X509Certificate 到 Java 中的 byte[] 并返回到 C# 中的 X509Certificate

X509Certificate to byte[] in Java and back to X509Certificate in C#

我有一个 Java Web 服务,它从其他 service.On 接收 X509Certificate Java Web 服务 X509Certificate 使用此代码片段

序列化为字节数组 
 for (X509Certificate certificate : certs) {
                try (ByteArrayOutputStream bos = new ByteArrayOutputStream()) {
                    try (ObjectOutput out = new ObjectOutputStream(bos)) {
                        out.writeObject(certificate);
                        wrapper = new CustomMapCertificateWrapper();
                        wrapper.setCustomValue(bos.toByteArray());
                        response.getCustomMapCertificateWrapper().add(wrapper);
                    }
                }

CustomMapCertificateWrapper 这里是class with byte[] value 命名的字段,它将x509certificate 存储为字节数组。我的 .NET 服务收到此对象 CustomMapCertificateWrapper,我尝试使用此代码片段在 C# 端生成 X509Certificate

//Do array reverse because of BigEndian difference between Java and c# languages 
Array.Reverse(customMapCertificateWrapper.value);

                        var certificate = new X509Certificate(customMapCertificateWrapper.value);

这段代码给我带来了如下的惊喜

 System.Security.Cryptography.CryptographicException: Cannot find the requested object.

   at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
   at System.Security.Cryptography.X509Certificates.X509Utils._QueryCertBlobType(Byte[] rawData)
   at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromBlob(Byte[] rawData, Object password, X509KeyStorageFlags keyStorageFlags)
   at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData)

Java 的 ObjectOutputStream generates output designed to be read in by Java's ObjectInputStream。它不会产生标准的、独立于语言的结果。

为了可移植性,您应该序列化 Java X509Certificate using the Certificate.getEncoded() method. The output can then be used on the C# side as the byte[] argument to the X509Certificate() or X509Certificate2() 构造函数。