0
私は署名するためのクラスを作成し、サーバー上の秘密鍵を使って文字列をbase64にしてから署名を返します。それは、同じテキストに対して実行されるたびに異なる署名を生成しています。それはなぜでしょうか? テストマシンで一時的に変換を無効にすることによって、変更されているシグネチャであり、base64変換の問題ではないことを確認しました。Signature.signを使用してJava Stringに署名する:毎回署名が異なるのはなぜですか?
私のコード:wikipedia articleを見ては
public class SigningPIP implements SigningPIPInterface {
private static final String SIGNING_ALGORITHM = "SHA1withDSA";
/**
* Provides a signature for a stringified JSON license
* @param license stringified JSON license to be used for signature generation
* @param keystoreFilePath The file path where the keystore can be found
* @param keystorePassword The password to the keystore
* @param privateKeyAlias The alias of the private key in the keystore to be used for signing
* @param privateKeyPassword The password for the private key to be used for signing
* @return Properties object containing the base64 encoded signature, algorithm used and certificate DN
*/
@Override
public Properties getLicenseSignature(String license, String keystoreFilePath, String keystorePassword, String privateKeyAlias, String privateKeyPassword) {
PrivateKey privateKey = getPrivateKey(keystoreFilePath, keystorePassword, privateKeyAlias, privateKeyPassword);
Properties licenseSignature = new Properties();
licenseSignature.setProperty("sig_algorithm", SIGNING_ALGORITHM);
licenseSignature.setProperty("cert_DN", getCertificateIssuerDN(keystoreFilePath, keystorePassword, privateKeyAlias));
byte[] licenseByteArray = license.getBytes();
System.out.println(new String(licenseByteArray));
try {
Signature dsa = Signature.getInstance(SIGNING_ALGORITHM);
dsa.initSign(privateKey);
dsa.update(licenseByteArray);
byte[] signature = dsa.sign();
licenseSignature.setProperty("signature_base64", DatatypeConverter.printBase64Binary(signature));
}
catch (NoSuchAlgorithmException | SignatureException | InvalidKeyException e) {
//TODO: Add logging
}
return licenseSignature;
}
/**
* Pulls the private key from the specified keystore
* @param keystoreFilePath The file path where the keystore can be found
* @param keystorePassword The password to the keystore
* @param privateKeyAlias The alias of the private key in the keystore
* @param privateKeyPassword The password for the private key in the keystore
* @return The specified private key from the keystore
*/
private PrivateKey getPrivateKey(String keystoreFilePath, String keystorePassword, String privateKeyAlias, String privateKeyPassword) {
try {
FileInputStream keyStoreFile = new FileInputStream(keystoreFilePath);
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(keyStoreFile, keystorePassword.toCharArray());
return (PrivateKey)keyStore.getKey(privateKeyAlias, privateKeyPassword.toCharArray());
}
catch(KeyStoreException | NoSuchAlgorithmException | IOException | CertificateException | UnrecoverableKeyException e) {
//TODO: Add logging;
}
return null;
}
/**
* Pulls the Issuer DN from a keystore for the specified private key
* @param keystoreFilePath The file path where the keystore can be found
* @param keystorePassword The password to the keystore
* @param privateKeyAlias The alias of the private key in the keystore
* @return The Issuer DN for the private key
*/
private String getCertificateIssuerDN(String keystoreFilePath, String keystorePassword, String privateKeyAlias) {
try {
FileInputStream keyStoreFile = new FileInputStream(keystoreFilePath);
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(keyStoreFile, keystorePassword.toCharArray());
X509Certificate certificate = (X509Certificate)keyStore.getCertificate(privateKeyAlias);
return certificate.getIssuerDN().getName();
} catch (IOException | NoSuchAlgorithmException | CertificateException | KeyStoreException e) {
//TODO: Add logging
}
return null;
}
}
あなたは正しいですか?ご協力ありがとうございました。 – David