Java BC1.47:需要从CMSSignedData对象中提取签名者的X509CertificateObject

时间:2012-11-28 12:03:50

标签: java x509certificate bouncycastle pkcs#7

我正在尝试使用java Bouncy Castle 1.47从CMSSignedData对象中提取签名者的X509CertificateObject。 到目前为止,我只能提取一个org.bouncycastle.asn1.x509.Certificate对象。 如何从中获取X509CertificateObject? 非常感谢!

public static X509CertificateObject extractSignersCert(CMSSignedData cmsSignedData)
    throws Exception
{
    SignerInformationStore signerInfoStore;
    SignerInformation signerInfo;
    Store certStore;
    Collection certCollection;
    X509CertificateHolder x509CertHolder;
    X509Certificate cert;
    X509CertificateObject certObj;
    JcaX509CertificateConverter certConverter;

    signerInfoStore = cmsSignedData.getSignerInfos();
    signerInfo = (SignerInformation) signerInfoStore.getSigners().iterator().next();

    certStore = cmsSignedData.getCertificates();
    certCollection = certStore.getMatches(signerInfo.getSID());
    x509CertHolder = (X509CertificateHolder) certCollection.iterator().next();

    certConverter = new JcaX509CertificateConverter();
    certConverter.setProvider("BC");

    cert = certConverter.getCertificate(x509CertHolder);
    certObj = (X509CertificateObject) cert;

    return certObj;
}

2 个答案:

答案 0 :(得分:0)

最后找到了基于此post的解决方案。 诀窍是使用JcaX509CertificateConverter()并使用您可以从CMSSignedData轻松获取的X509CertificateHolder提供它。 工作得很好。

答案 1 :(得分:0)

您可以使用此方法。

/**
 * Get all x509 certificates from p7s File(.p7s or .p7b) Base64 format
 * @param p7sFileName
 * @return list of x509 certificates
 */
public static ArrayList<X509Certificate> getCertificates(final String p7sFileName){

    final ArrayList<X509Certificate> certListResult = new ArrayList<X509Certificate>();

    try {

        BufferedReader br = new BufferedReader(new FileReader(p7sFileName));
        StringBuilder str = new StringBuilder();
        br.readLine();
        while(br.ready()){

            String s = br.readLine();
            if(s.startsWith("-----END PKCS7-----"))
                break;
            else str.append(s);

        }

        byte[] data = Base64.decode(str.toString().getBytes());

        CMSSignedData s = new CMSSignedData(data);
        Store   certStore = s.getCertificates();

        JcaX509CertificateConverter converter = new JcaX509CertificateConverter();

        @SuppressWarnings("unchecked")
        ArrayList<X509CertificateHolder> certificateHolders = (ArrayList<X509CertificateHolder>)certStore.getMatches(null); 

        for(X509CertificateHolder holder: certificateHolders){

                X509Certificate cert = converter.getCertificate(holder);
                certListResult.add(cert);

            }

    } catch (FileNotFoundException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    } catch (CMSException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    } catch (IOException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    } catch (CertificateException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    }

    return certListResult;

}
相关问题
最新问题