当前尝试验证pkcs# 7签名,其中验证的内容是文件的SHA-256哈希,并收到以下错误:
误差
org.bouncycastle.cms.CMSException: can't create digest calculator: exception on setup: java.security.NoSuchAlgorithmException: no such algorithm: 1.2.840.113549.1.1.11 for provider BC
at org.bouncycastle.cms.SignerInformation.doVerify(Unknown Source)
at org.bouncycastle.cms.SignerInformation.verify(Unknown Source)
代码private fun verifySignature(sha256Hash: ByteArray, base64Signature: String): Boolean {
val signedData = CMSSignedData(
CMSProcessableByteArray(sha256Hash),
Base64.decode(base64Signature, Base64.DEFAULT).inputStream()
)
val store: Store<X509CertificateHolder> = signedData.certificates
signedData.signerInfos.signers.forEach { signer ->
try {
val certCollection = store.getMatches(signer.sid as Selector<X509CertificateHolder>)
val certHolder = certCollection.first()
val cert =
JcaX509CertificateConverter().setProvider("BC").getCertificate(certHolder)
if (signer.verify(
JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert)
)
) {
return true
}
return false
} catch (e: Exception) {
e.printStackTrace()
}
}
return false
}
额外的信息:
'compileSdk' : 30
'buildTools' : '30.0.2'
'org.bouncycastle:bcpkix-jdk18on:1.72'
'org.bouncycastle:bcprov-jdk18on:1.72'
'org.bouncycastle:bcutil-jdk18on:1.72'
解决了我的问题
private val BC = BouncyCastleProvider().apply {
addAlgorithm("Alg.Alias.MessageDigest.1.2.840.113549.1.1.11", "SHA-256")
}.also { Security.insertProviderAt(it, 1) }