使用java弹跳城堡验证证书链 [英] Validate Certificate chain with java bouncing castle
问题描述
我想验证将导入我的应用程序的证书链。我不知道如何。
我的同事告诉我,我必须使用弹跳城堡来验证。我看到了几个例子,但仍然没有任何进展。
我有一个列表< X509Certificate>
从用户界面导入的证书以及 PrivateKey
。
您能告诉我如何验证。
您可以使用 java.security.cert.CertificateFactory
以验证您的证书链。
InputStream inStream = ByteArrayInputStream(< data>);
CertificateFactory cf = CertificateFactory.getInstance(X.509);
CertPath cp = cf.generateCertPath(inStream);
List< Certificate> certs = cp.getCertificates();
certs
现在包含证书链。 certs
( certs [0]
)中的第一个条目包含证书和以下证书。 p>
certs
中的最后一个条目是根证书,应与应用程序中已有的证书进行比较。 p>
在无法构建认证路径的情况下,上述代码将抛出 CertificateException
。
I would like to validate a certificate chain which will be imported into my app. I do not know how.
My coleagues told me, that I have to use Bouncing castle for validation. I saw several examples and still do not have any progress.
I have a List<X509Certificate>
which contains all certificates which are imported from the UI, and also the PrivateKey
.
Could you please show me how to validate the certificate chain with Bouncing castle.
You can use the java.security.cert.CertificateFactory
to validate your certificate chain.
InputStream inStream = ByteArrayInputStream(<data>);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
CertPath cp = cf.generateCertPath(inStream);
List<Certificate> certs = cp.getCertificates();
The certs
now contains the certificate chain. The first entry in certs
(certs[0]
) contais the certificate and the following certificates are the chain.
The last entry in certs
is the root certificate which should be compared to a already existing certificate in your application.
In the case that the certification path could not be built up the above code will throw a CertificateException
.
这篇关于使用java弹跳城堡验证证书链的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!