1

我尝试从一个大的 .csv 文件中解析证书数据。文档说它是一个 X509 证书,存储在使用 base64 编码的原始数据中。

因此,我尝试使用以下代码对其进行解码并使用 java 加载数据:

protected X509Certificate parseCert(byte [] bytes) {
    if (bytes != null) {
        InputStream in = new ByteArrayInputStream(org.apache.commons.net.util.Base64.decodeBase64(bytes));
        X509Certificate certificate = null;
        try {
            CertificateFactory cf = CertificateFactory.getInstance("X.509");
            certificate = (X509Certificate) cf.generateCertificate(in);
        } catch (Exception ex) {
            ex.printStackTrace();
        }
        return certificate;
    }

    System.out.println("Null value in bytes!");
    return null;
}

我总是CertificateException说“空数据”。我不知道我做错了什么!

使用 CSV 阅读器,数据看起来不错,还是我必须切断 \x3 ?

 \x308202e23082024ba0......
 \x30820224308201....

和:

\ebf25279e5c1ae415fd9e14898c11dc74c18c128e35e7d8467028689cc304fc95359c1f7eb89018ca750145ea81f498880af

可能有人可以帮忙吗?

4

1 回答 1

2

证书不是 base64 编码的,而是十六进制编码的。

将 OPparseCert方法的代码更改为

protected X509Certificate parseCert(byte[] bytes)
{
    if (bytes != null)
    {
        InputStream in = new ByteArrayInputStream(Hex.decode(bytes));
        X509Certificate certificate = null;
        try
        {
            CertificateFactory cf = CertificateFactory.getInstance("X.509");
            certificate = (X509Certificate) cf.generateCertificate(in);
        }
        catch (Exception ex)
        {
            ex.printStackTrace();
        }
        return certificate;
    }

    System.out.println("Null value in bytes!");
    return null;
}

(使用 BouncyCastle 十六进制解码器org.bouncycastle.util.encoders.Hex,但任何其他也应该这样做)导致成功解析证​​书

@Test
public void test24542431() throws CertificateEncodingException, IOException
{
    String hexEncodedCert = "308201db30820144a00302010202020462300d06092a864886f70d010104050030323130302e0603550403132750616e646f436c69656e74363930413639343632353536363738423737414435353341314332393020170d3133303330383137313230315a180f33303132303232393137313230315a30323130302e0603550403132750616e646f436c69656e743639304136393436323535363637384237374144353533413143323930819f300d06092a864886f70d010101050003818d0030818902818100ad97e2fd61997ca4898383b957de7d44fcf9cf4199c915538fadfd644d36df3ea1eea1d69a6b8ad75a313cb25b479966ed7f831638bbea4ac0f2f2d1452b81ed0ff73da55f477e81f4cd4dad7ca26f29a7eb38d097ec90446e531bac72e29882f1df06a75893f7d6e115d11200bff5a813ea050591f2fcc50ab2d13ddc7d3fdd0203010001300d06092a864886f70d010104050003818100603e9d0ad64f80363e3cae94b28dcb9a25409a59ce7876bd24990b62ef3901788e2c0b3a0be22f4c07deb7c005d82f46a105a6abbfca4505403a7c2248be296aae5367e04fc22b0a93f6272263a3ebf25279e5c1ae415fd9e14898c11dc74c18c128e35e7d8467028689cc304fc95359c1f7eb89018ca750145ea81f498880af";
    X509Certificate cert = parseCert(hexEncodedCert.getBytes());
    Files.write(FileSystems.getDefault().getPath("target/test-outputs", "24542431.crt"), cert.getEncoded());
}

但是,这里不信任它:

证书对话框,不可信

于 2014-07-03T11:21:25.587 回答