // jks文件名

        String passwd = sslTrustPassword4SSLChannel; // jks文件密码

        store.load(stream, passwd.toCharArray());

        // 获取jks证书别名

        Enumeration en = store.aliases();

        String pName = null;



        while (en.hasMoreElements()) {

            String n = (String) en.nextElement();

            if (store.isKeyEntry(n)) {

                pName = n;

            }

        }



        // 获取证书的私钥

        PrivateKey key = (PrivateKey) store.getKey(pName, passwd.toCharArray());

        // 进行签名服务

        Signature signature = Signature.getInstance(algorithm);

        signature.initSign(key);

        signature.update(srcStr.getBytes());

        byte[] signedData = signature.sign();

        // 将字节数组转换成HEX字符串返回



        return byte2hex(signedData);

    }



    /**

     * 进行验签服务

     */

    public boolean verify(String srcStr, String hexStr) throws Exception {

        // 获取指定证书的公钥

        CertificateFactory certInfo = CertificateFactory.getInstance("x.509");

        X509Certificate cert = (X509Certificate) certInfo

                .generateCertificate(new FileInputStream(certFilePath));

        PublicKey publicKey = cert.getPublicKey();

        Signature sign3 = Signature.getInstance(algorithm);

        sign3.initVerify(publicKey);

        sign3.update(srcStr.getBytes());

        // boolean success = sign3.verify(signedData);

        boolean success = sign3.verify(hex2byte(hexStr));

        return success;

    }



    public static String byte2hex(byte[] b) {

        String hs = "";

        String stmp = "";

        for (int i = 0; i < b.length; i++) {

            stmp = Integer.toHexString(b[i] & 0xFF);

            if (stmp.length() == 1) {

                hs += "0" + stmp;

            } else {

                hs += stmp;

            }

        }

        return hs.toUpperCase();



    }



    public static byte[] hex2byte(String hex) throws IllegalArgumentException {

        if (hex.length() % 2 != 0) {

            throw new IllegalArgumentException();

        }

        char[] arr = hex.toCharArray();

        byte[] b = new byte[hex.length() / 2];

        for (int i = 0, j = 0, l = hex.length(); i < l; i++, j++) {

            String swap = "" + arr[i++] + arr[i];

            int byteint = Integer.parseInt(swap, 16) & 0xFF;

            b[j] = new Integer(byteint).byteValue();

        }

        return b;

    }