2

我有一个签署文档的小程序,并将文档、签名和证书发送到服务器端。在服务器端 portlet 接收这 3 个文件,所有文件都以 base64 格式存储,但是当我尝试获取证书时会引发异常

java.security.cert.CertificateException: Could not parse certificate: java.io.IOException: Empty input
at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:104)

小程序端代码:

public static byte[] certificate;

public static String getCertificateString() {
        String str = "";
        byte[] result = null;
        result = Base64.encode(certificate);
        for (int i = 0; i < result.length; i++) {
            str += (char) (result[i]);
        }
        return str;
    }

    //initialization of certificate from the store
    Certificate cert = store.getCertificate(aliasKey);
    certificate = cert.toString().getBytes();

在此之后,我将证书发送到需要验证签名的 portlet。但是证书转换失败。

门户代码:

String certificate = request.getParameter("cert");
byte[] cert_array = Base64.decode(certificate.getBytes());
try {
    cert = CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(cert_array));
}catch(Exception e){
    e.printStackTrace();
}

而此时,在 try 块中,引发了 Exception

4

2 回答 2

2

永远不要相信所有证书。那是非常危险的。如果你这样做,你也可以不使用 HTTPS 而只使用 HTTP

于 2015-10-01T17:18:57.547 回答
0

好的,@test1604 你尝试这样的事情,是实现 X509TrustManager 类,好的,我们开始:

import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

public class YouNameClass implements X509TrustManager {... 
   public YouNameClass() {
      super();
   }
}

并添加此方法,

private static void trustAllHttpsCertificates() throws Exception {
//  Create a trust manager that does not validate certificate chains:
    javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1];
    javax.net.ssl.TrustManager tm = new YouNameClass();
    trustAllCerts[0] = tm; 
    javax.net.ssl.SSLContext sc = javax.net.ssl.SSLContext.getInstance("SSL");
    sc.init(null, trustAllCerts, null);
    javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
}

和方法覆盖:

    @Override
     public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
       return;
}

    @Override
    public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
       return;
}

    @Override
    public X509Certificate[] getAcceptedIssuers() {
       return null;
}

就是这样。:)

于 2012-05-15T05:14:15.217 回答