1

我正在尝试X509CertificateObject使用org.apache.commons.lang3.SerializationUtils. 显然,反序列化对象的类型 ( sun.security.x509.X509CertImpl) 与原始序列化对象 ( org.bouncycastle.jce.provider.X509CertificateObject) 不同。因此铸造失败。我究竟做错了什么?

public static void test(X509CertificateObject certObj) {
    byte[] serializedObj;
    Object deSerializedObj;
    X509CertificateObject deSerializedCertObj;
    X509Certificate deSerializedCert;

    System.out.println("certObj type: " + certObj.getClass().getName());
    serializedObj = SerializationUtils.serialize(certObj);
    deSerializedObj = SerializationUtils.deserialize(serializedObj);
    System.out.println("deSerializedObj type: " + deSerializedObj.getClass().getName());
    deSerializedCert = (X509Certificate) deSerializedObj;
    System.out.println("deSerializedCert type: " + deSerializedCert.getClass().getName());
    deSerializedCertObj = (X509CertificateObject) deSerializedObj;
    System.out.println("deSerializedCertObj type: " + deSerializedCertObj.getClass().getName());
}

结果是:

certObj type: org.bouncycastle.jce.provider.X509CertificateObject
deSerializedObj type: sun.security.x509.X509CertImpl
deSerializedCert type: sun.security.x509.X509CertImpl

最后在

java.lang.ClassCastException: sun.security.x509.X509CertImpl cannot be cast to org.bouncycastle.jce.provider.X509CertificateObject
at Test.test(Test.java:1010)
at Test.main(Test.java:153)

这是因为 的上层类X509CertificateObjectX509Certificate抽象的和/或因为X509CertificateObject没有定义自己的serialVersionUID

4

2 回答 2

3

只需转换为java.security.cert.X509Certificate,所有其他类都应该扩展。你当然不应该期待或使用sun.*类。

于 2012-11-14T09:18:00.933 回答
0

我终于找到了解决方法/解决方案。Java 序列化问题似乎是由于 BC 和 Java JCE 之间的冲突。我现在将XStream与A ​​pache Commons Codec结合使用:

import org.apache.commons.codec.binary.StringUtils;
import com.thoughtworks.xstream.XStream;

public static byte[] serializeToXML(Object obj, XStream xStreamConfig)
    throws Exception
{
    XStream xstream;
    String certObjString;
    byte[] certObjByte;

    if(xStreamConfig == null) {
        xstream = new XStream();
    } else {
        xstream = xStreamConfig;
    }

    certObjString = xstream.toXML(obj);

    certObjByte = StringUtils.getBytesUtf8(certObjString);

    return certObjByte;
}

public static Object deserializeFromXML(byte[] objectByteArray, XStream xStreamConfig)
{
    String objectString;
    Object object;
    XStream xstream;

    if(xStreamConfig == null) {
        xstream = new XStream();
    } else {
        xstream = xStreamConfig;
    }

    objectString = StringUtils.newStringUtf8(objectByteArray);

    object = xstream.fromXML(objectString);

    return object;
}
于 2012-11-30T14:07:27.000 回答