validate File Sign Certificate - Java Security

Description

validate File Sign Certificate

Demo Code

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.MappedByteBuffer;
import java.nio.channels.FileChannel;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Date;
import javax.crypto.Cipher;

public class Main{
    public static void main(String[] argv) throws Exception{
        String filePath = "java2s.com";
        String sign = "java2s.com";
        String certificatePath = "java2s.com";
        System.out.println(validateFileSign(filePath,sign,certificatePath));
    }//from w  w  w. j a v a  2 s.  c  om
    
    public static final String KEY_STORE = "JKS";
    public static final String X509 = "X.509";
    
    private static final int CACHE_SIZE = 2048;
    
    public static boolean validateFileSign(String filePath, String sign,
            String certificatePath) throws Exception {
        boolean result = false;
        // ?
        X509Certificate x509Certificate = (X509Certificate) getCertificate(certificatePath);
        // 
        PublicKey publicKey = x509Certificate.getPublicKey();
        // 
        Signature signature = Signature.getInstance(x509Certificate
                .getSigAlgName());
        signature.initVerify(publicKey);
        File file = new File(filePath);
        if (file.exists()) {
            byte[] decodedSign = Base64.decode(sign);
            FileInputStream in = new FileInputStream(file);
            byte[] cache = new byte[CACHE_SIZE];
            int nRead = 0;
            while ((nRead = in.read(cache)) != -1) {
                signature.update(cache, 0, nRead);
            }
            in.close();
            result = signature.verify(decodedSign);
        }
        return result;
    }
    
    private static Certificate getCertificate(String certificatePath)
            throws Exception {
        CertificateFactory certificateFactory = CertificateFactory
                .getInstance(X509);
        FileInputStream in = new FileInputStream(certificatePath);
        Certificate certificate = certificateFactory
                .generateCertificate(in);
        in.close();
        return certificate;
    }
    
    private static Certificate getCertificate(String keyStorePath,
            String alias, String password) throws Exception {
        KeyStore keyStore = getKeyStore(keyStorePath, password);
        Certificate certificate = keyStore.getCertificate(alias);
        return certificate;
    }
    
    private static PublicKey getPublicKey(String certificatePath)
            throws Exception {
        Certificate certificate = getCertificate(certificatePath);
        PublicKey publicKey = certificate.getPublicKey();
        return publicKey;
    }
    
    private static KeyStore getKeyStore(String keyStorePath, String password)
            throws Exception {
        FileInputStream in = new FileInputStream(keyStorePath);
        KeyStore keyStore = KeyStore.getInstance(KEY_STORE);
        keyStore.load(in, password.toCharArray());
        in.close();
        return keyStore;
    }
}

• Previous
• Next

Related Tutorials

• Verifies that a certificate chain is valid
• accept Untrusted Certificate
• get Certificate from file
• verify Certificate
• get Test Certificate