我正在尝试使用提供的公钥和签名验证使用私钥签名的邮件.
像魅力一样工作的命令行是
cat call.blah | openssl dgst -sha256 -verify public-key.pem -signature signature.sig
Verified OK
public-key.pem是使用该命令从X509证书创建的
openssl x509 -pubkey -noout -in x509key.cer > public-key.pem
现在我试图模仿groovy,这是我的代码
static void main(String[] args) {
/* Verify a DSA signature */
if (args.length != 3) {
System.out.println("Usage: VerSig publickeyfile signaturefile datafile")
} else try {
/* import encoded public key */
FileInputStream keyfis = new FileInputStream(args[0])
CertificateFactory f = CertificateFactory.getInstance("X.509")
X509Certificate certificate = (X509Certificate)f.generateCertificate(keyfis)
PublicKey pubKey = certificate.getPublicKey()
/* input the signature bytes */
FileInputStream sigfis …