voulez lire le contenu original de signdata dans le certificat numérique

Question

plz help me pour lire le contenu original vérifier après Signdata ...

Mon code est comme ceci:

import java.io.*; 
import java.util.*; 
import java.security.*; 
import java.security.Security; 
import java.security.cert.*; 
import org.bouncycastle.jce.provider.BouncyCastleProvider; 
import org.bouncycastle.cms.*; 


/* Verify INCLUDED CMS signature CMS/pkcs #7 signature using BC provider. 
    Verify with either the included signer certificate, or a specified separate signer 
    certificate file. 
    Output signed content to binary file 
       M. Gallant 04/01/2005 */ 

class BCVerifyISig { 
static final boolean DEBUG =true; 

public static void main(String args[]) { 
System.out.println(""); 


Security.addProvider(new BouncyCastleProvider()); 

X509Certificate signercert = null; 

String INFILE = "MIIHWgYJKoZIhvcNAQcCoIIHSzCCB0cCAQExCzAJBgUrDgMCGgUAMDwGCSqGSIb3DQEHAaAvBC1UaGlzIGlzIHNhbXBsZSBmaWxlIGZyb20gVENTIC4NCg0KQnkgTmFyZW5kcmGgggUpMIIFJTCCBA2gAwIBAgIKBN4I7NsiDn/KbDANBgkqhkiG9w0BAQUFADCBszELMAkGA1UEBhMCSU4xEjAQBgNVBAoTCUluZGlhIFBLSTEPMA0GA1UECxMGVENTIENBMTcwNQYDVQQDEy5UYXRhIENvbnN1bHRhbmN5IFNlcnZpY2VzIENlcnRpZnlpbmcgQXV0aG9yaXR5MRIwEAYDVQQHEwlIeWRlcmFiYWQxJTAjBgkqhkiG9w0BCQEWFmFkbWluQHRjcy1jYS50Y3MuY28uaW4xCzAJBgNVBAgTAkFQMB4XDTEwMDQxOTEwMDYwOFoXDTExMDQxOTEwMDYwOFowggEaMQswCQYDVQQGEwJJTjEXMBUGA1UECBMOQW5kaHJhIFByYWRlc2gxEjAQBgNVBAcTCUh5ZGVyYWJhZDE5MDcGA1UEChMwVGF0YSBDb25zdWx0YW5jeSBTZXJ2aWNlcyAtIENlcnRpZnlpbmcgQXV0aG9yaXR5MSgwJgYDVQQLEx9UQ1MtQ0EgLSBSZWdpc3RyYXRpb24gQXV0aG9yaXR5MSAwHgYDVQQLExdJbmRpdmlkdWFsIC0gR292ZXJubWVudDEcMBoGA1UECxMTQ2xhc3MgMyBDZXJ0aWZpY2F0ZTEmMCQGCSqGSIb3DQEJARYXYXBvbmxpbmVfcnNkcEBhcC5nb3YuaW4xETAPBgNVBAMTCEEgTXVyYWxpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIOkRYUG4o0tEOLbqE+h41NKw/o8JBCJ139LB/yMOxiBZbn2jdhw2uiDqwinmwh1C6T2pu5LwtxKTgqLwcwNIIbs+C+A4PrnYRyoke/S15Tx6zxgiIOcLxOZOu9qAtzGbLyxE8vP0nIOhBRbt3zIBOhPKEHb4HYI8UrSjdp68xGQIDAQABo4IBUzCCAU8wDAYDVR0TAQH/BAIwADALBgNVHQ8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMCMB0GA1UdDgQWBBQxsf0e2vnFCoJ3rv98C6T9jNxRFzAiBgNVHREEGzAZgRdhcG9ubGluZV9yc2RwQGFwLmdvdi5pbjATBgNVHSMEDDAKgAhJuUo0WSwkoTBSBgNVHSAESzBJMEcGCGCCZGQBAwMDMDswOQYIKwYBBQUHAgEWLWh0dHA6Ly93d3cudGNzLWNhLnRjcy5jby5pbi9yZWx5aW5ncGFydHkuaHRtbDBnBgNVHR8EYDBeMC6gLKAqhihodHRwOi8vd3d3LnRjcy1jYS50Y3MuY28uaW4vY3JsXzI3ODUuY3JsMCygKqAohiZodHRwOi8vd3d3LnRjcy1jYS50Y3MuY29tL2NybF8yNzg1LmNybDANBgkqhkiG9w0BAQUFAAOCAQEAza5lRCk3ggOmPZX4/hfEwRQ3HBckrlVAjUUs11RZAbH36I/K1GdrbFpB+4IWA9HU4I+TkEklrMx+rCp6PROy/HKgO1u7IWsaoknOJMfhXH6zXm5VqWFuUOrqtWqhBSR9Xjnjc4E70gX+5hDFcPwvbeX2/nQdk1Ebr4lXMj++PWYWu9D8Ny7k+6pL1jSccCJxPQg8bLUoSSPl+zsp8pK8OIS49arbc+QSDL7rboE9UMTQgLPoXxcuUB3+ISQ1AjuJXW1aDb4NjGU+bkbYB58ngnbqSWCncYIQtaAwpqmPaUTSEHuZeE5zX8LDmuuAokHD1Z2elYV0SBn/9OxNpH1O7zGCAcgwggHEAgEBMIHCMIGzMQswCQYDVQQGEwJJTjESMBAGA1UEChMJSW5kaWEgUEtJMQ8wDQYDVQQLEwZUQ1MgQ0ExNzA1BgNVBAMTLlRhdGEgQ29uc3VsdGFuY3kgU2VydmljZXMgQ2VydGlmeWluZyBBdXRob3JpdHkxEjAQBgNVBAcTCUh5ZGVyYWJhZDElMCMGCSqGSIb3DQEJARYWYWRtaW5AdGNzLWNhLnRjcy5jby5pbjELMAkGA1UECBMCQVACCgTeCOzbIg5/ymwwCQYFKw4DAhoFAKBdMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZI"; 
INFILE +="hvcNAQkFMQ8XDTEwMDcwOTEzMzMxNFowIwYJKoZIhvcNAQkEMRYEFEIW89h1fgH0b6ofWCdqmeEI2fPWMA0GCSqGSIb3DQEBAQUABIGApi7QJtVF5FkDQ1eI0B7vaBfSmkdh8ywVdOH8AitKOduVeqQp74jWNN8p5J6ut4DhjrRPq9TGSy8vXDFm5tPAs/gqehGTGRixskLyF0mkwItIQvcfsxDmYnB0hrVt46fOUirVpSzQ6AqnW4DCXzX5zEY/dPk5bIgYi4KElaGVKSI="; // Input CMS/PKCS#7 included signed content to verify 
String OUTFILE = "C:\\Documents and Settings\\Administrator\\Desktop\\cert\\abc.01"; //output file containing recovered signed-content 
if(true) { 
    try{ 
     byte[] sigbytes1 = null; 
     sun.misc.BASE64Decoder dec = new sun.misc.BASE64Decoder() ; 
     //String theString="-----BEGIN CERTIFICATE-----"; 
     String theString ="MIIFJTCCBA2gAwIBAgIKBN4I7NsiDn/KbDANBgkqhkiG9w0BAQUFADCBszELMAkG"; 
     theString +="A1UEBhMCSU4xEjAQBgNVBAoTCUluZGlhIFBLSTEPMA0GA1UECxMGVENTIENBMTcw"; 
     theString +="NQYDVQQDEy5UYXRhIENvbnN1bHRhbmN5IFNlcnZpY2VzIENlcnRpZnlpbmcgQXV0"; 
     theString +="aG9yaXR5MRIwEAYDVQQHEwlIeWRlcmFiYWQxJTAjBgkqhkiG9w0BCQEWFmFkbWlu"; 
     theString +="QHRjcy1jYS50Y3MuY28uaW4xCzAJBgNVBAgTAkFQMB4XDTEwMDQxOTEwMDYwOFoX"; 
     theString +="DTExMDQxOTEwMDYwOFowggEaMQswCQYDVQQGEwJJTjEXMBUGA1UECBMOQW5kaHJh"; 
     theString +="IFByYWRlc2gxEjAQBgNVBAcTCUh5ZGVyYWJhZDE5MDcGA1UEChMwVGF0YSBDb25z"; 
      theString +="dWx0YW5jeSBTZXJ2aWNlcyAtIENlcnRpZnlpbmcgQXV0aG9yaXR5MSgwJgYDVQQL"; 
     theString +="Ex9UQ1MtQ0EgLSBSZWdpc3RyYXRpb24gQXV0aG9yaXR5MSAwHgYDVQQLExdJbmRp"; 
     theString +="dmlkdWFsIC0gR292ZXJubWVudDEcMBoGA1UECxMTQ2xhc3MgMyBDZXJ0aWZpY2F0"; 
     theString +="ZTEmMCQGCSqGSIb3DQEJARYXYXBvbmxpbmVfcnNkcEBhcC5nb3YuaW4xETAPBgNV"; 
     theString +="BAMTCEEgTXVyYWxpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIOkRYUG4o"; 
      theString +="0tEOLbqE+h41NKw/o8JBCJ139LB/yMOxiBZbn2jdhw2uiDqwinmwh1C6T2pu5Lwt"; 
      theString +="xKTgqLwcwNIIbs+C+A4PrnYRyoke/S15Tx6zxgiIOcLxOZOu9qAtzGbLyxE8vP0n"; 
     theString +="IOhBRbt3zIBOhPKEHb4HYI8UrSjdp68xGQIDAQABo4IBUzCCAU8wDAYDVR0TAQH/"; 
     theString +="BAIwADALBgNVHQ8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMC"; 
     theString +="MB0GA1UdDgQWBBQxsf0e2vnFCoJ3rv98C6T9jNxRFzAiBgNVHREEGzAZgRdhcG9u"; 
     theString +="bGluZV9yc2RwQGFwLmdvdi5pbjATBgNVHSMEDDAKgAhJuUo0WSwkoTBSBgNVHSAE"; 
     theString +="SzBJMEcGCGCCZGQBAwMDMDswOQYIKwYBBQUHAgEWLWh0dHA6Ly93d3cudGNzLWNh"; 
     theString +="LnRjcy5jby5pbi9yZWx5aW5ncGFydHkuaHRtbDBnBgNVHR8EYDBeMC6gLKAqhiho"; 
      theString +="dHRwOi8vd3d3LnRjcy1jYS50Y3MuY28uaW4vY3JsXzI3ODUuY3JsMCygKqAohiZo"; 
     theString +="dHRwOi8vd3d3LnRjcy1jYS50Y3MuY29tL2NybF8yNzg1LmNybDANBgkqhkiG9w0B"; 
     theString +="AQUFAAOCAQEAza5lRCk3ggOmPZX4/hfEwRQ3HBckrlVAjUUs11RZAbH36I/K1Gdr"; 
     theString +="bFpB+4IWA9HU4I+TkEklrMx+rCp6PROy/HKgO1u7IWsaoknOJMfhXH6zXm5VqWFu"; 
     theString +="UOrqtWqhBSR9Xjnjc4E70gX+5hDFcPwvbeX2/nQdk1Ebr4lXMj++PWYWu9D8Ny7k"; 
     theString +="+6pL1jSccCJxPQg8bLUoSSPl+zsp8pK8OIS49arbc+QSDL7rboE9UMTQgLPoXxcu"; 
     theString +="UB3+ISQ1AjuJXW1aDb4NjGU+bkbYB58ngnbqSWCncYIQtaAwpqmPaUTSEHuZeE5z"; 
          theString +="X8LDmuuAokHD1Z2elYV0SBn/9OxNpH1O7w=="; 
            // theString +="-----END CERTIFICATE-----"; 
     sigbytes1 = dec.decodeBuffer(new String(theString.getBytes())); 
     System.out.println("sdfsdf"+sigbytes1); 
    InputStream inStream = new ByteArrayInputStream(sigbytes1); 

    CertificateFactory cf = CertificateFactory.getInstance("X.509"); 
    signercert = (X509Certificate)cf.generateCertificate(inStream); 
    inStream.close(); 
    if(DEBUG) 
     System.out.println("Got certificate from file " ) ; 
    } 
    catch(Exception cerexc) { 
    System.out.println("Failed to create certificate from file " + cerexc.toString()) ; 
    System.exit(1) ; 
    } 
    } 

boolean INCLUDED = true; // included (true) or detached (false) content 

    FileInputStream freader = null; 
    File f = null; 

//------ Get the included data signature from file ------------- 
    //f = new File(INFILE) ; 
    //int sizecontent = ((int) f.length()); 
    byte[] sigbytes = null; 

    try { 
    //freader = new FileInputStream(f); 
    sigbytes=INFILE.getBytes(); 

    // System.out.println("\nSignature Bytes: " + freader.read(sigbytes, 0, sizecontent)); 
    // freader.close(); 
    } 
    catch(Exception ioe) { 
    System.out.println(ioe.toString()); 
    return; 
    } 




if(isBase64Encoded(sigbytes)){ 
    try{ 
    sun.misc.BASE64Decoder dec = new sun.misc.BASE64Decoder() ; 

    sigbytes = dec.decodeBuffer(new String(sigbytes)); 
    System.out.println("Signature file is BASE64 encoded") ; 
    } 
    catch(Exception ioe) {System.out.println("Problem decoding from b64") ; } 
    } 

// --- Use Bouncy Castle provider to verify included-content CSM/PKCS#7 signature --- 
try{ 
    CMSSignedData s = new CMSSignedData(sigbytes) ; 
    CertStore certs  = s.getCertificatesAndCRLs("Collection", "BC"); 
    SignerInformationStore signers = s.getSignerInfos(); 
    Collection   c = signers.getSigners(); 
    Iterator    it = c.iterator(); 
    int verified = 0; 

    while (it.hasNext()) 
    { 
     X509Certificate cert =null; 
     SignerInformation signer = (SignerInformation)it.next(); 
     Collection   certCollection = certs.getCertificates(signer.getSID()); 
     if (certCollection.isEmpty() && signercert==null) 
    continue; 
     else if (signercert !=null)  // use a signer cert file for verification, if it was provided 
    cert = signercert; 
     else {    // use the certificates included in the signature for verification 
    Iterator  certIt = certCollection.iterator(); 
    cert = (X509Certificate)certIt.next(); 
    } 

    if(DEBUG) 
     System.out.println("Current certificate " + cert.toString()) ; 
    System.out.println("") ; 

     if (signer.verify(cert.getPublicKey(), "BC")) 
    verified++; 
    } 

    if(verified == 0) 
    System.out.println("WARNING: No signers' signatures could be verified !") ; 
    else if(signercert !=null) 
    System.out.println("Verified a signature using signer certificate file '" ) ; 
    else 
    System.out.println("Verified a signature using a certificate in the signature file '" + INFILE + "'") ; 


    CMSProcessableByteArray cpb = (CMSProcessableByteArray) s.getSignedContent() ; 
    byte[] rawcontent = (byte[]) cpb.getContent() ; 
    System.out.println("\nWriting content (" + rawcontent.length + " bytes) to file " + OUTFILE + " ... ") ; 
    FileOutputStream fcontent = new FileOutputStream(OUTFILE); 
    fcontent.write(rawcontent); 
    fcontent.close(); 

} 
catch(Exception ex){ 
    System.out.println("Couldn't verify included-content CMS signature\n" + ex.toString()) ; 
} 
} 


private static final boolean isBase64Encoded(byte[] data) { 
    Arrays.sort(Base64Map); 
    for (int i=0; i<data.length; i++){ 
    //System.out.println("data[" + i + "] " + (char)data[i]) ; 
    if(Arrays.binarySearch(Base64Map, (char)data[i])<0 
     && !Character.isWhitespace((char)data[i])) 
    return false; 
    } 
    return true; 
} 

    private static char[] Base64Map = 
    { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 
     'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 
     'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 
     'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', 
     'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 
     'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 
     'w', 'x', 'y', 'z', '0', '1', '2', '3', 
     '4', '5', '6', '7', '8', '9', '+', '/', '=' 
    }; 




private static void usage() { 
    System.out.println("Usage:\n java BCVerifyISig <includedContentSignatureFile> <outputContentFile> [signercertFile]") ; 
    System.exit(1); 
} 
} 

Après vérification je veux pour récupérer mon contenu final d'origine d'où je génère des données de signe.

ici dans le code ci-dessus INFILE est mon Signdata et theString est l'utilisateur clé publique.

Answer 1

Si cette information est incluse dans la représentation PKCS7, vous pouvez l'obtenir via:

byte[] data = Base64.decodeBase64(base64EncodedPKCS7.getBytes()); 
CMSSignedData signedData = new CMSSignedData(data); 
signedData.getSignedContent(); 

Cependant il ne faut pas pour que ces informations soient inclus. Si ce n'est pas le cas, vous devez le transférer séparément du PKCS7.

base64EncodedPKCS7 est le contenu de votre fichier.

Answer 2

Essayez d'utiliser ceci.

byte[] signedBytes = documento.getDataDocumento() 
CMSSignedData signedData = new CMSSignedData(signedBytes); 

CMSProcessable signedContent = signedData.getSignedContent(); 

byte[] archivoOriginal = (byte[]) signedContent.getContent(); 

Answer 3

Essayez ceci:

byte[] byte_out=null; 
    ByteArrayOutputStream out=null; 
    out = new ByteArrayOutputStream(); 
    signedData.getSignedContent().write(out); 
    byte_out=out.toByteArray(); 
    String s = new String(byte_out); 
    System.out.println("Original Content-->" +s);