在 Java 中使用 PKC7 解码字符串
Decode string with PKC7 in Java
我有一些 Java 代码,我有一个 String 类型,其中包含以下内容:
-----BEGIN PKCS7-----
MIIIzwYJKoZIhvcNAQcCoIIIwDCCCLwCAQExDzANBglghkgBZQMEAgEFADALBgkq
hkiG9w0BBwGgggZbMIIGVzCCBT+gAwIBAgIELhJ2QDANBgkqhkiG9w0BAQUFADCB
mDELMAkGA1UEBhMCREUxEDAOBgNVBAoMB1NpZW1lbnMxETAPBgNVBAUTCFpaWlpa
WlkyMTowOAYDVQQLDDFDb3B5cmlnaHQgKEMpIFNpZW1lbnMgQUcgMjAxMyBBbGwg
UmlnaHRzIFJlc2VydmVkMSgwJgYDVQQDDB9TaWVtZW5zIElzc3VpbmcgQ0EgRUUg
QXV0aCAyMDEzMB4XDTE0MDcxODEzNTcwM1oXDTE3MDcxODEzNTcwM1owYzERMA8G
A1UEBRMIWjAwMzBBTUgxDzANBgNVBCoMBkFsZXhleTERMA8GA1UEBAwIU2Vkb3lr
aW4xEDAOBgNVBAoMB1NpZW1lbnMxGDAWBgNVBAMMD1NlZG95a2luIEFsZXhleTCC
ASAwCwYJKoZIhvcNAQEBA4IBDwAwggEKAoIBAQCKahNgWzDPSnOwba2ljWQb8Lni
uvAGZHEvdd5zm8H7Kw56WMxdixKHoKSChXWf1zGE3RZAsQOdHOpcgiqnRF2xLe2l
LjCLoE9sC4DfUVD4mKe3kcxtnsxkoLc1A/3QXJSOzpk7rPJeqehmuj06yCtPjpdF
Gmtf4bkskiQuK8u4RJfnmzffWQppd2Ld+u8tLxQKyHnZtOnPyYQGRQJXJKhruDnn
LonlveVXKzEzmo88E5udB+/6jDWDfuyfKHMFyOhk80qGeYDOYQHxiq/PJbAyQU6X
PONbfsCgILKxx7uHaBlhNALxjFZSeNNtfg0bx82O1DoJEcWcOjZQtQMuNUjvAgMB
AAGjggLdMIIC2TAdBgNVHQ4EFgQUE5jDSnfWWnlUWMKztQ6zYfgohUkwUwYDVR0R
BEwwSqArBgorBgEEAYI3FAIDoB0MG2FsZXhleS5zZWRveWtpbkBzaWVtZW5zLmNv
bYEbYWxleGV5LnNlZG95a2luQHNpZW1lbnMuY29tMA4GA1UdDwEB/wQEAwIHgDCC
AQQGCCsGAQUFBwEBBIH3MIH0MDIGCCsGAQUFBzAChiZodHRwOi8vYWguc2llbWVu
cy5jb20vcGtpP1paWlpaWlkyLmNydDBBBggrBgEFBQcwAoY1bGRhcDovL2FsLnNp
ZW1lbnMubmV0L0NOPVpaWlpaWlkyLEw9UEtJP2NBQ2VydGlmaWNhdGUwSQYIKwYB
BQUHMAKGPWxkYXA6Ly9hbC5zaWVtZW5zLmNvbS9DTj1aWlpaWlpZMixvPVRydXN0
Y2VudGVyP2NBQ2VydGlmaWNhdGUwMAYIKwYBBQUHMAGGJGh0dHA6Ly9vY3NwLnBr
aS1zZXJ2aWNlcy5zaWVtZW5zLmNvbTAfBgNVHSMEGDAWgBTelD9Lal9YThQYyUbX
FDnCnCE8KTAMBgNVHRMBAf8EAjAAMBoGA1UdIAQTMBEwDwYNKwYBBAGhaQcCAgMB
ATCBygYDVR0fBIHCMIG/MIG8oIG5oIG2hiZodHRwOi8vY2guc2llbWVucy5jb20v
cGtpP1paWlpaWlkyLmNybIZBbGRhcDovL2NsLnNpZW1lbnMubmV0L0NOPVpaWlpa
WlkyLEw9UEtJP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3SGSWxkYXA6Ly9jbC5z
aWVtZW5zLmNvbS9DTj1aWlpaWlpZMixvPVRydXN0Y2VudGVyP2NlcnRpZmljYXRl
UmV2b2NhdGlvbkxpc3QwMwYDVR0lBCwwKgYIKwYBBQUHAwIGCCsGAQUFBwMEBgor
BgEEAYI3FAICBggrBgEFBQgCAjANBgkqhkiG9w0BAQUFAAOCAQEAmzrYxmkRuSPM
itK0rnR98BXlnB88ldVXjyz+rjHg9QghoZ5+8u7wHnxMSXida4XvYbhN5maUQs3D
dWebvXP6CXt/OErVgYHlEAT8d5iqvin7/6eEgS0ge9DOxD2Rv+LYltPmAsjgxUS/
0MecbUJpyBct6mDNfPI7riCu+mCcw6v9OKLWnXTIZsV9Z/WqaFbqVeJ5wo1+MUGW
CGrDVkn7XnCKAQN8xEEO+Dq/TSVyv8tlDUzWps1yb3l9cYDc030s5AwFXa99v76p
YJUZ08qQsieXOrs3qyQxMalM/Y042N17bwf9XkGT6iKN8o8U0YS1Vkaz8iroBRKk
iA2pRNN4AjGCAjgwggI0AgEBMIGhMIGYMQswCQYDVQQGEwJERTEQMA4GA1UECgwH
U2llbWVuczERMA8GA1UEBRMIWlpaWlpaWTIxOjA4BgNVBAsMMUNvcHlyaWdodCAo
QykgU2llbWVucyBBRyAyMDEzIEFsbCBSaWdodHMgUmVzZXJ2ZWQxKDAmBgNVBAMM
H1NpZW1lbnMgSXNzdWluZyBDQSBFRSBBdXRoIDIwMTMCBC4SdkAwDQYJYIZIAWUD
BAIBBQCgaTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEP
Fw0xNzA1MDMxNDI3NTFaMC8GCSqGSIb3DQEJBDEiBCBCA/fR9wGftKzKFZRuIDJV
bYiaHzsDteoUoUL55kMrYDANBgkqhkiG9w0BAQEFAASCAQA6HtP3xr36VLj+WMao
PRrszLfMJTE7lKIX3Vjybj2W3yj4qanPamZBb4KyEDIvQA8r65j4dbzcDePoFsRB
5eYRnfB/djuXPAZdL9xdFMH3iRzfcseSFXulZ8FrG/9cuqDQkYVIx/Fk43yLtlpx
OncVG3vZVW306yKQLu7Tsy+/GEkNDBMt6akqNPWp+9zqQTj7TaCXg7qr7mTlSStZ
E15USoAOelisALpwPdizvfaJOqP03IobwDXMfRaCjzEANVl/M3woL1sNLu6BtuMe
mAdls8tnJWDF+wpD4Y256Dso4FvDe2iK923jNElzq4iyc6ZosqGORS3nTh/1FQyp
gkC1
-----END PKCS7-----
如何将此 String 转换为可读状态?
到目前为止,我已经使用以下网站进行测试:https://certlogik.com/decoder/
好吧,即使您从未发布过向我们展示您之前为完成任务而尝试过的方法,即使您说您不是程序员 (我想知道您打算如何明白了)。
我想尝试一下,这就是我目前得到的...
备注
由于您是新手,请考虑以下事项:
- 在您的项目中使用 bouncycastle 库,将
bcprov-jdk16-1.46.jar 文件包含到构建路径中。
- 为了使用 bouncycastle 库,您需要 "Java Cryptography Extension" JAR 并且,为了这样做,将位于
C:\path\to\Java\jdk1.7.0_79\jre\lib\security 的 local_policy.jar 和 US_export_policy.jar 文件替换为此处的文件:http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html
(link 将为 Java 7 下载带有 JAR 的 ZIP 文件,因为我使用的是该版本,您应该为 [=88 下载正确的=] 您正在使用的版本).
项目结构
刚刚创建了一个简单的 Java 项目并定义了这个结构:
Java代码
需要考虑的事情...
可以从证书中获取许多属性,获取其中一些属性有点棘手(您需要在这里做一些研究才能获取所有属性,方法如下:https://certlogik.com/decoder/ 目前是)。
我更改了证书中的 header/footer: BEGIN PKCS7/END PKCS7,原因如下:http://openssl.cs.utah.edu/docs/apps/pkcs7.html(阅读 "Notes" 部分)并且因为证书 String 在不使用其他证书时无法解析为 X509Certificate 对象,它们是:BEGIN CERTIFICATE/END CERTIFICATE。另外,我注意到,在对您提供的网站上的证书进行解码后,BEGIN PKCS7/END PKCS7 header/footer 在您的证书 String 中被替换为我之前谈到的其他证书.
从上面获得link:
The PEM PKCS#7 format uses the header and footer lines:
-----BEGIN PKCS7-----
-----END PKCS7-----
For compatibility with some CAs it will also accept:
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
然后,runnable Java class:
package com.cert.example.main;
import java.io.IOException;
import java.io.StringReader;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMReader;
public class CertificateDecoder {
public static void main(String[] args) throws IOException {
String certStr = "-----BEGIN CERTIFICATE-----\r\n" +
"MIIIzwYJKoZIhvcNAQcCoIIIwDCCCLwCAQExDzANBglghkgBZQMEAgEFADALBgkq\r\n" +
"hkiG9w0BBwGgggZbMIIGVzCCBT+gAwIBAgIELhJ2QDANBgkqhkiG9w0BAQUFADCB\r\n" +
"mDELMAkGA1UEBhMCREUxEDAOBgNVBAoMB1NpZW1lbnMxETAPBgNVBAUTCFpaWlpa\r\n" +
"WlkyMTowOAYDVQQLDDFDb3B5cmlnaHQgKEMpIFNpZW1lbnMgQUcgMjAxMyBBbGwg\r\n" +
"UmlnaHRzIFJlc2VydmVkMSgwJgYDVQQDDB9TaWVtZW5zIElzc3VpbmcgQ0EgRUUg\r\n" +
"QXV0aCAyMDEzMB4XDTE0MDcxODEzNTcwM1oXDTE3MDcxODEzNTcwM1owYzERMA8G\r\n" +
"A1UEBRMIWjAwMzBBTUgxDzANBgNVBCoMBkFsZXhleTERMA8GA1UEBAwIU2Vkb3lr\r\n" +
"aW4xEDAOBgNVBAoMB1NpZW1lbnMxGDAWBgNVBAMMD1NlZG95a2luIEFsZXhleTCC\r\n" +
"ASAwCwYJKoZIhvcNAQEBA4IBDwAwggEKAoIBAQCKahNgWzDPSnOwba2ljWQb8Lni\r\n" +
"uvAGZHEvdd5zm8H7Kw56WMxdixKHoKSChXWf1zGE3RZAsQOdHOpcgiqnRF2xLe2l\r\n" +
"LjCLoE9sC4DfUVD4mKe3kcxtnsxkoLc1A/3QXJSOzpk7rPJeqehmuj06yCtPjpdF\r\n" +
"Gmtf4bkskiQuK8u4RJfnmzffWQppd2Ld+u8tLxQKyHnZtOnPyYQGRQJXJKhruDnn\r\n" +
"LonlveVXKzEzmo88E5udB+/6jDWDfuyfKHMFyOhk80qGeYDOYQHxiq/PJbAyQU6X\r\n" +
"PONbfsCgILKxx7uHaBlhNALxjFZSeNNtfg0bx82O1DoJEcWcOjZQtQMuNUjvAgMB\r\n" +
"AAGjggLdMIIC2TAdBgNVHQ4EFgQUE5jDSnfWWnlUWMKztQ6zYfgohUkwUwYDVR0R\r\n" +
"BEwwSqArBgorBgEEAYI3FAIDoB0MG2FsZXhleS5zZWRveWtpbkBzaWVtZW5zLmNv\r\n" +
"bYEbYWxleGV5LnNlZG95a2luQHNpZW1lbnMuY29tMA4GA1UdDwEB/wQEAwIHgDCC\r\n" +
"AQQGCCsGAQUFBwEBBIH3MIH0MDIGCCsGAQUFBzAChiZodHRwOi8vYWguc2llbWVu\r\n" +
"cy5jb20vcGtpP1paWlpaWlkyLmNydDBBBggrBgEFBQcwAoY1bGRhcDovL2FsLnNp\r\n" +
"ZW1lbnMubmV0L0NOPVpaWlpaWlkyLEw9UEtJP2NBQ2VydGlmaWNhdGUwSQYIKwYB\r\n" +
"BQUHMAKGPWxkYXA6Ly9hbC5zaWVtZW5zLmNvbS9DTj1aWlpaWlpZMixvPVRydXN0\r\n" +
"Y2VudGVyP2NBQ2VydGlmaWNhdGUwMAYIKwYBBQUHMAGGJGh0dHA6Ly9vY3NwLnBr\r\n" +
"aS1zZXJ2aWNlcy5zaWVtZW5zLmNvbTAfBgNVHSMEGDAWgBTelD9Lal9YThQYyUbX\r\n" +
"FDnCnCE8KTAMBgNVHRMBAf8EAjAAMBoGA1UdIAQTMBEwDwYNKwYBBAGhaQcCAgMB\r\n" +
"ATCBygYDVR0fBIHCMIG/MIG8oIG5oIG2hiZodHRwOi8vY2guc2llbWVucy5jb20v\r\n" +
"cGtpP1paWlpaWlkyLmNybIZBbGRhcDovL2NsLnNpZW1lbnMubmV0L0NOPVpaWlpa\r\n" +
"WlkyLEw9UEtJP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3SGSWxkYXA6Ly9jbC5z\r\n" +
"aWVtZW5zLmNvbS9DTj1aWlpaWlpZMixvPVRydXN0Y2VudGVyP2NlcnRpZmljYXRl\r\n" +
"UmV2b2NhdGlvbkxpc3QwMwYDVR0lBCwwKgYIKwYBBQUHAwIGCCsGAQUFBwMEBgor\r\n" +
"BgEEAYI3FAICBggrBgEFBQgCAjANBgkqhkiG9w0BAQUFAAOCAQEAmzrYxmkRuSPM\r\n" +
"itK0rnR98BXlnB88ldVXjyz+rjHg9QghoZ5+8u7wHnxMSXida4XvYbhN5maUQs3D\r\n" +
"dWebvXP6CXt/OErVgYHlEAT8d5iqvin7/6eEgS0ge9DOxD2Rv+LYltPmAsjgxUS/\r\n" +
"0MecbUJpyBct6mDNfPI7riCu+mCcw6v9OKLWnXTIZsV9Z/WqaFbqVeJ5wo1+MUGW\r\n" +
"CGrDVkn7XnCKAQN8xEEO+Dq/TSVyv8tlDUzWps1yb3l9cYDc030s5AwFXa99v76p\r\n" +
"YJUZ08qQsieXOrs3qyQxMalM/Y042N17bwf9XkGT6iKN8o8U0YS1Vkaz8iroBRKk\r\n" +
"iA2pRNN4AjGCAjgwggI0AgEBMIGhMIGYMQswCQYDVQQGEwJERTEQMA4GA1UECgwH\r\n" +
"U2llbWVuczERMA8GA1UEBRMIWlpaWlpaWTIxOjA4BgNVBAsMMUNvcHlyaWdodCAo\r\n" +
"QykgU2llbWVucyBBRyAyMDEzIEFsbCBSaWdodHMgUmVzZXJ2ZWQxKDAmBgNVBAMM\r\n" +
"H1NpZW1lbnMgSXNzdWluZyBDQSBFRSBBdXRoIDIwMTMCBC4SdkAwDQYJYIZIAWUD\r\n" +
"BAIBBQCgaTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEP\r\n" +
"Fw0xNzA1MDMxNDI3NTFaMC8GCSqGSIb3DQEJBDEiBCBCA/fR9wGftKzKFZRuIDJV\r\n" +
"bYiaHzsDteoUoUL55kMrYDANBgkqhkiG9w0BAQEFAASCAQA6HtP3xr36VLj+WMao\r\n" +
"PRrszLfMJTE7lKIX3Vjybj2W3yj4qanPamZBb4KyEDIvQA8r65j4dbzcDePoFsRB\r\n" +
"5eYRnfB/djuXPAZdL9xdFMH3iRzfcseSFXulZ8FrG/9cuqDQkYVIx/Fk43yLtlpx\r\n" +
"OncVG3vZVW306yKQLu7Tsy+/GEkNDBMt6akqNPWp+9zqQTj7TaCXg7qr7mTlSStZ\r\n" +
"E15USoAOelisALpwPdizvfaJOqP03IobwDXMfRaCjzEANVl/M3woL1sNLu6BtuMe\r\n" +
"mAdls8tnJWDF+wpD4Y256Dso4FvDe2iK923jNElzq4iyc6ZosqGORS3nTh/1FQyp\r\n" +
"gkC1\r\n" +
"-----END CERTIFICATE-----";
// Init bouncycastle
Security.addProvider(new BouncyCastleProvider());
// Get certificate
StringReader sr = new StringReader(certStr);
PEMReader pr = new PEMReader(sr);
X509Certificate cert = (X509Certificate)pr.readObject();
pr.close();
// Get Public Key as RSA in order to get extra attributes
RSAPublicKey rsaPublicKey = (RSAPublicKey)cert.getPublicKey();
System.out.println(printCertInfo(cert, rsaPublicKey));
}
static String printCertInfo(X509Certificate cert, RSAPublicKey rsaPublicKey) {
StringBuilder sb = new StringBuilder();
sb.append("Certificate:\r\n");
sb.append("Data:\r\n");
sb.append("\tVersion: " + cert.getVersion() + "\r\n");
sb.append("\tSerial Number: " + cert.getSerialNumber() + "\r\n");
sb.append("\tSignature Algorithm: " + cert.getSigAlgName() + "\r\n");
sb.append("\tIssuer: " + cert.getIssuerDN().getName() + "\r\n");
sb.append("\tSignature Algorithm: " + cert.getSigAlgName() + "\r\n");
sb.append("\tValidity\r\n");
sb.append("\t\tNot Before: " + cert.getNotBefore() + "\r\n");
sb.append("\t\tNot After: " + cert.getNotAfter() + "\r\n");
sb.append("\tSubject: " + cert.getSubjectDN() + "\r\n");
sb.append("\tSubject Public Key Info:\r\n");
sb.append("\t\tPublic Key Algorithm: " + rsaPublicKey.getAlgorithm() + "\r\n");
sb.append("\t\t\tPublic-Key: " + rsaPublicKey.getModulus().bitLength() + " bit \r\n");
sb.append("\t\t\tModulus:\r\n");
sb.append("\t\t\t\t" + rsaPublicKey.getModulus().toString(16) + "\r\n");
sb.append("\t\t\tExponent: " + rsaPublicKey.getPublicExponent() + "\r\n");
// TODO: Print other attributes, do some research to get them all...
return sb.toString();
}
}
输出
如果有时间,我会尝试获取所有属性,方法与您提供的网站相同。现在,上面的代码将输出以下内容:
Certificate:
Data:
Version: 3
Serial Number: 772961856
Signature Algorithm: SHA1WithRSAEncryption
Issuer: C=DE,O=Siemens,SERIALNUMBER=ZZZZZZY2,OU=Copyright (C) Siemens AG 2013 All Rights Reserved,CN=Siemens Issuing CA EE Auth 2013
Signature Algorithm: SHA1WithRSAEncryption
Validity
Not Before: Fri Jul 18 09:57:03 EDT 2014
Not After: Tue Jul 18 09:57:03 EDT 2017
Subject: SERIALNUMBER=Z0030AMH,GIVENNAME=Alexey,SURNAME=Sedoykin,O=Siemens,CN=Sedoykin Alexey
Subject Public Key Info:
Public Key Algorithm: RSA
Public-Key: 2048 bit
Modulus:
8a6a13605b30cf4a73b06dada58d641bf0b9e2baf00664712f75de739bc1fb2b0e7a58cc5d8b1287a0a48285759fd73184dd1640b1039d1cea5c822aa7445db12deda52e308ba04f6c0b80df5150f898a7b791cc6d9ecc64a0b73503fdd05c948ece993bacf25ea9e866ba3d3ac82b4f8e97451a6b5fe1b92c92242e2bcbb84497e79b37df590a697762ddfaef2d2f140ac879d9b4e9cfc9840645025724a86bb839e72e89e5bde5572b31339a8f3c139b9d07effa8c35837eec9f287305c8e864f34a867980ce6101f18aafcf25b032414e973ce35b7ec0a020b2b1c7bb876819613402f18c565278d36d7e0d1bc7cd8ed43a0911c59c3a3650b5032e3548ef
Exponent: 65537
我有一些 Java 代码,我有一个 String 类型,其中包含以下内容:
-----BEGIN PKCS7-----
MIIIzwYJKoZIhvcNAQcCoIIIwDCCCLwCAQExDzANBglghkgBZQMEAgEFADALBgkq
hkiG9w0BBwGgggZbMIIGVzCCBT+gAwIBAgIELhJ2QDANBgkqhkiG9w0BAQUFADCB
mDELMAkGA1UEBhMCREUxEDAOBgNVBAoMB1NpZW1lbnMxETAPBgNVBAUTCFpaWlpa
WlkyMTowOAYDVQQLDDFDb3B5cmlnaHQgKEMpIFNpZW1lbnMgQUcgMjAxMyBBbGwg
UmlnaHRzIFJlc2VydmVkMSgwJgYDVQQDDB9TaWVtZW5zIElzc3VpbmcgQ0EgRUUg
QXV0aCAyMDEzMB4XDTE0MDcxODEzNTcwM1oXDTE3MDcxODEzNTcwM1owYzERMA8G
A1UEBRMIWjAwMzBBTUgxDzANBgNVBCoMBkFsZXhleTERMA8GA1UEBAwIU2Vkb3lr
aW4xEDAOBgNVBAoMB1NpZW1lbnMxGDAWBgNVBAMMD1NlZG95a2luIEFsZXhleTCC
ASAwCwYJKoZIhvcNAQEBA4IBDwAwggEKAoIBAQCKahNgWzDPSnOwba2ljWQb8Lni
uvAGZHEvdd5zm8H7Kw56WMxdixKHoKSChXWf1zGE3RZAsQOdHOpcgiqnRF2xLe2l
LjCLoE9sC4DfUVD4mKe3kcxtnsxkoLc1A/3QXJSOzpk7rPJeqehmuj06yCtPjpdF
Gmtf4bkskiQuK8u4RJfnmzffWQppd2Ld+u8tLxQKyHnZtOnPyYQGRQJXJKhruDnn
LonlveVXKzEzmo88E5udB+/6jDWDfuyfKHMFyOhk80qGeYDOYQHxiq/PJbAyQU6X
PONbfsCgILKxx7uHaBlhNALxjFZSeNNtfg0bx82O1DoJEcWcOjZQtQMuNUjvAgMB
AAGjggLdMIIC2TAdBgNVHQ4EFgQUE5jDSnfWWnlUWMKztQ6zYfgohUkwUwYDVR0R
BEwwSqArBgorBgEEAYI3FAIDoB0MG2FsZXhleS5zZWRveWtpbkBzaWVtZW5zLmNv
bYEbYWxleGV5LnNlZG95a2luQHNpZW1lbnMuY29tMA4GA1UdDwEB/wQEAwIHgDCC
AQQGCCsGAQUFBwEBBIH3MIH0MDIGCCsGAQUFBzAChiZodHRwOi8vYWguc2llbWVu
cy5jb20vcGtpP1paWlpaWlkyLmNydDBBBggrBgEFBQcwAoY1bGRhcDovL2FsLnNp
ZW1lbnMubmV0L0NOPVpaWlpaWlkyLEw9UEtJP2NBQ2VydGlmaWNhdGUwSQYIKwYB
BQUHMAKGPWxkYXA6Ly9hbC5zaWVtZW5zLmNvbS9DTj1aWlpaWlpZMixvPVRydXN0
Y2VudGVyP2NBQ2VydGlmaWNhdGUwMAYIKwYBBQUHMAGGJGh0dHA6Ly9vY3NwLnBr
aS1zZXJ2aWNlcy5zaWVtZW5zLmNvbTAfBgNVHSMEGDAWgBTelD9Lal9YThQYyUbX
FDnCnCE8KTAMBgNVHRMBAf8EAjAAMBoGA1UdIAQTMBEwDwYNKwYBBAGhaQcCAgMB
ATCBygYDVR0fBIHCMIG/MIG8oIG5oIG2hiZodHRwOi8vY2guc2llbWVucy5jb20v
cGtpP1paWlpaWlkyLmNybIZBbGRhcDovL2NsLnNpZW1lbnMubmV0L0NOPVpaWlpa
WlkyLEw9UEtJP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3SGSWxkYXA6Ly9jbC5z
aWVtZW5zLmNvbS9DTj1aWlpaWlpZMixvPVRydXN0Y2VudGVyP2NlcnRpZmljYXRl
UmV2b2NhdGlvbkxpc3QwMwYDVR0lBCwwKgYIKwYBBQUHAwIGCCsGAQUFBwMEBgor
BgEEAYI3FAICBggrBgEFBQgCAjANBgkqhkiG9w0BAQUFAAOCAQEAmzrYxmkRuSPM
itK0rnR98BXlnB88ldVXjyz+rjHg9QghoZ5+8u7wHnxMSXida4XvYbhN5maUQs3D
dWebvXP6CXt/OErVgYHlEAT8d5iqvin7/6eEgS0ge9DOxD2Rv+LYltPmAsjgxUS/
0MecbUJpyBct6mDNfPI7riCu+mCcw6v9OKLWnXTIZsV9Z/WqaFbqVeJ5wo1+MUGW
CGrDVkn7XnCKAQN8xEEO+Dq/TSVyv8tlDUzWps1yb3l9cYDc030s5AwFXa99v76p
YJUZ08qQsieXOrs3qyQxMalM/Y042N17bwf9XkGT6iKN8o8U0YS1Vkaz8iroBRKk
iA2pRNN4AjGCAjgwggI0AgEBMIGhMIGYMQswCQYDVQQGEwJERTEQMA4GA1UECgwH
U2llbWVuczERMA8GA1UEBRMIWlpaWlpaWTIxOjA4BgNVBAsMMUNvcHlyaWdodCAo
QykgU2llbWVucyBBRyAyMDEzIEFsbCBSaWdodHMgUmVzZXJ2ZWQxKDAmBgNVBAMM
H1NpZW1lbnMgSXNzdWluZyBDQSBFRSBBdXRoIDIwMTMCBC4SdkAwDQYJYIZIAWUD
BAIBBQCgaTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEP
Fw0xNzA1MDMxNDI3NTFaMC8GCSqGSIb3DQEJBDEiBCBCA/fR9wGftKzKFZRuIDJV
bYiaHzsDteoUoUL55kMrYDANBgkqhkiG9w0BAQEFAASCAQA6HtP3xr36VLj+WMao
PRrszLfMJTE7lKIX3Vjybj2W3yj4qanPamZBb4KyEDIvQA8r65j4dbzcDePoFsRB
5eYRnfB/djuXPAZdL9xdFMH3iRzfcseSFXulZ8FrG/9cuqDQkYVIx/Fk43yLtlpx
OncVG3vZVW306yKQLu7Tsy+/GEkNDBMt6akqNPWp+9zqQTj7TaCXg7qr7mTlSStZ
E15USoAOelisALpwPdizvfaJOqP03IobwDXMfRaCjzEANVl/M3woL1sNLu6BtuMe
mAdls8tnJWDF+wpD4Y256Dso4FvDe2iK923jNElzq4iyc6ZosqGORS3nTh/1FQyp
gkC1
-----END PKCS7-----
如何将此 String 转换为可读状态?
到目前为止,我已经使用以下网站进行测试:https://certlogik.com/decoder/
好吧,即使您从未发布过向我们展示您之前为完成任务而尝试过的方法,即使您说您不是程序员 (我想知道您打算如何明白了)。
我想尝试一下,这就是我目前得到的...
备注
由于您是新手,请考虑以下事项:
- 在您的项目中使用 bouncycastle 库,将
bcprov-jdk16-1.46.jar文件包含到构建路径中。 - 为了使用 bouncycastle 库,您需要 "Java Cryptography Extension" JAR 并且,为了这样做,将位于
C:\path\to\Java\jdk1.7.0_79\jre\lib\security的local_policy.jar和US_export_policy.jar文件替换为此处的文件:http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html
(link 将为 Java 7 下载带有 JAR 的 ZIP 文件,因为我使用的是该版本,您应该为 [=88 下载正确的=] 您正在使用的版本).
项目结构
刚刚创建了一个简单的 Java 项目并定义了这个结构:
Java代码
需要考虑的事情...
可以从证书中获取许多属性,获取其中一些属性有点棘手(您需要在这里做一些研究才能获取所有属性,方法如下:https://certlogik.com/decoder/ 目前是)。
我更改了证书中的 header/footer:
BEGIN PKCS7/END PKCS7,原因如下:http://openssl.cs.utah.edu/docs/apps/pkcs7.html(阅读 "Notes" 部分)并且因为证书String在不使用其他证书时无法解析为X509Certificate对象,它们是:BEGIN CERTIFICATE/END CERTIFICATE。另外,我注意到,在对您提供的网站上的证书进行解码后,BEGIN PKCS7/END PKCS7header/footer 在您的证书String中被替换为我之前谈到的其他证书.
从上面获得link:
The PEM PKCS#7 format uses the header and footer lines:
-----BEGIN PKCS7-----
-----END PKCS7-----For compatibility with some CAs it will also accept:
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
然后,runnable Java class:
package com.cert.example.main;
import java.io.IOException;
import java.io.StringReader;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMReader;
public class CertificateDecoder {
public static void main(String[] args) throws IOException {
String certStr = "-----BEGIN CERTIFICATE-----\r\n" +
"MIIIzwYJKoZIhvcNAQcCoIIIwDCCCLwCAQExDzANBglghkgBZQMEAgEFADALBgkq\r\n" +
"hkiG9w0BBwGgggZbMIIGVzCCBT+gAwIBAgIELhJ2QDANBgkqhkiG9w0BAQUFADCB\r\n" +
"mDELMAkGA1UEBhMCREUxEDAOBgNVBAoMB1NpZW1lbnMxETAPBgNVBAUTCFpaWlpa\r\n" +
"WlkyMTowOAYDVQQLDDFDb3B5cmlnaHQgKEMpIFNpZW1lbnMgQUcgMjAxMyBBbGwg\r\n" +
"UmlnaHRzIFJlc2VydmVkMSgwJgYDVQQDDB9TaWVtZW5zIElzc3VpbmcgQ0EgRUUg\r\n" +
"QXV0aCAyMDEzMB4XDTE0MDcxODEzNTcwM1oXDTE3MDcxODEzNTcwM1owYzERMA8G\r\n" +
"A1UEBRMIWjAwMzBBTUgxDzANBgNVBCoMBkFsZXhleTERMA8GA1UEBAwIU2Vkb3lr\r\n" +
"aW4xEDAOBgNVBAoMB1NpZW1lbnMxGDAWBgNVBAMMD1NlZG95a2luIEFsZXhleTCC\r\n" +
"ASAwCwYJKoZIhvcNAQEBA4IBDwAwggEKAoIBAQCKahNgWzDPSnOwba2ljWQb8Lni\r\n" +
"uvAGZHEvdd5zm8H7Kw56WMxdixKHoKSChXWf1zGE3RZAsQOdHOpcgiqnRF2xLe2l\r\n" +
"LjCLoE9sC4DfUVD4mKe3kcxtnsxkoLc1A/3QXJSOzpk7rPJeqehmuj06yCtPjpdF\r\n" +
"Gmtf4bkskiQuK8u4RJfnmzffWQppd2Ld+u8tLxQKyHnZtOnPyYQGRQJXJKhruDnn\r\n" +
"LonlveVXKzEzmo88E5udB+/6jDWDfuyfKHMFyOhk80qGeYDOYQHxiq/PJbAyQU6X\r\n" +
"PONbfsCgILKxx7uHaBlhNALxjFZSeNNtfg0bx82O1DoJEcWcOjZQtQMuNUjvAgMB\r\n" +
"AAGjggLdMIIC2TAdBgNVHQ4EFgQUE5jDSnfWWnlUWMKztQ6zYfgohUkwUwYDVR0R\r\n" +
"BEwwSqArBgorBgEEAYI3FAIDoB0MG2FsZXhleS5zZWRveWtpbkBzaWVtZW5zLmNv\r\n" +
"bYEbYWxleGV5LnNlZG95a2luQHNpZW1lbnMuY29tMA4GA1UdDwEB/wQEAwIHgDCC\r\n" +
"AQQGCCsGAQUFBwEBBIH3MIH0MDIGCCsGAQUFBzAChiZodHRwOi8vYWguc2llbWVu\r\n" +
"cy5jb20vcGtpP1paWlpaWlkyLmNydDBBBggrBgEFBQcwAoY1bGRhcDovL2FsLnNp\r\n" +
"ZW1lbnMubmV0L0NOPVpaWlpaWlkyLEw9UEtJP2NBQ2VydGlmaWNhdGUwSQYIKwYB\r\n" +
"BQUHMAKGPWxkYXA6Ly9hbC5zaWVtZW5zLmNvbS9DTj1aWlpaWlpZMixvPVRydXN0\r\n" +
"Y2VudGVyP2NBQ2VydGlmaWNhdGUwMAYIKwYBBQUHMAGGJGh0dHA6Ly9vY3NwLnBr\r\n" +
"aS1zZXJ2aWNlcy5zaWVtZW5zLmNvbTAfBgNVHSMEGDAWgBTelD9Lal9YThQYyUbX\r\n" +
"FDnCnCE8KTAMBgNVHRMBAf8EAjAAMBoGA1UdIAQTMBEwDwYNKwYBBAGhaQcCAgMB\r\n" +
"ATCBygYDVR0fBIHCMIG/MIG8oIG5oIG2hiZodHRwOi8vY2guc2llbWVucy5jb20v\r\n" +
"cGtpP1paWlpaWlkyLmNybIZBbGRhcDovL2NsLnNpZW1lbnMubmV0L0NOPVpaWlpa\r\n" +
"WlkyLEw9UEtJP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3SGSWxkYXA6Ly9jbC5z\r\n" +
"aWVtZW5zLmNvbS9DTj1aWlpaWlpZMixvPVRydXN0Y2VudGVyP2NlcnRpZmljYXRl\r\n" +
"UmV2b2NhdGlvbkxpc3QwMwYDVR0lBCwwKgYIKwYBBQUHAwIGCCsGAQUFBwMEBgor\r\n" +
"BgEEAYI3FAICBggrBgEFBQgCAjANBgkqhkiG9w0BAQUFAAOCAQEAmzrYxmkRuSPM\r\n" +
"itK0rnR98BXlnB88ldVXjyz+rjHg9QghoZ5+8u7wHnxMSXida4XvYbhN5maUQs3D\r\n" +
"dWebvXP6CXt/OErVgYHlEAT8d5iqvin7/6eEgS0ge9DOxD2Rv+LYltPmAsjgxUS/\r\n" +
"0MecbUJpyBct6mDNfPI7riCu+mCcw6v9OKLWnXTIZsV9Z/WqaFbqVeJ5wo1+MUGW\r\n" +
"CGrDVkn7XnCKAQN8xEEO+Dq/TSVyv8tlDUzWps1yb3l9cYDc030s5AwFXa99v76p\r\n" +
"YJUZ08qQsieXOrs3qyQxMalM/Y042N17bwf9XkGT6iKN8o8U0YS1Vkaz8iroBRKk\r\n" +
"iA2pRNN4AjGCAjgwggI0AgEBMIGhMIGYMQswCQYDVQQGEwJERTEQMA4GA1UECgwH\r\n" +
"U2llbWVuczERMA8GA1UEBRMIWlpaWlpaWTIxOjA4BgNVBAsMMUNvcHlyaWdodCAo\r\n" +
"QykgU2llbWVucyBBRyAyMDEzIEFsbCBSaWdodHMgUmVzZXJ2ZWQxKDAmBgNVBAMM\r\n" +
"H1NpZW1lbnMgSXNzdWluZyBDQSBFRSBBdXRoIDIwMTMCBC4SdkAwDQYJYIZIAWUD\r\n" +
"BAIBBQCgaTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEP\r\n" +
"Fw0xNzA1MDMxNDI3NTFaMC8GCSqGSIb3DQEJBDEiBCBCA/fR9wGftKzKFZRuIDJV\r\n" +
"bYiaHzsDteoUoUL55kMrYDANBgkqhkiG9w0BAQEFAASCAQA6HtP3xr36VLj+WMao\r\n" +
"PRrszLfMJTE7lKIX3Vjybj2W3yj4qanPamZBb4KyEDIvQA8r65j4dbzcDePoFsRB\r\n" +
"5eYRnfB/djuXPAZdL9xdFMH3iRzfcseSFXulZ8FrG/9cuqDQkYVIx/Fk43yLtlpx\r\n" +
"OncVG3vZVW306yKQLu7Tsy+/GEkNDBMt6akqNPWp+9zqQTj7TaCXg7qr7mTlSStZ\r\n" +
"E15USoAOelisALpwPdizvfaJOqP03IobwDXMfRaCjzEANVl/M3woL1sNLu6BtuMe\r\n" +
"mAdls8tnJWDF+wpD4Y256Dso4FvDe2iK923jNElzq4iyc6ZosqGORS3nTh/1FQyp\r\n" +
"gkC1\r\n" +
"-----END CERTIFICATE-----";
// Init bouncycastle
Security.addProvider(new BouncyCastleProvider());
// Get certificate
StringReader sr = new StringReader(certStr);
PEMReader pr = new PEMReader(sr);
X509Certificate cert = (X509Certificate)pr.readObject();
pr.close();
// Get Public Key as RSA in order to get extra attributes
RSAPublicKey rsaPublicKey = (RSAPublicKey)cert.getPublicKey();
System.out.println(printCertInfo(cert, rsaPublicKey));
}
static String printCertInfo(X509Certificate cert, RSAPublicKey rsaPublicKey) {
StringBuilder sb = new StringBuilder();
sb.append("Certificate:\r\n");
sb.append("Data:\r\n");
sb.append("\tVersion: " + cert.getVersion() + "\r\n");
sb.append("\tSerial Number: " + cert.getSerialNumber() + "\r\n");
sb.append("\tSignature Algorithm: " + cert.getSigAlgName() + "\r\n");
sb.append("\tIssuer: " + cert.getIssuerDN().getName() + "\r\n");
sb.append("\tSignature Algorithm: " + cert.getSigAlgName() + "\r\n");
sb.append("\tValidity\r\n");
sb.append("\t\tNot Before: " + cert.getNotBefore() + "\r\n");
sb.append("\t\tNot After: " + cert.getNotAfter() + "\r\n");
sb.append("\tSubject: " + cert.getSubjectDN() + "\r\n");
sb.append("\tSubject Public Key Info:\r\n");
sb.append("\t\tPublic Key Algorithm: " + rsaPublicKey.getAlgorithm() + "\r\n");
sb.append("\t\t\tPublic-Key: " + rsaPublicKey.getModulus().bitLength() + " bit \r\n");
sb.append("\t\t\tModulus:\r\n");
sb.append("\t\t\t\t" + rsaPublicKey.getModulus().toString(16) + "\r\n");
sb.append("\t\t\tExponent: " + rsaPublicKey.getPublicExponent() + "\r\n");
// TODO: Print other attributes, do some research to get them all...
return sb.toString();
}
}
输出
如果有时间,我会尝试获取所有属性,方法与您提供的网站相同。现在,上面的代码将输出以下内容:
Certificate:
Data:
Version: 3
Serial Number: 772961856
Signature Algorithm: SHA1WithRSAEncryption
Issuer: C=DE,O=Siemens,SERIALNUMBER=ZZZZZZY2,OU=Copyright (C) Siemens AG 2013 All Rights Reserved,CN=Siemens Issuing CA EE Auth 2013
Signature Algorithm: SHA1WithRSAEncryption
Validity
Not Before: Fri Jul 18 09:57:03 EDT 2014
Not After: Tue Jul 18 09:57:03 EDT 2017
Subject: SERIALNUMBER=Z0030AMH,GIVENNAME=Alexey,SURNAME=Sedoykin,O=Siemens,CN=Sedoykin Alexey
Subject Public Key Info:
Public Key Algorithm: RSA
Public-Key: 2048 bit
Modulus:
8a6a13605b30cf4a73b06dada58d641bf0b9e2baf00664712f75de739bc1fb2b0e7a58cc5d8b1287a0a48285759fd73184dd1640b1039d1cea5c822aa7445db12deda52e308ba04f6c0b80df5150f898a7b791cc6d9ecc64a0b73503fdd05c948ece993bacf25ea9e866ba3d3ac82b4f8e97451a6b5fe1b92c92242e2bcbb84497e79b37df590a697762ddfaef2d2f140ac879d9b4e9cfc9840645025724a86bb839e72e89e5bde5572b31339a8f3c139b9d07effa8c35837eec9f287305c8e864f34a867980ce6101f18aafcf25b032414e973ce35b7ec0a020b2b1c7bb876819613402f18c565278d36d7e0d1bc7cd8ed43a0911c59c3a3650b5032e3548ef
Exponent: 65537