java签名和验签问题
String sign="dfgfgh";
X509Certificate x509Certificate = (X509Certificate) CAUtil.getCfeformPfx("d:/TestingUser1_sign.pfx", "12345678"); //工具类根据PFX文件得到Certificate对象再强转
Signature signature = Signature.getInstance(x509Certificate.getSigAlgName());
PrivateKey privateKey=CAUtil.GetPvkformPfx("d:/TestingUser1_sign.pfx", "12345678");//工具类根据PFX文件得到私钥
signature.initSign(privateKey);
signature.update(sign.getBytes());
byte[] data=signature.sign(); //签名
X509Certificate cf = (X509Certificate) CAUtil.getX509Certificate("d:/TestingUser1_sign_pub.cer"); //工具类
// 由证书构建签名
Signature s = Signature.getInstance(cf.getSigAlgName());
// 由证书初始化签名,实际上是使用了证书中的公钥
s.initVerify(cf);
s.update(data);
System.out.println( s.verify(sign.getBytes()));
得到的结果却是是FALSE 不知道错在哪里,请各位大大指证.TestingUser1_sign_pub.cer为TestingUser1_sign.pfx的公钥证书