Forum Stats

  • 3,838,713 Users
  • 2,262,395 Discussions
  • 7,900,739 Comments

Discussions

Singing XML Data with PKCS#7 with SHA1withRSA

Aamir
Aamir Member Posts: 89 Blue Ribbon

Dear All


I am using the following code to sign xml message with PKCS#7 with SHA1withRSA. But I am facing bad signature error from the server, they are telling me that this is signed correctly.


Please can anybody give some idea that i doing correctly as PKCS#7 with SHA1 algorithm.


I am using bouncy castle libraries

---------------------------------------------------------------

  private byte[] sign(String input) {

        Security.addProvider(new BouncyCastleProvider());

        byte[] encoded = null;

        try {

            KeyStore keystore = loadKeyStore();

            Certificate[] certchain =

                (Certificate[])keystore.getCertificateChain(MaadenPropertiesConstants.KEYSTORE_Alias);

            final List<Certificate> certlist = new ArrayList<Certificate>();

            for (int i = 0, length = certchain == null ? 0 : certchain.length;

                 i < length; i++) {

                certlist.add(certchain[i]);

            }

            PrivateKey key =

                (PrivateKey)(keystore.getKey(MaadenPropertiesConstants.KEYSTORE_Alias, MaadenPropertiesConstants.KEYSTORE_PWD.toCharArray()));

            ContentSigner signer =

                new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(key);

            CMSSignedDataGenerator generator = new CMSSignedDataGenerator();

            generator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build()).build(signer,

                                                                                                                                                         (X509Certificate)keystore.getCertificate(MaadenPropertiesConstants.KEYSTORE_Alias)));

            generator.addCertificates(new JcaCertStore(certlist));

         

//            CMSSignedData signedData =

//            generator.generate(new CMSProcessableFile(new File(this.inputFile)),

//                                   true); //changed to false

          

            CMSTypedData msg;

            msg = new CMSProcessableByteArray(input.getBytes());

            CMSSignedData signedData = generator.generate(msg, true);

            encoded = signedData.getEncoded();

            System.out.println("Got encoded pkcs7 bytes " + encoded.length +

                               " bytes");

        } catch (Exception e) {

            e.printStackTrace();

        }

        return encoded;

    }

    private static KeyStore loadKeyStore() throws Exception {

        KeyStore keystore =

            KeyStore.getInstance(MaadenPropertiesConstants.KEYSTORE_INSTANCE);

        InputStream is =

            new FileInputStream(MaadenPropertiesConstants.keystoreLocation);

        keystore.load(is,

                      MaadenPropertiesConstants.KEYSTORE_PWD.toCharArray());

        return keystore;

    }

-----------------------------------------------------------------------------------------------------

Tagged:
This discussion has been closed.