用Java中的Bouncycastle生成p7b证书链
[英]Generate p7b certificate chain with bouncycastle in Java
问题描述
I need to generate p7b certificate chain using bouncy castle 1.58. 
我需要使用充气城堡1.58生成p7b证书链。
In the older version we used(1.46), this code worked: 在我们使用的旧版本(1.46)中,此代码有效:
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
Certificate [] chain = certificate.getCertificateChain();
CertStore certStore;
try {
certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(Arrays.asList(chain)));
gen.addCertificatesAndCRLs(certStore);
CMSSignedData signedData = gen.generate(null,(Provider)null);
return signedData.getEncoded();
} catch (Exception ex) {
logger.error("Failed to construct P7B response",ex);
throw new RuntimeException(ex);
}
However, there are some changes of the CMSSignedDataGenerator with the new version of Bouncy Castle, so I modified my code like this: 但是,新版本的Bouncy Castle对CMSSignedDataGenerator进行了一些更改,因此我像这样修改了代码:
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
Certificate [] chain = certificate.getCertificateChain();
try {
JcaCertStore store = new JcaCertStore(Arrays.asList(chain));
gen.addCertificates(store);
CMSSignedData signedData = gen.generate(null);
return signedData.getEncoded();
} catch (Exception ex) {
logger.error("Failed to construct P7B response",ex);
throw new RuntimeException(ex);
}
However, I get a null pointer exception on this line inside the generate: 但是,我在generate的这一行上得到一个空指针异常:
CMSSignedData signedData = gen.generate(null);
I tried to debug and I checked that the certificates are loaded to JcaCertStore, so that part is ok. 我尝试调试,并检查证书是否已加载到JcaCertStore,因此该部分正常。
However, when I try to debug bouncy castle library the debugger can't seem to find line numbers of the CMSSignedDataGenerator class. 但是,当我尝试调试充气城堡库时,调试器似乎找不到CMSSignedDataGenerator类的行号。
I'm using Wildfly to deploy my project and I've attached the jar with sources to the debugger, however I see the code but right next to class name I get line not available , so I'm not able to see where the null pointer exception occurs. 我正在使用Wildfly部署我的项目,并且将带有源的jar附加到调试器,但是我看到了代码,但是在类名旁边,我没有得到line ,所以我看不到null发生指针异常。
What's also interesting is that I see a hollow Java icon on that class: 有趣的是,我在该类上看到一个空心的Java图标:
1 个解决方案
解决方案1
0 已采纳 2017-12-21 15:15:57
I solved the issue using the following code: 我使用以下代码解决了该问题:
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
Certificate [] chain = certificate.getCertificateChain();
try {
CMSProcessableByteArray msg = new CMSProcessableByteArray("".getBytes());
JcaCertStore store = new JcaCertStore(Arrays.asList(chain));
gen.addCertificates(store);
CMSSignedData signedData = gen.generate(msg);
return signedData.getEncoded();
} catch (Exception ex) {
logger.error("Failed to construct P7B response",ex);
throw new RuntimeException(ex);
}
However, I see this as a kind of a hack as you use CMSSignedDataGenerator which is meant for signing to generate the p7b certificate chain. 但是,当您使用CMSSignedDataGenerator时 ,我认为这是一种黑客手段 ,它旨在进行签名以生成p7b证书链。
In the older version you could use null as data that is signed, but now you must input some data, even if it is just an empty byte array. 在旧版本中,您可以将null用作已签名的数据,但是现在您必须输入一些数据,即使它只是一个空字节数组也是如此。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.