Bouncycastle:CertificateFactory.generateCertificate在一台机器上给出“证书序列错误”但在另一台机器上没有

时间:2011-02-22 07:00:04

标签: certificate bouncycastle

我正在尝试打开一个p7b文件并从中读取CA证书。以下是我的代码。它在一台机器上工作正常,但在另一台机器上,对certFactory.generateCertificate的调用抛出异常

Error Message:java.lang.IllegalArgumentException: sequence wrong size for a certificate

在两台机器上我都有相同的p7b文件和相同的bouncycastle jar。工作的机器是Windows Xp,它不工作的机器是Windows 2007服务器机器。它是64位机器,但我只使用32位jvm。

    CertificateFactory certFactory = CertificateFactory.getInstance("X.509",
            new BouncyCastleProvider());
    java.security.cert.Certificate cert = null;
    FileInputStream inStream = new FileInputStream("");
    ArrayList<java.security.cert.Certificate> certificates = new ArrayList<java.security.cert.Certificate>();
    CAService caService = null;
    caService.getCertificateAuthority().setCaCerts(new ArrayList<String>());

    while ((cert = certFactory.generateCertificate(inStream)) != null)
    {
        certificates.add(cert);
        StringWriter swrtr = new StringWriter();
        PEMWriter writer = new PEMWriter(swrtr);
        writer.writeObject(cert);
        writer.flush();
        caService.getCertificateAuthority().getCaCerts().add(swrtr.toString());
    }

我甚至编写了一个独立的程序,我甚至正在运行,甚至明确指定要使用的java.exe,但我在该机器上面临同样的异常。

c:\ jdk1.5.0_14 \ jre \ bin \ java.exe -classpath .; bcprov-jdk15-143.jar MSCAConfigurator 

Exception in thread "main" java.security.cert.CertificateException: java.lang.IllegalArgumentException: sequence wrong size for a certificate
        at org.bouncycastle.jce.provider.JDKX509CertificateFactory.engineGenerateCertificate(Unknown Source)
        at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:271)
        at MSCAConfigurator.main(MSCAConfigurator.java:31)
Caused by: java.lang.IllegalArgumentException: sequence wrong size for a certificate
        at org.bouncycastle.asn1.x509.X509CertificateStructure.<init>(Unknown Source)
        at org.bouncycastle.asn1.x509.X509CertificateStructure.getInstance(Unknown Source)
        at org.bouncycastle.jce.provider.JDKX509CertificateFactory.readPEMCertificate(Unknown Source)

我有无限制的政策罐子。

C:\ jdk1.5.0_14 \ jre \ lib \ security&gt; dir * .jar

驱动器C中的卷没有标签。

卷序列号为D214-CB94

C:\ jdk1.5.0_14 \ jre \ lib \ security

的目录

09/13/2004 04:12 PM 2,486 local_policy.jar

09/13/2004 04:12 PM 2,472 US_export_policy.jar

这台机器出了什么问题?在我开枪之前,请有人帮忙。

2 个答案:

答案 0 :(得分:1)

交叉发布并明显解决了此问题http://www.coderanch.com/t/528193/Security/CertificateFactory-generateCertificate-gives-sequence-wrong

答案 1 :(得分:0)

根据javadocs,CertificateFactory.generateCertificates()支持PKCS#7格式,但CertificateFactory.generateCertificate()不支持。

相关问题
最新问题