构造实现时出错(算法:Collection,提供程序:BC,类:org.bouncycastle.jce.provider.CertStoreCollectionSpi)
当我尝试使用 BouncyCastle 创建数字签名时,我在正在进行的一个项目中遇到了问题。
这是我正在运行的代码:
Statement stmt_cert = conn.createStatement();
ResultSet rs_cert= stmt_cert.executeQuery("select c.ca, c.privk from certs c where num_tab="+stat_cert);
rs_cert.next();
castr = rs_cert.getString("ca") + "\n";
strPriv = rs_cert.getString("privk") + "\n" ;
rs_cert.close();
stmt_cert.close();
byte[] encKey = castr.getBytes();
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate caCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(encKey));
PEMReader pr = new PEMReader(new StringReader(strPriv));
Object obj = pr.readObject();
KeyPair kp = (KeyPair) obj;
PrivateKey privateKey = kp.getPrivate();
Certificate[] chain =new Certificate[]{caCert};
byte[] plainText = digest.getBytes("UTF8");
CertStore certs =null;
ArrayList certList = new ArrayList();
try{
for ( int i = 0; i < chain.length;i++)
{
result += chain[i];
certList.add(chain[i]);
}
certs = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certList), "BC");
}
catch(Exception exc){
result += "Problem with keystore access: " + exc.toString() ;
InsErr_log.Insert_error(1000,"Error when generate Signature of Statements",result);
return result;
}
// --- Use Bouncy Castle provider to create CSM/PKCS#7 signed message ---
try{
CMSSignedDataGenerator signGen = new CMSSignedDataGenerator();
signGen.addSigner(privateKey, (X509Certificate)caCert, CMSSignedDataGenerator.DIGEST_SHA1);
signGen.addCertificatesAndCRLs(certs);
CMSProcessable content = new CMSProcessableByteArray(plainText);
CMSSignedData signedData = signGen.generate(content,"BC");
byte[] signeddata = signedData.getEncoded();
result += "Created signed message: " + signeddata.length + " bytes" ;
result += new String(signeddata,"UTF8");
}
catch(Exception ex){
result = "Couldn't generate CMS signed message\n" + ex.toString() ;
}
问题来自这行代码:
certs = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certList), "BC");
这是错误:
密钥库访问问题:java.security.NoSuchAlgorithmException: 构造实现时出错(算法:集合,提供者: BC,类:org.bouncycastle.jce.provider.CertStoreCollectionSpi)
我是新手,所以请耐心等待,任何信息将不胜感激!
I'm facing a problem on one project Im working on, when trying to create a digital signature with BouncyCastle.
Here's the code I'm running:
Statement stmt_cert = conn.createStatement();
ResultSet rs_cert= stmt_cert.executeQuery("select c.ca, c.privk from certs c where num_tab="+stat_cert);
rs_cert.next();
castr = rs_cert.getString("ca") + "\n";
strPriv = rs_cert.getString("privk") + "\n" ;
rs_cert.close();
stmt_cert.close();
byte[] encKey = castr.getBytes();
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate caCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(encKey));
PEMReader pr = new PEMReader(new StringReader(strPriv));
Object obj = pr.readObject();
KeyPair kp = (KeyPair) obj;
PrivateKey privateKey = kp.getPrivate();
Certificate[] chain =new Certificate[]{caCert};
byte[] plainText = digest.getBytes("UTF8");
CertStore certs =null;
ArrayList certList = new ArrayList();
try{
for ( int i = 0; i < chain.length;i++)
{
result += chain[i];
certList.add(chain[i]);
}
certs = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certList), "BC");
}
catch(Exception exc){
result += "Problem with keystore access: " + exc.toString() ;
InsErr_log.Insert_error(1000,"Error when generate Signature of Statements",result);
return result;
}
// --- Use Bouncy Castle provider to create CSM/PKCS#7 signed message ---
try{
CMSSignedDataGenerator signGen = new CMSSignedDataGenerator();
signGen.addSigner(privateKey, (X509Certificate)caCert, CMSSignedDataGenerator.DIGEST_SHA1);
signGen.addCertificatesAndCRLs(certs);
CMSProcessable content = new CMSProcessableByteArray(plainText);
CMSSignedData signedData = signGen.generate(content,"BC");
byte[] signeddata = signedData.getEncoded();
result += "Created signed message: " + signeddata.length + " bytes" ;
result += new String(signeddata,"UTF8");
}
catch(Exception ex){
result = "Couldn't generate CMS signed message\n" + ex.toString() ;
}
The problem comes from this line of code:
certs = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certList), "BC");
and here is the error:
Problem with keystore access: java.security.NoSuchAlgorithmException:
Error constructing implementation (algorithm: Collection, provider:
BC, class: org.bouncycastle.jce.provider.CertStoreCollectionSpi)
I'm a newbie so please bear with me, any information will be highly appreciated!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我自己设法解决了这个问题!事实证明,当我部署 bcmail-jdk14-146.jar 和 bcprov-jdk14-146.jar 时,有一个旧版本的 jce-jdk13-131.jar 必须删除,之后一切正常,我设法放置签名!
但是我无法使用 bcmail-jdk14-146.jar 和 bcprov-jdk14-146.jar 组合来验证它!
它只能通过 bcmail-jdk13-131.jar 和 jce-jdk13-131.jar 组合进行验证。
我使用以下代码,请注意代码本身中的注释:
我希望我说得有道理,如果您能帮助我使用 bcmail-jdk14-146.jar 和 bcprov-jdk14-146.jar 验证消息,我将不胜感激因为上面的签名代码使用这些库来签名消息!
PS:我发现有人也有同样的问题
http://www.ibm.com/developerworks/forums/thread.jspa ?messageID=14124014
可能是环境配置问题?
I managed to solve this one on my own! It turned out that while I was deploying bcmail-jdk14-146.jar and bcprov-jdk14-146.jar there was an old version of jce-jdk13-131.jar which had to be removed and after that all worked and I managed to place the signature!
However I am unable to verify it using bcmail-jdk14-146.jar and bcprov-jdk14-146.jar combination!
It only gets verified with the bcmail-jdk13-131.jar and jce-jdk13-131.jar combination.
I use the following code, Pls note the comments in the code itself:
I hope I make sense and really would appreciate if you could help me out to verify the message with bcmail-jdk14-146.jar and bcprov-jdk14-146.jar as the above signing code uses these libraries to sign the message!
PS:I found out here that some one else has the same problem
http://www.ibm.com/developerworks/forums/thread.jspa?messageID=14124014
probably its an environment configuration problem?