Хочет прочитать оригинал содержимого из signdata в цифровом сертификате

Question

Plz помочь мне зачитать первоначальное содержание после проверки Signdata ...

Моего кода выглядит так:

import java.io.*; 
import java.util.*; 
import java.security.*; 
import java.security.Security; 
import java.security.cert.*; 
import org.bouncycastle.jce.provider.BouncyCastleProvider; 
import org.bouncycastle.cms.*; 


/* Verify INCLUDED CMS signature CMS/pkcs #7 signature using BC provider. 
    Verify with either the included signer certificate, or a specified separate signer 
    certificate file. 
    Output signed content to binary file 
       M. Gallant 04/01/2005 */ 

class BCVerifyISig { 
static final boolean DEBUG =true; 

public static void main(String args[]) { 
System.out.println(""); 


Security.addProvider(new BouncyCastleProvider()); 

X509Certificate signercert = null; 

String INFILE = "MIIHWgYJKoZIhvcNAQcCoIIHSzCCB0cCAQExCzAJBgUrDgMCGgUAMDwGCSqGSIb3DQEHAaAvBC1UaGlzIGlzIHNhbXBsZSBmaWxlIGZyb20gVENTIC4NCg0KQnkgTmFyZW5kcmGgggUpMIIFJTCCBA2gAwIBAgIKBN4I7NsiDn/KbDANBgkqhkiG9w0BAQUFADCBszELMAkGA1UEBhMCSU4xEjAQBgNVBAoTCUluZGlhIFBLSTEPMA0GA1UECxMGVENTIENBMTcwNQYDVQQDEy5UYXRhIENvbnN1bHRhbmN5IFNlcnZpY2VzIENlcnRpZnlpbmcgQXV0aG9yaXR5MRIwEAYDVQQHEwlIeWRlcmFiYWQxJTAjBgkqhkiG9w0BCQEWFmFkbWluQHRjcy1jYS50Y3MuY28uaW4xCzAJBgNVBAgTAkFQMB4XDTEwMDQxOTEwMDYwOFoXDTExMDQxOTEwMDYwOFowggEaMQswCQYDVQQGEwJJTjEXMBUGA1UECBMOQW5kaHJhIFByYWRlc2gxEjAQBgNVBAcTCUh5ZGVyYWJhZDE5MDcGA1UEChMwVGF0YSBDb25zdWx0YW5jeSBTZXJ2aWNlcyAtIENlcnRpZnlpbmcgQXV0aG9yaXR5MSgwJgYDVQQLEx9UQ1MtQ0EgLSBSZWdpc3RyYXRpb24gQXV0aG9yaXR5MSAwHgYDVQQLExdJbmRpdmlkdWFsIC0gR292ZXJubWVudDEcMBoGA1UECxMTQ2xhc3MgMyBDZXJ0aWZpY2F0ZTEmMCQGCSqGSIb3DQEJARYXYXBvbmxpbmVfcnNkcEBhcC5nb3YuaW4xETAPBgNVBAMTCEEgTXVyYWxpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIOkRYUG4o0tEOLbqE+h41NKw/o8JBCJ139LB/yMOxiBZbn2jdhw2uiDqwinmwh1C6T2pu5LwtxKTgqLwcwNIIbs+C+A4PrnYRyoke/S15Tx6zxgiIOcLxOZOu9qAtzGbLyxE8vP0nIOhBRbt3zIBOhPKEHb4HYI8UrSjdp68xGQIDAQABo4IBUzCCAU8wDAYDVR0TAQH/BAIwADALBgNVHQ8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMCMB0GA1UdDgQWBBQxsf0e2vnFCoJ3rv98C6T9jNxRFzAiBgNVHREEGzAZgRdhcG9ubGluZV9yc2RwQGFwLmdvdi5pbjATBgNVHSMEDDAKgAhJuUo0WSwkoTBSBgNVHSAESzBJMEcGCGCCZGQBAwMDMDswOQYIKwYBBQUHAgEWLWh0dHA6Ly93d3cudGNzLWNhLnRjcy5jby5pbi9yZWx5aW5ncGFydHkuaHRtbDBnBgNVHR8EYDBeMC6gLKAqhihodHRwOi8vd3d3LnRjcy1jYS50Y3MuY28uaW4vY3JsXzI3ODUuY3JsMCygKqAohiZodHRwOi8vd3d3LnRjcy1jYS50Y3MuY29tL2NybF8yNzg1LmNybDANBgkqhkiG9w0BAQUFAAOCAQEAza5lRCk3ggOmPZX4/hfEwRQ3HBckrlVAjUUs11RZAbH36I/K1GdrbFpB+4IWA9HU4I+TkEklrMx+rCp6PROy/HKgO1u7IWsaoknOJMfhXH6zXm5VqWFuUOrqtWqhBSR9Xjnjc4E70gX+5hDFcPwvbeX2/nQdk1Ebr4lXMj++PWYWu9D8Ny7k+6pL1jSccCJxPQg8bLUoSSPl+zsp8pK8OIS49arbc+QSDL7rboE9UMTQgLPoXxcuUB3+ISQ1AjuJXW1aDb4NjGU+bkbYB58ngnbqSWCncYIQtaAwpqmPaUTSEHuZeE5zX8LDmuuAokHD1Z2elYV0SBn/9OxNpH1O7zGCAcgwggHEAgEBMIHCMIGzMQswCQYDVQQGEwJJTjESMBAGA1UEChMJSW5kaWEgUEtJMQ8wDQYDVQQLEwZUQ1MgQ0ExNzA1BgNVBAMTLlRhdGEgQ29uc3VsdGFuY3kgU2VydmljZXMgQ2VydGlmeWluZyBBdXRob3JpdHkxEjAQBgNVBAcTCUh5ZGVyYWJhZDElMCMGCSqGSIb3DQEJARYWYWRtaW5AdGNzLWNhLnRjcy5jby5pbjELMAkGA1UECBMCQVACCgTeCOzbIg5/ymwwCQYFKw4DAhoFAKBdMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZI"; 
INFILE +="hvcNAQkFMQ8XDTEwMDcwOTEzMzMxNFowIwYJKoZIhvcNAQkEMRYEFEIW89h1fgH0b6ofWCdqmeEI2fPWMA0GCSqGSIb3DQEBAQUABIGApi7QJtVF5FkDQ1eI0B7vaBfSmkdh8ywVdOH8AitKOduVeqQp74jWNN8p5J6ut4DhjrRPq9TGSy8vXDFm5tPAs/gqehGTGRixskLyF0mkwItIQvcfsxDmYnB0hrVt46fOUirVpSzQ6AqnW4DCXzX5zEY/dPk5bIgYi4KElaGVKSI="; // Input CMS/PKCS#7 included signed content to verify 
String OUTFILE = "C:\\Documents and Settings\\Administrator\\Desktop\\cert\\abc.01"; //output file containing recovered signed-content 
if(true) { 
    try{ 
     byte[] sigbytes1 = null; 
     sun.misc.BASE64Decoder dec = new sun.misc.BASE64Decoder() ; 
     //String theString="-----BEGIN CERTIFICATE-----"; 
     String theString ="MIIFJTCCBA2gAwIBAgIKBN4I7NsiDn/KbDANBgkqhkiG9w0BAQUFADCBszELMAkG"; 
     theString +="A1UEBhMCSU4xEjAQBgNVBAoTCUluZGlhIFBLSTEPMA0GA1UECxMGVENTIENBMTcw"; 
     theString +="NQYDVQQDEy5UYXRhIENvbnN1bHRhbmN5IFNlcnZpY2VzIENlcnRpZnlpbmcgQXV0"; 
     theString +="aG9yaXR5MRIwEAYDVQQHEwlIeWRlcmFiYWQxJTAjBgkqhkiG9w0BCQEWFmFkbWlu"; 
     theString +="QHRjcy1jYS50Y3MuY28uaW4xCzAJBgNVBAgTAkFQMB4XDTEwMDQxOTEwMDYwOFoX"; 
     theString +="DTExMDQxOTEwMDYwOFowggEaMQswCQYDVQQGEwJJTjEXMBUGA1UECBMOQW5kaHJh"; 
     theString +="IFByYWRlc2gxEjAQBgNVBAcTCUh5ZGVyYWJhZDE5MDcGA1UEChMwVGF0YSBDb25z"; 
      theString +="dWx0YW5jeSBTZXJ2aWNlcyAtIENlcnRpZnlpbmcgQXV0aG9yaXR5MSgwJgYDVQQL"; 
     theString +="Ex9UQ1MtQ0EgLSBSZWdpc3RyYXRpb24gQXV0aG9yaXR5MSAwHgYDVQQLExdJbmRp"; 
     theString +="dmlkdWFsIC0gR292ZXJubWVudDEcMBoGA1UECxMTQ2xhc3MgMyBDZXJ0aWZpY2F0"; 
     theString +="ZTEmMCQGCSqGSIb3DQEJARYXYXBvbmxpbmVfcnNkcEBhcC5nb3YuaW4xETAPBgNV"; 
     theString +="BAMTCEEgTXVyYWxpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIOkRYUG4o"; 
      theString +="0tEOLbqE+h41NKw/o8JBCJ139LB/yMOxiBZbn2jdhw2uiDqwinmwh1C6T2pu5Lwt"; 
      theString +="xKTgqLwcwNIIbs+C+A4PrnYRyoke/S15Tx6zxgiIOcLxOZOu9qAtzGbLyxE8vP0n"; 
     theString +="IOhBRbt3zIBOhPKEHb4HYI8UrSjdp68xGQIDAQABo4IBUzCCAU8wDAYDVR0TAQH/"; 
     theString +="BAIwADALBgNVHQ8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMC"; 
     theString +="MB0GA1UdDgQWBBQxsf0e2vnFCoJ3rv98C6T9jNxRFzAiBgNVHREEGzAZgRdhcG9u"; 
     theString +="bGluZV9yc2RwQGFwLmdvdi5pbjATBgNVHSMEDDAKgAhJuUo0WSwkoTBSBgNVHSAE"; 
     theString +="SzBJMEcGCGCCZGQBAwMDMDswOQYIKwYBBQUHAgEWLWh0dHA6Ly93d3cudGNzLWNh"; 
     theString +="LnRjcy5jby5pbi9yZWx5aW5ncGFydHkuaHRtbDBnBgNVHR8EYDBeMC6gLKAqhiho"; 
      theString +="dHRwOi8vd3d3LnRjcy1jYS50Y3MuY28uaW4vY3JsXzI3ODUuY3JsMCygKqAohiZo"; 
     theString +="dHRwOi8vd3d3LnRjcy1jYS50Y3MuY29tL2NybF8yNzg1LmNybDANBgkqhkiG9w0B"; 
     theString +="AQUFAAOCAQEAza5lRCk3ggOmPZX4/hfEwRQ3HBckrlVAjUUs11RZAbH36I/K1Gdr"; 
     theString +="bFpB+4IWA9HU4I+TkEklrMx+rCp6PROy/HKgO1u7IWsaoknOJMfhXH6zXm5VqWFu"; 
     theString +="UOrqtWqhBSR9Xjnjc4E70gX+5hDFcPwvbeX2/nQdk1Ebr4lXMj++PWYWu9D8Ny7k"; 
     theString +="+6pL1jSccCJxPQg8bLUoSSPl+zsp8pK8OIS49arbc+QSDL7rboE9UMTQgLPoXxcu"; 
     theString +="UB3+ISQ1AjuJXW1aDb4NjGU+bkbYB58ngnbqSWCncYIQtaAwpqmPaUTSEHuZeE5z"; 
          theString +="X8LDmuuAokHD1Z2elYV0SBn/9OxNpH1O7w=="; 
            // theString +="-----END CERTIFICATE-----"; 
     sigbytes1 = dec.decodeBuffer(new String(theString.getBytes())); 
     System.out.println("sdfsdf"+sigbytes1); 
    InputStream inStream = new ByteArrayInputStream(sigbytes1); 

    CertificateFactory cf = CertificateFactory.getInstance("X.509"); 
    signercert = (X509Certificate)cf.generateCertificate(inStream); 
    inStream.close(); 
    if(DEBUG) 
     System.out.println("Got certificate from file " ) ; 
    } 
    catch(Exception cerexc) { 
    System.out.println("Failed to create certificate from file " + cerexc.toString()) ; 
    System.exit(1) ; 
    } 
    } 

boolean INCLUDED = true; // included (true) or detached (false) content 

    FileInputStream freader = null; 
    File f = null; 

//------ Get the included data signature from file ------------- 
    //f = new File(INFILE) ; 
    //int sizecontent = ((int) f.length()); 
    byte[] sigbytes = null; 

    try { 
    //freader = new FileInputStream(f); 
    sigbytes=INFILE.getBytes(); 

    // System.out.println("\nSignature Bytes: " + freader.read(sigbytes, 0, sizecontent)); 
    // freader.close(); 
    } 
    catch(Exception ioe) { 
    System.out.println(ioe.toString()); 
    return; 
    } 




if(isBase64Encoded(sigbytes)){ 
    try{ 
    sun.misc.BASE64Decoder dec = new sun.misc.BASE64Decoder() ; 

    sigbytes = dec.decodeBuffer(new String(sigbytes)); 
    System.out.println("Signature file is BASE64 encoded") ; 
    } 
    catch(Exception ioe) {System.out.println("Problem decoding from b64") ; } 
    } 

// --- Use Bouncy Castle provider to verify included-content CSM/PKCS#7 signature --- 
try{ 
    CMSSignedData s = new CMSSignedData(sigbytes) ; 
    CertStore certs  = s.getCertificatesAndCRLs("Collection", "BC"); 
    SignerInformationStore signers = s.getSignerInfos(); 
    Collection   c = signers.getSigners(); 
    Iterator    it = c.iterator(); 
    int verified = 0; 

    while (it.hasNext()) 
    { 
     X509Certificate cert =null; 
     SignerInformation signer = (SignerInformation)it.next(); 
     Collection   certCollection = certs.getCertificates(signer.getSID()); 
     if (certCollection.isEmpty() && signercert==null) 
    continue; 
     else if (signercert !=null)  // use a signer cert file for verification, if it was provided 
    cert = signercert; 
     else {    // use the certificates included in the signature for verification 
    Iterator  certIt = certCollection.iterator(); 
    cert = (X509Certificate)certIt.next(); 
    } 

    if(DEBUG) 
     System.out.println("Current certificate " + cert.toString()) ; 
    System.out.println("") ; 

     if (signer.verify(cert.getPublicKey(), "BC")) 
    verified++; 
    } 

    if(verified == 0) 
    System.out.println("WARNING: No signers' signatures could be verified !") ; 
    else if(signercert !=null) 
    System.out.println("Verified a signature using signer certificate file '" ) ; 
    else 
    System.out.println("Verified a signature using a certificate in the signature file '" + INFILE + "'") ; 


    CMSProcessableByteArray cpb = (CMSProcessableByteArray) s.getSignedContent() ; 
    byte[] rawcontent = (byte[]) cpb.getContent() ; 
    System.out.println("\nWriting content (" + rawcontent.length + " bytes) to file " + OUTFILE + " ... ") ; 
    FileOutputStream fcontent = new FileOutputStream(OUTFILE); 
    fcontent.write(rawcontent); 
    fcontent.close(); 

} 
catch(Exception ex){ 
    System.out.println("Couldn't verify included-content CMS signature\n" + ex.toString()) ; 
} 
} 


private static final boolean isBase64Encoded(byte[] data) { 
    Arrays.sort(Base64Map); 
    for (int i=0; i<data.length; i++){ 
    //System.out.println("data[" + i + "] " + (char)data[i]) ; 
    if(Arrays.binarySearch(Base64Map, (char)data[i])<0 
     && !Character.isWhitespace((char)data[i])) 
    return false; 
    } 
    return true; 
} 

    private static char[] Base64Map = 
    { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 
     'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 
     'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 
     'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', 
     'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 
     'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 
     'w', 'x', 'y', 'z', '0', '1', '2', '3', 
     '4', '5', '6', '7', '8', '9', '+', '/', '=' 
    }; 




private static void usage() { 
    System.out.println("Usage:\n java BCVerifyISig <includedContentSignatureFile> <outputContentFile> [signercertFile]") ; 
    System.exit(1); 
} 
} 

После проверить я хочу чтобы вернуть исходный конечный контент, откуда я генерирую данные знака.

Здесь в коде выше INFILE мой Signdata и theString является открытым ключом пользователя.

Answer 1

Если эта информация включена в представлении pkcs7, то вы можете получить его с помощью:

byte[] data = Base64.decodeBase64(base64EncodedPKCS7.getBytes()); 
CMSSignedData signedData = new CMSSignedData(data); 
signedData.getSignedContent(); 

Однако это не является необходимым, чтобы эта информация будет включена. Если это не так, вы должны передать его отдельно от PKCS7.

base64EncodedPKCS7 - это содержание вашего вторжения.

Answer 2

Попробуйте использовать это.

byte[] signedBytes = documento.getDataDocumento() 
CMSSignedData signedData = new CMSSignedData(signedBytes); 

CMSProcessable signedContent = signedData.getSignedContent(); 

byte[] archivoOriginal = (byte[]) signedContent.getContent(); 

Answer 3

Попробуйте:

byte[] byte_out=null; 
    ByteArrayOutputStream out=null; 
    out = new ByteArrayOutputStream(); 
    signedData.getSignedContent().write(out); 
    byte_out=out.toByteArray(); 
    String s = new String(byte_out); 
    System.out.println("Original Content-->" +s);