开发者

Parsing certificates with bouncycastle

开发者 https://www.devze.com 2023-04-11 03:24 出处:网络
I\'m a certificate noob. I\'ve been trying to import certificates for the past couple of hours and the more I dig into security stuff, the more it feels impossible to understand.

I'm a certificate noob. I've been trying to import certificates for the past couple of hours and the more I dig into security stuff, the more it feels impossible to understand.

Here is what I'm trying to achieve in java:

  • the user can upload any 开发者_如何转开发kind of formatted certificate with an optional passphrase
  • I need to convert the certificate to a non-binary PEM format
  • Extract the private and public keys to store in a database, throw error if missing one of the two

So far I've been able to parse some certificates using java security's x509Certificate but I can't get the private key. I've also tried bouncy castle but no success there either.

Thanks for your help


An X509Certificate only contains a public key.

Private keys are usually encoded using PKCS#8. Try KeyFactory with a PKCS8EncodedKeySpec.

Combined public key certificates with private keys are usually encoded using PKCS#12 (.pfx, .p12). Try a KeyStore of "PKCS12" type (with Bouncy Castle as provider).

0

精彩评论

暂无评论...
验证码 换一张
取 消