1

我的本地存储 (C:\Users\Certs\cert.p7b) 中有 .p7b 文件。 这个解决方案对我不起作用。

我尝试了以下。

File file = new File("C:\Users\Certs\cert.p7b");
BufferedInputStream bis = null;
try {
     byte[] buffer = new byte[(int) file.length()];
     DataInputStream in = new DataInputStream(new FileInputStream(file));
     in.readFully(buffer);
     in.close();
     CertificateFactory certificatefactory = CertificateFactory.getInstance("X.509");
     X509Certificate cert = certificatefactory.getCertificate(in);
}catch (Exception e){
     System.out.println("Exception");
}

但它不起作用。那么如何加载这个 .p7b 文件,然后将其存储在密钥库中。

4

2 回答 2

4

要从 PKCS#7 文件中读取证书,您可以使用以下代码片段:

public static final Certificate[] readCertificatesFromPKCS7(byte[] binaryPKCS7Store) throws Exception
{
    try (ByteArrayInputStream bais = new ByteArrayInputStream(binaryPKCS7Store);)
    {
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        Collection<?> c = cf.generateCertificates(bais);

        List<Certificate> certList = new ArrayList<Certificate>();

        if (c.isEmpty())
        {
            // If there are now certificates found, the p7b file is probably not in binary format.
            // It may be in base64 format.
            // The generateCertificates method only understands raw data.
        }
        else
        {

            Iterator<?> i = c.iterator();

            while (i.hasNext())
            {
                certList.add((Certificate) i.next());
            }
        }

        java.security.cert.Certificate[] certArr = new java.security.cert.Certificate[certList.size()];

        return certList.toArray(certArr);
    }
}
于 2019-09-10T15:48:58.713 回答
1

您关闭了 InputStream。之后你就无法读取它了。

您不应该使用 DataInputStream。您不应该使用缓冲区。只需打开文件并让 CertificateFactory 从中读取:

X509Certificate cert = null;
File file = new File("C:\\Users\\Certs\\cert.p7b");
try (InputStream in = new BufferedInputStream(new FileInputStream(file))) {
     CertificateFactory certificatefactory = CertificateFactory.getInstance("X.509");
     cert = certificatefactory.generateCertificate(in);
} catch (CertificateException e) {
     e.printStackTrace();
}

始终打印或记录捕获的异常的完整堆栈跟踪。毕竟,您想知道出了什么问题。隐藏它不会帮助你的程序,不会帮助你,也不会帮助我们。

将来,请发布您的实际代码。如果我们看不到它们,就很难知道哪些线导致了问题。

于 2019-09-10T15:50:51.840 回答