我是证书的新手,我有一个场景,需要阅读 SSL 证书,提取并验证证书中指定的电子邮件。为此,我在下面编写了代码,但我得到了java.lang.IllegalArgumentException
.
public GenericFormResponse execute(WebRequest wreq, String epName, String ipAddr, boolean useDefault, MultipartFile certFile)throws Exception {
.......//some code
byte[] certBytes = certFile.getBytes();
CertificateFactory cf = CertificateFactory.getInstance("X509");
X509Certificate cert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(certBytes));
NameAdapter subject = CertificateVerifier.getSubject(cert);
if(StringUtils.equalsIgnoreCase(subject.getEmailAddress(), email)){
ep.setCertData(cert.getSignature());
}else{
LOGGER.debug("invalid certificates found.");
response.setSuccess(false);
response.setGlobalErrorCode("sa_endpoint_invalid_cert");
return response;
}
......//some code.
}
CertificateVerifier.getSubject(cert);
是在另一种情况下运行良好的自定义代码。异常堆栈跟踪:
Caused by: java.lang.IllegalArgumentException: Bad sequence size: 6
at org.bouncycastle.asn1.x509.AlgorithmIdentifier.<init>(Unknown Source) ~[bcprov-jdk15on-1.51.jar:1.51.0]
at org.bouncycastle.asn1.x509.AlgorithmIdentifier.getInstance(Unknown Source) ~[bcprov-jdk15on-1.51.jar:1.51.0]
at org.bouncycastle.asn1.x509.TBSCertificate.<init>(Unknown Source) ~[bcprov-jdk15on-1.51.jar:1.51.0]
at org.bouncycastle.asn1.x509.TBSCertificate.getInstance(Unknown Source) ~[bcprov-jdk15on-1.51.jar:1.51.0]
at org.bouncycastle.asn1.x509.Certificate.<init>(Unknown Source) ~[bcprov-jdk15on-1.51.jar:1.51.0]
at org.bouncycastle.asn1.x509.Certificate.getInstance(Unknown Source) ~[bcprov-jdk15on-1.51.jar:1.51.0]
at org.bouncycastle.jcajce.provider.asymmetric.x509.CertificateFactory.readPEMCertificate(Unknown Source) ~[bcprov-jdk15on-1.51.jar:1.51.0]
... 43 common frames omitted
请帮助任何人,如何读取.csr
文件。证书文件格式如下。
-----BEGIN CERTIFICATE-----
MIIC+zCCAeMCAQAwgYUxCzAJBgNVBAYTAklOMRIwEAYDVQQIEwlLYXJuYXRha2ExEjAQBgNVBAcT
CUJlbmdhbHVydTESMBAGA1UEChMJQ29ubkluZGlhMRYwFAYDVQQLEw1Db25uZWN0IEluZGlhMSIw
IAYDVQQDExl3d3cudGVzdC5jb25uZWN0aW5kaWEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA7it/pHtJCLuc4BohScXvruMPY+QI8Y60gsp6Hm9tcWm1c4RHs0suGZ0jptHZEHsF
AJZm9fmjQsF2Oni0Ty1yGymIWcLh3NcXn7tthwpDH1k48fYWsluB1kWbxyTqv9vVDjXBcVoCUIUc
1jXIoaYxzb4VVgQvHkRwtPCIVygMfB6vBChPltdX0w0pQa8oFaL44w1afGukEjrrDuq1L9aejAI1
roPAZ3cYeMjzURrXP2sybdB9pcPvRqMkGhth17fzJOkOTHKiLObXp+euU8FwC/MIj1p0HiSd+XsZ
GKcqzLJ/6u2keOJIn83B4gUCo8Q23zqblPmcNRIdL5qMhtu9DQIDAQABoDAwLgYJKoZIhvcNAQkO
MSEwHzAdBgNVHQ4EFgQUrW69RwCRyWpbF9p4wP/sA//M6IIwDQYJKoZIhvcNAQELBQADggEBAJmC
RJpUZyzW1reLYtd6Iw7rzya3Fg3EKVksHIXxmtRxOMG+kbLdc2+p/SjTIGSWjs7EoCItJ+UsrPQM
uk8dEi4G3R9qIfGXycMX1tST9N4yy4nGALEYQ7MQlikCdsvzGh0u7G75nAMaObgf9hra513SsrqD
ta1jjZBlF6sp0VfRoqpvT09lqEkKmWQhYAtkIPIfgnRxCpC+IqxS2fk/x14pLnaRWtjHQOqOeKEo
KMG7dWtp15MKeKtNt8O5lahHH5yjtutwkGDHIQD6oksqxzBPvdLpQPJ90pxCdegwczRyDq/puzAb
DVwakU/8b0JLco4Mm/Bo3OxGjPmFdkO7P7g=
-----END CERTIFICATE-----
提前致谢。