1. 首页
  2. 问答
  3. 无法提取X509公钥证书

无法提取X509公钥证书

2015-12-31 147 views
0

这里是我的代码:无法提取X509公钥证书

import java.security.PublicKey; 
import java.security.spec.InvalidKeySpecException; 
import java.io.UnsupportedEncodingException; 
import java.security.NoSuchAlgorithmException; 
import java.security.spec.X509EncodedKeySpec; 
import java.security.KeyFactory; 

class LoadKey { 
    public static void main(String[] args) 
    throws InvalidKeySpecException, UnsupportedEncodingException, NoSuchAlgorithmException 
    { 
     String cert = "-----BEGIN CERTIFICATE-----\n" + 
         "MIIDITCCAoqgAwIBAgIQT52W2WawmStUwpV8tBV9TTANBgkqhkiG9w0BAQUFADBM\n" + 
         "MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg\n" + 
         "THRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBDQTAeFw0xMTEwMjYwMDAwMDBaFw0x\n" + 
         "MzA5MzAyMzU5NTlaMGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh\n" + 
         "MRYwFAYDVQQHFA1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKFApHb29nbGUgSW5jMRcw\n" + 
         "FQYDVQQDFA53d3cuZ29vZ2xlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC\n" + 
         "gYEA3rcmQ6aZhc04pxUJuc8PycNVjIjujI0oJyRLKl6g2Bb6YRhLz21ggNM1QDJy\n" + 
         "wI8S2OVOj7my9tkVXlqGMaO6hqpryNlxjMzNJxMenUJdOPanrO/6YvMYgdQkRn8B\n" + 
         "d3zGKokUmbuYOR2oGfs5AER9G5RqeC1prcB6LPrQ2iASmNMCAwEAAaOB5zCB5DAM\n" + 
         "BgNVHRMBAf8EAjAAMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwudGhhd3Rl\n" + 
         "LmNvbS9UaGF3dGVTR0NDQS5jcmwwKAYDVR0lBCEwHwYIKwYBBQUHAwEGCCsGAQUF\n" + 
         "BwMCBglghkgBhvhCBAEwcgYIKwYBBQUHAQEEZjBkMCIGCCsGAQUFBzABhhZodHRw\n" + 
         "Oi8vb2NzcC50aGF3dGUuY29tMD4GCCsGAQUFBzAChjJodHRwOi8vd3d3LnRoYXd0\n" + 
         "ZS5jb20vcmVwb3NpdG9yeS9UaGF3dGVfU0dDX0NBLmNydDANBgkqhkiG9w0BAQUF\n" + 
         "AAOBgQAhrNWuyjSJWsKrUtKyNGadeqvu5nzVfsJcKLt0AMkQH0IT/GmKHiSgAgDp\n" + 
         "ulvKGQSy068Bsn5fFNum21K5mvMSf3yinDtvmX3qUA12IxL/92ZzKbeVCq3Yi7Le\n" + 
         "IOkKcGQRCMha8X2e7GmlpdWC1ycenlbN0nbVeSv3JUMcafC4+Q==\n" + 
         "-----END CERTIFICATE-----\n"; 
     System.out.println(cert); 
     byte[] encodedCert = cert.getBytes(); 
     X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encodedCert); 
     KeyFactory keyFactory = KeyFactory.getInstance("RSA"); 
     PublicKey publicKey = keyFactory.generatePublic(keySpec); 
    } 
}

OpenSSL是能够通过命令行来解码X509证书,所以我知道这是一个有效的证书。但Java似乎并不喜欢它,完全一样。

我已经厌倦了它,没有拖尾\ n无济于事。

任何想法?

来源

2015-12-31 neubert

+0

你有证书为PEM文本,你在你的电脑的默认字符集是字符串的字节,通过这些字节有没有关系加密东西到*关键*相关的工厂,你到底会发生什么? –

+0

也许它期待'\ r \ n'?你有没有试过先从文件中读取它? – Zymus

+0

@OlegEstekhin - well'cert.getBytes(“UTF-8”)'也没有帮助。当你在我的文章中说过,OpenSSL('openssl x509 -in mycert.pem -noout -text')可以读取那些字节就好了,你怎么能说这些字节与加密的东西没有关系呢?如果这些字节与字节序列没有任何关系,如果Java决定抛弃所有的IETF RFC并且制定自己的标准,那么这是一种非常糟糕的无用语言。 – neubert

回答

5

您错过了base64解码部分。

这里是工作代码,你需要Apache Commons Codec库Base64类。

import java.io.ByteArrayInputStream; 
import java.io.InputStream; 
import java.security.PublicKey; 
import java.security.cert.CertificateFactory; 
import java.security.cert.X509Certificate; 

import org.apache.commons.codec.binary.Base64; 

class LoadKey { 
    public static void main(String[] args) 
    throws Exception 
    { 
     String cert = "-----BEGIN CERTIFICATE-----\n" + 
         "MIIDITCCAoqgAwIBAgIQT52W2WawmStUwpV8tBV9TTANBgkqhkiG9w0BAQUFADBM\n" + 
         "MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg\n" + 
         "THRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBDQTAeFw0xMTEwMjYwMDAwMDBaFw0x\n" + 
         "MzA5MzAyMzU5NTlaMGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh\n" + 
         "MRYwFAYDVQQHFA1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKFApHb29nbGUgSW5jMRcw\n" + 
         "FQYDVQQDFA53d3cuZ29vZ2xlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC\n" + 
         "gYEA3rcmQ6aZhc04pxUJuc8PycNVjIjujI0oJyRLKl6g2Bb6YRhLz21ggNM1QDJy\n" + 
         "wI8S2OVOj7my9tkVXlqGMaO6hqpryNlxjMzNJxMenUJdOPanrO/6YvMYgdQkRn8B\n" + 
         "d3zGKokUmbuYOR2oGfs5AER9G5RqeC1prcB6LPrQ2iASmNMCAwEAAaOB5zCB5DAM\n" + 
         "BgNVHRMBAf8EAjAAMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwudGhhd3Rl\n" + 
         "LmNvbS9UaGF3dGVTR0NDQS5jcmwwKAYDVR0lBCEwHwYIKwYBBQUHAwEGCCsGAQUF\n" + 
         "BwMCBglghkgBhvhCBAEwcgYIKwYBBQUHAQEEZjBkMCIGCCsGAQUFBzABhhZodHRw\n" + 
         "Oi8vb2NzcC50aGF3dGUuY29tMD4GCCsGAQUFBzAChjJodHRwOi8vd3d3LnRoYXd0\n" + 
         "ZS5jb20vcmVwb3NpdG9yeS9UaGF3dGVfU0dDX0NBLmNydDANBgkqhkiG9w0BAQUF\n" + 
         "AAOBgQAhrNWuyjSJWsKrUtKyNGadeqvu5nzVfsJcKLt0AMkQH0IT/GmKHiSgAgDp\n" + 
         "ulvKGQSy068Bsn5fFNum21K5mvMSf3yinDtvmX3qUA12IxL/92ZzKbeVCq3Yi7Le\n" + 
         "IOkKcGQRCMha8X2e7GmlpdWC1ycenlbN0nbVeSv3JUMcafC4+Q==\n" + 
         "-----END CERTIFICATE-----\n"; 

     cert = cert.replace("-----BEGIN CERTIFICATE-----\n", ""); 
     cert = cert.replace("-----END CERTIFICATE-----\n", ""); 
     System.out.println(cert); 

     byte[] encodedCert = cert.getBytes("UTF-8"); 
     byte[] decodedCert = Base64.decodeBase64(encodedCert); 
     CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); 
     InputStream in = new ByteArrayInputStream(decodedCert); 
     X509Certificate certificate = (X509Certificate)certFactory.generateCertificate(in); 

     System.out.println("Subject DN : " + certificate.getSubjectDN().getName()); 
     System.out.println("Issuer : " + certificate.getIssuerDN().getName()); 
     System.out.println("Not After: " + certificate.getNotAfter()); 
     System.out.println("Not Before: " + certificate.getNotBefore()); 
     System.out.println("version: " + certificate.getVersion()); 
     System.out.println("serial number : " + certificate.getSerialNumber()); 

     PublicKey publicKey = certificate.getPublicKey(); 
     System.out.println("PublicKey : \n" + publicKey); 
    } 
}

输出

MIIDITCCAoqgAwIBAgIQT52W2WawmStUwpV8tBV9TTANBgkqhkiG9w0BAQUFADBM 
MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg 
THRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBDQTAeFw0xMTEwMjYwMDAwMDBaFw0x 
MzA5MzAyMzU5NTlaMGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh 
MRYwFAYDVQQHFA1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKFApHb29nbGUgSW5jMRcw 
FQYDVQQDFA53d3cuZ29vZ2xlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC 
gYEA3rcmQ6aZhc04pxUJuc8PycNVjIjujI0oJyRLKl6g2Bb6YRhLz21ggNM1QDJy 
wI8S2OVOj7my9tkVXlqGMaO6hqpryNlxjMzNJxMenUJdOPanrO/6YvMYgdQkRn8B 
d3zGKokUmbuYOR2oGfs5AER9G5RqeC1prcB6LPrQ2iASmNMCAwEAAaOB5zCB5DAM 
BgNVHRMBAf8EAjAAMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwudGhhd3Rl 
LmNvbS9UaGF3dGVTR0NDQS5jcmwwKAYDVR0lBCEwHwYIKwYBBQUHAwEGCCsGAQUF 
BwMCBglghkgBhvhCBAEwcgYIKwYBBQUHAQEEZjBkMCIGCCsGAQUFBzABhhZodHRw 
Oi8vb2NzcC50aGF3dGUuY29tMD4GCCsGAQUFBzAChjJodHRwOi8vd3d3LnRoYXd0 
ZS5jb20vcmVwb3NpdG9yeS9UaGF3dGVfU0dDX0NBLmNydDANBgkqhkiG9w0BAQUF 
AAOBgQAhrNWuyjSJWsKrUtKyNGadeqvu5nzVfsJcKLt0AMkQH0IT/GmKHiSgAgDp 
ulvKGQSy068Bsn5fFNum21K5mvMSf3yinDtvmX3qUA12IxL/92ZzKbeVCq3Yi7Le 
IOkKcGQRCMha8X2e7GmlpdWC1ycenlbN0nbVeSv3JUMcafC4+Q== 

Subject DN : CN=www.google.com, O=Google Inc, L=Mountain View, ST=California, C=US 
Issuer : CN=Thawte SGC CA, O=Thawte Consulting (Pty) Ltd., C=ZA 
Not After: Mon Sep 30 19:59:59 EDT 2013 
Not Before: Tue Oct 25 20:00:00 EDT 2011 
version: 3 
serial number : 105827261859531100510423749949966875981 
PublicKey : 
Sun RSA public key, 1024 bits 
    modulus: 156396091895984667473837837332877995558144703880815901117439532534031286131520903863087599986938779606924811933611903716377206837300122262900786662124968110191717844999183338594373129421417536020806373385428322642107305024162536996222164292639147591878860587271770855626780464602884552232097424473091745159379 
    public exponent: 65537

来源

2015-12-31 17:16:51 11thdimension

相关问题

 相关问题