在Java中使用PKC7解码字符串

Question

我有一些user_id代码，我有Java类型，其中包含以下内容：

String

如何将此-----BEGIN PKCS7----- MIIIzwYJKoZIhvcNAQcCoIIIwDCCCLwCAQExDzANBglghkgBZQMEAgEFADALBgkq hkiG9w0BBwGgggZbMIIGVzCCBT+gAwIBAgIELhJ2QDANBgkqhkiG9w0BAQUFADCB mDELMAkGA1UEBhMCREUxEDAOBgNVBAoMB1NpZW1lbnMxETAPBgNVBAUTCFpaWlpa WlkyMTowOAYDVQQLDDFDb3B5cmlnaHQgKEMpIFNpZW1lbnMgQUcgMjAxMyBBbGwg UmlnaHRzIFJlc2VydmVkMSgwJgYDVQQDDB9TaWVtZW5zIElzc3VpbmcgQ0EgRUUg QXV0aCAyMDEzMB4XDTE0MDcxODEzNTcwM1oXDTE3MDcxODEzNTcwM1owYzERMA8G A1UEBRMIWjAwMzBBTUgxDzANBgNVBCoMBkFsZXhleTERMA8GA1UEBAwIU2Vkb3lr aW4xEDAOBgNVBAoMB1NpZW1lbnMxGDAWBgNVBAMMD1NlZG95a2luIEFsZXhleTCC ASAwCwYJKoZIhvcNAQEBA4IBDwAwggEKAoIBAQCKahNgWzDPSnOwba2ljWQb8Lni uvAGZHEvdd5zm8H7Kw56WMxdixKHoKSChXWf1zGE3RZAsQOdHOpcgiqnRF2xLe2l LjCLoE9sC4DfUVD4mKe3kcxtnsxkoLc1A/3QXJSOzpk7rPJeqehmuj06yCtPjpdF Gmtf4bkskiQuK8u4RJfnmzffWQppd2Ld+u8tLxQKyHnZtOnPyYQGRQJXJKhruDnn LonlveVXKzEzmo88E5udB+/6jDWDfuyfKHMFyOhk80qGeYDOYQHxiq/PJbAyQU6X PONbfsCgILKxx7uHaBlhNALxjFZSeNNtfg0bx82O1DoJEcWcOjZQtQMuNUjvAgMB AAGjggLdMIIC2TAdBgNVHQ4EFgQUE5jDSnfWWnlUWMKztQ6zYfgohUkwUwYDVR0R BEwwSqArBgorBgEEAYI3FAIDoB0MG2FsZXhleS5zZWRveWtpbkBzaWVtZW5zLmNv bYEbYWxleGV5LnNlZG95a2luQHNpZW1lbnMuY29tMA4GA1UdDwEB/wQEAwIHgDCC AQQGCCsGAQUFBwEBBIH3MIH0MDIGCCsGAQUFBzAChiZodHRwOi8vYWguc2llbWVu cy5jb20vcGtpP1paWlpaWlkyLmNydDBBBggrBgEFBQcwAoY1bGRhcDovL2FsLnNp ZW1lbnMubmV0L0NOPVpaWlpaWlkyLEw9UEtJP2NBQ2VydGlmaWNhdGUwSQYIKwYB BQUHMAKGPWxkYXA6Ly9hbC5zaWVtZW5zLmNvbS9DTj1aWlpaWlpZMixvPVRydXN0 Y2VudGVyP2NBQ2VydGlmaWNhdGUwMAYIKwYBBQUHMAGGJGh0dHA6Ly9vY3NwLnBr aS1zZXJ2aWNlcy5zaWVtZW5zLmNvbTAfBgNVHSMEGDAWgBTelD9Lal9YThQYyUbX FDnCnCE8KTAMBgNVHRMBAf8EAjAAMBoGA1UdIAQTMBEwDwYNKwYBBAGhaQcCAgMB ATCBygYDVR0fBIHCMIG/MIG8oIG5oIG2hiZodHRwOi8vY2guc2llbWVucy5jb20v cGtpP1paWlpaWlkyLmNybIZBbGRhcDovL2NsLnNpZW1lbnMubmV0L0NOPVpaWlpa WlkyLEw9UEtJP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3SGSWxkYXA6Ly9jbC5z aWVtZW5zLmNvbS9DTj1aWlpaWlpZMixvPVRydXN0Y2VudGVyP2NlcnRpZmljYXRl UmV2b2NhdGlvbkxpc3QwMwYDVR0lBCwwKgYIKwYBBQUHAwIGCCsGAQUFBwMEBgor BgEEAYI3FAICBggrBgEFBQgCAjANBgkqhkiG9w0BAQUFAAOCAQEAmzrYxmkRuSPM itK0rnR98BXlnB88ldVXjyz+rjHg9QghoZ5+8u7wHnxMSXida4XvYbhN5maUQs3D dWebvXP6CXt/OErVgYHlEAT8d5iqvin7/6eEgS0ge9DOxD2Rv+LYltPmAsjgxUS/ 0MecbUJpyBct6mDNfPI7riCu+mCcw6v9OKLWnXTIZsV9Z/WqaFbqVeJ5wo1+MUGW CGrDVkn7XnCKAQN8xEEO+Dq/TSVyv8tlDUzWps1yb3l9cYDc030s5AwFXa99v76p YJUZ08qQsieXOrs3qyQxMalM/Y042N17bwf9XkGT6iKN8o8U0YS1Vkaz8iroBRKk iA2pRNN4AjGCAjgwggI0AgEBMIGhMIGYMQswCQYDVQQGEwJERTEQMA4GA1UECgwH U2llbWVuczERMA8GA1UEBRMIWlpaWlpaWTIxOjA4BgNVBAsMMUNvcHlyaWdodCAo QykgU2llbWVucyBBRyAyMDEzIEFsbCBSaWdodHMgUmVzZXJ2ZWQxKDAmBgNVBAMM H1NpZW1lbnMgSXNzdWluZyBDQSBFRSBBdXRoIDIwMTMCBC4SdkAwDQYJYIZIAWUD BAIBBQCgaTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEP Fw0xNzA1MDMxNDI3NTFaMC8GCSqGSIb3DQEJBDEiBCBCA/fR9wGftKzKFZRuIDJV bYiaHzsDteoUoUL55kMrYDANBgkqhkiG9w0BAQEFAASCAQA6HtP3xr36VLj+WMao PRrszLfMJTE7lKIX3Vjybj2W3yj4qanPamZBb4KyEDIvQA8r65j4dbzcDePoFsRB 5eYRnfB/djuXPAZdL9xdFMH3iRzfcseSFXulZ8FrG/9cuqDQkYVIx/Fk43yLtlpx OncVG3vZVW306yKQLu7Tsy+/GEkNDBMt6akqNPWp+9zqQTj7TaCXg7qr7mTlSStZ E15USoAOelisALpwPdizvfaJOqP03IobwDXMfRaCjzEANVl/M3woL1sNLu6BtuMe mAdls8tnJWDF+wpD4Y256Dso4FvDe2iK923jNElzq4iyc6ZosqGORS3nTh/1FQyp gkC1 -----END PKCS7----- 转换为可读状态？

到目前为止，我使用以下网站测试：https://certlogik.com/decoder/

Answer 1

好吧，即使你从来没有发布一种方法向我们展示你之前为完成任务而尝试过的东西，即使你说你不是程序员（我想知道你怎么理解那么）。

我想玩这个，这是我到目前为止所得到的......

备注

由于您不熟悉此内容，请考虑以下事项：

• 在项目中使用 bouncycastle 库，将bcprov-jdk16-1.46.jar文件包含在Build Path中。
• 要使用 bouncycastle 库，您需要使用＆＃34; Java密码术扩展程序＆＃34; JAR，并且为了这样做，将位于local_policy.jar的{​​{1}}和US_export_policy.jar文件替换为来自此处的文件：http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html

（该链接将使用JARs for Java 7下载ZIP文件，因为我使用的是该版本，您应该为正在使用的Java版本下载正确的文件）。

项目结构

刚刚创建了一个简单的Java Project并定义了这个结构：

Java代码

需要考虑的事情......

• 从证书中获取许多属性并使其中的某些属性有点棘手（您需要在此处进行一些研究以获取所有这些属性，方法如下：{{3目前确实如此）。

• 我已经从证书中更改了页眉/页脚：C:\path\to\Java\jdk1.7.0_79\jre\lib\security，原因如下：https://certlogik.com/decoder/（在＆＃34; Notes＆＃34;部分下阅读）和因为证书BEGIN PKCS7/END PKCS7在不使用其他对象时不能被解析为String对象，X509Certificate。BEGIN CERTIFICATE/END CERTIFICATE。此外，我注意到的一点是，在您提供的网站上解码证书后，BEGIN PKCS7/END PKCS7页眉/页脚将在您的证书String中替换为我之前谈论的其他证书。 / p>

从以上链接获得：

  

PEM PKCS＃7格式使用页眉和页脚行：

     

----- BEGIN PKCS7 -----
   -----结束PKCS7 -----

     

为了与某些CA兼容，它也会接受：

     

-----开始证书-----
   -----结束证书-----

然后，这里是可运行的Java类：

package com.cert.example.main;

import java.io.IOException;
import java.io.StringReader;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;

import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMReader;

public class CertificateDecoder {

    public static void main(String[] args) throws IOException {

        String certStr = "-----BEGIN CERTIFICATE-----\r\n" + 
                "MIIIzwYJKoZIhvcNAQcCoIIIwDCCCLwCAQExDzANBglghkgBZQMEAgEFADALBgkq\r\n" + 
                "hkiG9w0BBwGgggZbMIIGVzCCBT+gAwIBAgIELhJ2QDANBgkqhkiG9w0BAQUFADCB\r\n" + 
                "mDELMAkGA1UEBhMCREUxEDAOBgNVBAoMB1NpZW1lbnMxETAPBgNVBAUTCFpaWlpa\r\n" + 
                "WlkyMTowOAYDVQQLDDFDb3B5cmlnaHQgKEMpIFNpZW1lbnMgQUcgMjAxMyBBbGwg\r\n" + 
                "UmlnaHRzIFJlc2VydmVkMSgwJgYDVQQDDB9TaWVtZW5zIElzc3VpbmcgQ0EgRUUg\r\n" + 
                "QXV0aCAyMDEzMB4XDTE0MDcxODEzNTcwM1oXDTE3MDcxODEzNTcwM1owYzERMA8G\r\n" + 
                "A1UEBRMIWjAwMzBBTUgxDzANBgNVBCoMBkFsZXhleTERMA8GA1UEBAwIU2Vkb3lr\r\n" + 
                "aW4xEDAOBgNVBAoMB1NpZW1lbnMxGDAWBgNVBAMMD1NlZG95a2luIEFsZXhleTCC\r\n" + 
                "ASAwCwYJKoZIhvcNAQEBA4IBDwAwggEKAoIBAQCKahNgWzDPSnOwba2ljWQb8Lni\r\n" + 
                "uvAGZHEvdd5zm8H7Kw56WMxdixKHoKSChXWf1zGE3RZAsQOdHOpcgiqnRF2xLe2l\r\n" + 
                "LjCLoE9sC4DfUVD4mKe3kcxtnsxkoLc1A/3QXJSOzpk7rPJeqehmuj06yCtPjpdF\r\n" + 
                "Gmtf4bkskiQuK8u4RJfnmzffWQppd2Ld+u8tLxQKyHnZtOnPyYQGRQJXJKhruDnn\r\n" + 
                "LonlveVXKzEzmo88E5udB+/6jDWDfuyfKHMFyOhk80qGeYDOYQHxiq/PJbAyQU6X\r\n" + 
                "PONbfsCgILKxx7uHaBlhNALxjFZSeNNtfg0bx82O1DoJEcWcOjZQtQMuNUjvAgMB\r\n" + 
                "AAGjggLdMIIC2TAdBgNVHQ4EFgQUE5jDSnfWWnlUWMKztQ6zYfgohUkwUwYDVR0R\r\n" + 
                "BEwwSqArBgorBgEEAYI3FAIDoB0MG2FsZXhleS5zZWRveWtpbkBzaWVtZW5zLmNv\r\n" + 
                "bYEbYWxleGV5LnNlZG95a2luQHNpZW1lbnMuY29tMA4GA1UdDwEB/wQEAwIHgDCC\r\n" + 
                "AQQGCCsGAQUFBwEBBIH3MIH0MDIGCCsGAQUFBzAChiZodHRwOi8vYWguc2llbWVu\r\n" + 
                "cy5jb20vcGtpP1paWlpaWlkyLmNydDBBBggrBgEFBQcwAoY1bGRhcDovL2FsLnNp\r\n" + 
                "ZW1lbnMubmV0L0NOPVpaWlpaWlkyLEw9UEtJP2NBQ2VydGlmaWNhdGUwSQYIKwYB\r\n" + 
                "BQUHMAKGPWxkYXA6Ly9hbC5zaWVtZW5zLmNvbS9DTj1aWlpaWlpZMixvPVRydXN0\r\n" + 
                "Y2VudGVyP2NBQ2VydGlmaWNhdGUwMAYIKwYBBQUHMAGGJGh0dHA6Ly9vY3NwLnBr\r\n" + 
                "aS1zZXJ2aWNlcy5zaWVtZW5zLmNvbTAfBgNVHSMEGDAWgBTelD9Lal9YThQYyUbX\r\n" + 
                "FDnCnCE8KTAMBgNVHRMBAf8EAjAAMBoGA1UdIAQTMBEwDwYNKwYBBAGhaQcCAgMB\r\n" + 
                "ATCBygYDVR0fBIHCMIG/MIG8oIG5oIG2hiZodHRwOi8vY2guc2llbWVucy5jb20v\r\n" + 
                "cGtpP1paWlpaWlkyLmNybIZBbGRhcDovL2NsLnNpZW1lbnMubmV0L0NOPVpaWlpa\r\n" + 
                "WlkyLEw9UEtJP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3SGSWxkYXA6Ly9jbC5z\r\n" + 
                "aWVtZW5zLmNvbS9DTj1aWlpaWlpZMixvPVRydXN0Y2VudGVyP2NlcnRpZmljYXRl\r\n" + 
                "UmV2b2NhdGlvbkxpc3QwMwYDVR0lBCwwKgYIKwYBBQUHAwIGCCsGAQUFBwMEBgor\r\n" + 
                "BgEEAYI3FAICBggrBgEFBQgCAjANBgkqhkiG9w0BAQUFAAOCAQEAmzrYxmkRuSPM\r\n" + 
                "itK0rnR98BXlnB88ldVXjyz+rjHg9QghoZ5+8u7wHnxMSXida4XvYbhN5maUQs3D\r\n" + 
                "dWebvXP6CXt/OErVgYHlEAT8d5iqvin7/6eEgS0ge9DOxD2Rv+LYltPmAsjgxUS/\r\n" + 
                "0MecbUJpyBct6mDNfPI7riCu+mCcw6v9OKLWnXTIZsV9Z/WqaFbqVeJ5wo1+MUGW\r\n" + 
                "CGrDVkn7XnCKAQN8xEEO+Dq/TSVyv8tlDUzWps1yb3l9cYDc030s5AwFXa99v76p\r\n" + 
                "YJUZ08qQsieXOrs3qyQxMalM/Y042N17bwf9XkGT6iKN8o8U0YS1Vkaz8iroBRKk\r\n" + 
                "iA2pRNN4AjGCAjgwggI0AgEBMIGhMIGYMQswCQYDVQQGEwJERTEQMA4GA1UECgwH\r\n" + 
                "U2llbWVuczERMA8GA1UEBRMIWlpaWlpaWTIxOjA4BgNVBAsMMUNvcHlyaWdodCAo\r\n" + 
                "QykgU2llbWVucyBBRyAyMDEzIEFsbCBSaWdodHMgUmVzZXJ2ZWQxKDAmBgNVBAMM\r\n" + 
                "H1NpZW1lbnMgSXNzdWluZyBDQSBFRSBBdXRoIDIwMTMCBC4SdkAwDQYJYIZIAWUD\r\n" + 
                "BAIBBQCgaTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEP\r\n" + 
                "Fw0xNzA1MDMxNDI3NTFaMC8GCSqGSIb3DQEJBDEiBCBCA/fR9wGftKzKFZRuIDJV\r\n" + 
                "bYiaHzsDteoUoUL55kMrYDANBgkqhkiG9w0BAQEFAASCAQA6HtP3xr36VLj+WMao\r\n" + 
                "PRrszLfMJTE7lKIX3Vjybj2W3yj4qanPamZBb4KyEDIvQA8r65j4dbzcDePoFsRB\r\n" + 
                "5eYRnfB/djuXPAZdL9xdFMH3iRzfcseSFXulZ8FrG/9cuqDQkYVIx/Fk43yLtlpx\r\n" + 
                "OncVG3vZVW306yKQLu7Tsy+/GEkNDBMt6akqNPWp+9zqQTj7TaCXg7qr7mTlSStZ\r\n" + 
                "E15USoAOelisALpwPdizvfaJOqP03IobwDXMfRaCjzEANVl/M3woL1sNLu6BtuMe\r\n" + 
                "mAdls8tnJWDF+wpD4Y256Dso4FvDe2iK923jNElzq4iyc6ZosqGORS3nTh/1FQyp\r\n" + 
                "gkC1\r\n" + 
                "-----END CERTIFICATE-----";

        // Init bouncycastle
        Security.addProvider(new BouncyCastleProvider());

        // Get certificate
        StringReader sr = new StringReader(certStr);
        PEMReader pr = new PEMReader(sr);
        X509Certificate cert = (X509Certificate)pr.readObject();
        pr.close();

        // Get Public Key as RSA in order to get extra attributes
        RSAPublicKey rsaPublicKey = (RSAPublicKey)cert.getPublicKey();

        System.out.println(printCertInfo(cert, rsaPublicKey));
    }

    static String printCertInfo(X509Certificate cert, RSAPublicKey rsaPublicKey) {
        StringBuilder sb = new StringBuilder();

        sb.append("Certificate:\r\n");
        sb.append("Data:\r\n");
        sb.append("\tVersion: " + cert.getVersion() + "\r\n");
        sb.append("\tSerial Number: " + cert.getSerialNumber() + "\r\n");
        sb.append("\tSignature Algorithm: " + cert.getSigAlgName() + "\r\n");
        sb.append("\tIssuer: " + cert.getIssuerDN().getName() + "\r\n");
        sb.append("\tSignature Algorithm: " + cert.getSigAlgName() + "\r\n");
        sb.append("\tValidity\r\n");
        sb.append("\t\tNot Before: " + cert.getNotBefore() + "\r\n");
        sb.append("\t\tNot After: " + cert.getNotAfter() + "\r\n");
        sb.append("\tSubject: " + cert.getSubjectDN() + "\r\n");
        sb.append("\tSubject Public Key Info:\r\n");
        sb.append("\t\tPublic Key Algorithm: " + rsaPublicKey.getAlgorithm() + "\r\n");
        sb.append("\t\t\tPublic-Key: " + rsaPublicKey.getModulus().bitLength() + " bit \r\n");
        sb.append("\t\t\tModulus:\r\n");
        sb.append("\t\t\t\t" + rsaPublicKey.getModulus().toString(16) + "\r\n");
        sb.append("\t\t\tExponent: " + rsaPublicKey.getPublicExponent() + "\r\n");

        // TODO: Print other attributes, do some research to get them all...

        return sb.toString();
    }

}

输出

如果我有时间，我会尝试获取所有属性，与您提供的网站相同。现在，上面的代码将输出以下内容：

Certificate:
Data:
    Version: 3
    Serial Number: 772961856
    Signature Algorithm: SHA1WithRSAEncryption
    Issuer: C=DE,O=Siemens,SERIALNUMBER=ZZZZZZY2,OU=Copyright (C) Siemens AG 2013 All Rights Reserved,CN=Siemens Issuing CA EE Auth 2013
    Signature Algorithm: SHA1WithRSAEncryption
    Validity
        Not Before: Fri Jul 18 09:57:03 EDT 2014
        Not After: Tue Jul 18 09:57:03 EDT 2017
    Subject: SERIALNUMBER=Z0030AMH,GIVENNAME=Alexey,SURNAME=Sedoykin,O=Siemens,CN=Sedoykin Alexey
    Subject Public Key Info:
        Public Key Algorithm: RSA
            Public-Key: 2048 bit 
            Modulus:
                8a6a13605b30cf4a73b06dada58d641bf0b9e2baf00664712f75de739bc1fb2b0e7a58cc5d8b1287a0a48285759fd73184dd1640b1039d1cea5c822aa7445db12deda52e308ba04f6c0b80df5150f898a7b791cc6d9ecc64a0b73503fdd05c948ece993bacf25ea9e866ba3d3ac82b4f8e97451a6b5fe1b92c92242e2bcbb84497e79b37df590a697762ddfaef2d2f140ac879d9b4e9cfc9840645025724a86bb839e72e89e5bde5572b31339a8f3c139b9d07effa8c35837eec9f287305c8e864f34a867980ce6101f18aafcf25b032414e973ce35b7ec0a020b2b1c7bb876819613402f18c565278d36d7e0d1bc7cd8ed43a0911c59c3a3650b5032e3548ef
            Exponent: 65537