使用 CertificateFactory 使用生成的证书 (X509) 获取 public 密钥
Getting public key using the generated certificate(X509) using CertificateFactory
我在使用 X509 证书获取 public 密钥时遇到问题。尝试生成证书时出现错误 "signed fields invalid"。请帮忙
用于生成密钥的代码:
public static PublicKey getPublicKey() throws CertificateException,FileNotFoundException {
InputStream certFileIs = new FileInputStream("E:\TA_Private.pfx");
CertificateFactory certfactory = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate) certfactory.generateCertificate(certFileIs);
PublicKey key = cert.getPublicKey();
return key;
}
控制台输出:
java.security.cert.CertificateParsingException: signed fields invalid
at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1768)
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:196)
at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:97)
at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:339)
at Keygenerator.getPublicKey(Keygenerator.java:45)
at KeyMain.main(KeyMain.java:20)
文件解析失败。实际上,由于您的文件名为 TA_Private.pfx,这让我觉得这个文件不是 X509 证书而是 PKCS#12 文件(即可以包含密钥和证书的文件,用于交换秘密 material 系统之间)
要读取 PKCS#12 文件,您可以使用 KeyStore class:
public PublicKey loadPKCS#12(String filePath, char[] password) throws Exception {
InputStream is = null;
KeyStore ks = KeyStore.getInstance("PKCS12");
try {
is = new FileInputStream(filePath);
ks.load(is, password);
for (Enumeration<String> e = ks.aliases(); e.hasMoreElements();) {
String alias = e.nextElement();
if (ks.isCertificateEntry(alias)) {
Certificate cert = ks.getCertificate(alias);
return cert.getPublicKey();
}
}
return null;
} finally {
if (is != null) {
is.close();
}
}
}
这是一个非常简单的示例,它提取第一个找到的证书的 public 密钥。但是 PKCS#12 可以包含多个证书。
我在使用 X509 证书获取 public 密钥时遇到问题。尝试生成证书时出现错误 "signed fields invalid"。请帮忙
用于生成密钥的代码:
public static PublicKey getPublicKey() throws CertificateException,FileNotFoundException {
InputStream certFileIs = new FileInputStream("E:\TA_Private.pfx");
CertificateFactory certfactory = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate) certfactory.generateCertificate(certFileIs);
PublicKey key = cert.getPublicKey();
return key;
}
控制台输出:
java.security.cert.CertificateParsingException: signed fields invalid
at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1768)
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:196)
at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:97)
at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:339)
at Keygenerator.getPublicKey(Keygenerator.java:45)
at KeyMain.main(KeyMain.java:20)
文件解析失败。实际上,由于您的文件名为 TA_Private.pfx,这让我觉得这个文件不是 X509 证书而是 PKCS#12 文件(即可以包含密钥和证书的文件,用于交换秘密 material 系统之间)
要读取 PKCS#12 文件,您可以使用 KeyStore class:
public PublicKey loadPKCS#12(String filePath, char[] password) throws Exception {
InputStream is = null;
KeyStore ks = KeyStore.getInstance("PKCS12");
try {
is = new FileInputStream(filePath);
ks.load(is, password);
for (Enumeration<String> e = ks.aliases(); e.hasMoreElements();) {
String alias = e.nextElement();
if (ks.isCertificateEntry(alias)) {
Certificate cert = ks.getCertificate(alias);
return cert.getPublicKey();
}
}
return null;
} finally {
if (is != null) {
is.close();
}
}
}
这是一个非常简单的示例,它提取第一个找到的证书的 public 密钥。但是 PKCS#12 可以包含多个证书。