将 Bouncy Castle 证书转换为 Java

【问题标题】:Convert Bouncy Castle certificate to Java将 Bouncy Castle 证书转换为 Java
【发布时间】:2017-08-14 10:51:38
【问题描述】:

我需要将充气城堡证书(X.509) 转换为 javas x.509 证书。我怎样才能做到这一点?我试过这个

 byte[] encoded = certificate.getCertificateAt(0).getEncoded(); // our bouncy castle certificate
     try {            
            java.security.cert.Certificate jcert = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(encoded));
            TLSClient.this.certificate = (X509Certificate)jcert; // our java certificate
       } catch (CertificateException e) {
            throw new IllegalArgumentException("Unknown certificate");

我也尝试过使用javax.security.cert.X509Certificate.getInstance(inputStream),但我不能使用javax,因为我用来调用我的证书的一些方法,如getSignature()getType(),如果我使用@987654326 则不起作用@,所以我需要使用java。有谁知道我该如何解决这个问题?

【问题讨论】:

    标签: java ssl certificate bouncycastle x509


    【解决方案1】:

    如果您使用的是 Bouncy Castle(从 ~1.4x 起),那么您很可能已经访问了 X509CertificateHolder,在这种情况下,JcaX509CertificateConverter 使之成为可能。

    例如给定的;

    private static final BouncyCastleProvider PROVIDER = new BouncyCastleProvider();

static {
    Security.addProvider(PROVIDER);
}

    那么;

    // ... {

    X509Certificate certificate = new JcaX509CertificateConverter()
            .setProvider(PROVIDER)
            .getCertificate(signedCertificate);
// ... }

    【讨论】:

      【解决方案2】:

      使用java.security.cert.X509Certificate 而不是javax.security.cert.X509Certificate

       //get encoded certificate. I used the base64 content you provided
 //byte[] encoded = certificate.getCertificateAt(0).getEncoded();
 String certB64 = "MIIH4jCCBsqgAwIBAgIIFaqhpQEYRXIwDQYJKoZIhvcNAQELBQAwSTELMAkGA1UEBhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRlcm5ldCBBdXRob3JpdHkgRzIwHhcNMTcwMzE2MDkzNzQyWhcNMTcwNjA4MDg1NDAwWjBmMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEVMBMGA1UEAwwMKi5nb29nbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgPs3rpAtF2jQzXrVQ8x33EVHB3OIpj3GcwVf8U9qcPce0XuG97fHInb20U9Uw1b45ecNRtnWLUw14/7+F4cvFJXHHsYaoUdBoeSJAcOy8ktgxvIEMk82KJwJlzWA7X7B459Fy1Ur8Dvu6dNFzhtu8eJs8bFOMJ/Wczjh8tylKXyWNMpotTbvAG3rGH+8fttmGXnztTB3dwxxf6SEL6m4XGH7POxwH9+AKzIwV9PrkU4JM5U2YsGPHf6ao/w27gPVpO5sh3gP9J/3jf8lXNwPZWSLCK5C2i7kz12ohaD7jlipVyw4nYLcEFPs27LwzjYa/YFU8VZreIcbazBmDsqBwIDAQABo4IErzCCBKswHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIIDewYDVR0RBIIDcjCCA26CDCouZ29vZ2xlLmNvbYINKi5hbmRyb2lkLmNvbYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYISKi5jbG91ZC5nb29nbGUuY29tgg4qLmdjcC5ndnQyLmNvbYIWKi5nb29nbGUtYW5hbHl0aWNzLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNsgg4qLmdvb2dsZS5jby5pboIOKi5nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVrgg8qLmdvb2dsZS5jb20uYXKCDyouZ29vZ2xlLmNvbS5hdYIPKi5nb29nbGUuY29tLmJygg8qLmdvb2dsZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIPKi5nb29nbGUuY29tLnRygg8qLmdvb2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5lc4ILKi5nb29nbGUuZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29nbGUubmyCCyouZ29vZ2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMuY29tgg8qLmdvb2dsZWFwaXMuY26CFCouZ29vZ2xlY29tbWVyY2UuY29tghEqLmdvb2dsZXZpZGVvLmNvbYIMKi5nc3RhdGljLmNugg0qLmdzdGF0aWMuY29tggoqLmd2dDEuY29tggoqLmd2dDIuY29tghQqLm1ldHJpYy5nc3RhdGljLmNvbYIMKi51cmNoaW4uY29tghAqLnVybC5nb29nbGUuY29tghYqLnlvdXR1YmUtbm9jb29raWUuY29tgg0qLnlvdXR1YmUuY29tghYqLnlvdXR1YmVlZHVjYXRpb24uY29tggsqLnl0aW1nLmNvbYIaYW5kcm9pZC5jbGllbnRzLmdvb2dsZS5jb22CC2FuZHJvaWQuY29tghtkZXZlbG9wZXIuYW5kcm9pZC5nb29nbGUuY26CBGcuY2+CBmdvby5nbIIUZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2dsZS5jb22CEmdvb2dsZWNvbW1lcmNlLmNvbYIKdXJjaGluLmNvbYIKd3d3Lmdvby5nbIIIeW91dHUuYmWCC3lvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbTBoBggrBgEFBQcBAQRcMFowKwYIKwYBBQUHMAKGH2h0dHA6Ly9wa2kuZ29vZ2xlLmNvbS9HSUFHMi5jcnQwKwYIKwYBBQUHMAGGH2h0dHA6Ly9jbGllbnRzMS5nb29nbGUuY29tL29jc3AwHQYDVR0OBBYEFHRy1woLF5IqQVubJZ5ZvXAjaJ0aMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUSt0GFhu89mi1dvWBtrtiGrpagS8wIQYDVR0gBBowGDAMBgorBgEEAdZ5AgUBMAgGBmeBDAECAjAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vcGtpLmdvb2dsZS5jb20vR0lBRzIuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQAsoPR1jJz2adkKTVXpGse/M3l+xKgmuZHpXzXkAiqE9wcsxXxCU3dEUmPBYYGRTqODNkOh9AMyGzILfrYh/zY9rhqJ2B26OunmxKFF9BmwRi2rp+Ksvg/+27F57Hyaq2phSaR8E7hRZcYRYqCaNA5e1hialuB1g58mAvs38jxxV4bQhKzCKkBOxolhYbUEBEV4mQ14ODdSvAB08L1dMjk3+LEDB/hWdtpOOhtMbSPa1u7xJeM/Ip7+GV47lS3V6rUALDKz4ASNk8ihX0ZmxPA1rabqNFutG8L/4HK2/ffO4bKEkHEdOQXC9B17n1x65fbLUbweDPDAzaowrum/OChG";
 byte encoded[] = DatatypeConverter.parseBase64Binary(certB64);

 //build the certificate
 X509Certificate cert = 
    (X509Certificate) CertificateFactory.getInstance("X.509")
          .generateCertificate(new ByteArrayInputStream(encoded));

       //CN=*.google.com, O=Google Inc, L=Mountain View, ST=California, C=US
 System.out.println(cert.getSubjectDN());
 //X.509 
 System.out.println(cert.getType());

      【讨论】:

      • 我忘了说,但我们之前也尝试过,但我得到了一个空的 X509Certficate 对象。对象存在,但变量中的信息为空。
      • 您确定certificate.getCertificateAt(0).getEncoded(); 包含X509 证书吗?您能否在您的问题中添加一个示例(以 base64 格式发布编码数据)?
      • 如果我打印 certificate.getCertificateAt(0),我得到:org.bouncycastle.asn1.x509.Certificate@c0640265。如果我尝试对其进行 base64 编码,我会得到:[B@5034c75a
      • 您打印的是对象,而不是内容。要将内容打印为 base64,请执行以下操作:System.out.println(DatatypeConverter.printBase64Binary(certificate.getCertificateAt(0).getEncoded()));
      • 请查看更新后的答案。我测试了您提供的证书并且运行良好。查看您的代码或更新您的问题以显示所涉及的完整代码。可能是您有我看不到的转换问题
      猜你喜欢
      • 2011-02-11
      • 1970-01-01
      • 2018-08-15
      • 2015-07-03
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 2015-10-15
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode