我遇到了CreateVisableSignature示例中sign()方法的问题,在
上抛出空指针异常 List<Certificate> certList = Arrays.asList(cert);
我想我需要创建证书。有人可以告诉我该怎么做吗?
以下是有问题的代码:
public byte[] sign(InputStream content) throws SignatureException,
IOException {
CMSProcessableInputStream input = new CMSProcessableInputStream(content);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
// CertificateChain
List<Certificate> certList = Arrays.asList(cert);
CertStore certStore = null;
try {
certStore = CertStore.getInstance("Collection",
new CollectionCertStoreParameters(certList), provider);
gen.addSigner(privKey, (X509Certificate) certList.get(0),
CMSSignedGenerator.DIGEST_SHA256);
gen.addCertificatesAndCRLs(certStore);
CMSSignedData signedData = gen.generate(input, false, provider);
return signedData.getEncoded();
} catch (Exception e) {
// should be handled
System.err.println("Error while creating pkcs7 signature.");
e.printStackTrace();
}
throw new RuntimeException("Problem while preparing signature");
}
这是设置它的代码:
/**
* Initialize the signature creator with a keystore (pkcs12) and pin that
* should be used for the signature.
*
* @param keystore
* is a pkcs12 keystore.
* @param pin
* is the pin for the keystore / private key
*/
public CreateVisibleSignature(KeyStore keystore, char[] pin) {
try {
/*
* grabs the first alias from the keystore and get the private key.
* An alternative method or constructor could be used for setting a
* specific alias that should be used.
*/
Enumeration<String> aliases = keystore.aliases();
String alias = null;
if (aliases.hasMoreElements()) {
alias = aliases.nextElement();
} else {
throw new RuntimeException("Could not find alias");
}
privKey = (PrivateKey) keystore.getKey(alias, pin);
cert = keystore.getCertificateChain(alias);
} catch (KeyStoreException e) {
e.printStackTrace();
} catch (UnrecoverableKeyException e) {
System.err.println("Could not extract private key.");
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
System.err.println("Unknown algorithm.");
e.printStackTrace();
}
}
这就是我创建密钥库的方式:
keytool -genkeypair -storepass password1 -storetype pkcs12 -alias hhscms -validity 365 -keyalg RSA -keystore keystore.p12
为什么以下代码无法获得证书?
privKey = (PrivateKey) keystore.getKey(alias, pin);
cert = keystore.getCertificateChain(alias);
这是我得到的例外:
Exception in thread "main" java.lang.NullPointerException
at java.util.Objects.requireNonNull(Unknown Source)
at java.util.Arrays$ArrayList.<init>(Unknown Source)
at java.util.Arrays.asList(Unknown Source)
at org.apache.pdfbox.examples.signature.CreateVisibleSignature.sign(CreateVisibleSignature.java:191)
at org.apache.pdfbox.pdfwriter.COSWriter.doWriteSignature(COSWriter.java:767)
at org.apache.pdfbox.pdfwriter.COSWriter.visitFromDocument(COSWriter.java:1162)
at org.apache.pdfbox.cos.COSDocument.accept(COSDocument.java:578)
at org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1517)
at org.apache.pdfbox.pdmodel.PDDocument.saveIncremental(PDDocument.java:1398)
at org.apache.pdfbox.examples.signature.CreateVisibleSignature.signPDF(CreateVisibleSignature.java:164)
at org.apache.pdfbox.examples.signature.CreateVisibleSignature.main(CreateVisibleSignature.java:238)
这是我的pom.xml条目:
<dependency>
<groupId>org.apache.pdfbox</groupId>
<artifactId>pdfbox</artifactId>
<version>1.8.9</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15</artifactId>
<version>1.44</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcmail-jdk15</artifactId>
<version>1.44</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-ext-jdk15on</artifactId>
<version>1.52</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
<version>1.52</version>
</dependency>
答案 0 :(得分:1)
正如Tilman所指出的,你必须确保你正在运行正确的keytool。在我的例子中,keytool指向jre1.8而不是jdk1.8