使用java弹跳城堡验证证书链 [英] Validate Certificate chain with java bouncing castle

查看:581
本文介绍了使用java弹跳城堡验证证书链的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我想验证将导入我的应用程序的证书链。我不知道如何。



我的同事告诉我,我必须使用弹跳城堡来验证。我看到了几个例子,但仍然没有任何进展。



我有一个列表< X509Certificate> 从用户界面导入的证书以及 PrivateKey



您能告诉我如何验证。

解决方案

您可以使用 java.security.cert.CertificateFactory 以验证您的证书链。

  InputStream inStream = ByteArrayInputStream(< data>); 
CertificateFactory cf = CertificateFactory.getInstance(X.509);
CertPath cp = cf.generateCertPath(inStream);
List< Certificate> certs = cp.getCertificates();

certs 现在包含证书链。 certs certs [0] )中的第一个条目包含证书和以下证书。 p>

certs 中的最后一个条目是根证书,应与应用程序中已有的证书进行比较。 p>

在无法构建认证路径的情况下,上述代码将抛出 CertificateException


I would like to validate a certificate chain which will be imported into my app. I do not know how.

My coleagues told me, that I have to use Bouncing castle for validation. I saw several examples and still do not have any progress.

I have a List<X509Certificate> which contains all certificates which are imported from the UI, and also the PrivateKey.

Could you please show me how to validate the certificate chain with Bouncing castle.

解决方案

You can use the java.security.cert.CertificateFactory to validate your certificate chain.

InputStream inStream = ByteArrayInputStream(<data>);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
CertPath cp = cf.generateCertPath(inStream);
List<Certificate> certs = cp.getCertificates();

The certs now contains the certificate chain. The first entry in certs (certs[0]) contais the certificate and the following certificates are the chain.

The last entry in certs is the root certificate which should be compared to a already existing certificate in your application.

In the case that the certification path could not be built up the above code will throw a CertificateException.

这篇关于使用java弹跳城堡验证证书链的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆