如何访问证书扩展（信息）值？ [英] How to access certificate Extension (Information ) values?

问题描述

我有一个变量访问的X509Certificate ...

当我试图获取证书的详细信息时，我设法通过提供的功能轻松获得CriticalExtensions值。

然而我想要达到的是无关键扩展，它存储在certifcate中并由对象ID＃2.5.29.32表示

I have an X509Certificate accessed by a variable ...
when i try to get the details of the certificate i manage to get the CriticalExtensions value easly by the functions provided.
however what i'm trying to reach is the none critical extension which is stored in certifcate and represented by Object ID # 2.5.29.32

什么我正在尝试访问的是此图像中显示的策略标识号： http：// i .stack.imgur.com / xo8zX.png

what i'm trying to access is the policy identifier number which is show in this image: http://i.stack.imgur.com/xo8zX.png

我使用了以下功能

i used the following function

cert.getExtensionValue("2.5.29.32");

但它没有给我价值......任何人都可以告诉我我做错了什么？

PS：我正在使用java.security.cert.X509Certificate;

but it doesn't give me the value .. anyone can tell me what i'm doing wrong ?
P.S: i'm using the java.security.cert.X509Certificate;

推荐答案

找到了问题。

返回的值是需要解码的DER Octet编码值，这是我用来解码值的代码：

Found the issue .
The returned value was DER Octet encoded value which needed to be decoded, here is the code i used to decode the value :

import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.ASN1InputStream;
.
.
.
.
byte[] UID =  cert.getExtensionValue("2.5.29.32");

DERObject derObject = toDERObject(UID);

if (derObject instanceof DEROctetString)
{
    DEROctetString derOctetString = (DEROctetString)derObject;
    derObject = toDERObject(derOctetString.getOctets());

}
System.out.println(derObject.toString());

这是将DER转换为对象的函数。

And this is the function to convert DER to object.

Static public DERObject toDERObject(byte[] data) throws IOException
{
    ByteArrayInputStream inStream = new ByteArrayInputStream(data);
    ASN1InputStream DIS = new ASN1InputStream(inStream);
    return DIS.readObject();
} 

希望这可以帮助有需要的人。

Hope this helps someone in need .

这篇关于如何访问证书扩展（信息）值？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！