如何在BouncyCastle中序列化PKCS10CertificationRequest以通过网络发送它?

时间:2014-10-18 12:00:24

标签: java serialization deserialization bouncycastle pem

我一直试图将对象PKCS10CertificationRequest序列化一段时间。我认为正确的方法是创建一个ASN1Primitive类,通过网络发送它,然后反序列化它。但是,似乎只有序列化到 ASN1,但似乎没有来自 ASN1的反序列化,我不想手动解析和重建请求。我该怎么办?到目前为止,我的代码是

    Security.addProvider(new BouncyCastleProvider());
    KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", "SC");
    kpg.initialize(1024);
    KeyPair kp = kpg.genKeyPair();
    System.out.println("Private: " + kp.getPrivate());
    System.out.println("Public: " + kp.getPublic());

    X500NameBuilder x500NameBld = new X500NameBuilder(BCStyle.INSTANCE);

    x500NameBld.addRDN(BCStyle.C, "AU");
    x500NameBld.addRDN(BCStyle.O, "The Legion of the Bouncy Castle");
    x500NameBld.addRDN(BCStyle.L, "Melbourne");
    x500NameBld.addRDN(BCStyle.ST, "Victoria");
    x500NameBld.addRDN(BCStyle.EmailAddress, "feedback-crypto@bouncycastle.org");

    X500Name subject = x500NameBld.build();

    PKCS10CertificationRequestBuilder requestBuilder = new JcaPKCS10CertificationRequestBuilder(subject, kp.getPublic());

    PKCS10CertificationRequest req1 = requestBuilder.build(new JcaContentSignerBuilder("SHA1withRSA").setProvider("SC").build(
            kp.getPrivate()));

    JcaPKCS10CertificationRequest req2 = new JcaPKCS10CertificationRequest(req1.getEncoded()).setProvider("SC");

//serialization
    ByteArrayOutputStream abOut = new ByteArrayOutputStream();
    ASN1OutputStream berOut = new ASN1OutputStream(abOut);
    berOut.writeObject(req2.toASN1Structure());

    byte[] serializedData = abOut.toByteArray();

    ASN1Primitive asn1Primitive = ASN1Primitive.fromByteArray(serializedData);
    System.out.println("");
    System.out.println("" + asn1Primitive.toString());

输出

[[0, [[[2.5.4.6, AU]], [[2.5.4.10, The Legion of the Bouncy Castle]], [[2.5.4.7, Melbourne]], [[2.5.4.8, Victoria]], [[1.2.840.113549.1.9.1, feedback-crypto@bouncycastle.org]]], [[1.2.840.113549.1.1.1, NULL], #03818D0030818902818100A...

我不想手动解析这个问题。我该怎么做呢?

1 个答案:

答案 0 :(得分:1)

忘记ASN1,这是一团糟,似乎没有自动反序列化。但是,您可以使用BouncyCastle中的JcaPEMWriterPEMParser类创建String对象来序列化或反序列化数据,并通过网络发送。

    StringWriter sw = new StringWriter();
    JcaPEMWriter pemWriter = new JcaPEMWriter(sw);
    pemWriter.writeObject(req2);
    pemWriter.close();

    PEMParser pemParser = null;
    try
    {
       pemParser = new PEMParser(new StringReader(sw.toString()));
       Object parsedObj = pemParser.readObject();
       System.out.println("PemParser returned: " + parsedObj);
       if (parsedObj instanceof PKCS10CertificationRequest)
       {
          JcaPKCS10CertificationRequest jcaPKCS10CertificationRequest = new JcaPKCS10CertificationRequest((PKCS10CertificationRequest)parsedObj);
          System.out.println("" + jcaPKCS10CertificationRequest.getPublicKey());
       }
    }
    catch (IOException ex)
    {
       ex.printStackTrace();
    }
    finally
    {
       if (pemParser != null)
       {
          pemParser.close();
       }
    }

编辑:虽然如果某人确实需要从ASN1Encodable对象中获取元素(例如RDN的{​​{1}},显然您需要按X500NameIETFUtils 3}}。

相关问题
最新问题