数字签名的长度是否取决于数字令牌(数字证书(?我使用以下代码生成数字签名,数字签名的长度因证书而异。长度对于所有证书都是唯一的还是取决于证书?我正在使用电子通行证数字令牌。
Security.addProvider(new BouncyCastleProvider());
try {
Signature signature = Signature.getInstance(DIGEST_SHA1);
signature.initSign(privateKey);
signature.update("abc".getBytes("UTF-8"));
// X509Certificate certFromKeystore = (X509Certificate) ks.getCertificate(signName);
X509Certificate certFromKeystore = x509CertificateToSign;
// System.out.println(alias+"***"+certFromKeystore.toString());
List certList = new ArrayList();
CMSTypedData data = new CMSProcessableByteArray("abc".getBytes());
certList.add(certFromKeystore);
Store certs = new JcaCertStore(certList);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
ContentSigner sha1Signer = new JcaContentSignerBuilder(DIGEST_SHA1)
.setProvider("SunMSCAPI").build(privateKey);
gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().setProvider(BC_PROVIDER).build())
.build(sha1Signer, certFromKeystore));
gen.addCertificates(certs);
CMSSignedData signedData = gen.generate(data, false);
BASE64Encoder encoder = new BASE64Encoder();
String signedContent = encoder.encode((byte[]) signedData.getSignedContent().getContent());
System.out.println(
"=============Signed content:=============" + "n" + signedContent + "n");
String envelopedData = encoder.encode(signedData.getEncoded());
System.out.println("==============Enveloped data===============" + "n"
+ envelopedData + "==" + envelopedData.length());
这取决于您使用的数字签名格式。
基本签名容器(即 PKCS#1(仅包含签名哈希。高级格式也可以包括证书本身或对证书的引用。
在您的情况下,CMS,您将包含证书,因此每个证书的结果大小会有所不同