创建和验证签名数据时出错

时间:2012-11-19 02:21:37

标签: java cryptography bouncycastle

我正在使用 Wrox Beginning Cryptography with Java 中的一些示例代码。代码的第24行(下面)显示了Eclipse中的错误。

X509CertSelector signerConstraints = signer.getSID();

Eclipse错误:

  

类型不匹配:无法从SignerId转换为X509CertSelector

以下是完整示例:

package chapter9;

import java.security.cert.*;
import java.util.Iterator;

import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.cms.SignerInformationStore;

/**
 * Base class for signed examples.
 */
public class SignedDataProcessor {
    /**
     * Return a boolean array representing keyUsage with digitalSignature set.
     */
    static boolean[] getKeyUsageForSignature() {
        boolean[] val = new boolean[9];
        val[0] = true;

        return val;
    }

    /**
     * Take a CMS SignedData message and a trust anchor and determine if
     * the message is signed with a valid signature from a end entity
     * entity certificate recognized by the trust anchor rootCert.
     */
     public static boolean isValid(
         CMSSignedData   signedData,
         X509Certificate rootCert) throws Exception {
        CertStore certsAndCRLs = signedData.getCertificatesAndCRLs("Collection", "BC");
        SignerInformationStore  signers = signedData.getSignerInfos();
        Iterator it = signers.getSigners().iterator();

        if (it.hasNext()) {
            SignerInformation signer = (SignerInformation)it.next();
            X509CertSelector signerConstraints = signer.getSID();

            signerConstraints.setKeyUsage(getKeyUsageForSignature());

            PKIXCertPathBuilderResult result = 
                Utils.buildPath(rootCert, signer.getSID(), certsAndCRLs);

            return signer.verify(result.getPublicKey(), "BC");
        }

        return false;
    }
}

1 个答案:

答案 0 :(得分:1)

我找到了答案:只需升级到bcprov-jdk16-145.jar,bcmail-jdk16-145.jar ..