X509CertSelector

X509CertSelector

关注
发信
关注(28)粉丝(399)

在BouncyCastle库中将SignerID强制转换为X509CertSelector

本文介绍了在BouncyCastle库中将SignerID强制转换为X509CertSelector的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧! 问题描述 我正在尝试验证是否使用来自我自己的信任锚识别的实体证书中的有效签名对特定邮件进行了签名。我正在这样做:I'm trying to verify if an specific message is signed with a valid signature from an entity certificate recognized by my own trust anchor. I'm doing this:public static boolean isValid(CMSSignedData signedData, X509Certificate rootCert) throws Exception{ CertStore certsAndCRLs = signedData.getCertificatesAndCRLs("Collection", "BC"); SignerInformationStore signers = signedData.getSignerInfos(); Iterator it = signers.getSigners().iterator(); if (it.hasNext()){ SignerInformation signer = (SignerInformation)it.next(); X509CertSelector signerConstraints = signer.getSID(); PKIXCertPathBuilderResult result = buildPath(rootCert, signerID, certsAndCRLs); return signer.verify(result.getPublicKey(), "BC"); } return false;}但这行给我一个编译错误:But this line is giving me a compile error:X509CertSelector signerConstraints = signer.getSID();因为它无法从SignerId投射到X509CertSelector。我尝试使用显式强制转换:Because it is unable to cast from SignerId to X509CertSelector. I tried using explicit cast:X509CertSelector signerConstraints = (CertSelector) signer.getSID();并且:X509CertSelector signerConstraints = (X509CertSelector) signer.getSID();无结果。我怎样才能做到这一点?谢谢Without results. How can I do this? Thanks PS:请注意,该代码摘自David Hook的使用Java进行密码学入门,但未编译。PS: notice that this code is extracted from "Beginning Cryptography with Java" by David Hook, but it doesn't compile.推荐答案昨天我解决了自己的问题。我认为,相对于.jar,包含在我的项目的外部存档中。现在,我正在使用这些:I solved yesterday my own problem. I think that was somethingrelative to .jar included as external archive to my project. Now, I'm usingthese:bcprov-jdk16-145.jarbcmail-jdk16-145.jar而不是:bcprov-jdk15on-147.jarbcmail-jdk15on-147.jar也许旧版本不支持这种隐式转换。Maybe the old versions didn't support this kind of implicit cast. 编辑:David Hook在 http://bouncy-castle.1462172。 n4.nabble.com/Problem-with-SignerID-and-X509CertSelector-td4620461.htmlEDIT: David Hook's answer in http://bouncy-castle.1462172.n4.nabble.com/Problem-with-SignerID-and-X509CertSelector-td4620461.html 使用org.bouncycastle。 cert.selector.jcajce.JcaX509CertSelectorConverter -不幸的是,使用Java开始密码学中的代码现已过时。猜猜我将不得不再次将文字处理程序移出。 Use org.bouncycastle.cert.selector.jcajce.JcaX509CertSelectorConverter - unfortunately the code in "Beginning Cryptography With Java" is now getting out of date. Guess I'll have to get the word processor out again.问候, David 这篇关于在BouncyCastle库中将SignerID强制转换为X509CertSelector的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!
09-11 09:54
Powered by LMLPHP ©2024 X509CertSelector 0.050979