BouncyCastle проверяет выбрасывание java .lang.IllegalArgumentException: неизвестный объект в getInstance: org.bouncycastle.asn1.DERNull - PullRequest
Новая
       77

BouncyCastle проверяет выбрасывание java .lang.IllegalArgumentException: неизвестный объект в getInstance: org.bouncycastle.asn1.DERNull

0 голосов
/ 30 апреля 2020

У меня есть следующий метод 

public static boolean verifSignedData(byte[] signedData, X509Certificate signercert) {
    boolean result = false;
    try {
        CMSSignedData cmsSignedData = new CMSSignedData(signedData);
        Collection<SignerInformation> signers = cmsSignedData.getSignerInfos().getSigners();
        X509CertificateHolder ch = new X509CertificateHolder(signercert.getEncoded());
        for (SignerInformation si : signers) {
            logger.info("AlgorithmId: {} serial: {}", si.getDigestAlgOID(), si.getSID().getSerialNumber());
            if (si.getSID().match(ch))
                if (si.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(ch)))
                    result=true;

        }
    } catch (Exception e) {
        logger.error("",e);
    }
    return result;  
}

данные и сертификат в порядке (см. Вывод), но выдает java .lang.IllegalArgumentException: неизвестный объект в getInstance: org.bouncycastle.asn1 .DERNull 

2020-04-30 10:04:41,070 INFO  de.martinm.kks.PKCSTool: verifSignedData - AlgorithmId: 2.16.840.1.101.3.4.2.1 serial: 4096
2020-04-30 10:04:41,210 ERROR de.martinm.kks.PKCSTool: verifSignedData -
java.lang.IllegalArgumentException: unknown object in getInstance: org.bouncycastle.asn1.DERNull
        at org.bouncycastle.asn1.ASN1Sequence.getInstance(Unknown Source)
        at org.bouncycastle.asn1.x509.AlgorithmIdentifier.getInstance(Unknown Source)
        at org.bouncycastle.operator.jcajce.OperatorHelper.notDefaultPSSParams(Unknown Source)
        at org.bouncycastle.operator.jcajce.OperatorHelper.createSignature(Unknown Source)
        at org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder$1.get(Unknown Source)
        at org.bouncycastle.cms.SignerInformationVerifier.getContentVerifier(Unknown Source)
        at org.bouncycastle.cms.SignerInformation.doVerify(Unknown Source)
        at org.bouncycastle.cms.SignerInformation.verify(Unknown Source)
        at de.martinm.kks.PKCSTool.verifSignedData(PKCSTool.java:98)
        at de.martinm.kks.PKCSTool.verify(PKCSTool.java:132)
        at de.martinm.kks.PKCSTool.process(PKCSTool.java:78)
        at de.martinm.kks.PKCSTool.main(PKCSTool.java:202)
2020-04-30 10:04:41,226 INFO  de.martinm.kks.PKCSTool: verify - verified: false
...